Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Automatic open bestprosoft.com each time boot up


  • This topic is locked This topic is locked
16 replies to this topic

#1 Johnny5478

Johnny5478

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 27 July 2016 - 12:22 PM

Hi there. So recently I have a problem with my laptop. It's always open an unknown website (bestprosoft.com) in my default browser each time I turn on my laptop. It all begins after I accidentally clicked an ad two days ago. My laptop also becoming slow (disk usage 100%). I have Bitdefender and Malwarebyte installed on my laptop but both of them failed to protect my laptop. I also used Adwcleaner and trying use my restore point (which only works 1 day, then the problem came back) but the still exist. I hope to get a help soon. Thank you

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:21 AM

Posted 27 July 2016 - 03:49 PM

Hello Johnny, please do all of these..

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Johnny5478

Johnny5478
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 28 July 2016 - 09:46 AM

Hi boopme,
Here are the logs.

  • MTB

    MiniToolBox by Farbar  Version: 17-06-2016
    Ran by Ali Affandi (administrator) on 28-07-2016 at 01:28:43
    Running from "C:\Desktop"
    Microsoft Windows 10 Home  (X64)
    Model: S621xT Manufacturer: Medion
    Boot Mode: Normal
    ***************************************************************************
     
    ========================= Flush DNS: ===================================
     
    Windows-IP-Konfiguration
     
    Der DNS-Auflsungscache wurde geleert.
     
    ========================= IE Proxy Settings: ============================== 
     
    Proxy is not enabled.
    No Proxy Server is set.
     
    "Reset IE Proxy Settings": IE Proxy Settings were reset.
     
    ========================= FF Proxy Settings: ============================== 
     
     
    "Reset FF Proxy Settings": Firefox Proxy settings were reset.
     
    ========================= Hosts content: =================================
    127.0.0.1 idb.iobit.com
    0.0.0.0 serius.mwbsys.com
    0.0.0.0 keystone.mwbsys.com
    127.0.0.1 bestprosoft.com
    ========================= IP Configuration: ================================
     
    TAP-Windows Adapter V9 = LAN-Verbindung (Connected)
    Intel® Wireless-N 7260 = WiFi (Connected)
    Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
     
     
    # ----------------------------------
    # IPv4-Konfiguration
    # ----------------------------------
    pushd interface ipv4
     
    reset
    set global icmpredirects=enabled
    add route prefix=137.117.235.16/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=137.116.81.24/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=134.170.185.70/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.57.101.163/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=134.170.165.253/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.57.107.163/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.57.107.27/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=104.96.147.3/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=157.56.124.87/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=77.67.29.176/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.223.20.82/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=191.232.139.2/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.39.10/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.29.238/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.252.93/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=134.170.165.248/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.252.92/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.252.71/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.252.63/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.138.186/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.138.126/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.138.114/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.108.23/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.108.29/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.94/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.93/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=134.170.115.60/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.92/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.91/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.9/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.7/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.11/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.39.117.230/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=64.4.6.100/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=64.4.54.32/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=64.4.54.22/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.218.212.69/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=134.170.30.202/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.99.10.11/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.102.21.4/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=212.30.134.205/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=212.30.134.204/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=207.68.166.254/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=207.46.223.94/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=207.46.114.58/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=207.46.101.29/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=204.79.197.200/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=191.237.208.126/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=131.253.40.37/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=191.232.80.62/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=191.232.80.58/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=191.232.139.254/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=185.13.160.61/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=184.86.56.12/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=168.63.108.233/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=157.56.91.77/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=157.56.121.89/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=157.55.133.204/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=157.55.129.21/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=111.221.29.253/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=111.221.29.177/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    set interface interface="LAN-Verbindung* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="LAN-Verbindung* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="LAN-Verbindung* 6" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="LAN-Verbindung* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="LAN-Verbindung" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    add address name="LAN-Verbindung" address=169.254.123.162 mask=255.255.0.0
     
     
    popd
    # Ende der IPv4-Konfiguration
     
     
     
    Windows-IP-Konfiguration
     
       Hostname  . . . . . . . . . . . . : Anonymous
       Prim„res DNS-Suffix . . . . . . . : 
       Knotentyp . . . . . . . . . . . . : Hybrid
       IP-Routing aktiviert  . . . . . . : Nein
       WINS-Proxy aktiviert  . . . . . . : Nein
     
    Ethernet-Adapter Ethernet:
     
       Medienstatus. . . . . . . . . . . : Medium getrennt
       Verbindungsspezifisches DNS-Suffix: 
       Beschreibung. . . . . . . . . . . : Realtek PCIe GBE Family Controller
       Physische Adresse . . . . . . . . : 00-0E-38-85-D6-C3
       DHCP aktiviert. . . . . . . . . . : Ja
       Autokonfiguration aktiviert . . . : Ja
     
    Drahtlos-LAN-Adapter LAN-Verbindung* 3:
     
       Medienstatus. . . . . . . . . . . : Medium getrennt
       Verbindungsspezifisches DNS-Suffix: 
       Beschreibung. . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
       Physische Adresse . . . . . . . . : 5C-51-4F-39-31-28
       DHCP aktiviert. . . . . . . . . . : Ja
       Autokonfiguration aktiviert . . . : Ja
     
    Drahtlos-LAN-Adapter LAN-Verbindung* 6:
     
       Medienstatus. . . . . . . . . . . : Medium getrennt
       Verbindungsspezifisches DNS-Suffix: 
       Beschreibung. . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
       Physische Adresse . . . . . . . . : 5E-51-4F-39-31-27
       DHCP aktiviert. . . . . . . . . . : Ja
       Autokonfiguration aktiviert . . . : Ja
     
    Ethernet-Adapter LAN-Verbindung:
     
       Verbindungsspezifisches DNS-Suffix: 
       Beschreibung. . . . . . . . . . . : TAP-Windows Adapter V9
       Physische Adresse . . . . . . . . : 00-FF-E9-DB-6D-68
       DHCP aktiviert. . . . . . . . . . : Nein
       Autokonfiguration aktiviert . . . : Ja
       IPv4-Adresse  . . . . . . . . . . : 169.254.123.162(Bevorzugt) 
       Subnetzmaske  . . . . . . . . . . : 255.255.0.0
       Standardgateway . . . . . . . . . : 
       NetBIOS ber TCP/IP . . . . . . . : Deaktiviert
     
    Drahtlos-LAN-Adapter WiFi:
     
       Verbindungsspezifisches DNS-Suffix: 
       Beschreibung. . . . . . . . . . . : Intel® Wireless-N 7260
       Physische Adresse . . . . . . . . : 5C-51-4F-39-31-27
       DHCP aktiviert. . . . . . . . . . : Ja
       Autokonfiguration aktiviert . . . : Ja
       Verbindungslokale IPv6-Adresse  . : fe80::e0ef:ceb7:85fb:7c1a%6(Bevorzugt) 
       IPv4-Adresse  . . . . . . . . . . : 192.168.0.101(Bevorzugt) 
       Subnetzmaske  . . . . . . . . . . : 255.255.255.0
       Lease erhalten. . . . . . . . . . : Donnerstag, 28. Juli 2016 01:24:17
       Lease l„uft ab. . . . . . . . . . : Donnerstag, 28. Juli 2016 03:24:18
       Standardgateway . . . . . . . . . : 192.168.0.1
       DHCP-Server . . . . . . . . . . . : 192.168.0.1
       DHCPv6-IAID . . . . . . . . . . . : 73158991
       DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-1E-9D-12-F8-00-0E-38-85-D6-C3
       DNS-Server  . . . . . . . . . . . : 192.168.0.1
                                           8.8.8.8
       NetBIOS ber TCP/IP . . . . . . . : Aktiviert
    Server:  UnKnown
    Address:  192.168.0.1
     
    Name:    google.com
    Addresses:  2a00:1450:4005:803::200e
     216.58.213.206
     
     
    Ping wird ausgefhrt fr google.com [216.58.213.206] mit 32 Bytes Daten:
    Antwort von 216.58.213.206: Bytes=32 Zeit=18ms TTL=49
    Antwort von 216.58.213.206: Bytes=32 Zeit=17ms TTL=49
     
    Ping-Statistik fr 216.58.213.206:
        Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
        (0% Verlust),
    Ca. Zeitangaben in Millisek.:
        Minimum = 17ms, Maximum = 18ms, Mittelwert = 17ms
    Server:  UnKnown
    Address:  192.168.0.1
     
    DNS request timed out.
        timeout was 2 seconds.
    Name:    yahoo.com
    Addresses:  2001:4998:58:c02::a9
     2001:4998:c:a06::2:4008
     2001:4998:44:204::a7
     
     
    Ping wird ausgefhrt fr yahoo.com [206.190.36.45] mit 32 Bytes Daten:
    Antwort von 206.190.36.45: Bytes=32 Zeit=175ms TTL=44
    Antwort von 206.190.36.45: Bytes=32 Zeit=177ms TTL=44
     
    Ping-Statistik fr 206.190.36.45:
        Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
        (0% Verlust),
    Ca. Zeitangaben in Millisek.:
        Minimum = 175ms, Maximum = 177ms, Mittelwert = 176ms
     
    Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
    Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
    Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
     
    Ping-Statistik fr 127.0.0.1:
        Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
        (0% Verlust),
    Ca. Zeitangaben in Millisek.:
        Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
    ===========================================================================
    Schnittstellenliste
      4...00 0e 38 85 d6 c3 ......Realtek PCIe GBE Family Controller
      7...5c 51 4f 39 31 28 ......Microsoft Wi-Fi Direct Virtual Adapter
      5...5e 51 4f 39 31 27 ......Microsoft Hosted Network Virtual Adapter
     10...00 ff e9 db 6d 68 ......TAP-Windows Adapter V9
      6...5c 51 4f 39 31 27 ......Intel® Wireless-N 7260
      1...........................Software Loopback Interface 1
    ===========================================================================
     
    IPv4-Routentabelle
    ===========================================================================
    Aktive Routen:
         Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
              0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.101     25
            127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    306
            127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    306
      127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
          169.254.0.0      255.255.0.0   Auf Verbindung   169.254.123.162    276
      169.254.123.162  255.255.255.255   Auf Verbindung   169.254.123.162    276
      169.254.255.255  255.255.255.255   Auf Verbindung   169.254.123.162    276
          192.168.0.0    255.255.255.0   Auf Verbindung     192.168.0.101    281
        192.168.0.101  255.255.255.255   Auf Verbindung     192.168.0.101    281
        192.168.0.255  255.255.255.255   Auf Verbindung     192.168.0.101    281
            224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    306
            224.0.0.0        240.0.0.0   Auf Verbindung   169.254.123.162    276
            224.0.0.0        240.0.0.0   Auf Verbindung     192.168.0.101    281
      255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
      255.255.255.255  255.255.255.255   Auf Verbindung   169.254.123.162    276
      255.255.255.255  255.255.255.255   Auf Verbindung     192.168.0.101    281
    ===========================================================================
    St„ndige Routen:
      Netzwerkadresse          Netzmaske  Gatewayadresse  Metrik
       137.117.235.16  255.255.255.255   Auf Verbindung        1
        137.116.81.24  255.255.255.255   Auf Verbindung        1
       134.170.185.70  255.255.255.255   Auf Verbindung        1
        23.57.101.163  255.255.255.255   Auf Verbindung        1
      134.170.165.253  255.255.255.255   Auf Verbindung        1
        23.57.107.163  255.255.255.255   Auf Verbindung        1
         23.57.107.27  255.255.255.255   Auf Verbindung        1
         104.96.147.3  255.255.255.255   Auf Verbindung        1
        157.56.124.87  255.255.255.255   Auf Verbindung        1
         77.67.29.176  255.255.255.255   Auf Verbindung        1
         23.223.20.82  255.255.255.255   Auf Verbindung        1
        191.232.139.2  255.255.255.255   Auf Verbindung        1
          65.55.39.10  255.255.255.255   Auf Verbindung        1
         65.55.29.238  255.255.255.255   Auf Verbindung        1
         65.55.252.93  255.255.255.255   Auf Verbindung        1
      134.170.165.248  255.255.255.255   Auf Verbindung        1
         65.55.252.92  255.255.255.255   Auf Verbindung        1
         65.55.252.71  255.255.255.255   Auf Verbindung        1
         65.55.252.63  255.255.255.255   Auf Verbindung        1
        65.55.138.186  255.255.255.255   Auf Verbindung        1
        65.55.138.126  255.255.255.255   Auf Verbindung        1
        65.55.138.114  255.255.255.255   Auf Verbindung        1
         65.55.108.23  255.255.255.255   Auf Verbindung        1
         65.52.108.29  255.255.255.255   Auf Verbindung        1
         65.52.100.94  255.255.255.255   Auf Verbindung        1
         65.52.100.93  255.255.255.255   Auf Verbindung        1
       134.170.115.60  255.255.255.255   Auf Verbindung        1
         65.52.100.92  255.255.255.255   Auf Verbindung        1
         65.52.100.91  255.255.255.255   Auf Verbindung        1
          65.52.100.9  255.255.255.255   Auf Verbindung        1
          65.52.100.7  255.255.255.255   Auf Verbindung        1
         65.52.100.11  255.255.255.255   Auf Verbindung        1
        65.39.117.230  255.255.255.255   Auf Verbindung        1
           64.4.6.100  255.255.255.255   Auf Verbindung        1
           64.4.54.32  255.255.255.255   Auf Verbindung        1
           64.4.54.22  255.255.255.255   Auf Verbindung        1
        23.218.212.69  255.255.255.255   Auf Verbindung        1
       134.170.30.202  255.255.255.255   Auf Verbindung        1
          23.99.10.11  255.255.255.255   Auf Verbindung        1
          23.102.21.4  255.255.255.255   Auf Verbindung        1
       212.30.134.205  255.255.255.255   Auf Verbindung        1
       212.30.134.204  255.255.255.255   Auf Verbindung        1
       207.68.166.254  255.255.255.255   Auf Verbindung        1
        207.46.223.94  255.255.255.255   Auf Verbindung        1
        207.46.114.58  255.255.255.255   Auf Verbindung        1
        207.46.101.29  255.255.255.255   Auf Verbindung        1
       204.79.197.200  255.255.255.255   Auf Verbindung        1
      191.237.208.126  255.255.255.255   Auf Verbindung        1
        131.253.40.37  255.255.255.255   Auf Verbindung        1
        191.232.80.62  255.255.255.255   Auf Verbindung        1
        191.232.80.58  255.255.255.255   Auf Verbindung        1
      191.232.139.254  255.255.255.255   Auf Verbindung        1
        185.13.160.61  255.255.255.255   Auf Verbindung        1
         184.86.56.12  255.255.255.255   Auf Verbindung        1
       168.63.108.233  255.255.255.255   Auf Verbindung        1
         157.56.91.77  255.255.255.255   Auf Verbindung        1
        157.56.121.89  255.255.255.255   Auf Verbindung        1
       157.55.133.204  255.255.255.255   Auf Verbindung        1
        157.55.129.21  255.255.255.255   Auf Verbindung        1
       111.221.29.253  255.255.255.255   Auf Verbindung        1
       111.221.29.177  255.255.255.255   Auf Verbindung        1
    ===========================================================================
     
    IPv6-Routentabelle
    ===========================================================================
    Aktive Routen:
     If Metrik Netzwerkziel             Gateway
      1    306 ::1/128                  Auf Verbindung
      6    281 fe80::/64                Auf Verbindung
      6    281 fe80::e0ef:ceb7:85fb:7c1a/128
                                        Auf Verbindung
      1    306 ff00::/8                 Auf Verbindung
      6    281 ff00::/8                 Auf Verbindung
    ===========================================================================
    St„ndige Routen:
      Keine
    ========================= Winsock entries =====================================
     
    Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
    Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
    Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
    Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
    Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
    Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
     
    ========================= Event log errors: ===============================
     
    Application errors:
    ==================
    Error: (07/28/2016 01:25:38 AM) (Source: Software Protection Platform Service) (User: )
    Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
    Teil-Pkey=43JJQ
    ACID=?
    Genauer Fehler[?]
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
    Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
    Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
    Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
     
    Error: (07/27/2016 11:59:04 PM) (Source: Software Protection Platform Service) (User: )
    Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
    Teil-Pkey=43JJQ
    ACID=?
    Genauer Fehler[?]
     
    Error: (07/27/2016 08:25:12 PM) (Source: Application Error) (User: )
    Description: Name der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe, Version: 1.0.0.0, Zeitstempel: 0x5798fc87
    Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb9a
    Ausnahmecode: 0xe0434352
    Fehleroffset: 0x000bdae8
    ID des fehlerhaften Prozesses: 0x1784
    Startzeit der fehlerhaften Anwendung: 0xPoGo.NecroBot.CLI.exe0
    Pfad der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe1
    Pfad des fehlerhaften Moduls: PoGo.NecroBot.CLI.exe2
    Berichtskennung: PoGo.NecroBot.CLI.exe3
    Vollständiger Name des fehlerhaften Pakets: PoGo.NecroBot.CLI.exe4
    Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PoGo.NecroBot.CLI.exe5
     
    Error: (07/27/2016 08:25:12 PM) (Source: .NET Runtime) (User: )
    Description: Anwendung: PoGo.NecroBot.CLI.exe
    Frameworkversion: v4.0.30319
    Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
    Ausnahmeinformationen: Newtonsoft.Json.JsonSerializationException
       bei Newtonsoft.Json.Converters.StringEnumConverter.ReadJson(Newtonsoft.Json.JsonReader, System.Type, System.Object, Newtonsoft.Json.JsonSerializer)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.DeserializeConvertable(Newtonsoft.Json.JsonConverter, Newtonsoft.Json.JsonReader, System.Type, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateList(System.Collections.IList, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonArrayContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateList(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateObject(System.Object, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonObjectContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateObject(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.Deserialize(Newtonsoft.Json.JsonReader, System.Type, Boolean)
       bei Newtonsoft.Json.JsonSerializer.DeserializeInternal(Newtonsoft.Json.JsonReader, System.Type)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject(System.String, System.Type, Newtonsoft.Json.JsonSerializerSettings)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, Newtonsoft.Json.JsonSerializerSettings)
       bei PoGo.NecroBot.CLI.GlobalSettings.Load(System.String)
       bei PoGo.NecroBot.CLI.Program.Main(System.String[])
     
    Error: (07/27/2016 07:45:37 PM) (Source: Application Error) (User: )
    Description: Name der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe, Version: 1.0.0.0, Zeitstempel: 0x57983b05
    Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb9a
    Ausnahmecode: 0xe0434352
    Fehleroffset: 0x000bdae8
    ID des fehlerhaften Prozesses: 0x1248
    Startzeit der fehlerhaften Anwendung: 0xPoGo.NecroBot.CLI.exe0
    Pfad der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe1
    Pfad des fehlerhaften Moduls: PoGo.NecroBot.CLI.exe2
    Berichtskennung: PoGo.NecroBot.CLI.exe3
    Vollständiger Name des fehlerhaften Pakets: PoGo.NecroBot.CLI.exe4
    Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PoGo.NecroBot.CLI.exe5
     
    Error: (07/27/2016 07:45:37 PM) (Source: .NET Runtime) (User: )
    Description: Anwendung: PoGo.NecroBot.CLI.exe
    Frameworkversion: v4.0.30319
    Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
    Ausnahmeinformationen: Newtonsoft.Json.JsonSerializationException
       bei Newtonsoft.Json.Converters.StringEnumConverter.ReadJson(Newtonsoft.Json.JsonReader, System.Type, System.Object, Newtonsoft.Json.JsonSerializer)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.DeserializeConvertable(Newtonsoft.Json.JsonConverter, Newtonsoft.Json.JsonReader, System.Type, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateList(System.Collections.IList, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonArrayContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateList(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateObject(System.Object, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonObjectContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateObject(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.Deserialize(Newtonsoft.Json.JsonReader, System.Type, Boolean)
       bei Newtonsoft.Json.JsonSerializer.DeserializeInternal(Newtonsoft.Json.JsonReader, System.Type)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject(System.String, System.Type, Newtonsoft.Json.JsonSerializerSettings)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, Newtonsoft.Json.JsonSerializerSettings)
       bei PoGo.NecroBot.CLI.GlobalSettings.Load(System.String)
       bei PoGo.NecroBot.CLI.Program.Main(System.String[])
     
    Error: (07/27/2016 07:45:10 PM) (Source: Application Error) (User: )
    Description: Name der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe, Version: 1.0.0.0, Zeitstempel: 0x57983b05
    Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb9a
    Ausnahmecode: 0xe0434352
    Fehleroffset: 0x000bdae8
    ID des fehlerhaften Prozesses: 0x148
    Startzeit der fehlerhaften Anwendung: 0xPoGo.NecroBot.CLI.exe0
    Pfad der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe1
    Pfad des fehlerhaften Moduls: PoGo.NecroBot.CLI.exe2
    Berichtskennung: PoGo.NecroBot.CLI.exe3
    Vollständiger Name des fehlerhaften Pakets: PoGo.NecroBot.CLI.exe4
    Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PoGo.NecroBot.CLI.exe5
     
     
    System errors:
    =============
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
     
    Microsoft Office Sessions:
    =========================
    Error: (07/28/2016 01:25:38 AM) (Source: Software Protection Platform Service)(User: )
    Description: 0xC004E01643JJQ??
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
    Description: Eap method DLL path43900
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
    Description: Eap method DLL path25900
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
    Description: Eap method DLL path17900
     
    Error: (07/27/2016 11:59:04 PM) (Source: Software Protection Platform Service)(User: )
    Description: 0xC004E01643JJQ??
     
    Error: (07/27/2016 08:25:12 PM) (Source: Application Error)(User: )
    Description: PoGo.NecroBot.CLI.exe1.0.0.05798fc87KERNELBASE.dll10.0.10586.306571afb9ae0434352000bdae8178401d1e834364e7cbcC:\Desktop\POke2\NecroBot-master\PoGo.NecroBot.CLI\bin\Debug\PoGo.NecroBot.CLI.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll5e43594e-af22-4de8-84b6-773f1ea43c62
     
    Error: (07/27/2016 08:25:12 PM) (Source: .NET Runtime)(User: )
    Description: Anwendung: PoGo.NecroBot.CLI.exe
    Frameworkversion: v4.0.30319
    Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
    Ausnahmeinformationen: Newtonsoft.Json.JsonSerializationException
       bei Newtonsoft.Json.Converters.StringEnumConverter.ReadJson(Newtonsoft.Json.JsonReader, System.Type, System.Object, Newtonsoft.Json.JsonSerializer)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.DeserializeConvertable(Newtonsoft.Json.JsonConverter, Newtonsoft.Json.JsonReader, System.Type, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateList(System.Collections.IList, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonArrayContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateList(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateObject(System.Object, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonObjectContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateObject(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.Deserialize(Newtonsoft.Json.JsonReader, System.Type, Boolean)
       bei Newtonsoft.Json.JsonSerializer.DeserializeInternal(Newtonsoft.Json.JsonReader, System.Type)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject(System.String, System.Type, Newtonsoft.Json.JsonSerializerSettings)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, Newtonsoft.Json.JsonSerializerSettings)
       bei PoGo.NecroBot.CLI.GlobalSettings.Load(System.String)
       bei PoGo.NecroBot.CLI.Program.Main(System.String[])
     
    Error: (07/27/2016 07:45:37 PM) (Source: Application Error)(User: )
    Description: PoGo.NecroBot.CLI.exe1.0.0.057983b05KERNELBASE.dll10.0.10586.306571afb9ae0434352000bdae8124801d1e82eaecce0a2C:\Desktop\POke2\NecroBot-master\PoGo.NecroBot.CLI\bin\Debug\PoGo.NecroBot.CLI.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll058bb959-9e59-4063-8c18-c8b6a0b0f0b7
     
    Error: (07/27/2016 07:45:37 PM) (Source: .NET Runtime)(User: )
    Description: Anwendung: PoGo.NecroBot.CLI.exe
    Frameworkversion: v4.0.30319
    Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
    Ausnahmeinformationen: Newtonsoft.Json.JsonSerializationException
       bei Newtonsoft.Json.Converters.StringEnumConverter.ReadJson(Newtonsoft.Json.JsonReader, System.Type, System.Object, Newtonsoft.Json.JsonSerializer)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.DeserializeConvertable(Newtonsoft.Json.JsonConverter, Newtonsoft.Json.JsonReader, System.Type, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateList(System.Collections.IList, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonArrayContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateList(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateObject(System.Object, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonObjectContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateObject(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.Deserialize(Newtonsoft.Json.JsonReader, System.Type, Boolean)
       bei Newtonsoft.Json.JsonSerializer.DeserializeInternal(Newtonsoft.Json.JsonReader, System.Type)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject(System.String, System.Type, Newtonsoft.Json.JsonSerializerSettings)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, Newtonsoft.Json.JsonSerializerSettings)
       bei PoGo.NecroBot.CLI.GlobalSettings.Load(System.String)
       bei PoGo.NecroBot.CLI.Program.Main(System.String[])
     
    Error: (07/27/2016 07:45:10 PM) (Source: Application Error)(User: )
    Description: PoGo.NecroBot.CLI.exe1.0.0.057983b05KERNELBASE.dll10.0.10586.306571afb9ae0434352000bdae814801d1e82e9e227fd5C:\Desktop\POke2\NecroBot-master\PoGo.NecroBot.CLI\bin\Debug\PoGo.NecroBot.CLI.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll53d454be-b135-4f6d-ac26-559fca25f3bf
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2016-07-28 01:25:32.690
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 21:08:16.238
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 20:53:53.517
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 05:53:57.722
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 05:21:43.999
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 05:21:21.742
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 05:20:50.447
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 05:02:53.001
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hidclass.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-07-27 05:02:52.929
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hidclass.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-07-27 05:02:52.902
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hidclass.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    =========================== Installed Programs ============================
     
    .NET Reflector Desktop (HKLM-x32\...\{3450CBDE-2AE7-4FB8-93E3-37995ADE4F13}) (Version: 8.5.0.179 - Red Gate Software Ltd)
    Active Directory Authentication Library for SQL Server (HKLM\...\{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
    Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
    Active Directory Rights Management Services Client 2.1 (HKLM\...\{6E6B7401-5679-4AF3-9E11-719DDC313BFA}) (Version: 1.0.1516.0 - Microsoft Corporation)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.270 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
    Aeria Ignite (HKLM-x32\...\{73973508-05CE-4F5B-920B-7FAF319F8FC6}) (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
    Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
    Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
    Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
    AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
    Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
    ASIO Proxy for foobar2000 (HKLM-x32\...\ASIOProxy) (Version: 0.7.1.2 - Maxim V.Anisiutkin)
    AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.1.568 - Online Media Technologies Ltd.)
    Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
    AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
    Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
    BatteryBar (remove only) (HKLM\...\BatteryBar) (Version:  - )
    BatteryMon V2.1 (HKLM-x32\...\BatteryMon_is1) (Version:  - PassMark Software)
    Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.20.1143 - Bitdefender)
    Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.23.1252 - Bitdefender)
    Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
    cFosSpeed v10.12 (HKLM\...\cFosSpeed) (Version: 10.12 - cFos Software GmbH, Bonn)
    Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
    Chrome Remote Desktop Host (HKLM-x32\...\{159AA592-31AA-4EAC-A6CB-B47AB2CB1476}) (Version: 52.0.2743.48 - Google Inc.)
    Counter-Strike Global Offensive No-Steam (HKLM-x32\...\Counter-Strike Global Offensive_is1) (Version: 1.35.0.3 - Valve Software)
    CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
    CrypTool 1.4.31 (HKLM-x32\...\CrypTool) (Version: 1.4.31 - )
    CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 7.0.0.0555 - Disc Soft Ltd)
    Dead by Daylight (HKLM-x32\...\Dead by Daylight) (Version: 1.01 - Starbreeze Studios)
    Dead by Daylight [Steam] (HKLM-x32\...\{DBD-6B52-2B42-48D3-6FDF3A861253}_is1) (Version: Any - )
    Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
    Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
    Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
    EaseUS Data Recovery Wizard 8.0 (HKLM-x32\...\EaseUS Data Recovery Wizard 8.0_is1) (Version:  - EaseUS)
    Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
    ExamDiff Pro 7.0 (7.0.1.24, 32-bit) (HKLM-x32\...\ExamDiff Pro 7.0_is1) (Version: 7.0.1.24 - PrestoSoft LLC)
    f.lux (HKCU\...\Flux) (Version:  - )
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    FiiO USB DAC-E17 (HKLM\...\{B2B6F80C-30DF-419D-8E3C-A638770C74C1}) (Version: 1.0.16 - FiiO)
    foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski)
    Fotogalerie (HKLM-x32\...\{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Fotogalerija (HKLM-x32\...\{BE2DE42A-6696-4EE7-9E59-B9385F339DD3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Fotogalleri (HKLM-x32\...\{92E22997-3614-4ED9-9D53-C6C09B105BE9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Fotogalleriet (HKLM-x32\...\{F38BCC33-D42A-44EB-B62F-B3BB89B29FAF}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Fotoğraf Galerisi (HKLM-x32\...\{06738361-EB60-40D7-84BC-7807ED7EF282}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Fotótár (HKLM-x32\...\{8D977EAA-DF3E-4054-A98D-F27AEB0248DD}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Foxit PhantomPDF Business (HKLM-x32\...\{E9AA5BDC-7DFA-4CB8-96B5-F545F20EBFDB}) (Version: 7.0.3.916 - Foxit Software Inc.)
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
    Galeria de Fotografias (HKLM-x32\...\{6DFF6F1B-F876-4007-AC82-42D5DDF0E090}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Galería de fotos (HKLM-x32\...\{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Galeria fotografii (HKLM-x32\...\{207DA277-6A6D-4863-B535-129931D2BB21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Galerie de photos (HKLM-x32\...\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Gameforge Live 2.0.2 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.2 - Gameforge)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.82 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    Gpg4win (2.3.1) (HKLM-x32\...\GPG4Win) (Version: 2.3.1 - The Gpg4win Project)
    HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
    IDA Pro v6.6 and Hex-Rays Decompiler (ARM,x64,x86) (HKLM-x32\...\IDA Pro_6.6_is1) (Version:  - Hex-Rays SA)
    IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
    Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
    Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4444 - Intel Corporation)
    Intel® Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
    Intel® Product Improvement Program (HKLM-x32\...\{59801D62-FD8D-45AD-865D-6FC80C4C70DF}) (Version: 2.1.26 - Intel) Hidden
    Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
    Intel® Wireless Bluetooth® (HKLM-x32\...\{3A7490F5-AB3B-4667-808F-FFABFC62DF2C}) (Version: 17.0.1428.01 - Intel Corporation)
    Intel® Hardware Accelerated Execution Manager (HKLM\...\{5657796F-9AA4-41D7-93A1-0D95CF6CEFE8}) (Version: 1.0.8 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
    Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
    Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
    Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
    Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
    Java SE Development Kit 8 Update 77 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180770}) (Version: 8.0.770.3 - Oracle Corporation)
    jetAudio Plus (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
    KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.9.0.3 - QFX Software Corporation)
    Kits Configuration Installer (HKLM-x32\...\{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 - Microsoft) Hidden
    K-Lite Codec Pack 12.2.3 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.2.3 - KLCP)
    LINE (HKLM-x32\...\LINE) (Version: 4.3.0.724 - LINE Corporation)
    Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
    Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Maxima (sbcl) 5.38.0 (HKLM\...\Maxima-sbcl-5.38.0_is1) (Version: 5.38.0 - The Maxima Development Team)
    MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
    MEmu (HKLM-x32\...\MEmu) (Version: 2.7.2 - Microvirt)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
    Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
    Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.7070.2026 - Microsoft Corporation)
    Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7070.2026 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2016 LocalDB  (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft SQL Server 2016 Management Objects  (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft SQL Server 2016 Management Objects  (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
    Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.4053 False (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.57103 False (HKLM-x32\...\{d8fea624-4f2c-432d-9a54-6eee9cd1a77e}) (Version: 8.0.57103 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.0 False (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.0 False (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 False Eng (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False Eng (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
    Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
    Movie Maker (HKLM-x32\...\{0A958D81-B6FB-4BB2-82A8-67469F2D54AB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{2F2363F9-102C-448B-8E3E-02FCFE78A28D}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{4FB56489-F34B-42AA-9437-FB9E0B0543F7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{510807D0-219E-43ED-973F-A382FEA66039}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{57E9679B-A7D2-4662-A96B-B6A4F64420D8}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{5B91D34E-B583-4E08-BB48-4F18086A0DB7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{6E027BEA-AEFF-4AFB-9449-7CE7AE32085D}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{705C31EB-E0AB-4C1F-A834-993F9E08B085}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{7693587D-5D66-4208-ABEA-C370217D1D9B}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{8E038DF1-B140-46D6-9D82-1BDF8DC56764}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{B1865FCC-BE34-4800-AF2F-FB0120821B6A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{E169436E-49D8-419B-A5C0-D245EAF99611}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{F25C8769-16B6-4B19-BB0B-76F213829AC6}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Mozilla Firefox 47.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
    MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    MyPublicWiFi 5.1 (HKLM-x32\...\{C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1) (Version:  - TRUE Software)
    MySQL Installer - Community (HKLM-x32\...\{6E44CBA3-B33C-4FDA-8454-6784B271A26C}) (Version: 1.4.14.0 - Oracle Corporation)
    MySQL Server 5.7 (HKLM\...\{2B08DE80-EE6F-489E-88CA-100046FB9763}) (Version: 5.7.11 - Oracle Corporation)
    MySQL Workbench 6.3 CE (HKLM-x32\...\{3A81E7E4-0B62-4C82-B2E0-671663B14D25}) (Version: 6.3.6 - Oracle Corporation)
    NetCut 2.1.4 (HKLM-x32\...\NetCut_is1) (Version:  - arcai.com)
    Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
    NovaBACKUP (HKLM\...\{AE208BA1-8690-420A-AE46-1104546F0B41}) (Version: 17.0.1711 - NovaStor) Hidden
    NovaBACKUP (HKLM-x32\...\NovaBACKUP) (Version: 17.0.1711 - NovaStor)
    Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.0.0 - Duodian Technology Co. Ltd.)
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
    OpenVPN Client (HKLM-x32\...\{072A5217-8165-4AB7-8366-36CB3245DB60}) (Version: 1.5.6 - OpenVPN Technologies)
    Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
    OSFMount v1.5 (HKLM\...\OSFMount_is1) (Version: 1.5.1011 - Passmark Software)
    Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
    Password Recovery Bundle 2015 (HKLM-x32\...\Password Recovery Bundle 2015_is1) (Version:  - Top Password Software, Inc.)
    PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
    PerfectDisk Professional Business (HKLM\...\{C4E01CDC-0063-493C-B383-9C4FCF7A89F7}) (Version: 14.0.890 - Raxco Software Inc.)
    Podstawowe programy Windows Live (HKLM-x32\...\{FA12037C-B6FA-4825-86BC-D58AA6A9CC24}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Prerequisites for SSDT  (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
    Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
    Python 3.5.1 Core Interpreter (32-bit) (HKLM-x32\...\{7665C66D-78C4-4B30-B4B9-8DD484403532}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Development Libraries (32-bit) (HKLM-x32\...\{2B2FED36-5D63-411A-A8C4-E311D70BCF33}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Documentation (32-bit) (HKLM-x32\...\{77EEC303-714C-4290-AF63-5252FDB5D7C8}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Executables (32-bit) (HKLM-x32\...\{946BBA68-EDC0-4981-83D3-09592B9A84FA}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 pip Bootstrap (32-bit) (HKLM-x32\...\{4F29879C-940D-4599-8CEC-407579F73DF7}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Standard Library (32-bit) (HKLM-x32\...\{65A2F7DA-ACD7-4EC1-8A88-665D535D9CE7}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C387DB53-A25F-49E3-8DF7-94F47E5A7921}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Test Suite (32-bit) (HKLM-x32\...\{FA87440D-634A-4581-AD9C-C6FA859B88DD}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Utility Scripts (32-bit) (HKLM-x32\...\{9254A29B-0F60-444C-B5CE-DB7E2505474C}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Raccolta foto (HKLM-x32\...\{FA6BC7A5-85B3-4DC2-825C-D508E386151A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.3.26.13113 - Razer Inc.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30166 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7806 - Realtek Semiconductor Corp.)
    Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
    Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
    Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    Roslyn Language Services - x86 (HKLM-x32\...\{79B9BF33-93CC-37A3-9377-AEB7BEFA2C08}) (Version: 14.0.25424 - Microsoft Corporation) Hidden
    S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
    Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
    Samsung Link 2.0.0.1412161531 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1412161531 - Copyright 2013 SAMSUNG)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
    SDK Debuggers (HKLM-x32\...\{9274C832-3D8A-A294-FDE8-8B9272357098}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
    Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
    Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
    Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
    SmartAssembly 6 (HKLM\...\{09D5CC0D-0505-4A3D-AB2D-560206B0E6EB}) (Version: 6.9.0.114 - Red Gate Software Ltd)
    Snagit 12 (HKLM-x32\...\{4c4dec5d-4bef-42d1-ac9a-0804515870bd}) (Version: 12.3.0.2789 - TechSmith Corporation)
    Snagit 12 (HKLM-x32\...\{8E2CE66E-841B-444F-8A98-4B4D98863950}) (Version: 12.3.0 - TechSmith Corporation) Hidden
    Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
    Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project)
    Spotify (HKCU\...\Spotify) (Version: 1.0.21.143.g76c19bcd - Spotify AB)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
    Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
    Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.88 - NCH Software)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
    System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
    System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
    TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
    Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (HKLM-x32\...\{C0402801-37B7-30B1-A678-AE3E73E4C4F6}) (Version: 14.98.25331 - Microsoft) Hidden
    Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
    Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    Tftpd32 Standalone Edition (remove only) (HKLM-x32\...\Tftpd32) (Version:  - )
    Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version:  - )
    Total Recorder 8.6 Professional Edition (HKLM-x32\...\TotalRecorder) (Version:  - )
    TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{00B079B8-3A55-4804-9D9F-3D47644827CB}) (Version: 1.8.35.0 - Microsoft Corporation) Hidden
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    USB_DAC-E17K (HKLM-x32\...\{157AA5EF-D0DA-426A-B968-D9BB43A5DDE8}) (Version: 2.3.50 - FiiO)
    Valokuvavalikoima (HKLM-x32\...\{245C4CCD-8829-469C-9278-2BA330BEB8F4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    VS Update core components (HKLM-x32\...\{C81D9D25-445F-3C3F-B073-A2EDD71B7037}) (Version: 14.0.25424 - Microsoft Corporation) Hidden
    vs_update3notification (HKLM-x32\...\{456AD42E-76D4-3E47-88FC-CB4C1ECA0400}) (Version: 14.0.25424 - Microsoft Corporation) Hidden
    WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.33 - NCH Software)
    WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
    Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    WinSCP 5.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7 - Martin Prikryl)
    Wondershare Streaming Audio Recorder(Build 2.3.5) (HKLM-x32\...\Wondershare Streaming Audio Recorder_is1) (Version: 2.3.5.0 - Wondershare Software)
    Xilisoft Audio Converter Pro (HKLM-x32\...\Xilisoft Audio Converter Pro) (Version: 6.5.0.20131129 - Xilisoft)
    Συλλογή φωτογραφιών (HKLM-x32\...\{032CB0D7-FDBF-4CA9-901B-A4C1B01B1777}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
     
    ========================= Memory info: ===================================
     
    Percentage of memory in use: 42%
    Total physical RAM: 7086.02 MB
    Available physical RAM: 4050.2 MB
    Total Virtual: 12462.02 MB
    Available Virtual: 9359.83 MB
     
    ========================= Partitions: =====================================
     
    1 Drive c: (Boot) (Fixed) (Total:403.28 GB) (Free:118.4 GB) NTFS
    2 Drive d: (Recover) (Fixed) (Total:59.99 GB) (Free:8.17 GB) NTFS
     
    ========================= Users: ========================================
     
    Benutzerkonten fr \\ANONYMOUS
     
    Administrator            Ali Affandi              DefaultAccount           
    Gast                     
    Der Befehl wurde erfolgreich ausgefhrt.
     
     
    **** End of log ****
       

Hi boopme,
Here are the logs.

  • MTB

    MiniToolBox by Farbar  Version: 17-06-2016
    Ran by Ali Affandi (administrator) on 28-07-2016 at 01:28:43
    Running from "C:\Desktop"
    Microsoft Windows 10 Home  (X64)
    Model: S621xT Manufacturer: Medion
    Boot Mode: Normal
    ***************************************************************************
     
    ========================= Flush DNS: ===================================
     
    Windows-IP-Konfiguration
     
    Der DNS-Auflsungscache wurde geleert.
     
    ========================= IE Proxy Settings: ============================== 
     
    Proxy is not enabled.
    No Proxy Server is set.
     
    "Reset IE Proxy Settings": IE Proxy Settings were reset.
     
    ========================= FF Proxy Settings: ============================== 
     
     
    "Reset FF Proxy Settings": Firefox Proxy settings were reset.
     
    ========================= Hosts content: =================================
    127.0.0.1 idb.iobit.com
    0.0.0.0 serius.mwbsys.com
    0.0.0.0 keystone.mwbsys.com
    127.0.0.1 bestprosoft.com
    ========================= IP Configuration: ================================
     
    TAP-Windows Adapter V9 = LAN-Verbindung (Connected)
    Intel® Wireless-N 7260 = WiFi (Connected)
    Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
     
     
    # ----------------------------------
    # IPv4-Konfiguration
    # ----------------------------------
    pushd interface ipv4
     
    reset
    set global icmpredirects=enabled
    add route prefix=137.117.235.16/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=137.116.81.24/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=134.170.185.70/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.57.101.163/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=134.170.165.253/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.57.107.163/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.57.107.27/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=104.96.147.3/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=157.56.124.87/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=77.67.29.176/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.223.20.82/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=191.232.139.2/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.39.10/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.29.238/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.252.93/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=134.170.165.248/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.252.92/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.252.71/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.252.63/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.138.186/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.138.126/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.138.114/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.55.108.23/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.108.29/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.94/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.93/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=134.170.115.60/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.92/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.91/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.9/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.7/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.52.100.11/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=65.39.117.230/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=64.4.6.100/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=64.4.54.32/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=64.4.54.22/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.218.212.69/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=134.170.30.202/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.99.10.11/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=23.102.21.4/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=212.30.134.205/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=212.30.134.204/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=207.68.166.254/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=207.46.223.94/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=207.46.114.58/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=207.46.101.29/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=204.79.197.200/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=191.237.208.126/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=131.253.40.37/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=191.232.80.62/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=191.232.80.58/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=191.232.139.254/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=185.13.160.61/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=184.86.56.12/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=168.63.108.233/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=157.56.91.77/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=157.56.121.89/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=157.55.133.204/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=157.55.129.21/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=111.221.29.253/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    add route prefix=111.221.29.177/32 interface="iftype0_0" nexthop=0.0.0.0 metric=1 publish=Ja
    set interface interface="LAN-Verbindung* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="LAN-Verbindung* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="LAN-Verbindung* 6" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="LAN-Verbindung* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface="LAN-Verbindung" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    add address name="LAN-Verbindung" address=169.254.123.162 mask=255.255.0.0
     
     
    popd
    # Ende der IPv4-Konfiguration
     
     
     
    Windows-IP-Konfiguration
     
       Hostname  . . . . . . . . . . . . : Anonymous
       Prim„res DNS-Suffix . . . . . . . : 
       Knotentyp . . . . . . . . . . . . : Hybrid
       IP-Routing aktiviert  . . . . . . : Nein
       WINS-Proxy aktiviert  . . . . . . : Nein
     
    Ethernet-Adapter Ethernet:
     
       Medienstatus. . . . . . . . . . . : Medium getrennt
       Verbindungsspezifisches DNS-Suffix: 
       Beschreibung. . . . . . . . . . . : Realtek PCIe GBE Family Controller
       Physische Adresse . . . . . . . . : 00-0E-38-85-D6-C3
       DHCP aktiviert. . . . . . . . . . : Ja
       Autokonfiguration aktiviert . . . : Ja
     
    Drahtlos-LAN-Adapter LAN-Verbindung* 3:
     
       Medienstatus. . . . . . . . . . . : Medium getrennt
       Verbindungsspezifisches DNS-Suffix: 
       Beschreibung. . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
       Physische Adresse . . . . . . . . : 5C-51-4F-39-31-28
       DHCP aktiviert. . . . . . . . . . : Ja
       Autokonfiguration aktiviert . . . : Ja
     
    Drahtlos-LAN-Adapter LAN-Verbindung* 6:
     
       Medienstatus. . . . . . . . . . . : Medium getrennt
       Verbindungsspezifisches DNS-Suffix: 
       Beschreibung. . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
       Physische Adresse . . . . . . . . : 5E-51-4F-39-31-27
       DHCP aktiviert. . . . . . . . . . : Ja
       Autokonfiguration aktiviert . . . : Ja
     
    Ethernet-Adapter LAN-Verbindung:
     
       Verbindungsspezifisches DNS-Suffix: 
       Beschreibung. . . . . . . . . . . : TAP-Windows Adapter V9
       Physische Adresse . . . . . . . . : 00-FF-E9-DB-6D-68
       DHCP aktiviert. . . . . . . . . . : Nein
       Autokonfiguration aktiviert . . . : Ja
       IPv4-Adresse  . . . . . . . . . . : 169.254.123.162(Bevorzugt) 
       Subnetzmaske  . . . . . . . . . . : 255.255.0.0
       Standardgateway . . . . . . . . . : 
       NetBIOS ber TCP/IP . . . . . . . : Deaktiviert
     
    Drahtlos-LAN-Adapter WiFi:
     
       Verbindungsspezifisches DNS-Suffix: 
       Beschreibung. . . . . . . . . . . : Intel® Wireless-N 7260
       Physische Adresse . . . . . . . . : 5C-51-4F-39-31-27
       DHCP aktiviert. . . . . . . . . . : Ja
       Autokonfiguration aktiviert . . . : Ja
       Verbindungslokale IPv6-Adresse  . : fe80::e0ef:ceb7:85fb:7c1a%6(Bevorzugt) 
       IPv4-Adresse  . . . . . . . . . . : 192.168.0.101(Bevorzugt) 
       Subnetzmaske  . . . . . . . . . . : 255.255.255.0
       Lease erhalten. . . . . . . . . . : Donnerstag, 28. Juli 2016 01:24:17
       Lease l„uft ab. . . . . . . . . . : Donnerstag, 28. Juli 2016 03:24:18
       Standardgateway . . . . . . . . . : 192.168.0.1
       DHCP-Server . . . . . . . . . . . : 192.168.0.1
       DHCPv6-IAID . . . . . . . . . . . : 73158991
       DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-1E-9D-12-F8-00-0E-38-85-D6-C3
       DNS-Server  . . . . . . . . . . . : 192.168.0.1
                                           8.8.8.8
       NetBIOS ber TCP/IP . . . . . . . : Aktiviert
    Server:  UnKnown
    Address:  192.168.0.1
     
    Name:    google.com
    Addresses:  2a00:1450:4005:803::200e
     216.58.213.206
     
     
    Ping wird ausgefhrt fr google.com [216.58.213.206] mit 32 Bytes Daten:
    Antwort von 216.58.213.206: Bytes=32 Zeit=18ms TTL=49
    Antwort von 216.58.213.206: Bytes=32 Zeit=17ms TTL=49
     
    Ping-Statistik fr 216.58.213.206:
        Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
        (0% Verlust),
    Ca. Zeitangaben in Millisek.:
        Minimum = 17ms, Maximum = 18ms, Mittelwert = 17ms
    Server:  UnKnown
    Address:  192.168.0.1
     
    DNS request timed out.
        timeout was 2 seconds.
    Name:    yahoo.com
    Addresses:  2001:4998:58:c02::a9
     2001:4998:c:a06::2:4008
     2001:4998:44:204::a7
     
     
    Ping wird ausgefhrt fr yahoo.com [206.190.36.45] mit 32 Bytes Daten:
    Antwort von 206.190.36.45: Bytes=32 Zeit=175ms TTL=44
    Antwort von 206.190.36.45: Bytes=32 Zeit=177ms TTL=44
     
    Ping-Statistik fr 206.190.36.45:
        Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
        (0% Verlust),
    Ca. Zeitangaben in Millisek.:
        Minimum = 175ms, Maximum = 177ms, Mittelwert = 176ms
     
    Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
    Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
    Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
     
    Ping-Statistik fr 127.0.0.1:
        Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
        (0% Verlust),
    Ca. Zeitangaben in Millisek.:
        Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
    ===========================================================================
    Schnittstellenliste
      4...00 0e 38 85 d6 c3 ......Realtek PCIe GBE Family Controller
      7...5c 51 4f 39 31 28 ......Microsoft Wi-Fi Direct Virtual Adapter
      5...5e 51 4f 39 31 27 ......Microsoft Hosted Network Virtual Adapter
     10...00 ff e9 db 6d 68 ......TAP-Windows Adapter V9
      6...5c 51 4f 39 31 27 ......Intel® Wireless-N 7260
      1...........................Software Loopback Interface 1
    ===========================================================================
     
    IPv4-Routentabelle
    ===========================================================================
    Aktive Routen:
         Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
              0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.101     25
            127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    306
            127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    306
      127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
          169.254.0.0      255.255.0.0   Auf Verbindung   169.254.123.162    276
      169.254.123.162  255.255.255.255   Auf Verbindung   169.254.123.162    276
      169.254.255.255  255.255.255.255   Auf Verbindung   169.254.123.162    276
          192.168.0.0    255.255.255.0   Auf Verbindung     192.168.0.101    281
        192.168.0.101  255.255.255.255   Auf Verbindung     192.168.0.101    281
        192.168.0.255  255.255.255.255   Auf Verbindung     192.168.0.101    281
            224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    306
            224.0.0.0        240.0.0.0   Auf Verbindung   169.254.123.162    276
            224.0.0.0        240.0.0.0   Auf Verbindung     192.168.0.101    281
      255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
      255.255.255.255  255.255.255.255   Auf Verbindung   169.254.123.162    276
      255.255.255.255  255.255.255.255   Auf Verbindung     192.168.0.101    281
    ===========================================================================
    St„ndige Routen:
      Netzwerkadresse          Netzmaske  Gatewayadresse  Metrik
       137.117.235.16  255.255.255.255   Auf Verbindung        1
        137.116.81.24  255.255.255.255   Auf Verbindung        1
       134.170.185.70  255.255.255.255   Auf Verbindung        1
        23.57.101.163  255.255.255.255   Auf Verbindung        1
      134.170.165.253  255.255.255.255   Auf Verbindung        1
        23.57.107.163  255.255.255.255   Auf Verbindung        1
         23.57.107.27  255.255.255.255   Auf Verbindung        1
         104.96.147.3  255.255.255.255   Auf Verbindung        1
        157.56.124.87  255.255.255.255   Auf Verbindung        1
         77.67.29.176  255.255.255.255   Auf Verbindung        1
         23.223.20.82  255.255.255.255   Auf Verbindung        1
        191.232.139.2  255.255.255.255   Auf Verbindung        1
          65.55.39.10  255.255.255.255   Auf Verbindung        1
         65.55.29.238  255.255.255.255   Auf Verbindung        1
         65.55.252.93  255.255.255.255   Auf Verbindung        1
      134.170.165.248  255.255.255.255   Auf Verbindung        1
         65.55.252.92  255.255.255.255   Auf Verbindung        1
         65.55.252.71  255.255.255.255   Auf Verbindung        1
         65.55.252.63  255.255.255.255   Auf Verbindung        1
        65.55.138.186  255.255.255.255   Auf Verbindung        1
        65.55.138.126  255.255.255.255   Auf Verbindung        1
        65.55.138.114  255.255.255.255   Auf Verbindung        1
         65.55.108.23  255.255.255.255   Auf Verbindung        1
         65.52.108.29  255.255.255.255   Auf Verbindung        1
         65.52.100.94  255.255.255.255   Auf Verbindung        1
         65.52.100.93  255.255.255.255   Auf Verbindung        1
       134.170.115.60  255.255.255.255   Auf Verbindung        1
         65.52.100.92  255.255.255.255   Auf Verbindung        1
         65.52.100.91  255.255.255.255   Auf Verbindung        1
          65.52.100.9  255.255.255.255   Auf Verbindung        1
          65.52.100.7  255.255.255.255   Auf Verbindung        1
         65.52.100.11  255.255.255.255   Auf Verbindung        1
        65.39.117.230  255.255.255.255   Auf Verbindung        1
           64.4.6.100  255.255.255.255   Auf Verbindung        1
           64.4.54.32  255.255.255.255   Auf Verbindung        1
           64.4.54.22  255.255.255.255   Auf Verbindung        1
        23.218.212.69  255.255.255.255   Auf Verbindung        1
       134.170.30.202  255.255.255.255   Auf Verbindung        1
          23.99.10.11  255.255.255.255   Auf Verbindung        1
          23.102.21.4  255.255.255.255   Auf Verbindung        1
       212.30.134.205  255.255.255.255   Auf Verbindung        1
       212.30.134.204  255.255.255.255   Auf Verbindung        1
       207.68.166.254  255.255.255.255   Auf Verbindung        1
        207.46.223.94  255.255.255.255   Auf Verbindung        1
        207.46.114.58  255.255.255.255   Auf Verbindung        1
        207.46.101.29  255.255.255.255   Auf Verbindung        1
       204.79.197.200  255.255.255.255   Auf Verbindung        1
      191.237.208.126  255.255.255.255   Auf Verbindung        1
        131.253.40.37  255.255.255.255   Auf Verbindung        1
        191.232.80.62  255.255.255.255   Auf Verbindung        1
        191.232.80.58  255.255.255.255   Auf Verbindung        1
      191.232.139.254  255.255.255.255   Auf Verbindung        1
        185.13.160.61  255.255.255.255   Auf Verbindung        1
         184.86.56.12  255.255.255.255   Auf Verbindung        1
       168.63.108.233  255.255.255.255   Auf Verbindung        1
         157.56.91.77  255.255.255.255   Auf Verbindung        1
        157.56.121.89  255.255.255.255   Auf Verbindung        1
       157.55.133.204  255.255.255.255   Auf Verbindung        1
        157.55.129.21  255.255.255.255   Auf Verbindung        1
       111.221.29.253  255.255.255.255   Auf Verbindung        1
       111.221.29.177  255.255.255.255   Auf Verbindung        1
    ===========================================================================
     
    IPv6-Routentabelle
    ===========================================================================
    Aktive Routen:
     If Metrik Netzwerkziel             Gateway
      1    306 ::1/128                  Auf Verbindung
      6    281 fe80::/64                Auf Verbindung
      6    281 fe80::e0ef:ceb7:85fb:7c1a/128
                                        Auf Verbindung
      1    306 ff00::/8                 Auf Verbindung
      6    281 ff00::/8                 Auf Verbindung
    ===========================================================================
    St„ndige Routen:
      Keine
    ========================= Winsock entries =====================================
     
    Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
    Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
    Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
    Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
    Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
    Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
    x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
     
    ========================= Event log errors: ===============================
     
    Application errors:
    ==================
    Error: (07/28/2016 01:25:38 AM) (Source: Software Protection Platform Service) (User: )
    Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
    Teil-Pkey=43JJQ
    ACID=?
    Genauer Fehler[?]
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
    Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
    Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT)
    Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
     
    Error: (07/27/2016 11:59:04 PM) (Source: Software Protection Platform Service) (User: )
    Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
    Teil-Pkey=43JJQ
    ACID=?
    Genauer Fehler[?]
     
    Error: (07/27/2016 08:25:12 PM) (Source: Application Error) (User: )
    Description: Name der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe, Version: 1.0.0.0, Zeitstempel: 0x5798fc87
    Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb9a
    Ausnahmecode: 0xe0434352
    Fehleroffset: 0x000bdae8
    ID des fehlerhaften Prozesses: 0x1784
    Startzeit der fehlerhaften Anwendung: 0xPoGo.NecroBot.CLI.exe0
    Pfad der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe1
    Pfad des fehlerhaften Moduls: PoGo.NecroBot.CLI.exe2
    Berichtskennung: PoGo.NecroBot.CLI.exe3
    Vollständiger Name des fehlerhaften Pakets: PoGo.NecroBot.CLI.exe4
    Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PoGo.NecroBot.CLI.exe5
     
    Error: (07/27/2016 08:25:12 PM) (Source: .NET Runtime) (User: )
    Description: Anwendung: PoGo.NecroBot.CLI.exe
    Frameworkversion: v4.0.30319
    Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
    Ausnahmeinformationen: Newtonsoft.Json.JsonSerializationException
       bei Newtonsoft.Json.Converters.StringEnumConverter.ReadJson(Newtonsoft.Json.JsonReader, System.Type, System.Object, Newtonsoft.Json.JsonSerializer)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.DeserializeConvertable(Newtonsoft.Json.JsonConverter, Newtonsoft.Json.JsonReader, System.Type, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateList(System.Collections.IList, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonArrayContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateList(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateObject(System.Object, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonObjectContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateObject(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.Deserialize(Newtonsoft.Json.JsonReader, System.Type, Boolean)
       bei Newtonsoft.Json.JsonSerializer.DeserializeInternal(Newtonsoft.Json.JsonReader, System.Type)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject(System.String, System.Type, Newtonsoft.Json.JsonSerializerSettings)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, Newtonsoft.Json.JsonSerializerSettings)
       bei PoGo.NecroBot.CLI.GlobalSettings.Load(System.String)
       bei PoGo.NecroBot.CLI.Program.Main(System.String[])
     
    Error: (07/27/2016 07:45:37 PM) (Source: Application Error) (User: )
    Description: Name der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe, Version: 1.0.0.0, Zeitstempel: 0x57983b05
    Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb9a
    Ausnahmecode: 0xe0434352
    Fehleroffset: 0x000bdae8
    ID des fehlerhaften Prozesses: 0x1248
    Startzeit der fehlerhaften Anwendung: 0xPoGo.NecroBot.CLI.exe0
    Pfad der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe1
    Pfad des fehlerhaften Moduls: PoGo.NecroBot.CLI.exe2
    Berichtskennung: PoGo.NecroBot.CLI.exe3
    Vollständiger Name des fehlerhaften Pakets: PoGo.NecroBot.CLI.exe4
    Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PoGo.NecroBot.CLI.exe5
     
    Error: (07/27/2016 07:45:37 PM) (Source: .NET Runtime) (User: )
    Description: Anwendung: PoGo.NecroBot.CLI.exe
    Frameworkversion: v4.0.30319
    Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
    Ausnahmeinformationen: Newtonsoft.Json.JsonSerializationException
       bei Newtonsoft.Json.Converters.StringEnumConverter.ReadJson(Newtonsoft.Json.JsonReader, System.Type, System.Object, Newtonsoft.Json.JsonSerializer)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.DeserializeConvertable(Newtonsoft.Json.JsonConverter, Newtonsoft.Json.JsonReader, System.Type, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateList(System.Collections.IList, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonArrayContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateList(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateObject(System.Object, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonObjectContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateObject(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.Deserialize(Newtonsoft.Json.JsonReader, System.Type, Boolean)
       bei Newtonsoft.Json.JsonSerializer.DeserializeInternal(Newtonsoft.Json.JsonReader, System.Type)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject(System.String, System.Type, Newtonsoft.Json.JsonSerializerSettings)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, Newtonsoft.Json.JsonSerializerSettings)
       bei PoGo.NecroBot.CLI.GlobalSettings.Load(System.String)
       bei PoGo.NecroBot.CLI.Program.Main(System.String[])
     
    Error: (07/27/2016 07:45:10 PM) (Source: Application Error) (User: )
    Description: Name der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe, Version: 1.0.0.0, Zeitstempel: 0x57983b05
    Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.306, Zeitstempel: 0x571afb9a
    Ausnahmecode: 0xe0434352
    Fehleroffset: 0x000bdae8
    ID des fehlerhaften Prozesses: 0x148
    Startzeit der fehlerhaften Anwendung: 0xPoGo.NecroBot.CLI.exe0
    Pfad der fehlerhaften Anwendung: PoGo.NecroBot.CLI.exe1
    Pfad des fehlerhaften Moduls: PoGo.NecroBot.CLI.exe2
    Berichtskennung: PoGo.NecroBot.CLI.exe3
    Vollständiger Name des fehlerhaften Pakets: PoGo.NecroBot.CLI.exe4
    Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PoGo.NecroBot.CLI.exe5
     
     
    System errors:
    =============
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
    Error: (07/28/2016 01:27:23 AM) (Source: DCOM) (User: ANONYMOUS)
    Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ANONYMOUSAli AffandiS-1-5-21-1993809284-1810740912-1198980261-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
     
     
    Microsoft Office Sessions:
    =========================
    Error: (07/28/2016 01:25:38 AM) (Source: Software Protection Platform Service)(User: )
    Description: 0xC004E01643JJQ??
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
    Description: Eap method DLL path43900
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
    Description: Eap method DLL path25900
     
    Error: (07/28/2016 01:24:10 AM) (Source: Microsoft-Windows-EapHost)(User: NT-AUTORITÄT)
    Description: Eap method DLL path17900
     
    Error: (07/27/2016 11:59:04 PM) (Source: Software Protection Platform Service)(User: )
    Description: 0xC004E01643JJQ??
     
    Error: (07/27/2016 08:25:12 PM) (Source: Application Error)(User: )
    Description: PoGo.NecroBot.CLI.exe1.0.0.05798fc87KERNELBASE.dll10.0.10586.306571afb9ae0434352000bdae8178401d1e834364e7cbcC:\Desktop\POke2\NecroBot-master\PoGo.NecroBot.CLI\bin\Debug\PoGo.NecroBot.CLI.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll5e43594e-af22-4de8-84b6-773f1ea43c62
     
    Error: (07/27/2016 08:25:12 PM) (Source: .NET Runtime)(User: )
    Description: Anwendung: PoGo.NecroBot.CLI.exe
    Frameworkversion: v4.0.30319
    Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
    Ausnahmeinformationen: Newtonsoft.Json.JsonSerializationException
       bei Newtonsoft.Json.Converters.StringEnumConverter.ReadJson(Newtonsoft.Json.JsonReader, System.Type, System.Object, Newtonsoft.Json.JsonSerializer)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.DeserializeConvertable(Newtonsoft.Json.JsonConverter, Newtonsoft.Json.JsonReader, System.Type, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateList(System.Collections.IList, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonArrayContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateList(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateObject(System.Object, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonObjectContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateObject(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.Deserialize(Newtonsoft.Json.JsonReader, System.Type, Boolean)
       bei Newtonsoft.Json.JsonSerializer.DeserializeInternal(Newtonsoft.Json.JsonReader, System.Type)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject(System.String, System.Type, Newtonsoft.Json.JsonSerializerSettings)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, Newtonsoft.Json.JsonSerializerSettings)
       bei PoGo.NecroBot.CLI.GlobalSettings.Load(System.String)
       bei PoGo.NecroBot.CLI.Program.Main(System.String[])
     
    Error: (07/27/2016 07:45:37 PM) (Source: Application Error)(User: )
    Description: PoGo.NecroBot.CLI.exe1.0.0.057983b05KERNELBASE.dll10.0.10586.306571afb9ae0434352000bdae8124801d1e82eaecce0a2C:\Desktop\POke2\NecroBot-master\PoGo.NecroBot.CLI\bin\Debug\PoGo.NecroBot.CLI.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll058bb959-9e59-4063-8c18-c8b6a0b0f0b7
     
    Error: (07/27/2016 07:45:37 PM) (Source: .NET Runtime)(User: )
    Description: Anwendung: PoGo.NecroBot.CLI.exe
    Frameworkversion: v4.0.30319
    Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
    Ausnahmeinformationen: Newtonsoft.Json.JsonSerializationException
       bei Newtonsoft.Json.Converters.StringEnumConverter.ReadJson(Newtonsoft.Json.JsonReader, System.Type, System.Object, Newtonsoft.Json.JsonSerializer)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.DeserializeConvertable(Newtonsoft.Json.JsonConverter, Newtonsoft.Json.JsonReader, System.Type, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateList(System.Collections.IList, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonArrayContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateList(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonConverter, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.JsonReader, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateObject(System.Object, Newtonsoft.Json.JsonReader, Newtonsoft.Json.Serialization.JsonObjectContract, Newtonsoft.Json.Serialization.JsonProperty, System.String)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateObject(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(Newtonsoft.Json.JsonReader, System.Type, Newtonsoft.Json.Serialization.JsonContract, Newtonsoft.Json.Serialization.JsonProperty, Newtonsoft.Json.Serialization.JsonContainerContract, Newtonsoft.Json.Serialization.JsonProperty, System.Object)
       bei Newtonsoft.Json.Serialization.JsonSerializerInternalReader.Deserialize(Newtonsoft.Json.JsonReader, System.Type, Boolean)
       bei Newtonsoft.Json.JsonSerializer.DeserializeInternal(Newtonsoft.Json.JsonReader, System.Type)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject(System.String, System.Type, Newtonsoft.Json.JsonSerializerSettings)
       bei Newtonsoft.Json.JsonConvert.DeserializeObject[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, Newtonsoft.Json.JsonSerializerSettings)
       bei PoGo.NecroBot.CLI.GlobalSettings.Load(System.String)
       bei PoGo.NecroBot.CLI.Program.Main(System.String[])
     
    Error: (07/27/2016 07:45:10 PM) (Source: Application Error)(User: )
    Description: PoGo.NecroBot.CLI.exe1.0.0.057983b05KERNELBASE.dll10.0.10586.306571afb9ae0434352000bdae814801d1e82e9e227fd5C:\Desktop\POke2\NecroBot-master\PoGo.NecroBot.CLI\bin\Debug\PoGo.NecroBot.CLI.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll53d454be-b135-4f6d-ac26-559fca25f3bf
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2016-07-28 01:25:32.690
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 21:08:16.238
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 20:53:53.517
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 05:53:57.722
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 05:21:43.999
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 05:21:21.742
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 05:20:50.447
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
     
      Date: 2016-07-27 05:02:53.001
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hidclass.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-07-27 05:02:52.929
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hidclass.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2016-07-27 05:02:52.902
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\hidclass.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    =========================== Installed Programs ============================
     
    .NET Reflector Desktop (HKLM-x32\...\{3450CBDE-2AE7-4FB8-93E3-37995ADE4F13}) (Version: 8.5.0.179 - Red Gate Software Ltd)
    Active Directory Authentication Library for SQL Server (HKLM\...\{32C0D7B2-1046-43AC-98AD-B748E1910916}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
    Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{F40FA676-46B1-4609-85EF-D2F1F79E0C0E}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
    Active Directory Rights Management Services Client 2.1 (HKLM\...\{6E6B7401-5679-4AF3-9E11-719DDC313BFA}) (Version: 1.0.1516.0 - Microsoft Corporation)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.270 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
    Aeria Ignite (HKLM-x32\...\{73973508-05CE-4F5B-920B-7FAF319F8FC6}) (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
    Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
    Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
    Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
    AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
    Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
    ASIO Proxy for foobar2000 (HKLM-x32\...\ASIOProxy) (Version: 0.7.1.2 - Maxim V.Anisiutkin)
    AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.1.568 - Online Media Technologies Ltd.)
    Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
    AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
    Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
    BatteryBar (remove only) (HKLM\...\BatteryBar) (Version:  - )
    BatteryMon V2.1 (HKLM-x32\...\BatteryMon_is1) (Version:  - PassMark Software)
    Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.20.1143 - Bitdefender)
    Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.23.1252 - Bitdefender)
    Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
    cFosSpeed v10.12 (HKLM\...\cFosSpeed) (Version: 10.12 - cFos Software GmbH, Bonn)
    Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
    Chrome Remote Desktop Host (HKLM-x32\...\{159AA592-31AA-4EAC-A6CB-B47AB2CB1476}) (Version: 52.0.2743.48 - Google Inc.)
    Counter-Strike Global Offensive No-Steam (HKLM-x32\...\Counter-Strike Global Offensive_is1) (Version: 1.35.0.3 - Valve Software)
    CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
    CrypTool 1.4.31 (HKLM-x32\...\CrypTool) (Version: 1.4.31 - )
    CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 7.0.0.0555 - Disc Soft Ltd)
    Dead by Daylight (HKLM-x32\...\Dead by Daylight) (Version: 1.01 - Starbreeze Studios)
    Dead by Daylight [Steam] (HKLM-x32\...\{DBD-6B52-2B42-48D3-6FDF3A861253}_is1) (Version: Any - )
    Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
    Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
    Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
    EaseUS Data Recovery Wizard 8.0 (HKLM-x32\...\EaseUS Data Recovery Wizard 8.0_is1) (Version:  - EaseUS)
    Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
    ExamDiff Pro 7.0 (7.0.1.24, 32-bit) (HKLM-x32\...\ExamDiff Pro 7.0_is1) (Version: 7.0.1.24 - PrestoSoft LLC)
    f.lux (HKCU\...\Flux) (Version:  - )
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    FiiO USB DAC-E17 (HKLM\...\{B2B6F80C-30DF-419D-8E3C-A638770C74C1}) (Version: 1.0.16 - FiiO)
    foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski)
    Fotogalerie (HKLM-x32\...\{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Fotogalerija (HKLM-x32\...\{BE2DE42A-6696-4EE7-9E59-B9385F339DD3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Fotogalleri (HKLM-x32\...\{92E22997-3614-4ED9-9D53-C6C09B105BE9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Fotogalleriet (HKLM-x32\...\{F38BCC33-D42A-44EB-B62F-B3BB89B29FAF}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Fotoğraf Galerisi (HKLM-x32\...\{06738361-EB60-40D7-84BC-7807ED7EF282}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Fotótár (HKLM-x32\...\{8D977EAA-DF3E-4054-A98D-F27AEB0248DD}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Foxit PhantomPDF Business (HKLM-x32\...\{E9AA5BDC-7DFA-4CB8-96B5-F545F20EBFDB}) (Version: 7.0.3.916 - Foxit Software Inc.)
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
    Galeria de Fotografias (HKLM-x32\...\{6DFF6F1B-F876-4007-AC82-42D5DDF0E090}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Galería de fotos (HKLM-x32\...\{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Galeria fotografii (HKLM-x32\...\{207DA277-6A6D-4863-B535-129931D2BB21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Galerie de photos (HKLM-x32\...\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Gameforge Live 2.0.2 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.2 - Gameforge)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.82 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    Gpg4win (2.3.1) (HKLM-x32\...\GPG4Win) (Version: 2.3.1 - The Gpg4win Project)
    HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
    IDA Pro v6.6 and Hex-Rays Decompiler (ARM,x64,x86) (HKLM-x32\...\IDA Pro_6.6_is1) (Version:  - Hex-Rays SA)
    IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
    Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
    Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4444 - Intel Corporation)
    Intel® Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
    Intel® Product Improvement Program (HKLM-x32\...\{59801D62-FD8D-45AD-865D-6FC80C4C70DF}) (Version: 2.1.26 - Intel) Hidden
    Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
    Intel® Wireless Bluetooth® (HKLM-x32\...\{3A7490F5-AB3B-4667-808F-FFABFC62DF2C}) (Version: 17.0.1428.01 - Intel Corporation)
    Intel® Hardware Accelerated Execution Manager (HKLM\...\{5657796F-9AA4-41D7-93A1-0D95CF6CEFE8}) (Version: 1.0.8 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
    Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
    Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
    Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
    Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
    Java SE Development Kit 8 Update 77 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180770}) (Version: 8.0.770.3 - Oracle Corporation)
    jetAudio Plus (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON)
    KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.9.0.3 - QFX Software Corporation)
    Kits Configuration Installer (HKLM-x32\...\{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 - Microsoft) Hidden
    K-Lite Codec Pack 12.2.3 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.2.3 - KLCP)
    LINE (HKLM-x32\...\LINE) (Version: 4.3.0.724 - LINE Corporation)
    Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
    Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Maxima (sbcl) 5.38.0 (HKLM\...\Maxima-sbcl-5.38.0_is1) (Version: 5.38.0 - The Maxima Development Team)
    MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
    MEmu (HKLM-x32\...\MEmu) (Version: 2.7.2 - Microvirt)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
    Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
    Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
    Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.7070.2026 - Microsoft Corporation)
    Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7070.2026 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Microsoft SQL Server 2016 LocalDB  (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft SQL Server 2016 Management Objects  (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft SQL Server 2016 Management Objects  (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft SQL Server 2016 T-SQL Language Service  (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
    Microsoft SQL Server 2016 T-SQL ScriptDom  (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.4053 False (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.50727.42 False (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.51011 False (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.56336 False (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.57103 False (HKLM-x32\...\{d8fea624-4f2c-432d-9a54-6eee9cd1a77e}) (Version: 8.0.57103 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.58299 False (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.59193 False (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 False (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.0 False (HKLM-x32\...\{DCB46B42-723F-350E-B18A-449BC6C21636}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 False (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 False (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 False (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.0 False (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 False (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 False (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 False (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148.0 False (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.5570 False (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Redistributable - x86 10.0.30319 False (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 False Eng (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 False Eng (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
    Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
    Movie Maker (HKLM-x32\...\{0A958D81-B6FB-4BB2-82A8-67469F2D54AB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{2F2363F9-102C-448B-8E3E-02FCFE78A28D}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{4FB56489-F34B-42AA-9437-FB9E0B0543F7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{510807D0-219E-43ED-973F-A382FEA66039}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{57E9679B-A7D2-4662-A96B-B6A4F64420D8}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{5B91D34E-B583-4E08-BB48-4F18086A0DB7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{6E027BEA-AEFF-4AFB-9449-7CE7AE32085D}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{705C31EB-E0AB-4C1F-A834-993F9E08B085}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{7693587D-5D66-4208-ABEA-C370217D1D9B}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{8E038DF1-B140-46D6-9D82-1BDF8DC56764}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{B1865FCC-BE34-4800-AF2F-FB0120821B6A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{E169436E-49D8-419B-A5C0-D245EAF99611}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{F25C8769-16B6-4B19-BB0B-76F213829AC6}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Mozilla Firefox 47.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
    MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    MyPublicWiFi 5.1 (HKLM-x32\...\{C08D782B-9281-406B-ABCE-326DA70B8A1F}_is1) (Version:  - TRUE Software)
    MySQL Installer - Community (HKLM-x32\...\{6E44CBA3-B33C-4FDA-8454-6784B271A26C}) (Version: 1.4.14.0 - Oracle Corporation)
    MySQL Server 5.7 (HKLM\...\{2B08DE80-EE6F-489E-88CA-100046FB9763}) (Version: 5.7.11 - Oracle Corporation)
    MySQL Workbench 6.3 CE (HKLM-x32\...\{3A81E7E4-0B62-4C82-B2E0-671663B14D25}) (Version: 6.3.6 - Oracle Corporation)
    NetCut 2.1.4 (HKLM-x32\...\NetCut_is1) (Version:  - arcai.com)
    Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
    NovaBACKUP (HKLM\...\{AE208BA1-8690-420A-AE46-1104546F0B41}) (Version: 17.0.1711 - NovaStor) Hidden
    NovaBACKUP (HKLM-x32\...\NovaBACKUP) (Version: 17.0.1711 - NovaStor)
    Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.0.0 - Duodian Technology Co. Ltd.)
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.7030.1016 - Microsoft Corporation) Hidden
    OpenVPN Client (HKLM-x32\...\{072A5217-8165-4AB7-8366-36CB3245DB60}) (Version: 1.5.6 - OpenVPN Technologies)
    Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
    OSFMount v1.5 (HKLM\...\OSFMount_is1) (Version: 1.5.1011 - Passmark Software)
    Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
    Password Recovery Bundle 2015 (HKLM-x32\...\Password Recovery Bundle 2015_is1) (Version:  - Top Password Software, Inc.)
    PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
    PerfectDisk Professional Business (HKLM\...\{C4E01CDC-0063-493C-B383-9C4FCF7A89F7}) (Version: 14.0.890 - Raxco Software Inc.)
    Podstawowe programy Windows Live (HKLM-x32\...\{FA12037C-B6FA-4825-86BC-D58AA6A9CC24}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
    Prerequisites for SSDT  (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
    Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
    Python 2.7.12 (HKLM-x32\...\{9DA28CE5-0AA5-429E-86D8-686ED898C665}) (Version: 2.7.12150 - Python Software Foundation)
    Python 3.5.1 Core Interpreter (32-bit) (HKLM-x32\...\{7665C66D-78C4-4B30-B4B9-8DD484403532}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Development Libraries (32-bit) (HKLM-x32\...\{2B2FED36-5D63-411A-A8C4-E311D70BCF33}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Documentation (32-bit) (HKLM-x32\...\{77EEC303-714C-4290-AF63-5252FDB5D7C8}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Executables (32-bit) (HKLM-x32\...\{946BBA68-EDC0-4981-83D3-09592B9A84FA}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 pip Bootstrap (32-bit) (HKLM-x32\...\{4F29879C-940D-4599-8CEC-407579F73DF7}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Standard Library (32-bit) (HKLM-x32\...\{65A2F7DA-ACD7-4EC1-8A88-665D535D9CE7}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C387DB53-A25F-49E3-8DF7-94F47E5A7921}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Test Suite (32-bit) (HKLM-x32\...\{FA87440D-634A-4581-AD9C-C6FA859B88DD}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Python 3.5.1 Utility Scripts (32-bit) (HKLM-x32\...\{9254A29B-0F60-444C-B5CE-DB7E2505474C}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
    Raccolta foto (HKLM-x32\...\{FA6BC7A5-85B3-4DC2-825C-D508E386151A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.3.26.13113 - Razer Inc.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30166 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7806 - Realtek Semiconductor Corp.)
    Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
    Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
    Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    Roslyn Language Services - x86 (HKLM-x32\...\{79B9BF33-93CC-37A3-9377-AEB7BEFA2C08}) (Version: 14.0.25424 - Microsoft Corporation) Hidden
    S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
    Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
    Samsung Link 2.0.0.1412161531 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1412161531 - Copyright 2013 SAMSUNG)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
    SDK Debuggers (HKLM-x32\...\{9274C832-3D8A-A294-FDE8-8B9272357098}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
    Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
    Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
    Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
    SmartAssembly 6 (HKLM\...\{09D5CC0D-0505-4A3D-AB2D-560206B0E6EB}) (Version: 6.9.0.114 - Red Gate Software Ltd)
    Snagit 12 (HKLM-x32\...\{4c4dec5d-4bef-42d1-ac9a-0804515870bd}) (Version: 12.3.0.2789 - TechSmith Corporation)
    Snagit 12 (HKLM-x32\...\{8E2CE66E-841B-444F-8A98-4B4D98863950}) (Version: 12.3.0 - TechSmith Corporation) Hidden
    Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
    Spek (HKLM-x32\...\{7CDF6754-F5A0-4F34-B589-197530FEF862}) (Version: 0.8.2 - Spek Project)
    Spotify (HKCU\...\Spotify) (Version: 1.0.21.143.g76c19bcd - Spotify AB)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
    Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
    Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.88 - NCH Software)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
    System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
    System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
    TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
    Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (HKLM-x32\...\{C0402801-37B7-30B1-A678-AE3E73E4C4F6}) (Version: 14.98.25331 - Microsoft) Hidden
    Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
    Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
    Tftpd32 Standalone Edition (remove only) (HKLM-x32\...\Tftpd32) (Version:  - )
    Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version:  - )
    Total Recorder 8.6 Professional Edition (HKLM-x32\...\TotalRecorder) (Version:  - )
    TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
    TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{00B079B8-3A55-4804-9D9F-3D47644827CB}) (Version: 1.8.35.0 - Microsoft Corporation) Hidden
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    USB_DAC-E17K (HKLM-x32\...\{157AA5EF-D0DA-426A-B968-D9BB43A5DDE8}) (Version: 2.3.50 - FiiO)
    Valokuvavalikoima (HKLM-x32\...\{245C4CCD-8829-469C-9278-2BA330BEB8F4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    VS Update core components (HKLM-x32\...\{C81D9D25-445F-3C3F-B073-A2EDD71B7037}) (Version: 14.0.25424 - Microsoft Corporation) Hidden
    vs_update3notification (HKLM-x32\...\{456AD42E-76D4-3E47-88FC-CB4C1ECA0400}) (Version: 14.0.25424 - Microsoft Corporation) Hidden
    WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.33 - NCH Software)
    WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
    Windows Driver Package - BigNox Corporation XQHDrv System  (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
    Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    WinSCP 5.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7 - Martin Prikryl)
    Wondershare Streaming Audio Recorder(Build 2.3.5) (HKLM-x32\...\Wondershare Streaming Audio Recorder_is1) (Version: 2.3.5.0 - Wondershare Software)
    Xilisoft Audio Converter Pro (HKLM-x32\...\Xilisoft Audio Converter Pro) (Version: 6.5.0.20131129 - Xilisoft)
    Συλλογή φωτογραφιών (HKLM-x32\...\{032CB0D7-FDBF-4CA9-901B-A4C1B01B1777}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
     
    ========================= Memory info: ===================================
     
    Percentage of memory in use: 42%
    Total physical RAM: 7086.02 MB
    Available physical RAM: 4050.2 MB
    Total Virtual: 12462.02 MB
    Available Virtual: 9359.83 MB
     
    ========================= Partitions: =====================================
     
    1 Drive c: (Boot) (Fixed) (Total:403.28 GB) (Free:118.4 GB) NTFS
    2 Drive d: (Recover) (Fixed) (Total:59.99 GB) (Free:8.17 GB) NTFS
     
    ========================= Users: ========================================
     
    Benutzerkonten fr \\ANONYMOUS
     
    Administrator            Ali Affandi              DefaultAccount           
    Gast                     
    Der Befehl wurde erfolgreich ausgefhrt.
     
     
    **** End of log ****
       


#4 Johnny5478

Johnny5478
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 28 July 2016 - 10:05 AM

TDSS
 

01:34:27.0619 0x2da8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
01:34:27.0620 0x2da8  UEFI system
01:34:33.0615 0x2da8  ============================================================
01:34:33.0615 0x2da8  Current date / time: 2016/07/28 01:34:33.0615
01:34:33.0615 0x2da8  SystemInfo:
01:34:33.0615 0x2da8  
01:34:33.0615 0x2da8  OS Version: 10.0.10586 ServicePack: 0.0
01:34:33.0615 0x2da8  Product type: Workstation
01:34:33.0615 0x2da8  ComputerName: ANONYMOUS
01:34:33.0615 0x2da8  UserName: Ali Affandi
01:34:33.0615 0x2da8  Windows directory: C:\WINDOWS
01:34:33.0615 0x2da8  System windows directory: C:\WINDOWS
01:34:33.0615 0x2da8  Running under WOW64
01:34:33.0615 0x2da8  Processor architecture: Intel x64
01:34:33.0615 0x2da8  Number of processors: 4
01:34:33.0615 0x2da8  Page size: 0x1000
01:34:33.0615 0x2da8  Boot type: Normal boot
01:34:33.0615 0x2da8  ============================================================
01:34:34.0327 0x2da8  KLMD registered as C:\WINDOWS\system32\drivers\07853788.sys
01:34:34.0952 0x2da8  System UUID: {24CF3505-320D-D86D-764D-241AC1E0BB90}
01:34:35.0674 0x2da8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:34:35.0690 0x2da8  ============================================================
01:34:35.0690 0x2da8  \Device\Harddisk0\DR0:
01:34:35.0690 0x2da8  GPT partitions:
01:34:35.0706 0x2da8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6F2FA1CF-2BC7-11E3-9B49-BA600CF803ED}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
01:34:35.0706 0x2da8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6F2FA1D0-2BC7-11E3-9B49-BA600CF803ED}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
01:34:35.0706 0x2da8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6F2FA1D1-2BC7-11E3-9B49-BA600CF803ED}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000
01:34:35.0708 0x2da8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {6F2FA1D2-2BC7-11E3-9B49-BA600CF803ED}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000
01:34:35.0708 0x2da8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6F2FA1D3-2BC7-11E3-9B49-BA600CF803ED}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0x3268D3E2
01:34:35.0708 0x2da8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {EDBCE118-D9B0-43C3-AAD8-BA5C7C03001E}, Name: , StartLBA 0x329F9800, BlocksNum 0x18D000
01:34:35.0708 0x2da8  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {39A9DA80-C8D2-402B-8DA0-BB3727ED6CC9}, Name: Basic data partition, StartLBA 0x32B86800, BlocksNum 0x77FD000
01:34:35.0708 0x2da8  MBR partitions:
01:34:35.0708 0x2da8  ============================================================
01:34:35.0728 0x2da8  C: <-> \Device\Harddisk0\DR0\Partition5
01:34:35.0782 0x2da8  D: <-> \Device\Harddisk0\DR0\Partition7
01:34:35.0782 0x2da8  ============================================================
01:34:35.0782 0x2da8  Initialize success
01:34:35.0782 0x2da8  ============================================================
01:34:47.0593 0x2c3c  ============================================================
01:34:47.0593 0x2c3c  Scan started
01:34:47.0593 0x2c3c  Mode: Manual; 
01:34:47.0593 0x2c3c  ============================================================
01:34:47.0593 0x2c3c  KSN ping started
01:34:48.0057 0x2c3c  KSN ping finished: true
01:34:55.0743 0x2c3c  ================ Scan system memory ========================
01:34:55.0743 0x2c3c  System memory - ok
01:34:55.0743 0x2c3c  ================ Scan services =============================
01:34:56.0862 0x2c3c  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
01:34:56.0867 0x2c3c  1394ohci - ok
01:34:56.0907 0x2c3c  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
01:34:56.0912 0x2c3c  3ware - ok
01:34:56.0999 0x2c3c  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
01:34:57.0030 0x2c3c  ACPI - ok
01:34:57.0068 0x2c3c  [ 0B570E1A6A35D36BE772E4FBA590A4BD, 13A27E40E907138D6BBAE43A996CFDB84D4DC2FD2B8B69CF7EF8A531B8478031 ] acpials         C:\WINDOWS\system32\DRIVERS\acpials.sys
01:34:57.0068 0x2c3c  acpials - ok
01:34:57.0115 0x2c3c  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
01:34:57.0115 0x2c3c  acpiex - ok
01:34:57.0130 0x2c3c  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
01:34:57.0130 0x2c3c  acpipagr - ok
01:34:57.0146 0x2c3c  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
01:34:57.0146 0x2c3c  AcpiPmi - ok
01:34:57.0187 0x2c3c  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
01:34:57.0187 0x2c3c  acpitime - ok
01:34:57.0816 0x2c3c  [ E324D38B6CCF843ED4F6D521908AEE5B, D34DAF5AB7A3C2751C0C3BD3C21E52909E6D182DD202BD3C0B4981535320E64A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:34:57.0816 0x2c3c  AdobeFlashPlayerUpdateSvc - ok
01:34:58.0032 0x2c3c  [ 8787431643698296C440B61DD42E12BD, 8A4D81E5A8564C30444B1762E1047F550E456AF9E58865D6573C0044B8272344 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
01:34:58.0069 0x2c3c  AdobeUpdateService - ok
01:34:58.0116 0x2c3c  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
01:34:58.0132 0x2c3c  ADP80XX - ok
01:34:58.0185 0x2c3c  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
01:34:58.0200 0x2c3c  AFD - ok
01:34:58.0216 0x2c3c  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
01:34:58.0216 0x2c3c  agp440 - ok
01:34:58.0334 0x2c3c  [ C17171E63E84F5711DF23B8F1E7A100E, C2AFDDA0A1A502FAE6B51BD00FF5884F46A74D9AEC76856B32E82D244D14FA97 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
01:34:58.0385 0x2c3c  AGSService - ok
01:34:58.0418 0x2c3c  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
01:34:58.0423 0x2c3c  ahcache - ok
01:34:58.0469 0x2c3c  [ 2870CE9BFD6BA66FB0FFC6D11C9E41A7, DBAD074E0F168F327B1F2069EA8BDB77FD5EC909697A42468346D4C6399838C8 ] AIPS            C:\Program Files (x86)\netcut\services\AIPS.exe
01:34:58.0469 0x2c3c  AIPS - ok
01:34:58.0485 0x2c3c  [ BF53DC85C13E14519BDF7086EA830133, 6FDCA41D6A96E3316C5F49FE2116DBF9E72B51F43EE10DCEE4B41F3E91321CF3 ] AirplaneModeHID C:\WINDOWS\System32\drivers\AirplaneModeHID.sys
01:34:58.0485 0x2c3c  AirplaneModeHID - ok
01:34:58.0501 0x2c3c  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
01:34:58.0501 0x2c3c  AJRouter - ok
01:34:58.0532 0x2c3c  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
01:34:58.0532 0x2c3c  ALG - ok
01:34:58.0632 0x2c3c  [ 5EE5E5DF9E92B3A5581B9DE7DCC05972, 6AD4D98F00C2B454807450EDB9ED3545BA91B608A853A59BDE7282808CBFF6B0 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
01:34:58.0648 0x2c3c  AllShare Framework DMS - ok
01:34:58.0686 0x2c3c  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
01:34:58.0686 0x2c3c  AmdK8 - ok
01:34:58.0717 0x2c3c  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
01:34:58.0717 0x2c3c  amdkmpfd - ok
01:34:58.0766 0x2c3c  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
01:34:58.0770 0x2c3c  AmdPPM - ok
01:34:58.0786 0x2c3c  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
01:34:58.0801 0x2c3c  amdsata - ok
01:34:58.0833 0x2c3c  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
01:34:58.0833 0x2c3c  amdsbs - ok
01:34:58.0870 0x2c3c  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
01:34:58.0870 0x2c3c  amdxata - ok
01:34:58.0914 0x2c3c  [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
01:34:58.0919 0x2c3c  AMPPAL - ok
01:34:58.0933 0x2c3c  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\WINDOWS\system32\drivers\appid.sys
01:34:58.0935 0x2c3c  AppID - ok
01:34:58.0951 0x2c3c  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
01:34:58.0951 0x2c3c  AppIDSvc - ok
01:34:58.0970 0x2c3c  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
01:34:58.0970 0x2c3c  Appinfo - ok
01:34:59.0017 0x2c3c  [ 682F73D86501D75B131A1D59539A475D, 1C3E1728F3995BBFC2BCE90EFD118B0B864103B16F587A1374D8B3A00403B9E3 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
01:34:59.0033 0x2c3c  AppReadiness - ok
01:34:59.0133 0x2c3c  [ AA27A3DF5CDA714F0DD47A48FE7CA8C3, C87425A11162F3EE422C90F6E66CB0176126C9C6374AB80BD9CE6B30DE73B1A5 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
01:34:59.0175 0x2c3c  AppXSvc - ok
01:34:59.0206 0x2c3c  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
01:34:59.0206 0x2c3c  arcsas - ok
01:34:59.0288 0x2c3c  [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:34:59.0288 0x2c3c  aspnet_state - ok
01:34:59.0303 0x2c3c  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
01:34:59.0303 0x2c3c  AsyncMac - ok
01:34:59.0319 0x2c3c  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
01:34:59.0319 0x2c3c  atapi - ok
01:34:59.0361 0x2c3c  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
01:34:59.0371 0x2c3c  AudioEndpointBuilder - ok
01:34:59.0426 0x2c3c  [ 5C6F3312EACE1409DC2C4C2AD5D2719D, 415955E31458AE56182436EEF5A993BAEF08379C12C182CC073F3D0A3A0DE006 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
01:34:59.0448 0x2c3c  Audiosrv - ok
01:34:59.0517 0x2c3c  [ 2E81F74AB70EDC4B14EB6F1EED7D4E9E, 829ACFA43743E757DE8907D1B111AE3B6030AF8C981AC7B3F3646B2180AF127E ] avc3            C:\WINDOWS\system32\DRIVERS\avc3.sys
01:34:59.0549 0x2c3c  avc3 - ok
01:34:59.0618 0x2c3c  [ 32612167C1BF3F6B41BFF12FEF3E5E4C, 87E6BC09894CA005556F8759495AB5C62E33C8B104526A052681553A36AAE370 ] avckf           C:\WINDOWS\system32\DRIVERS\avckf.sys
01:34:59.0633 0x2c3c  avckf - ok
01:34:59.0665 0x2c3c  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
01:34:59.0668 0x2c3c  AxInstSV - ok
01:34:59.0702 0x2c3c  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
01:34:59.0718 0x2c3c  b06bdrv - ok
01:34:59.0921 0x2c3c  [ C821B5577527DFFCC3017B3E30F3F76A, 2516341F5206A8E488E998887C6A31137468EE7538D50797CCBFAA6EBEF3BCA0 ] Backup Client Agent Service C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\ManagementServer.Agent.Service.exe
01:34:59.0987 0x2c3c  Backup Client Agent Service - ok
01:35:00.0003 0x2c3c  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
01:35:00.0003 0x2c3c  BasicDisplay - ok
01:35:00.0034 0x2c3c  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
01:35:00.0034 0x2c3c  BasicRender - ok
01:35:00.0072 0x2c3c  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
01:35:00.0072 0x2c3c  bcmfn - ok
01:35:00.0087 0x2c3c  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
01:35:00.0087 0x2c3c  bcmfn2 - ok
01:35:00.0119 0x2c3c  [ 3701D3BF4AC12EAACB1F58847C1D32FC, 29F3DA7E4C1706934BE92D03CB6F633C47D0251E5580958E823B6148DA5E5E73 ] bdelam          C:\WINDOWS\system32\drivers\bdelam.sys
01:35:00.0119 0x2c3c  bdelam - ok
01:35:00.0170 0x2c3c  [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
01:35:00.0181 0x2c3c  BDESVC - ok
01:35:00.0233 0x2c3c  [ 14F686FA27C2914128031504B70D2B5E, BED77F4A6DC8B30ADB698FBCC00153D924310188EFBE22ADD2BAA3321C746556 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
01:35:00.0248 0x2c3c  bdfwfpf - ok
01:35:00.0266 0x2c3c  [ D8FAF7CFBC81E5E15CA7A7EC8EE1B409, 75E60DF2147DFB109E628FDF80EB1BFA5360E5935BB9237B67053588F906E1B1 ] BDVEDISK        C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
01:35:00.0269 0x2c3c  BDVEDISK - ok
01:35:00.0288 0x2c3c  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
01:35:00.0288 0x2c3c  Beep - ok
01:35:00.0353 0x2c3c  [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE             C:\WINDOWS\System32\bfe.dll
01:35:00.0371 0x2c3c  BFE - ok
01:35:00.0423 0x2c3c  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
01:35:00.0472 0x2c3c  BITS - ok
01:35:00.0488 0x2c3c  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
01:35:00.0488 0x2c3c  bowser - ok
01:35:00.0519 0x2c3c  [ 453207816AB95A0376887BE01FAE30E1, 102CA59ED06C6A7D69AA3094DDC550400C50CDF5B7F066522BF0031B8EC7B708 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
01:35:00.0535 0x2c3c  BrokerInfrastructure - ok
01:35:00.0572 0x2c3c  [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser         C:\WINDOWS\System32\browser.dll
01:35:00.0572 0x2c3c  Browser - ok
01:35:00.0588 0x2c3c  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
01:35:00.0588 0x2c3c  BthAvrcpTg - ok
01:35:00.0604 0x2c3c  [ 33110D78697A1B771E1B30675B39CE46, 5BA266536571EF8CC62505441B50C355571E9C90AED14A9B1F4BD2BBDB40EC35 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
01:35:00.0604 0x2c3c  BthEnum - ok
01:35:00.0620 0x2c3c  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
01:35:00.0635 0x2c3c  BthHFEnum - ok
01:35:00.0635 0x2c3c  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
01:35:00.0635 0x2c3c  bthhfhid - ok
01:35:00.0673 0x2c3c  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
01:35:00.0673 0x2c3c  BthHFSrv - ok
01:35:00.0720 0x2c3c  [ 3B3BF88BB54CB9A18DE1EF07292B5A3D, 7B9C1E7E07435B976E4AE89425F10541E1DEB153172A375CBC2D03A4D7B7F3D2 ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
01:35:00.0720 0x2c3c  BthLEEnum - ok
01:35:00.0751 0x2c3c  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
01:35:00.0751 0x2c3c  BTHMODEM - ok
01:35:00.0769 0x2c3c  [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
01:35:00.0773 0x2c3c  BthPan - ok
01:35:00.0805 0x2c3c  [ 2D54FE808BAF96666D0CE9B05B8C768F, 1827E0480600328EA2CA152A458CE691F2192E68AFBEF1638A8BB241FF555319 ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
01:35:00.0820 0x2c3c  BTHPORT - ok
01:35:00.0889 0x2c3c  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
01:35:00.0906 0x2c3c  bthserv - ok
01:35:00.0914 0x2c3c  [ B32316BCF974882E715A3459C953AD56, 8DA67B8157FB83F908F92EEEE3B8895E28FB3BCD8777A20DC7A0B226ECFF08EF ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
01:35:00.0917 0x2c3c  BTHUSB - ok
01:35:00.0935 0x2c3c  [ 3EF7E32CA8615BFBA256F9F553962E60, 55E5A93BDDEF053782C664A31E5321B59C7598843D2A0238DF5174DD0685E11F ] busenum         C:\WINDOWS\System32\drivers\SteelBus64.sys
01:35:00.0935 0x2c3c  busenum - ok
01:35:00.0951 0x2c3c  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
01:35:00.0951 0x2c3c  buttonconverter - ok
01:35:01.0089 0x2c3c  [ 4E1D29BD13F186158A4D788DF98984D1, 64D6F925860DDDCEED4342776C0133ECF81A4A70890DE8C7C8A6375F7677D867 ] CAMService      C:\Program Files\Intel\CAM\bin\CAMService.exe
01:35:01.0136 0x2c3c  CAMService - ok
01:35:01.0193 0x2c3c  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
01:35:01.0193 0x2c3c  CapImg - ok
01:35:01.0224 0x2c3c  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
01:35:01.0224 0x2c3c  cdfs - ok
01:35:01.0240 0x2c3c  [ 88E3BA684A7B1247762E1D401076D4C2, 88375BD1970848A71B9CF8C7C73ECA2E4A65E57D80D0C36F41547D381441A552 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
01:35:01.0255 0x2c3c  CDPSvc - ok
01:35:01.0277 0x2c3c  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
01:35:01.0284 0x2c3c  cdrom - ok
01:35:01.0320 0x2c3c  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
01:35:01.0320 0x2c3c  CertPropSvc - ok
01:35:01.0390 0x2c3c  [ D4AF7F3E7AD4812FD42F673C99A85357, FB10AD64169C956A6BDABAD02C3CB7694BB93E10AFA651F8F790D2A038514B00 ] cFosSpeed       C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys
01:35:01.0443 0x2c3c  cFosSpeed - ok
01:35:01.0490 0x2c3c  [ 9939DB69BC54EF2DD47C4EAE46172148, 4B766C696DCAE851B93A7787E9FADEABF25FF224DB2C27E05ED8B6068CB26177 ] cFosSpeedS      C:\Program Files\cFosSpeed\spd.exe
01:35:01.0490 0x2c3c  cFosSpeedS - ok
01:35:01.0537 0x2c3c  [ 76FBFD583CCE97FD06FCD510805A5908, 9CBBCC49E3CB1882C89798C0FB1836EFD0ED84775CCDFFEC898DFAB3996A2E12 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
01:35:01.0553 0x2c3c  CGVPNCliService - ok
01:35:01.0622 0x2c3c  [ 06DE27AB35EA84243F2DFAA390630105, 925467923D6E33906248626C0F577065FA69A2E2F25DA0C81CB103C5D94E3E37 ] chromoting      C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
01:35:01.0622 0x2c3c  chromoting - ok
01:35:01.0637 0x2c3c  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
01:35:01.0637 0x2c3c  circlass - ok
01:35:01.0675 0x2c3c  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
01:35:01.0691 0x2c3c  CLFS - ok
01:35:01.0951 0x2c3c  [ C4F85A98844600F98704C04CC46FF021, D69132D2BC6DC6F17F77EBD7D51E4E9169350797866DF9AB06A4E37C11A892D4 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
01:35:02.0038 0x2c3c  ClickToRunSvc - ok
01:35:02.0076 0x2c3c  [ E72BB94A4010EBA7074DFEB25D67BDC3, 437F13A1F709B4CC047C9918625C2B5F673218A5141DBC99CD14B008FAB2AA88 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
01:35:02.0091 0x2c3c  ClipSVC - ok
01:35:02.0138 0x2c3c  [ 7BB935831ACAEEF54684B675575530E5, C0F1D2BD84B696BDDA247845A1A76E188175EB36F1C52D8505C250E088CF44F2 ] clwvd6          C:\WINDOWS\system32\DRIVERS\clwvd6.sys
01:35:02.0138 0x2c3c  clwvd6 - ok
01:35:02.0154 0x2c3c  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
01:35:02.0154 0x2c3c  CmBatt - ok
01:35:02.0176 0x2c3c  [ 309E3CFC5309CECD9317A69990716A87, 1043A48A013CE1098BF02699750E31DFB181692C604F3D3F1EBE8A950B89DBE4 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
01:35:02.0192 0x2c3c  CNG - ok
01:35:02.0192 0x2c3c  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
01:35:02.0192 0x2c3c  cnghwassist - ok
01:35:02.0270 0x2c3c  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
01:35:02.0272 0x2c3c  CompositeBus - ok
01:35:02.0276 0x2c3c  COMSysApp - ok
01:35:02.0303 0x2c3c  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
01:35:02.0303 0x2c3c  condrv - ok
01:35:02.0334 0x2c3c  [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
01:35:02.0364 0x2c3c  CoreMessagingRegistrar - ok
01:35:02.0893 0x2c3c  [ 90DC0A2FD12EB0E03721A18FA3EF30B6, 7FFCAD0DFB46139A3359E9E25023226893D7B1D285FEBB530878F8B380F1D22B ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
01:35:02.0924 0x2c3c  cphs - ok
01:35:02.0951 0x2c3c  [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
01:35:02.0951 0x2c3c  CryptSvc - ok
01:35:03.0009 0x2c3c  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
01:35:03.0040 0x2c3c  dam - ok
01:35:03.0196 0x2c3c  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
01:35:03.0212 0x2c3c  DcomLaunch - ok
01:35:03.0243 0x2c3c  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
01:35:03.0243 0x2c3c  DcpSvc - ok
01:35:03.0288 0x2c3c  [ 38454C2221DFA19B4B7AA30F29E560D4, C74469AF2C476933B7CB0234269E7DE601731CB2D7287C7B28023BA09A10B751 ] DefragFS        C:\WINDOWS\system32\drivers\DefragFS.sys
01:35:03.0288 0x2c3c  DefragFS - ok
01:35:03.0319 0x2c3c  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
01:35:03.0334 0x2c3c  defragsvc - ok
01:35:03.0378 0x2c3c  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
01:35:03.0394 0x2c3c  DeviceAssociationService - ok
01:35:03.0414 0x2c3c  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
01:35:03.0420 0x2c3c  DeviceInstall - ok
01:35:03.0430 0x2c3c  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
01:35:03.0433 0x2c3c  DevQueryBroker - ok
01:35:03.0461 0x2c3c  [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
01:35:03.0477 0x2c3c  Dfsc - ok
01:35:03.0510 0x2c3c  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
01:35:03.0525 0x2c3c  dg_ssudbus - ok
01:35:03.0594 0x2c3c  [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
01:35:03.0594 0x2c3c  Dhcp - ok
01:35:03.0625 0x2c3c  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
01:35:03.0625 0x2c3c  diagnosticshub.standardcollector.service - ok
01:35:03.0741 0x2c3c  [ 5F1CAF0E823BADD5576555CC876F1067, 53AED2137D1BACA5AA24C265E2591F12D91C4652AF35D52843F045CAE4CDDB2E ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
01:35:03.0779 0x2c3c  DiagTrack - ok
01:35:03.0931 0x2c3c  [ FE753198C252C85AA559C583DBE0711F, 2500968A89F78646001D1007708F27A696DF0D81F9AB68706BE5A3D80A90C589 ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
01:35:03.0935 0x2c3c  DirMngr - ok
01:35:04.0324 0x2c3c  [ 32C892C55BA065503B09DF50118B9761, 3B3600F47055519AEA5D2D5D30CC711039C63850EE33A0D76AD3DBC0545B50C8 ] Disaster Recovery Imaging C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\DR\x64\drdiag.exe
01:35:04.0493 0x2c3c  Disaster Recovery Imaging - ok
01:35:04.0673 0x2c3c  [ FC19FB5F16A472D0E56D41836CCEFA8D, 6B76121D91755C99E34E618890614D1BF4DCD73F7B0C452AA42EDDFB18270ADD ] Disc Soft Pro Bus Service C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
01:35:04.0710 0x2c3c  Disc Soft Pro Bus Service - ok
01:35:04.0811 0x2c3c  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
01:35:04.0811 0x2c3c  disk - ok
01:35:04.0852 0x2c3c  [ E32F15E26724F3BB6423FB29FF3E2A8F, E8CF9829D2A74F4423424F8D169E726B88F50734F0B1ADC735691C37C9F32DAA ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
01:35:04.0862 0x2c3c  DmEnrollmentSvc - ok
01:35:04.0878 0x2c3c  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
01:35:04.0878 0x2c3c  dmvsc - ok
01:35:04.0903 0x2c3c  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
01:35:04.0906 0x2c3c  dmwappushservice - ok
01:35:04.0935 0x2c3c  [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
01:35:04.0935 0x2c3c  Dnscache - ok
01:35:04.0982 0x2c3c  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
01:35:05.0001 0x2c3c  dot3svc - ok
01:35:05.0026 0x2c3c  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
01:35:05.0042 0x2c3c  DPS - ok
01:35:05.0088 0x2c3c  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
01:35:05.0088 0x2c3c  drmkaud - ok
01:35:05.0111 0x2c3c  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
01:35:05.0126 0x2c3c  DsmSvc - ok
01:35:05.0158 0x2c3c  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
01:35:05.0158 0x2c3c  DsSvc - ok
01:35:05.0183 0x2c3c  [ 5B4F7E7CA76F304C17BCB193FDFE9D64, 67E78F4A8AC0E4225EEFE798186FCF940CFF29575C27BBC7D608F1425E6FAC30 ] dtproscsibus    C:\WINDOWS\System32\drivers\dtproscsibus.sys
01:35:05.0183 0x2c3c  dtproscsibus - ok
01:35:05.0275 0x2c3c  [ 97BFC3BD9F910B24EB956FF3387C71CF, C5A6C550E91D51410A447649D2A01FCFEA73807AC01C635E71A080A18D0F4F99 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
01:35:05.0319 0x2c3c  DXGKrnl - ok
01:35:05.0357 0x2c3c  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
01:35:05.0361 0x2c3c  Eaphost - ok
01:35:05.0365 0x2c3c  EasyAntiCheat - ok
01:35:05.0493 0x2c3c  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
01:35:05.0589 0x2c3c  ebdrv - ok
01:35:05.0611 0x2c3c  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
01:35:05.0611 0x2c3c  EFS - ok
01:35:05.0642 0x2c3c  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
01:35:05.0642 0x2c3c  EhStorClass - ok
01:35:05.0658 0x2c3c  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
01:35:05.0658 0x2c3c  EhStorTcgDrv - ok
01:35:05.0673 0x2c3c  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
01:35:05.0689 0x2c3c  embeddedmode - ok
01:35:05.0727 0x2c3c  [ 3182FCAF6AAF478791DE5B430C912D4D, 6044BB8A895F0E5BEAA5390457730AE9DB26A5611DC1CD55CE91F2331D2C3086 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
01:35:05.0742 0x2c3c  EntAppSvc - ok
01:35:05.0758 0x2c3c  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
01:35:05.0758 0x2c3c  ErrDev - ok
01:35:05.0789 0x2c3c  [ B5BB7C38E9EEC3FB462861E8E9ED1912, 0EC736EF2CE9D34581FB7BDE6C185EC03B763F5088142E458D07CC602ED9CB2B ] ETDSMBus        C:\WINDOWS\System32\drivers\ETDSMBus.sys
01:35:05.0789 0x2c3c  ETDSMBus - ok
01:35:05.0894 0x2c3c  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
01:35:05.0921 0x2c3c  EventSystem - ok
01:35:05.0951 0x2c3c  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
01:35:05.0951 0x2c3c  exfat - ok
01:35:05.0967 0x2c3c  [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
01:35:05.0982 0x2c3c  fastfat - ok
01:35:06.0027 0x2c3c  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
01:35:06.0043 0x2c3c  Fax - ok
01:35:06.0059 0x2c3c  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
01:35:06.0059 0x2c3c  fdc - ok
01:35:06.0090 0x2c3c  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
01:35:06.0090 0x2c3c  fdPHost - ok
01:35:06.0110 0x2c3c  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
01:35:06.0112 0x2c3c  FDResPub - ok
01:35:06.0143 0x2c3c  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
01:35:06.0143 0x2c3c  fhsvc - ok
01:35:06.0174 0x2c3c  [ 34B087A22681844014DCE256771C06DA, 82D09D6D7CC5E3F8C89CCE7807C360BD269BBD4760F5A0E458E1FD85517F5E9B ] FiioE17         C:\WINDOWS\system32\drivers\FiioE17.sys
01:35:06.0174 0x2c3c  FiioE17 - ok
01:35:06.0190 0x2c3c  [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
01:35:06.0207 0x2c3c  FileCrypt - ok
01:35:06.0227 0x2c3c  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
01:35:06.0227 0x2c3c  FileInfo - ok
01:35:06.0243 0x2c3c  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
01:35:06.0243 0x2c3c  Filetrace - ok
01:35:06.0259 0x2c3c  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
01:35:06.0259 0x2c3c  flpydisk - ok
01:35:06.0328 0x2c3c  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
01:35:06.0343 0x2c3c  FltMgr - ok
01:35:06.0415 0x2c3c  [ F1BA85CF2AEE08860C8D5BF82C342F44, 109D5E1AA11ECCFB598BBD09E98991F1E4915B2282B72C727F3E2C73678E2593 ] FontCache       C:\WINDOWS\system32\FntCache.dll
01:35:06.0455 0x2c3c  FontCache - ok
01:35:06.0512 0x2c3c  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:35:06.0512 0x2c3c  FontCache3.0.0.0 - ok
01:35:06.0528 0x2c3c  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
01:35:06.0528 0x2c3c  FsDepends - ok
01:35:06.0546 0x2c3c  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:35:06.0548 0x2c3c  Fs_Rec - ok
01:35:06.0573 0x2c3c  [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
01:35:06.0586 0x2c3c  fvevol - ok
01:35:06.0612 0x2c3c  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
01:35:06.0612 0x2c3c  gagp30kx - ok
01:35:06.0628 0x2c3c  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
01:35:06.0628 0x2c3c  gencounter - ok
01:35:06.0659 0x2c3c  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
01:35:06.0659 0x2c3c  genericusbfn - ok
01:35:06.0711 0x2c3c  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
01:35:06.0712 0x2c3c  GPIOClx0101 - ok
01:35:06.0759 0x2c3c  [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
01:35:06.0791 0x2c3c  gpsvc - ok
01:35:06.0828 0x2c3c  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
01:35:06.0828 0x2c3c  GpuEnergyDrv - ok
01:35:06.0862 0x2c3c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:35:06.0862 0x2c3c  gupdate - ok
01:35:06.0862 0x2c3c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:35:06.0878 0x2c3c  gupdatem - ok
01:35:06.0878 0x2c3c  [ E4B7F2553A127E86E11343ED15320A99, A4EA52DF5D24EF8210192669934D3D0DD1A0E4CCAAD014D52F58D58A9D3C886A ] gzflt           C:\WINDOWS\system32\DRIVERS\gzflt.sys
01:35:06.0893 0x2c3c  gzflt - ok
01:35:06.0923 0x2c3c  [ 0F93EBE9071A6BB1548BF0F816EEA24B, 79A99544C00F59996980D299BFACA0463D86158BFA51C8045CE4FF4951779A44 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
01:35:06.0932 0x2c3c  HdAudAddService - ok
01:35:06.0951 0x2c3c  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
01:35:06.0951 0x2c3c  HDAudBus - ok
01:35:06.0982 0x2c3c  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
01:35:06.0982 0x2c3c  HidBatt - ok
01:35:06.0998 0x2c3c  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
01:35:07.0002 0x2c3c  HidBth - ok
01:35:07.0013 0x2c3c  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
01:35:07.0013 0x2c3c  hidi2c - ok
01:35:07.0044 0x2c3c  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
01:35:07.0044 0x2c3c  hidinterrupt - ok
01:35:07.0044 0x2c3c  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
01:35:07.0060 0x2c3c  HidIr - ok
01:35:07.0091 0x2c3c  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
01:35:07.0091 0x2c3c  hidserv - ok
01:35:07.0113 0x2c3c  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
01:35:07.0129 0x2c3c  HidUsb - ok
01:35:07.0129 0x2c3c  [ EDE31817FC0A574E7CC3AF7E544C8951, DC8D07A15525E1CA52C5F6DFAEB2585807D45FC3400EAC9E27DC27E46B5B480F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
01:35:07.0144 0x2c3c  HomeGroupListener - ok
01:35:07.0213 0x2c3c  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
01:35:07.0229 0x2c3c  HomeGroupProvider - ok
01:35:07.0245 0x2c3c  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
01:35:07.0245 0x2c3c  HpSAMD - ok
01:35:07.0314 0x2c3c  [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
01:35:07.0345 0x2c3c  HTTP - ok
01:35:07.0951 0x2c3c  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
01:35:07.0967 0x2c3c  HWiNFO32 - ok
01:35:07.0967 0x2c3c  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
01:35:07.0967 0x2c3c  hwpolicy - ok
01:35:07.0998 0x2c3c  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
01:35:08.0013 0x2c3c  hyperkbd - ok
01:35:08.0037 0x2c3c  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
01:35:08.0041 0x2c3c  i8042prt - ok
01:35:08.0069 0x2c3c  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
01:35:08.0074 0x2c3c  iai2c - ok
01:35:08.0098 0x2c3c  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
01:35:08.0102 0x2c3c  iaLPSS2i_I2C - ok
01:35:08.0124 0x2c3c  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
01:35:08.0127 0x2c3c  iaLPSSi_GPIO - ok
01:35:08.0191 0x2c3c  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
01:35:08.0191 0x2c3c  iaLPSSi_I2C - ok
01:35:08.0303 0x2c3c  [ 0609694A9C4D6C71319732FA82C6E5C5, 5507D20AB9C86B11564C953C6F535976A0D201295C642EA0CABF435DAD908251 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
01:35:08.0345 0x2c3c  iaStorA - ok
01:35:08.0394 0x2c3c  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
01:35:08.0424 0x2c3c  iaStorAV - ok
01:35:08.0477 0x2c3c  [ 31BD488EE7F6ED608A7418F6A7C6948D, BB7DC889C0F73FDE089FC0E52D321F29CBB5A65A3D9F90B0B3A730EF938B6178 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
01:35:08.0477 0x2c3c  IAStorDataMgrSvc - ok
01:35:08.0508 0x2c3c  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
01:35:08.0524 0x2c3c  iaStorV - ok
01:35:08.0545 0x2c3c  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
01:35:08.0561 0x2c3c  ibbus - ok
01:35:08.0577 0x2c3c  [ CD00FEA9F7B6C92560F41982D2509736, C284DB0E06728B048F3EDEA591E1964F594C2E0C4F2A029FB3BDDE7B9D006120 ] ibtsiva         C:\WINDOWS\system32\ibtsiva.exe
01:35:08.0592 0x2c3c  ibtsiva - ok
01:35:08.0608 0x2c3c  [ ACCAF83867D2F6C9715F0D83AFE10207, E2744BB63C980CCD059B10F7880FBA6EA95F39BD4FACCF4D02B269EBC255B2C9 ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
01:35:08.0624 0x2c3c  ibtusb - ok
01:35:08.0646 0x2c3c  [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT          C:\WINDOWS\System32\drivers\ICCWDT.sys
01:35:08.0646 0x2c3c  ICCWDT - ok
01:35:08.0677 0x2c3c  [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
01:35:08.0677 0x2c3c  icssvc - ok
01:35:08.0708 0x2c3c  [ 257A7BAB1A1382F55ABA460273177DC3, 8A49AD777E92B3CB54C5E3722D0A7B4AFE0772E8CA893A3CA5CCC1B4FE8F13BE ] IDMWFP          C:\WINDOWS\system32\DRIVERS\idmwfp.sys
01:35:08.0708 0x2c3c  IDMWFP - ok
01:35:08.0708 0x2c3c  IEEtwCollectorService - ok
01:35:08.0962 0x2c3c  [ 16CD6DA30C5B2B20DE67F47BEF8F0B1A, E3FA7B281D32EA3A4FBDFC1CC8353BE9B0AFDD386169A27EAC8B3DCACE36C163 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
01:35:09.0204 0x2c3c  igfx - ok
01:35:09.0266 0x2c3c  [ 01BE0A78B225B0971106DD1C6A09F496, 671AAAF4487CC6BF3E90FA06999427A8AEB9E9F8E78AB26DF380624B40CE7D5E ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
01:35:09.0276 0x2c3c  igfxCUIService2.0.0.0 - ok
01:35:09.0288 0x2c3c  [ B69FBA64C0FF6C12A8D7E67A916469A8, 99ACE56DF40C541DD4FBF2D394C35B47F4F9FE5018E5C31C59513CB2E828E05C ] ignis           C:\WINDOWS\system32\DRIVERS\ignis.sys
01:35:09.0303 0x2c3c  ignis - ok
01:35:09.0342 0x2c3c  [ 5E5BEC886CC2503C4F18AF2153B169AF, BCC241AEFFFEF0B56909F9141F7EA424D945532B8610E6A3BEF590FEB00FA26D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
01:35:09.0362 0x2c3c  IKEEXT - ok
01:35:09.0378 0x2c3c  [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
01:35:09.0394 0x2c3c  intaud_WaveExtensible - ok
01:35:09.0547 0x2c3c  [ EE5D9FE076B62BD39C6359478107F8F4, DE01D57A9471B6C1649E8835C2C190FB0A5695D0B520B4CF0CF0C1A7448F241A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
01:35:09.0694 0x2c3c  IntcAzAudAddService - ok
01:35:09.0747 0x2c3c  [ A38C7B403BBFD5B30F27C2D6B11AAF25, 25F0E31A9987B49224C8884F30AF85DE3B1181E20BC8C0401C0F85BAA481A7D1 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
01:35:09.0747 0x2c3c  IntcDAud - ok
01:35:09.0810 0x2c3c  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
01:35:09.0826 0x2c3c  Intel® Capability Licensing Service Interface - ok
01:35:09.0878 0x2c3c  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
01:35:09.0914 0x2c3c  Intel® Capability Licensing Service TCP IP Interface - ok
01:35:09.0995 0x2c3c  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
01:35:09.0995 0x2c3c  Intel® ME Service - ok
01:35:10.0010 0x2c3c  [ 524762664384737EB02F62AC03054ECF, 2D79E54D9DE559DDCD8B6D9C34EC1017A14DAADA083BE98ACF5BCBA06A8637E8 ] IntelHaxm       C:\WINDOWS\system32\DRIVERS\IntelHaxm.sys
01:35:10.0010 0x2c3c  IntelHaxm - ok
01:35:10.0048 0x2c3c  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
01:35:10.0048 0x2c3c  intelide - ok
01:35:10.0079 0x2c3c  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
01:35:10.0079 0x2c3c  intelpep - ok
01:35:10.0095 0x2c3c  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
01:35:10.0111 0x2c3c  intelppm - ok
01:35:10.0126 0x2c3c  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
01:35:10.0126 0x2c3c  IoQos - ok
01:35:10.0126 0x2c3c  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:35:10.0126 0x2c3c  IpFilterDriver - ok
01:35:10.0164 0x2c3c  [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
01:35:10.0180 0x2c3c  iphlpsvc - ok
01:35:10.0195 0x2c3c  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
01:35:10.0195 0x2c3c  IPMIDRV - ok
01:35:10.0247 0x2c3c  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
01:35:10.0249 0x2c3c  IPNAT - ok
01:35:10.0270 0x2c3c  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
01:35:10.0319 0x2c3c  IRENUM - ok
01:35:10.0362 0x2c3c  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
01:35:10.0362 0x2c3c  isapnp - ok
01:35:10.0415 0x2c3c  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
01:35:10.0423 0x2c3c  iScsiPrt - ok
01:35:10.0461 0x2c3c  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
01:35:10.0461 0x2c3c  jhi_service - ok
01:35:10.0493 0x2c3c  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
01:35:10.0493 0x2c3c  kbdclass - ok
01:35:10.0508 0x2c3c  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
01:35:10.0524 0x2c3c  kbdhid - ok
01:35:10.0549 0x2c3c  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
01:35:10.0549 0x2c3c  kdnic - ok
01:35:10.0564 0x2c3c  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
01:35:10.0564 0x2c3c  KeyIso - ok
01:35:10.0595 0x2c3c  [ 89073D9FAF1A7C4781B26CCC9A28D2B6, 0D0C498DF6E3C236636B544D829771DEE49DE34C581985AE675674873619F953 ] KeyScrambler    C:\WINDOWS\system32\drivers\keyscrambler.sys
01:35:10.0611 0x2c3c  KeyScrambler - ok
01:35:10.0611 0x2c3c  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
01:35:10.0627 0x2c3c  KSecDD - ok
01:35:10.0627 0x2c3c  [ 5DFF4CF4DF7FD11AE5A1DAD8C67619D2, 1C821CB3CC430F8A9E660D2ABC63ECBB2F29FB41D5B045C2F4C927D5C361656E ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
01:35:10.0643 0x2c3c  KSecPkg - ok
01:35:10.0664 0x2c3c  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
01:35:10.0664 0x2c3c  ksthunk - ok
01:35:10.0696 0x2c3c  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
01:35:10.0711 0x2c3c  KtmRm - ok
01:35:10.0711 0x2c3c  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
01:35:10.0727 0x2c3c  LanmanServer - ok
01:35:10.0749 0x2c3c  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
01:35:10.0765 0x2c3c  LanmanWorkstation - ok
01:35:10.0796 0x2c3c  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
01:35:10.0812 0x2c3c  lfsvc - ok
01:35:10.0848 0x2c3c  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
01:35:10.0850 0x2c3c  LGBusEnum - ok
01:35:10.0949 0x2c3c  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
01:35:10.0949 0x2c3c  LGCoreTemp - ok
01:35:10.0964 0x2c3c  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
01:35:10.0964 0x2c3c  LGJoyXlCore - ok
01:35:11.0011 0x2c3c  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
01:35:11.0011 0x2c3c  LGVirHid - ok
01:35:11.0027 0x2c3c  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
01:35:11.0027 0x2c3c  LicenseManager - ok
01:35:11.0049 0x2c3c  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
01:35:11.0049 0x2c3c  lltdio - ok
01:35:11.0080 0x2c3c  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
01:35:11.0096 0x2c3c  lltdsvc - ok
01:35:11.0112 0x2c3c  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
01:35:11.0112 0x2c3c  lmhosts - ok
01:35:11.0181 0x2c3c  [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
01:35:11.0181 0x2c3c  LMS - ok
01:35:11.0220 0x2c3c  [ F22EC985B9BE0788B5DB4F0162131CCF, 015A5E0396240373ED9EC5026C53CD5E03AE31688A984C47E071704B0FE8D552 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
01:35:11.0220 0x2c3c  LogiRegistryService - ok
01:35:11.0249 0x2c3c  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
01:35:11.0268 0x2c3c  LSI_SAS - ok
01:35:11.0283 0x2c3c  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
01:35:11.0287 0x2c3c  LSI_SAS2i - ok
01:35:11.0303 0x2c3c  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
01:35:11.0303 0x2c3c  LSI_SAS3i - ok
01:35:11.0319 0x2c3c  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
01:35:11.0319 0x2c3c  LSI_SSS - ok
01:35:11.0362 0x2c3c  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
01:35:11.0378 0x2c3c  LSM - ok
01:35:11.0394 0x2c3c  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
01:35:11.0394 0x2c3c  luafv - ok
01:35:11.0433 0x2c3c  [ 98E3D2BB421424B0457F8B7C46113110, 479187820318E9193765ADAA1D2E83E5752D9A2B22941DF3660C413DA029E618 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
01:35:11.0438 0x2c3c  MapsBroker - ok
01:35:11.0493 0x2c3c  [ 1239597BAB7EED2BB16D035AF87E65D9, 67A4F1C8BA77502404629C3411BA76729435012CFA6D7794C46F31BBC118064E ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
01:35:11.0493 0x2c3c  mbamchameleon - ok
01:35:11.0508 0x2c3c  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
01:35:11.0508 0x2c3c  MBAMProtector - ok
01:35:11.0599 0x2c3c  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
01:35:11.0630 0x2c3c  MBAMScheduler - ok
01:35:11.0697 0x2c3c  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
01:35:11.0713 0x2c3c  MBAMService - ok
01:35:11.0797 0x2c3c  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
01:35:11.0813 0x2c3c  MBAMSwissArmy - ok
01:35:11.0813 0x2c3c  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
01:35:11.0813 0x2c3c  MBAMWebAccessControl - ok
01:35:11.0862 0x2c3c  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
01:35:11.0862 0x2c3c  megasas - ok
01:35:11.0893 0x2c3c  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
01:35:11.0913 0x2c3c  megasr - ok
01:35:11.0941 0x2c3c  [ 84178491109A97D0A0CFF0840A644CD9, B822A9F7C9623764430435DBCE1380386D0A0D9784779DDD3A7A2E59FC29AFF6 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
01:35:11.0945 0x2c3c  MEIx64 - ok
01:35:12.0029 0x2c3c  [ 93112EDE27DA86780CE1F20AE63A18B1, 8DDBE471B8B9623336015DE1CDF2D01125EBB4544C407163BDF5E138D66E5B08 ] memudrv         D:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys
01:35:12.0029 0x2c3c  memudrv - ok
01:35:12.0067 0x2c3c  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
01:35:12.0067 0x2c3c  MessagingService - ok
01:35:12.0355 0x2c3c  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
01:35:12.0363 0x2c3c  mlx4_bus - ok
01:35:12.0378 0x2c3c  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
01:35:12.0378 0x2c3c  MMCSS - ok
01:35:12.0411 0x2c3c  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
01:35:12.0414 0x2c3c  Modem - ok
01:35:12.0427 0x2c3c  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
01:35:12.0428 0x2c3c  monitor - ok
01:35:12.0477 0x2c3c  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
01:35:12.0477 0x2c3c  mouclass - ok
01:35:12.0508 0x2c3c  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
01:35:12.0508 0x2c3c  mouhid - ok
01:35:12.0524 0x2c3c  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
01:35:12.0540 0x2c3c  mountmgr - ok
01:35:12.0568 0x2c3c  [ 69E23C730974BAC8C11DF2B7C4C9D37B, 8DC4448EC9C9647381952D7822B39C89E0997B4B964A785AE274144FADEE3C02 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:35:12.0583 0x2c3c  MozillaMaintenance - ok
01:35:12.0615 0x2c3c  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
01:35:12.0615 0x2c3c  mpsdrv - ok
01:35:12.0652 0x2c3c  [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
01:35:12.0684 0x2c3c  MpsSvc - ok
01:35:12.0784 0x2c3c  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
01:35:12.0784 0x2c3c  MRxDAV - ok
01:35:12.0862 0x2c3c  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:35:12.0862 0x2c3c  mrxsmb - ok
01:35:12.0894 0x2c3c  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
01:35:12.0894 0x2c3c  mrxsmb10 - ok
01:35:12.0935 0x2c3c  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
01:35:12.0935 0x2c3c  mrxsmb20 - ok
01:35:12.0953 0x2c3c  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
01:35:12.0969 0x2c3c  MsBridge - ok
01:35:13.0000 0x2c3c  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
01:35:13.0000 0x2c3c  MSDTC - ok
01:35:13.0015 0x2c3c  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
01:35:13.0015 0x2c3c  Msfs - ok
01:35:13.0051 0x2c3c  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
01:35:13.0053 0x2c3c  msgpiowin32 - ok
01:35:13.0069 0x2c3c  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
01:35:13.0069 0x2c3c  mshidkmdf - ok
01:35:13.0084 0x2c3c  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
01:35:13.0084 0x2c3c  mshidumdf - ok
01:35:13.0084 0x2c3c  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
01:35:13.0084 0x2c3c  msisadrv - ok
01:35:13.0116 0x2c3c  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
01:35:13.0131 0x2c3c  MSiSCSI - ok
01:35:13.0131 0x2c3c  msiserver - ok
01:35:13.0153 0x2c3c  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
01:35:13.0153 0x2c3c  MSKSSRV - ok
01:35:13.0169 0x2c3c  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
01:35:13.0169 0x2c3c  MsLldp - ok
01:35:13.0208 0x2c3c  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
01:35:13.0210 0x2c3c  MSPCLOCK - ok
01:35:13.0245 0x2c3c  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
01:35:13.0247 0x2c3c  MSPQM - ok
01:35:13.0274 0x2c3c  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
01:35:13.0283 0x2c3c  MsRPC - ok
01:35:13.0288 0x2c3c  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
01:35:13.0288 0x2c3c  mssmbios - ok
01:35:13.0319 0x2c3c  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
01:35:13.0319 0x2c3c  MSTEE - ok
01:35:13.0358 0x2c3c  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
01:35:13.0361 0x2c3c  MTConfig - ok
01:35:13.0378 0x2c3c  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
01:35:13.0378 0x2c3c  Mup - ok
01:35:13.0414 0x2c3c  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
01:35:13.0417 0x2c3c  mvumis - ok
01:35:13.0477 0x2c3c  [ CD180A9701D5259E4A30CE25CFF56181, DC34B347D0E15CC95E502B3F5E1A2B9E970B465EA0E317220850A27B5EBB60FF ] MyPublicWiFiService C:\Program Files (x86)\MyPublicWiFi\PublicWiFiService.exe
01:35:13.0508 0x2c3c  MyPublicWiFiService - ok
01:35:13.0554 0x2c3c  MySQL57 - ok
01:35:13.0600 0x2c3c  [ 549DFD8240CF20BFBD88AD9D89325DBF, D2553AEA91524E7EBCE902D175BCE3A14C594FB0B5E1310E2D9171AF903CF51C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
01:35:13.0600 0x2c3c  NativeWifiP - ok
01:35:13.0616 0x2c3c  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
01:35:13.0616 0x2c3c  NcaSvc - ok
01:35:13.0669 0x2c3c  [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService      C:\WINDOWS\System32\ncbservice.dll
01:35:13.0685 0x2c3c  NcbService - ok
01:35:13.0685 0x2c3c  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
01:35:13.0701 0x2c3c  NcdAutoSetup - ok
01:35:13.0732 0x2c3c  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
01:35:13.0732 0x2c3c  ndfltr - ok
01:35:13.0785 0x2c3c  [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
01:35:13.0801 0x2c3c  NDIS - ok
01:35:13.0832 0x2c3c  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
01:35:14.0171 0x2c3c  NdisCap - ok
01:35:14.0218 0x2c3c  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
01:35:14.0218 0x2c3c  NdisImPlatform - ok
01:35:14.0218 0x2c3c  [ DE7A0EC26C6992954667FF7FD8EFC277, DD0443739F4526E0620CAF669F76D321981C974413BF22BC2FFB4A72EE262E15 ] ndiskhaz        C:\WINDOWS\system32\DRIVERS\ndiskhaz.sys
01:35:14.0218 0x2c3c  ndiskhaz - ok
01:35:14.0255 0x2c3c  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:35:14.0255 0x2c3c  NdisTapi - ok
01:35:14.0288 0x2c3c  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
01:35:14.0288 0x2c3c  Ndisuio - ok
01:35:14.0303 0x2c3c  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
01:35:14.0303 0x2c3c  NdisVirtualBus - ok
01:35:14.0319 0x2c3c  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
01:35:14.0319 0x2c3c  NdisWan - ok
01:35:14.0334 0x2c3c  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:35:14.0334 0x2c3c  ndiswanlegacy - ok
01:35:14.0362 0x2c3c  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
01:35:14.0362 0x2c3c  ndproxy - ok
01:35:14.0394 0x2c3c  [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
01:35:14.0394 0x2c3c  Ndu - ok
01:35:14.0423 0x2c3c  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
01:35:14.0426 0x2c3c  NetBIOS - ok
01:35:14.0441 0x2c3c  [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
01:35:14.0448 0x2c3c  NetBT - ok
01:35:14.0509 0x2c3c  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
01:35:14.0509 0x2c3c  Netlogon - ok
01:35:14.0546 0x2c3c  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
01:35:14.0553 0x2c3c  Netman - ok
01:35:14.0571 0x2c3c  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
01:35:14.0587 0x2c3c  netprofm - ok
01:35:14.0618 0x2c3c  [ A3AA03C0C5002F3D89397637B770A1BA, CB40F8FFE2850C11C9EA309BFDBB97C2C978202AF70D052573D8CF18A0677AEB ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
01:35:14.0618 0x2c3c  NetSetupSvc - ok
01:35:14.0687 0x2c3c  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:35:14.0702 0x2c3c  NetTcpPortSharing - ok
01:35:14.0834 0x2c3c  [ 6EDB5BBF2B4BFB525880C9A11F63C03A, E351332CA65E959EF718116F37E64D568C4A663EAA189920AE84A02CB427745C ] NETwNb64        C:\WINDOWS\System32\drivers\Netwbw02.sys
01:35:14.0956 0x2c3c  NETwNb64 - ok
01:35:14.0987 0x2c3c  [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
01:35:15.0003 0x2c3c  NgcCtnrSvc - ok
01:35:15.0034 0x2c3c  [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
01:35:15.0056 0x2c3c  NgcSvc - ok
01:35:15.0087 0x2c3c  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
01:35:15.0103 0x2c3c  NlaSvc - ok
01:35:15.0134 0x2c3c  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF             C:\WINDOWS\system32\drivers\npf.sys
01:35:15.0134 0x2c3c  NPF - ok
01:35:15.0156 0x2c3c  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
01:35:15.0171 0x2c3c  Npfs - ok
01:35:15.0171 0x2c3c  npggsvc - ok
01:35:15.0187 0x2c3c  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
01:35:15.0187 0x2c3c  npsvctrig - ok
01:35:15.0187 0x2c3c  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
01:35:15.0205 0x2c3c  nsi - ok
01:35:15.0212 0x2c3c  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
01:35:15.0212 0x2c3c  nsiproxy - ok
01:35:15.0378 0x2c3c  [ 1AA1563D497660812A4409528719B53B, 97EEF291ED469DAB296C12BD0E9A5DDC79F30A6470D7F9874BB1277AAC918735 ] nsService       C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exe
01:35:15.0394 0x2c3c  nsService - ok
01:35:15.0524 0x2c3c  [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
01:35:15.0572 0x2c3c  NTFS - ok
01:35:15.0672 0x2c3c  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\WINDOWS\system32\Drivers\NTIDrvr.sys
01:35:15.0672 0x2c3c  NTIDrvr - ok
01:35:15.0719 0x2c3c  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
01:35:15.0719 0x2c3c  Null - ok
01:35:15.0757 0x2c3c  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
01:35:15.0757 0x2c3c  nvraid - ok
01:35:15.0788 0x2c3c  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
01:35:15.0788 0x2c3c  nvstor - ok
01:35:15.0819 0x2c3c  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
01:35:15.0819 0x2c3c  nv_agp - ok
01:35:15.0859 0x2c3c  [ FDDC75FDB8F9B581E3D6513FB85256E8, 8CC4924E69E6008D30219BCE4C0FCCABB5F63ECF82C1A6C8BA374805D34B4FF1 ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
01:35:15.0862 0x2c3c  OneSyncSvc - ok
01:35:16.0057 0x2c3c  [ 8C02B0CC65BEE71124A565062BA77B39, C3B4965D62995195A776581BA0750FA72833F4E2E1F8F9DC683F562C13A9E20C ] OpenVPNAccessClient C:\Program Files (x86)\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
01:35:16.0073 0x2c3c  OpenVPNAccessClient - ok
01:35:16.0135 0x2c3c  [ BADFB6963EADA343AA4483D224091CE0, 06595E7CC1CC16D4B57E3FD89A8F53B26DDFF4F6DE1706818983F2CB8035366C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:35:16.0173 0x2c3c  ose - ok
01:35:16.0236 0x2c3c  [ 4ACD255587E8D05A56FCAAFDB0D4AD85, 22BDB75509FC775A281208781E2A21A6BB420E08A13235B672D2A7F465190294 ] OSFMount        C:\Program Files\OSFMount\OSFMount.sys
01:35:16.0258 0x2c3c  OSFMount - ok
01:35:16.0303 0x2c3c  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
01:35:16.0335 0x2c3c  p2pimsvc - ok
01:35:16.0378 0x2c3c  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
01:35:16.0378 0x2c3c  p2psvc - ok
01:35:16.0419 0x2c3c  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
01:35:16.0423 0x2c3c  Parport - ok
01:35:16.0432 0x2c3c  [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
01:35:16.0434 0x2c3c  partmgr - ok
01:35:16.0508 0x2c3c  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
01:35:16.0524 0x2c3c  PcaSvc - ok
01:35:16.0658 0x2c3c  [ EF94E21C3220AE3F8539542EC0B3FF06, F17EE06326D7330D26971453B688BA6A6838DB9CCC85C2CE86CA99934D1DEFA2 ] pci             C:\WINDOWS\system32\drivers\pci.sys
01:35:16.0658 0x2c3c  pci - ok
01:35:16.0705 0x2c3c  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
01:35:16.0705 0x2c3c  pciide - ok
01:35:16.0721 0x2c3c  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
01:35:16.0721 0x2c3c  pcmcia - ok
01:35:16.0736 0x2c3c  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
01:35:16.0753 0x2c3c  pcw - ok
01:35:16.0912 0x2c3c  [ 09C1C6CA8A8708ADA417BD1F5FBB0559, 4F3B23BF76BB305D8D04FCF17B83B2761661602C218B4F5A4B574A2DBD9A0E5C ] PDAgent         C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
01:35:16.0959 0x2c3c  PDAgent - ok
01:35:17.0006 0x2c3c  [ 67B9684B8272D5EBD1CCBB1DBD425EC8, 09BE2A2EB3A71E594D08B8D817820965DEEAD283029EBB0B74CCC658A2706233 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
01:35:17.0006 0x2c3c  pdc - ok
01:35:17.0205 0x2c3c  [ 41CCA0C13E03F9C1443BEF374B4BBCFB, 7BB10DC9C211BD1F04155FCA80E20143EA1BCC5474CEFE108C7CAE5E52C37407 ] PDEngine        C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
01:35:17.0283 0x2c3c  PDEngine - ok
01:35:17.0344 0x2c3c  [ 9F5E27C8B88A8DA1DC93E93A5C27BB9B, 296516C813F0AFE1BC6B837B213141C0B07F06448F706988990B802FA89D45DC ] PDFSFilter      C:\WINDOWS\system32\DRIVERS\PDFsFilter.sys
01:35:17.0347 0x2c3c  PDFSFilter - ok
01:35:17.0463 0x2c3c  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
01:35:17.0481 0x2c3c  PEAUTH - ok
01:35:17.0507 0x2c3c  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
01:35:17.0510 0x2c3c  percsas2i - ok
01:35:17.0528 0x2c3c  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
01:35:17.0531 0x2c3c  percsas3i - ok
01:35:18.0095 0x2c3c  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
01:35:18.0095 0x2c3c  PerfHost - ok
01:35:18.0160 0x2c3c  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
01:35:18.0163 0x2c3c  PhoneSvc - ok
01:35:18.0210 0x2c3c  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
01:35:18.0210 0x2c3c  PimIndexMaintenanceSvc - ok
01:35:18.0395 0x2c3c  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
01:35:18.0445 0x2c3c  pla - ok
01:35:18.0464 0x2c3c  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
01:35:18.0464 0x2c3c  PlugPlay - ok
01:35:18.0480 0x2c3c  PnkBstrA - ok
01:35:18.0480 0x2c3c  PnkBstrB - ok
01:35:18.0480 0x2c3c  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
01:35:18.0495 0x2c3c  PNRPAutoReg - ok
01:35:18.0511 0x2c3c  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
01:35:18.0511 0x2c3c  PNRPsvc - ok
01:35:18.0542 0x2c3c  [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
01:35:18.0542 0x2c3c  PolicyAgent - ok
01:35:18.0642 0x2c3c  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
01:35:18.0659 0x2c3c  Power - ok
01:35:18.0680 0x2c3c  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
01:35:18.0680 0x2c3c  PptpMiniport - ok
01:35:18.0812 0x2c3c  [ C9908063F90F5541098BF19EA63E1327, AA6B5E4D01CD8061D5953FDE3025FE4AF01B265C182B8818107A035E4FFAD0DF ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
01:35:18.0881 0x2c3c  PrintNotify - ok
01:35:18.0912 0x2c3c  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
01:35:18.0912 0x2c3c  Processor - ok
01:35:18.0981 0x2c3c  [ F19D3511C058E1E1A5D986958B184E9F, 0031490F1E5E1D5D2384D2E77D8BBDCF94A222CC200FEBAF49E3935A345511B0 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
01:35:18.0996 0x2c3c  ProductAgentService - ok
01:35:19.0065 0x2c3c  [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
01:35:19.0081 0x2c3c  ProfSvc - ok
01:35:19.0112 0x2c3c  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
01:35:19.0128 0x2c3c  Psched - ok
01:35:19.0143 0x2c3c  [ D8EB393983B644879DE0546122CC16DF, 4A11DDFB016B560E770660183AF1ADA4831D97DAEAF560E60259F81F2727CBFC ] ptun0901        C:\WINDOWS\system32\DRIVERS\ptun0901.sys
01:35:19.0143 0x2c3c  ptun0901 - ok
01:35:19.0181 0x2c3c  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
01:35:19.0197 0x2c3c  QWAVE - ok
01:35:19.0266 0x2c3c  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
01:35:19.0266 0x2c3c  QWAVEdrv - ok
01:35:19.0281 0x2c3c  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:35:19.0281 0x2c3c  RasAcd - ok
01:35:19.0313 0x2c3c  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
01:35:19.0313 0x2c3c  RasAgileVpn - ok
01:35:19.0344 0x2c3c  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
01:35:19.0344 0x2c3c  RasAuto - ok
01:35:19.0366 0x2c3c  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
01:35:19.0382 0x2c3c  Rasl2tp - ok
01:35:19.0413 0x2c3c  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
01:35:19.0428 0x2c3c  RasMan - ok
01:35:19.0444 0x2c3c  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:35:19.0462 0x2c3c  RasPppoe - ok
01:35:19.0466 0x2c3c  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
01:35:19.0466 0x2c3c  RasSstp - ok
01:35:19.0582 0x2c3c  [ 3ED3D2FD983A4649A2E466DE75627A5E, 12DF9D6A2157788A59076BCE46B45667A52F9D77875804DE14EE8AF7E55FA939 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
01:35:19.0598 0x2c3c  Razer Game Scanner Service - ok
01:35:19.0629 0x2c3c  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:35:19.0645 0x2c3c  rdbss - ok
01:35:19.0667 0x2c3c  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
01:35:19.0667 0x2c3c  rdpbus - ok
01:35:19.0698 0x2c3c  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
01:35:19.0714 0x2c3c  RDPDR - ok
01:35:19.0745 0x2c3c  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
01:35:19.0745 0x2c3c  RdpVideoMiniport - ok
01:35:19.0767 0x2c3c  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
01:35:19.0782 0x2c3c  rdyboost - ok
01:35:19.0868 0x2c3c  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
01:35:19.0899 0x2c3c  ReFSv1 - ok
01:35:19.0930 0x2c3c  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
01:35:19.0946 0x2c3c  RemoteAccess - ok
01:35:19.0963 0x2c3c  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
01:35:19.0967 0x2c3c  RemoteRegistry - ok
01:35:20.0030 0x2c3c  [ C439E5B6E3EB38C9C7611C393348503B, C9E3E3EDB134C2C5A3212CAD372A542DB1658A0263112E66EDF812FAE3F377BF ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
01:35:20.0062 0x2c3c  RetailDemo - ok
01:35:20.0083 0x2c3c  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\WINDOWS\system32\DRIVERS\revoflt.sys
01:35:20.0083 0x2c3c  Revoflt - ok
01:35:20.0115 0x2c3c  [ AEEF76F938188EBF27DF70C1806877F2, 08560C5DE13EBC46EE77F369E92B89350135D5E01A2AF61AA2EA46BEC41EEDD6 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
01:35:20.0130 0x2c3c  RFCOMM - ok
01:35:20.0168 0x2c3c  [ 5790BCA445CC40DF8B38C2C48608AAC2, E8CC273ECF44B6638FEC7AF443745C04E03580B5C6ECFE45648F18BA2B9B89E7 ] RimUsb          C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys
01:35:20.0168 0x2c3c  RimUsb - ok
01:35:20.0215 0x2c3c  [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
01:35:20.0215 0x2c3c  rpcapd - ok
01:35:20.0246 0x2c3c  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
01:35:20.0246 0x2c3c  RpcEptMapper - ok
01:35:20.0268 0x2c3c  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
01:35:20.0268 0x2c3c  RpcLocator - ok
01:35:20.0384 0x2c3c  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
01:35:20.0399 0x2c3c  RpcSs - ok
01:35:20.0415 0x2c3c  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
01:35:20.0415 0x2c3c  rspndr - ok
01:35:20.0463 0x2c3c  [ 8EB9D800AA6AF3A65289DD58FF9D6DBC, 47AE3AA0EBAE757FF653D617AAAAFAD975C577C02E4D51CA6337E9CBD1FF9B0D ] RSUSBSTOR       C:\WINDOWS\System32\Drivers\RtsUStor.sys
01:35:20.0468 0x2c3c  RSUSBSTOR - ok
01:35:20.0600 0x2c3c  [ 3AEF4FB6BBA86C2CB751CF989B30EDB5, CB893D0F45041D68038490BDA99509BE8B836C32DF392B9409083B178A04B7B3 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
01:35:20.0647 0x2c3c  rt640x64 - ok
01:35:20.0700 0x2c3c  [ DC618A9667A1178BABBD4F0C858A03E5, D721E5E34B41E8161863A79C5EA3FB2201A435BD371726C25A14CD076802B3C8 ] RTL8168         C:\WINDOWS\System32\drivers\Rt630x64.sys
01:35:20.0747 0x2c3c  RTL8168 - ok
01:35:20.0873 0x2c3c  [ 2F128896F653F8510FA70BB2D076D07E, 189C69C24A60377838B4F5BFA4474ABD1A833CE3DCC334FB93BFF49B96293DE2 ] RzKLService     C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
01:35:20.0920 0x2c3c  RzKLService - ok
01:35:20.0951 0x2c3c  [ 30A186D6A2A2853EEFAD7011E212E41B, 367B8FCCF29470C9237FC1F0EAEB59AE51E33778BC9914A2730AC7DDBC84942B ] rzpmgrk         C:\WINDOWS\system32\drivers\rzpmgrk.sys
01:35:20.0951 0x2c3c  rzpmgrk - ok
01:35:20.0974 0x2c3c  [ B4598C05D5440250633E25933FFF42B0, A66D2FB7EF7350EA74D4290C57FB62BC59C6EA93F759D4CA93C3FEBCA7AEB512 ] rzpnk           C:\WINDOWS\system32\drivers\rzpnk.sys
01:35:20.0990 0x2c3c  rzpnk - ok
01:35:21.0005 0x2c3c  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
01:35:21.0005 0x2c3c  s3cap - ok
01:35:21.0021 0x2c3c  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
01:35:21.0021 0x2c3c  SamSs - ok
01:35:21.0105 0x2c3c  [ 73031850BC68F3379096C032006A416B, 78657D0B476C817DE829CB3FC89BC1B1F5645532A2082546B594E380AB7F6983 ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
01:35:21.0137 0x2c3c  Samsung Link Service - ok
01:35:21.0172 0x2c3c  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
01:35:21.0174 0x2c3c  sbp2port - ok
01:35:21.0190 0x2c3c  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
01:35:21.0206 0x2c3c  SCardSvr - ok
01:35:21.0237 0x2c3c  [ 24C83ABF3B2A1257BF8E9C46D985B1AD, CBDBCE319BCCBD3A9BDDA9EA1E7D1D21EF0031660DE902FE4CCB6723CB6FF4F8 ] SCDEmu          C:\WINDOWS\system32\drivers\SCDEmu.sys
01:35:21.0237 0x2c3c  SCDEmu - ok
01:35:21.0253 0x2c3c  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
01:35:21.0253 0x2c3c  ScDeviceEnum - ok
01:35:21.0274 0x2c3c  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
01:35:21.0274 0x2c3c  scfilter - ok
01:35:21.0321 0x2c3c  [ 4D82582733D9F437F544D3F8F98CE159, 32603C9AFC4D56D505D2EA5B63EF33A484A20A3C82E28F6C30A7597BBF34F785 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
01:35:21.0337 0x2c3c  Schedule - ok
01:35:21.0391 0x2c3c  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
01:35:21.0391 0x2c3c  SCPolicySvc - ok
01:35:21.0422 0x2c3c  [ 1CDA6D0A2345AA589949AE9C83853913, 13E9164485BA7F7DB86CBA905C7F0E009488B03CC4F3F044EA37D04D0FB661C6 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
01:35:21.0422 0x2c3c  sdbus - ok
01:35:21.0453 0x2c3c  [ 723C6C3DE056D3EB76F7520BEF5947B4, 49FFDAD56BBD652404A587F282867161BAE6D9E61BC2C819DDC75CE10A8E3C63 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
01:35:21.0472 0x2c3c  SDRSVC - ok
01:35:21.0491 0x2c3c  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
01:35:21.0507 0x2c3c  sdstor - ok
01:35:21.0538 0x2c3c  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\WINDOWS\system32\seclogon.dll
01:35:21.0538 0x2c3c  seclogon - ok
01:35:21.0553 0x2c3c  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
01:35:21.0572 0x2c3c  SENS - ok
01:35:21.0629 0x2c3c  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
01:35:21.0665 0x2c3c  SensorDataService - ok
01:35:21.0707 0x2c3c  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] SensorsAlsDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
01:35:21.0707 0x2c3c  SensorsAlsDriver - ok
01:35:21.0771 0x2c3c  [ 45D26646E3AD737E5DE3DB91CCCE7DBA, B05AB32700998C8347BC5797B18EB97F303FCB2302BED852348F2703DEDE72F9 ] SensorService   C:\WINDOWS\system32\SensorService.dll
01:35:21.0776 0x2c3c  SensorService - ok
01:35:21.0776 0x2c3c  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] SensorsSimulatorDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
01:35:21.0791 0x2c3c  SensorsSimulatorDriver - ok
01:35:21.0823 0x2c3c  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
01:35:21.0838 0x2c3c  SensrSvc - ok
01:35:21.0870 0x2c3c  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
01:35:21.0876 0x2c3c  SerCx - ok
01:35:21.0892 0x2c3c  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
01:35:21.0907 0x2c3c  SerCx2 - ok
01:35:21.0954 0x2c3c  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
01:35:21.0954 0x2c3c  Serenum - ok
01:35:21.0992 0x2c3c  [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial          C:\WINDOWS\System32\drivers\serial.sys
01:35:22.0008 0x2c3c  Serial - ok
01:35:22.0023 0x2c3c  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
01:35:22.0023 0x2c3c  sermouse - ok
01:35:22.0657 0x2c3c  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
01:35:22.0679 0x2c3c  SessionEnv - ok
01:35:22.0711 0x2c3c  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
01:35:22.0711 0x2c3c  sfloppy - ok
01:35:22.0758 0x2c3c  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
01:35:22.0780 0x2c3c  SharedAccess - ok
01:35:22.0858 0x2c3c  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:35:22.0880 0x2c3c  ShellHWDetection - ok
01:35:22.0896 0x2c3c  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
01:35:22.0896 0x2c3c  SiSRaid2 - ok
01:35:22.0911 0x2c3c  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
01:35:22.0911 0x2c3c  SiSRaid4 - ok
01:35:22.0979 0x2c3c  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
01:35:22.0995 0x2c3c  SkypeUpdate - ok
01:35:23.0042 0x2c3c  [ 6BAA82912E4D4DC791B083E3DD7C387D, 31B5193D8E91E98BA93B46086C9F6BBFEF42861722BDF7971D08C1FAE24D8B02 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
01:35:23.0042 0x2c3c  SmbDrvI - ok
01:35:23.0079 0x2c3c  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
01:35:23.0079 0x2c3c  smphost - ok
01:35:23.0157 0x2c3c  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
01:35:23.0195 0x2c3c  SmsRouter - ok
01:35:23.0226 0x2c3c  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
01:35:23.0226 0x2c3c  SNMPTRAP - ok
01:35:23.0313 0x2c3c  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
01:35:23.0329 0x2c3c  spaceport - ok
01:35:23.0345 0x2c3c  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
01:35:23.0345 0x2c3c  SpbCx - ok
01:35:23.0382 0x2c3c  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\WINDOWS\System32\spoolsv.exe
01:35:23.0398 0x2c3c  Spooler - ok
01:35:23.0598 0x2c3c  [ 49B666BCCF59226549F64656584318EA, D7751FB921CE526322DF8CD95430EEA5337E894CE76E0FAA47827CA3B2C953C5 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
01:35:23.0698 0x2c3c  sppsvc - ok
01:35:23.0779 0x2c3c  [ E8276BE984738AA44070CFDE6EFC9300, F0B09D3E08BDB1B8AEBA97A700271E97AB2506793B42D96415B23DB68DA99FA8 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
01:35:23.0783 0x2c3c  SQLWriter - ok
01:35:23.0830 0x2c3c  [ BE88248427A6AA548A904FD867667F70, 37E7BB76881F4E896311721B1FCB7B1908524591D36F7D63B233CA0115FECC2C ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
01:35:23.0845 0x2c3c  srv - ok
01:35:23.0899 0x2c3c  [ 2568B86F6A50D254324CB89022CA9EFC, 001B7A0061227E8E78A35FDC095C71A6974F18B1289FA392FA0B864A88C20672 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
01:35:23.0930 0x2c3c  srv2 - ok
01:35:23.0946 0x2c3c  [ 6E520D6B16EA8AE23D1F81C1194F00C8, 42CAB0772D351023DBF1DAD4BDB1FC214827CEA660284838B41062B8DF89DF10 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
01:35:23.0946 0x2c3c  srvnet - ok
01:35:23.0999 0x2c3c  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
01:35:23.0999 0x2c3c  SSDPSRV - ok
01:35:24.0014 0x2c3c  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
01:35:24.0030 0x2c3c  SstpSvc - ok
01:35:24.0046 0x2c3c  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
01:35:24.0046 0x2c3c  ssudmdm - ok
01:35:24.0161 0x2c3c  [ ADA04D0DC075479DC24AD3AE29EC33E2, 66E76E8BB44AC91C35CADC2403B67476844ECF2EBFA751E87BC6D92D602E9D05 ] ss_conn_service C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
01:35:24.0182 0x2c3c  ss_conn_service - ok
01:35:24.0284 0x2c3c  [ 17139E61D556444B6FCE67920E71D369, 1A50102B1DC9B63BB50EDB1F7B2CB25F8BB4CD9BF95B3630A99ECC4981B573BA ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
01:35:24.0331 0x2c3c  StateRepository - ok
01:35:24.0435 0x2c3c  [ 345C39599C3D4940D12F5F9F42A79229, B5D6C716D374E453940C2A23772B9E063CBCB06DA74574F0F19F813AE65F4A78 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
01:35:24.0466 0x2c3c  Steam Client Service - ok
01:35:24.0503 0x2c3c  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
01:35:24.0503 0x2c3c  stexstor - ok
01:35:24.0565 0x2c3c  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
01:35:24.0588 0x2c3c  stisvc - ok
01:35:24.0635 0x2c3c  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
01:35:24.0635 0x2c3c  storahci - ok
01:35:24.0666 0x2c3c  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
01:35:24.0666 0x2c3c  storflt - ok
01:35:24.0703 0x2c3c  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
01:35:24.0703 0x2c3c  stornvme - ok
01:35:24.0734 0x2c3c  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
01:35:24.0734 0x2c3c  storqosflt - ok
01:35:24.0819 0x2c3c  [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
01:35:24.0904 0x2c3c  StorSvc - ok
01:35:24.0919 0x2c3c  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
01:35:24.0919 0x2c3c  storufs - ok
01:35:24.0951 0x2c3c  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
01:35:24.0951 0x2c3c  storvsc - ok
01:35:24.0951 0x2c3c  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
01:35:24.0966 0x2c3c  svsvc - ok
01:35:24.0988 0x2c3c  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
01:35:24.0988 0x2c3c  swenum - ok
01:35:25.0020 0x2c3c  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
01:35:25.0020 0x2c3c  swprv - ok
01:35:25.0051 0x2c3c  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
01:35:25.0051 0x2c3c  Synth3dVsc - ok
01:35:25.0087 0x2c3c  [ A3BBF71752E47CDF444DFD49E971E16B, A3E6F9D781FCF1F8146E23D90F9DFDAA24C20BCA82A00BE9534974720E003776 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
01:35:25.0088 0x2c3c  SynTP - ok
01:35:25.0135 0x2c3c  [ 9C58665F465646B0784F595240237C10, 92033D63EF21733CA76BF47C433142F7A2390149C9162967F13C9F3F29236DBD ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
01:35:25.0151 0x2c3c  SynTPEnhService - ok
01:35:25.0205 0x2c3c  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
01:35:25.0220 0x2c3c  SysMain - ok
01:35:25.0251 0x2c3c  [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
01:35:25.0267 0x2c3c  SystemEventsBroker - ok
01:35:25.0305 0x2c3c  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
01:35:25.0305 0x2c3c  TabletInputService - ok
01:35:25.0320 0x2c3c  [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
01:35:25.0336 0x2c3c  tap0901 - ok
01:35:25.0367 0x2c3c  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
01:35:25.0367 0x2c3c  TapiSrv - ok
01:35:25.0407 0x2c3c  [ 927D0CDB3F96EFC1E98FB1A2C9FB67AD, 58F14DAA0EA21EA2F2A1D3D62C88BD8E5A0E0EF498B7B8D367BEEADE6A46843C ] tapoas          C:\WINDOWS\system32\DRIVERS\tapoas.sys
01:35:25.0407 0x2c3c  tapoas - ok
01:35:25.0507 0x2c3c  [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
01:35:25.0538 0x2c3c  Tcpip - ok
01:35:25.0688 0x2c3c  [ CF63BF6AAEDF721E37F9E216FD321B8E, 73FF268E5DBCEFA9C5322420729E0EAA4F74A7C51E6ED3C988134AC5E875A74C ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
01:35:25.0724 0x2c3c  Tcpip6 - ok
01:35:25.0755 0x2c3c  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
01:35:25.0755 0x2c3c  tcpipreg - ok
01:35:25.0796 0x2c3c  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
01:35:25.0796 0x2c3c  tdx - ok
01:35:25.0827 0x2c3c  [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn   C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
01:35:25.0827 0x2c3c  teamviewervpn - ok
01:35:25.0958 0x2c3c  [ 439BD966130226F464DC15F55ABD266E, 1AA73CC09CA7A01BE6052919CDD19714EDAB69898316953974F6D8BEF3EB1E4D ] TechSmith Uploader Service C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
01:35:26.0096 0x2c3c  TechSmith Uploader Service - ok
01:35:26.0128 0x2c3c  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
01:35:26.0128 0x2c3c  terminpt - ok
01:35:26.0174 0x2c3c  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
01:35:26.0197 0x2c3c  TermService - ok
01:35:26.0244 0x2c3c  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
01:35:26.0259 0x2c3c  Themes - ok
01:35:26.0298 0x2c3c  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
01:35:26.0314 0x2c3c  TieringEngineService - ok
01:35:26.0361 0x2c3c  [ 7ECACE6D0B4C2D323408EB00FD93C682, EE7F5E5185EA8C8098046FA573659443014ED7C9DA9E710D9EF3FCACBBFFA100 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
01:35:26.0377 0x2c3c  tiledatamodelsvc - ok
01:35:26.0431 0x2c3c  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
01:35:26.0431 0x2c3c  TimeBroker - ok
01:35:26.0462 0x2c3c  [ AF87B6012E2105E0CE4751CEB36D7236, 5648553268E68A28D123364AEA11B8EEDC90F3E1CD832CF8D79E7D6C1AD4F649 ] TotRec8         C:\WINDOWS\system32\drivers\TotRec8.sys
01:35:26.0462 0x2c3c  TotRec8 - ok
01:35:26.0477 0x2c3c  [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
01:35:26.0498 0x2c3c  TPM - ok
01:35:26.0515 0x2c3c  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
01:35:26.0530 0x2c3c  TrkWks - ok
01:35:26.0590 0x2c3c  [ ADD8AFDAB539AF2B1FB75F6DB2CD7B71, 46BA69DA6114A167D6C467AB9BA583514475509184C6FF056460ADE76D0A76B1 ] trufos          C:\WINDOWS\system32\DRIVERS\trufos.sys
01:35:26.0606 0x2c3c  trufos - ok
01:35:26.0715 0x2c3c  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
01:35:26.0715 0x2c3c  TrustedInstaller - ok
01:35:26.0746 0x2c3c  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
01:35:26.0746 0x2c3c  tsusbflt - ok
01:35:26.0762 0x2c3c  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
01:35:26.0777 0x2c3c  TsUsbGD - ok
01:35:26.0799 0x2c3c  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
01:35:26.0815 0x2c3c  tunnel - ok
01:35:26.0846 0x2c3c  [ 127925766866C52F147A2FFC0C0358A5, DCDF38A456E0BAAEE1E54FD67C3DEB4A036F116036FBD28073201B6C27C2C2DD ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
01:35:26.0846 0x2c3c  tzautoupdate - ok
01:35:26.0877 0x2c3c  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
01:35:26.0877 0x2c3c  uagp35 - ok
01:35:26.0900 0x2c3c  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
01:35:26.0900 0x2c3c  UASPStor - ok
01:35:26.0916 0x2c3c  [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
01:35:26.0932 0x2c3c  UcmCx0101 - ok
01:35:26.0947 0x2c3c  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
01:35:26.0947 0x2c3c  UcmUcsi - ok
01:35:26.0999 0x2c3c  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
01:35:26.0999 0x2c3c  Ucx01000 - ok
01:35:27.0015 0x2c3c  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
01:35:27.0015 0x2c3c  UdeCx - ok
01:35:27.0062 0x2c3c  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
01:35:27.0062 0x2c3c  udfs - ok
01:35:27.0099 0x2c3c  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
01:35:27.0099 0x2c3c  UEFI - ok
01:35:27.0131 0x2c3c  [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
01:35:27.0147 0x2c3c  Ufx01000 - ok
01:35:27.0178 0x2c3c  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
01:35:27.0178 0x2c3c  UfxChipidea - ok
01:35:27.0200 0x2c3c  [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
01:35:27.0216 0x2c3c  ufxsynopsys - ok
01:35:27.0247 0x2c3c  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
01:35:27.0263 0x2c3c  UI0Detect - ok
01:35:27.0278 0x2c3c  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
01:35:27.0278 0x2c3c  uliagpkx - ok
01:35:27.0300 0x2c3c  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
01:35:27.0316 0x2c3c  umbus - ok
01:35:27.0347 0x2c3c  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
01:35:27.0347 0x2c3c  UmPass - ok
01:35:27.0400 0x2c3c  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
01:35:27.0416 0x2c3c  UmRdpService - ok
01:35:27.0479 0x2c3c  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
01:35:27.0516 0x2c3c  UnistoreSvc - ok
01:35:27.0679 0x2c3c  [ 9CEB89BA3098E46C718FA61E3E5D0BE0, E5C6DE0F17539113FBCDC2F09AE0981F2C601D57B39D072F8D4387DB5DE8B345 ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
01:35:27.0679 0x2c3c  UPDATESRV - ok
01:35:27.0718 0x2c3c  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
01:35:27.0718 0x2c3c  upnphost - ok
01:35:27.0749 0x2c3c  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
01:35:27.0749 0x2c3c  UrsChipidea - ok
01:35:27.0780 0x2c3c  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
01:35:27.0780 0x2c3c  UrsCx01000 - ok
01:35:27.0798 0x2c3c  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
01:35:27.0801 0x2c3c  UrsSynopsys - ok
01:35:27.0833 0x2c3c  [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
01:35:27.0833 0x2c3c  usbaudio - ok
01:35:27.0849 0x2c3c  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
01:35:27.0865 0x2c3c  usbccgp - ok
01:35:27.0880 0x2c3c  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
01:35:27.0880 0x2c3c  usbcir - ok
01:35:27.0905 0x2c3c  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
01:35:27.0905 0x2c3c  usbehci - ok
01:35:27.0936 0x2c3c  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
01:35:27.0951 0x2c3c  usbhub - ok
01:35:28.0051 0x2c3c  [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
01:35:28.0051 0x2c3c  USBHUB3 - ok
01:35:28.0083 0x2c3c  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
01:35:28.0083 0x2c3c  usbohci - ok
01:35:28.0100 0x2c3c  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
01:35:28.0102 0x2c3c  usbprint - ok
01:35:28.0105 0x2c3c  [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:35:28.0121 0x2c3c  usbscan - ok
01:35:28.0136 0x2c3c  [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
01:35:28.0136 0x2c3c  usbser - ok
01:35:28.0183 0x2c3c  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
01:35:28.0183 0x2c3c  USBSTOR - ok
01:35:28.0958 0x2c3c  [ E0BF081D0F58F4307A2E15C692D5D56B, 49A0882B1E7F763D842B001E64E5C626754E93A47BC33E514D50126A70661465 ] UsbTray         C:\Windows\SysWOW64\UsbTray.sys
01:35:28.0962 0x2c3c  UsbTray - ok
01:35:28.0981 0x2c3c  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
01:35:28.0981 0x2c3c  usbuhci - ok
01:35:28.0981 0x2c3c  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
01:35:29.0001 0x2c3c  usbvideo - ok
01:35:29.0039 0x2c3c  [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
01:35:29.0053 0x2c3c  USBXHCI - ok
01:35:29.0169 0x2c3c  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
01:35:29.0197 0x2c3c  UserDataSvc - ok
01:35:29.0397 0x2c3c  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
01:35:29.0415 0x2c3c  UserManager - ok
01:35:29.0440 0x2c3c  [ 50F7B408700BF28CF9986821E0486A16, 11575C4651AB9BC68805A23414E3C6EC14AE4B9B0B5DAF88A2BAA5C923413CB7 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
01:35:29.0450 0x2c3c  UsoSvc - ok
01:35:29.0461 0x2c3c  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
01:35:29.0461 0x2c3c  VaultSvc - ok
01:35:29.0508 0x2c3c  [ CDA796F41C2B64CEEC143B3A86904CFB, 8D9CACB74608C145A75424F4169E447A9EFA0EC3DD1412F097B56F86C0FC8E6E ] VBoxDrv         C:\WINDOWS\system32\drivers\VBoxDrv.sys
01:35:29.0524 0x2c3c  VBoxDrv - ok
01:35:29.0555 0x2c3c  [ 95717FCA60876284568B5CD476A59C41, 9A360985F072448A89890ACC5DD2155DDA0FD1EC2FFAC4697F0CFE60548CC980 ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
01:35:29.0555 0x2c3c  VBoxNetAdp - ok
01:35:29.0587 0x2c3c  [ 0E3C4F20B2CE21168F3242D9CAC6CBF2, 1BD5E1A2000EBC1C335A8960ACDCD08BDC8230F533A80D086D2EE6FE4990EA02 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
01:35:29.0587 0x2c3c  VBoxUSBMon - ok
01:35:29.0610 0x2c3c  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
01:35:29.0610 0x2c3c  vdrvroot - ok
01:35:29.0657 0x2c3c  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
01:35:29.0688 0x2c3c  vds - ok
01:35:29.0710 0x2c3c  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
01:35:29.0710 0x2c3c  VerifierExt - ok
01:35:29.0757 0x2c3c  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
01:35:29.0757 0x2c3c  vhdmp - ok
01:35:29.0788 0x2c3c  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
01:35:29.0788 0x2c3c  vhf - ok
01:35:29.0810 0x2c3c  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
01:35:29.0810 0x2c3c  vmbus - ok
01:35:29.0826 0x2c3c  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
01:35:29.0826 0x2c3c  VMBusHID - ok
01:35:29.0878 0x2c3c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
01:35:29.0878 0x2c3c  vmicguestinterface - ok
01:35:29.0894 0x2c3c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
01:35:29.0916 0x2c3c  vmicheartbeat - ok
01:35:29.0929 0x2c3c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
01:35:29.0938 0x2c3c  vmickvpexchange - ok
01:35:29.0954 0x2c3c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
01:35:29.0954 0x2c3c  vmicrdv - ok
01:35:29.0970 0x2c3c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
01:35:29.0989 0x2c3c  vmicshutdown - ok
01:35:29.0994 0x2c3c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
01:35:30.0010 0x2c3c  vmictimesync - ok
01:35:30.0026 0x2c3c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
01:35:30.0026 0x2c3c  vmicvmsession - ok
01:35:30.0041 0x2c3c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
01:35:30.0057 0x2c3c  vmicvss - ok
01:35:30.0073 0x2c3c  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
01:35:30.0073 0x2c3c  volmgr - ok
01:35:30.0088 0x2c3c  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
01:35:30.0110 0x2c3c  volmgrx - ok
01:35:30.0173 0x2c3c  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
01:35:30.0210 0x2c3c  volsnap - ok
01:35:30.0241 0x2c3c  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
01:35:30.0257 0x2c3c  vpci - ok
01:35:30.0288 0x2c3c  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
01:35:30.0288 0x2c3c  vsmraid - ok
01:35:30.0378 0x2c3c  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
01:35:30.0428 0x2c3c  VSS - ok
01:35:30.0573 0x2c3c  [ 50F70484DA5F9E91185750EDF7C420A7, 5C63B1AE9C5529A751F5B86B395114A1ECD162F367F7DDFFA291E72A284E54EE ] vsserv          C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
01:35:30.0589 0x2c3c  vsserv - ok
01:35:30.0757 0x2c3c  [ 99030F89DE0CFA7428A38D498CE5DDD7, 64E64962BC19047FC55EB73F007D25953E86D8DF0D6EA6D28E0BB47D5A50E8AF ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
01:35:30.0757 0x2c3c  VSStandardCollectorService140 - ok
01:35:30.0935 0x2c3c  [ 65EFAEC68FA234F36880533A79D7B1C1, CFACFC5F90F6C7910232209A133FB75FF112DEE68BB5EB2FF2F9B228BC93C55C ] vstor2-mntapi10-shared C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\vmware\vstor2\vstor2-mntapi10-shared.sys
01:35:30.0935 0x2c3c  vstor2-mntapi10-shared - ok
01:35:30.0951 0x2c3c  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
01:35:30.0967 0x2c3c  VSTXRAID - ok
01:35:30.0982 0x2c3c  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
01:35:30.0982 0x2c3c  vwifibus - ok
01:35:31.0007 0x2c3c  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
01:35:31.0010 0x2c3c  vwififlt - ok
01:35:31.0011 0x2c3c  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
01:35:31.0011 0x2c3c  vwifimp - ok
01:35:31.0042 0x2c3c  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
01:35:31.0058 0x2c3c  W32Time - ok
01:35:31.0073 0x2c3c  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
01:35:31.0073 0x2c3c  WacomPen - ok
01:35:31.0126 0x2c3c  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
01:35:31.0142 0x2c3c  WalletService - ok
01:35:31.0157 0x2c3c  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:35:31.0157 0x2c3c  wanarp - ok
01:35:31.0173 0x2c3c  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:35:31.0173 0x2c3c  wanarpv6 - ok
01:35:31.0242 0x2c3c  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
01:35:31.0274 0x2c3c  wbengine - ok
01:35:31.0362 0x2c3c  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
01:35:31.0378 0x2c3c  WbioSrvc - ok
01:35:31.0427 0x2c3c  [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
01:35:31.0440 0x2c3c  Wcmsvc - ok
01:35:31.0493 0x2c3c  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
01:35:31.0511 0x2c3c  wcncsvc - ok
01:35:31.0527 0x2c3c  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
01:35:31.0527 0x2c3c  WcsPlugInService - ok
01:35:31.0543 0x2c3c  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
01:35:31.0543 0x2c3c  WdBoot - ok
01:35:31.0591 0x2c3c  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
01:35:31.0607 0x2c3c  Wdf01000 - ok
01:35:31.0627 0x2c3c  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
01:35:31.0643 0x2c3c  WdFilter - ok
01:35:31.0674 0x2c3c  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
01:35:31.0690 0x2c3c  WdiServiceHost - ok
01:35:31.0690 0x2c3c  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
01:35:31.0690 0x2c3c  WdiSystemHost - ok
01:35:31.0742 0x2c3c  [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
01:35:31.0758 0x2c3c  wdiwifi - ok
01:35:31.0773 0x2c3c  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
01:35:31.0789 0x2c3c  WdNisDrv - ok
01:35:31.0789 0x2c3c  WdNisSvc - ok
01:35:31.0827 0x2c3c  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
01:35:31.0827 0x2c3c  WebClient - ok
01:35:31.0862 0x2c3c  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
01:35:31.0878 0x2c3c  Wecsvc - ok
01:35:31.0894 0x2c3c  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
01:35:31.0894 0x2c3c  WEPHOSTSVC - ok
01:35:31.0926 0x2c3c  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
01:35:31.0931 0x2c3c  wercplsupport - ok
01:35:31.0967 0x2c3c  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
01:35:31.0967 0x2c3c  WerSvc - ok
01:35:31.0984 0x2c3c  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
01:35:31.0990 0x2c3c  WFPLWFS - ok
01:35:32.0011 0x2c3c  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
01:35:32.0013 0x2c3c  WiaRpc - ok
01:35:32.0029 0x2c3c  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
01:35:32.0044 0x2c3c  WIMMount - ok
01:35:32.0044 0x2c3c  WinDefend - ok
01:35:32.0076 0x2c3c  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
01:35:32.0076 0x2c3c  WindowsTrustedRT - ok
01:35:32.0091 0x2c3c  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
01:35:32.0091 0x2c3c  WindowsTrustedRTProxy - ok
01:35:32.0113 0x2c3c  [ D4B30E23A3B373648F61290DAF432CB2, 7084E24A2E813BDD11C880F2B2D2626CD3600D9BABAA8AA8F068748E90BC8D58 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
01:35:32.0129 0x2c3c  WinHttpAutoProxySvc - ok
01:35:32.0160 0x2c3c  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
01:35:32.0160 0x2c3c  WinMad - ok
01:35:32.0308 0x2c3c  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
01:35:32.0313 0x2c3c  Winmgmt - ok
01:35:32.0433 0x2c3c  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
01:35:32.0529 0x2c3c  WinRM - ok
01:35:32.0560 0x2c3c  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
01:35:32.0576 0x2c3c  WINUSB - ok
01:35:32.0592 0x2c3c  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
01:35:32.0592 0x2c3c  WinVerbs - ok
01:35:32.0660 0x2c3c  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
01:35:32.0713 0x2c3c  WlanSvc - ok
01:35:32.0894 0x2c3c  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
01:35:32.0935 0x2c3c  wlidsvc - ok
01:35:32.0999 0x2c3c  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
01:35:33.0000 0x2c3c  WmiAcpi - ok
01:35:33.0014 0x2c3c  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
01:35:33.0014 0x2c3c  wmiApSrv - ok
01:35:33.0014 0x2c3c  WMPNetworkSvc - ok
01:35:33.0045 0x2c3c  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
01:35:33.0061 0x2c3c  Wof - ok
01:35:33.0130 0x2c3c  [ 3B6CCFF7AD385842A9638DCF654ABCD4, 2E6605E5E1BD214D7F47F30E73481C07AE70CAE3A3B565FA37D1A551A58BFDB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
01:35:33.0177 0x2c3c  workfolderssvc - ok
01:35:33.0192 0x2c3c  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
01:35:33.0192 0x2c3c  wpcfltr - ok
01:35:33.0214 0x2c3c  [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
01:35:33.0214 0x2c3c  WPDBusEnum - ok
01:35:33.0230 0x2c3c  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
01:35:33.0230 0x2c3c  WpdUpFltr - ok
01:35:33.0245 0x2c3c  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
01:35:33.0245 0x2c3c  WpnService - ok
01:35:33.0266 0x2c3c  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
01:35:33.0268 0x2c3c  ws2ifsl - ok
01:35:33.0288 0x2c3c  [ ADD2FE1A9F4EE41A6D724819550D4E1F, EE8320496D611F6D264AC21684EACB5DC6F9DD82E055726073C7782D0993AFB3 ] WsAudioDevice_383 C:\WINDOWS\system32\drivers\VirtualAudio.sys
01:35:33.0288 0x2c3c  WsAudioDevice_383 - ok
01:35:33.0330 0x2c3c  [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
01:35:33.0330 0x2c3c  wscsvc - ok
01:35:33.0330 0x2c3c  WSearch - ok
01:35:33.0461 0x2c3c  [ 1E099AE79C6D58063E0B4F538732B87F, 0EDA8AA7CA1946DFF651AF6FBCBEBEE904FB269E67F6AB6739247C5242BCDC7E ] WSService       C:\WINDOWS\System32\WSService.dll
01:35:33.0514 0x2c3c  WSService - ok
01:35:33.0746 0x2c3c  [ F2A9089A715EC55EA8A5C660F724A7B3, 20F4426743AB8610FDB22E7DE955D6728706AE58A9548D5A71622DF460C34661 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
01:35:33.0793 0x2c3c  wuauserv - ok
01:35:33.0862 0x2c3c  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
01:35:33.0862 0x2c3c  WudfPf - ok
01:35:33.0927 0x2c3c  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
01:35:33.0935 0x2c3c  WUDFRd - ok
01:35:33.0951 0x2c3c  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
01:35:33.0967 0x2c3c  wudfsvc - ok
01:35:33.0984 0x2c3c  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
01:35:33.0988 0x2c3c  WUDFWpdFs - ok
01:35:33.0998 0x2c3c  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
01:35:33.0998 0x2c3c  WUDFWpdMtp - ok
01:35:34.0131 0x2c3c  [ 5DA95027DF2317174E8C39B4A8D1FCD8, 99B356411CB08B8BCCF2348DBF1FD5D4F417EA509D9C7CE23E5877C333F4D304 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
01:35:34.0162 0x2c3c  WwanSvc - ok
01:35:34.0288 0x2c3c  [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
01:35:34.0347 0x2c3c  XblAuthManager - ok
01:35:34.0424 0x2c3c  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
01:35:34.0447 0x2c3c  XblGameSave - ok
01:35:34.0461 0x2c3c  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
01:35:34.0477 0x2c3c  xboxgip - ok
01:35:34.0531 0x2c3c  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
01:35:34.0562 0x2c3c  XboxNetApiSvc - ok
01:35:34.0594 0x2c3c  [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
01:35:34.0594 0x2c3c  xinputhid - ok
01:35:34.0647 0x2c3c  [ D3D9CB4BA15C1854294517AA8954E201, DFBB6E1A5FF01123FEAD6EFFA67F4A0203792AFDF82EAFFC2DA981A584896542 ] XQHDrv          C:\WINDOWS\system32\DRIVERS\XQHDrv.sys
01:35:34.0647 0x2c3c  XQHDrv - ok
01:35:34.0694 0x2c3c  [ C08C5CD45226114C640C6005BD6E2E5A, 0D9A9B389C140A8FFD2E9D92BCBE18DA00CF2B2AE5C96C5EBD47C225E96549D7 ] xtouch          C:\WINDOWS\System32\drivers\xtouch.sys
01:35:34.0694 0x2c3c  xtouch - ok
01:35:34.0717 0x2c3c  ================ Scan global ===============================
01:35:34.0859 0x2c3c  [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
01:35:34.0878 0x2c3c  [ 6C647A171ACA3838441206BBE715B0D7, 30ACA236E3D4A73F546AAA71D0FE80B1D66036AB7934B56CBF260F7E3A8C410F ] C:\WINDOWS\system32\winsrv.dll
01:35:34.0908 0x2c3c  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
01:35:34.0935 0x2c3c  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
01:35:34.0951 0x2c3c  [ Global ] - ok
01:35:34.0951 0x2c3c  ================ Scan MBR ==================================
01:35:34.0951 0x2c3c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
01:35:34.0982 0x2c3c  \Device\Harddisk0\DR0 - ok
01:35:34.0982 0x2c3c  ================ Scan VBR ==================================
01:35:34.0998 0x2c3c  [ 5AF03B44DF21E893DF42487F7813933D ] \Device\Harddisk0\DR0\Partition1
01:35:35.0015 0x2c3c  \Device\Harddisk0\DR0\Partition1 - ok
01:35:35.0018 0x2c3c  [ C82F564DEE14EEF7B178FAAB4519A3DE ] \Device\Harddisk0\DR0\Partition2
01:35:35.0034 0x2c3c  \Device\Harddisk0\DR0\Partition2 - ok
01:35:35.0050 0x2c3c  [ 9D327BA77F9A4BB193707A464C3EE21D ] \Device\Harddisk0\DR0\Partition3
01:35:35.0050 0x2c3c  \Device\Harddisk0\DR0\Partition3 - ok
01:35:35.0065 0x2c3c  [ F237765389C721DC913A1C1F0BFDE120 ] \Device\Harddisk0\DR0\Partition4
01:35:35.0081 0x2c3c  \Device\Harddisk0\DR0\Partition4 - ok
01:35:35.0081 0x2c3c  [ 331B9889D5E86D1D6AA371558D9FC75F ] \Device\Harddisk0\DR0\Partition5
01:35:35.0081 0x2c3c  \Device\Harddisk0\DR0\Partition5 - ok
01:35:35.0117 0x2c3c  [ C5AA33F9C0A55734B7548262AE5DFD99 ] \Device\Harddisk0\DR0\Partition6
01:35:35.0122 0x2c3c  \Device\Harddisk0\DR0\Partition6 - ok
01:35:35.0122 0x2c3c  [ 53FB834CED6DE3FE025AD1A8C440BE34 ] \Device\Harddisk0\DR0\Partition7
01:35:35.0138 0x2c3c  \Device\Harddisk0\DR0\Partition7 - ok
01:35:35.0138 0x2c3c  ================ Scan generic autorun ======================
01:35:35.0138 0x2c3c  SynTPEnh - ok
01:35:35.0239 0x2c3c  [ 3CDBA26C1D56BCA2F112FCC149F15C3D, 00BF002B4C44599A9E51B0A4CAC95BECEECBB0C7CE9FBEBF1ACB15CFA8E5B933 ] C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
01:35:35.0254 0x2c3c  Bdagent - ok
01:35:35.0671 0x2c3c  [ 9CFD0AFEA08FFEA16F3EFFC94D5B3DEF, AB7879DDA9D516C2B124640B1D34557A8BAD244423867E8390D29FFF6858A865 ] C:\Program Files\Logitech Gaming Software\LCore.exe
01:35:36.0072 0x2c3c  Launch LCore - ok
01:35:36.0816 0x2c3c  [ BDE3F73E16CB74184FDD5FC98A185ED7, EA03B1E6241BD4B9A3FAEE3B809859A6C1BD4A49EC9C7A3FBD0CAA98FFEC81C4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
01:35:37.0058 0x2c3c  RtHDVCpl - ok
01:35:37.0159 0x2c3c  [ B13E62F28C7C1257E860D19AD9014F8C, 6EA2FF79F87CB9303894A3C7EE96C47EAC01573FB811467D6414A102B4E2E84E ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
01:35:37.0174 0x2c3c  RtHDVBg_Dolby - ok
01:35:37.0288 0x2c3c  [ A8012BE61DC9CEFA5C41C2DA995812BD, 63D64926B700AD5378C7A719CD71906382EAAA1BE3CB2EE22D9A63D13E12C272 ] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
01:35:37.0303 0x2c3c  IAStorIcon - ok
01:35:37.0431 0x2c3c  [ A28B6702BBE201F1F7CD9D7CF3C69420, 6FD1A1DBEB557B086D5AA9BD3360B33143561155330E154912D22B1D07EE25B7 ] C:\Program Files\cFosSpeed\cFosSpeed.exe
01:35:37.0455 0x2c3c  cFosSpeed - ok
01:35:37.0643 0x2c3c  [ 9C2078437D6FC541BD268BA903F6AEB4, CB622E82C65E0E4E9E52381BEAAB784AB6A3893BE34476D69B89F012CC1AC3C9 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
01:35:37.0828 0x2c3c  Wondershare Helper Compact.exe - ok
01:35:37.0894 0x2c3c  [ D5598B91A6FE95ABD017AEFD75E378C5, 70F9BB4F9F92BE312E13805B3E7573F2099A1E457F06C9A0DD513EFF299870C4 ] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe
01:35:37.0894 0x2c3c  KeyScrambler - ok
01:35:37.0988 0x2c3c  [ 4852BB1EDCC0C6F143F40B680E5774DD, D71D1FBC7EDE311593831AB13DF329BF3FE1066EB0ABBAA8D3E2515684D06038 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
01:35:38.0019 0x2c3c  SunJavaUpdateSched - ok
01:35:38.0160 0x2c3c  [ 28856A978670B7292F45EEF43978998B, 73C5FDC6C3413AF63943F0167EB2522498BC97C4A8B545BBC8E6CE1EE52A7727 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
01:35:38.0244 0x2c3c  Adobe Creative Cloud - ok
01:35:38.0999 0x2c3c  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
01:35:39.0237 0x2c3c  OneDriveSetup - ok
01:35:39.0477 0x2c3c  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
01:35:39.0700 0x2c3c  OneDriveSetup - ok
01:35:40.0117 0x2c3c  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Ali Affandi\AppData\Local\Akamai\netsession_win.exe
01:35:40.0288 0x2c3c  Akamai NetSession Interface - ok
01:35:40.0358 0x2c3c  [ EB00A4E988042F2CB4855ED1ABB5B5BA, 2865C4D027DE4D835273798B0897F929B118DDE20D94C4B433BD1370BEA140D8 ] C:\Program Files\BatteryBar\ShowBatteryBar.exe
01:35:40.0362 0x2c3c  ShowBatteryBar - ok
01:35:40.0508 0x2c3c  [ 4BF89D5AC612D75D1E5D23CC08775CD7, 934E038980FB6FFBE81607E2C761246AEFC7F55D3C2C852A21EBB8E23B672192 ] C:\Program Files (x86)\Internet Download Manager\idman.exe
01:35:40.0572 0x2c3c  IDMan - ok
01:35:40.0718 0x2c3c  [ D4B7C68E07C08A7E50EE6F7240BE858A, 87A28A5651252290033F9F0C0FF5B85257FF66B8B790EFDBEEF1324624F0AA13 ] C:\Program Files\DAEMON Tools Pro\DTAgent.exe
01:35:40.0818 0x2c3c  DAEMON Tools Pro Agent - ok
01:35:40.0894 0x2c3c  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Ali Affandi\AppData\Local\FluxSoftware\Flux\flux.exe
01:35:40.0917 0x2c3c  f.lux - ok
01:35:41.0003 0x2c3c  [ 9F2ECA252720B25E8FEC1CAB2984B98D, 476EE2929901CD43F15869B763376393AA0942A3B934532055E037C6DCE3CD2D ] C:\Users\Ali Affandi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
01:35:41.0018 0x2c3c  OneDrive - ok
01:35:41.0087 0x2c3c  [ F0DE9ACFEF67960C5C3C893952C68395, 04D45D4EE75CCE8D086BA036A7250AB52510A147722D40C821352116E22AFD3B ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
01:35:41.0119 0x2c3c  Bitdefender Wallet Agent - ok
01:35:41.0392 0x2c3c  [ CEB52C454E0C7A088E06F4B593411630, 4525B44159F40D7E8E0ABE07EA1A1D498604B4C5BBF8A0BD92723C5B76066FEB ] C:\Users\Ali Affandi\AppData\Roaming\Spotify\SpotifyWebHelper.exe
01:35:41.0519 0x2c3c  Spotify Web Helper - ok
01:35:41.0788 0x2c3c  [ 307D78FDF6C5238C1C0772A71C8AC8E8, 408D67B164EABEC3DB6E666BE89BAAFB92CB21FD0391DF110F6A60ED243B6828 ] C:\Users\Ali Affandi\AppData\Roaming\Spotify\Spotify.exe
01:35:42.0062 0x2c3c  Spotify - ok
01:35:42.0379 0x2c3c  [ 79B65FCC2AC6169B0B898F2894C61221, 5D4801D5D3C8E60F02D93E07B0068471C37B7E25359786A868DBC391D9E4E9DD ] C:\Program Files\CCleaner\CCleaner64.exe
01:35:42.0501 0x2c3c  CCleaner Monitoring - ok
01:35:42.0763 0x2c3c  [ FC7E2535A6F2DA0988F91A6232139661, E6FA0AD4435B226778AF36DF0ABC235BECC8228542D9F8D5F43D961BCB767CEE ] C:\Program Files (x86)\Steam\steam.exe
01:35:42.0801 0x2c3c  Steam - ok
01:35:42.0801 0x2c3c  Waiting for KSN requests completion. In queue: 307
01:35:43.0852 0x2c3c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.494 ), 0x60100 ( disabled : updated )
01:35:43.0852 0x2c3c  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.26.1443 ), 0x41000 ( enabled : updated )
01:35:43.0852 0x2c3c  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.26.1443 ), 0x41010 ( enabled )
01:35:44.0107 0x2c3c  ============================================================
01:35:44.0107 0x2c3c  Scan finished
01:35:44.0107 0x2c3c  ============================================================
01:35:44.0122 0x1df4  Detected object count: 0
01:35:44.0122 0x1df4  Actual detected object count: 0


#5 Johnny5478

Johnny5478
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 28 July 2016 - 10:07 AM

Adwcleaner
 

# AdwCleaner v3.305 - Bericht erstellt am 28/07/2016 um 01:40:20
# Aktualisiert 14/08/2014 von Xplode
# Betriebssystem : Windows 10 Home  (64 bits)
# Benutzername : Ali Affandi - ANONYMOUS
# Gestartet von : C:\Desktop\virus report\adwcleaner_3.305.exe
# Option : Suchen
 
***** [ Dienste ] *****
 
 
***** [ Dateien / Ordner ] *****
 
Datei Gefunden : C:\WINDOWS\System32\GroupPolicy\Machine\Registry.pol
Ordner Gefunden : C:\Program Files (x86)\NCH Software
Ordner Gefunden : C:\ProgramData\NCH Software
Ordner Gefunden : C:\Users\Ali Affandi\AppData\Roaming\NCH Software
Ordner Gefunden : C:\Users\Ali Affandi\AppData\Roaming\Tencent
 
***** [ Tasks ] *****
 
 
***** [ Verknüpfungen ] *****
 
 
***** [ Registrierungsdatenbank ] *****
 
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\TENCENT
Schlüssel Gefunden : [x64] HKCU\Software\IM
Schlüssel Gefunden : [x64] HKCU\Software\TENCENT
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
 
***** [ Browser ] *****
 
-\\ Internet Explorer v11.0.10586.494
 
 
-\\ Mozilla Firefox v47.0.1 (x86 en-US)
 
[ Datei : C:\Users\Ali Affandi\AppData\Roaming\Mozilla\Firefox\Profiles\t0jnynor.default-1448838902286\prefs.js ]
 
 
-\\ Google Chrome v52.0.2743.82
 
[ Datei : C:\Users\Ali Affandi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[C1].txt - [5194 octets] - [25/07/2016 15:35:00]
AdwCleaner[R0].txt - [6649 octets] - [15/08/2014 16:15:23]
AdwCleaner[R1].txt - [6709 octets] - [15/08/2014 16:16:18]
AdwCleaner[R2].txt - [2780 octets] - [28/07/2016 01:40:20]
AdwCleaner[S0].txt - [4822 octets] - [15/08/2014 16:17:51]
AdwCleaner[S1].txt - [5233 octets] - [25/07/2016 15:28:51]
AdwCleaner[S2].txt - [1188 octets] - [25/07/2016 15:50:03]
AdwCleaner[S3].txt - [1260 octets] - [27/07/2016 00:35:12]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3080 octets] ##########

JRT
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64 
Ran by Ali Affandi (Administrator) on 28.07.2016 at  1:53:30,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 6 
 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Ali Affandi\AppData\Roaming\tencent (Folder) 
Successfully deleted: C:\Users\Public\thunder network (Folder) 
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Ali Affandi) (Task)
Successfully deleted: C:\WINDOWS\system32\REN72BF.tmp (File) 
 
Deleted the following from C:\Users\Ali Affandi\AppData\Roaming\Mozilla\Firefox\Profiles\t0jnynor.default-1448838902286\prefs.js
user_pref(browser.urlbar.suggest.searches, true);
 
 
 
Registry: 3 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{797f9a0f-4893-43a3-88bb-a63252f305ee} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{797f9a0f-4893-43a3-88bb-a63252f305ee} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.07.2016 at  1:57:23,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 Johnny5478

Johnny5478
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 28 July 2016 - 10:09 AM

ESET
 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Debut\debut.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Debut\debutsetup_v1.68.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe.vir a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\ExpressBurn\expressburnsetup_v4.68.exe.vir a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Switch\switch.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Switch\switchsetup_v4.27.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Switch\uninst.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\VideoPad\videopad.exe.vir a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\VideoPad\videopadsetup_v3.29.exe.vir a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir Win32/Thinknice.E potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\web\js\xagainit.js.vir JS/Lightning.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Windows\System32\sasnative64.exe.vir Win64/AdvancedSystemProtector.A potentially unwanted application cleaned by deleting
C:\Desktop\Neuer Ordner\CoC Bot.Core.dll a variant of MSIL/GameTool.U potentially unsafe application cleaned by deleting
C:\Desktop\Test\WIN64AST.DLL a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting
C:\Program Files (x86)\Cheat Engine 6.5.1\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting
C:\Program Files (x86)\NCH Software\Switch\switchsetup_v4.27.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
C:\Program Files (x86)\NCH Software\Switch\uninst.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application cleaned by deleting
C:\Program Files (x86)\netcut\netcut.exe a variant of Win32/NetTool.Netcut.A potentially unsafe application cleaned by deleting
C:\Program Files (x86)\Tftpd32\tftpd32.exe a variant of Win32/TFTPD32.A potentially unsafe application cleaned by deleting
C:\Users\Ali Affandi\AppData\LocalLow\Sun\Java\jre1.7.0_55\java_sp.dll a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application cleaned by deleting
C:\Users\Ali Affandi\DATA\CCleaner.Professional.Plus.5.17.5590.rar Win32/Keygen.KG potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\netcut.exe a variant of Win32/NetTool.Netcut.A potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\Unlocker1.9.2.exe Win32/WebDevAZ.C potentially unwanted application deleted
C:\Users\Ali Affandi\DATA\_Scrambler 3.9 Premium _.rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\APK Authority\Input-APK\th.co.tdp.eden.apk a variant of Android/Packed.Secneo.A potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\APK Authority\Sharedroid\KingRoot.apk a variant of Android/DroidRooter.AG potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\Backup PC lama\Backup\FoxitReader514.0104_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\Backup PC lama\Backup\GooEarPro7.1.1.1871.rar a variant of Win32/HackTool.Patcher.A potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\Backup PC lama\Backup\yusetup 7.5.2013.02.zip a variant of Win32/Toolbar.Babylon.A potentially unwanted application deleted
C:\Users\Ali Affandi\DATA\Backup PC lama\Backup\Power director 11\BitTorrent.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
C:\Users\Ali Affandi\DATA\Backup PC lama\Naruto Shippuden FulL Burst 3\rld-nashulni.rar a variant of Win32/HackTool.Crack.BL potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\BSMultiTool\NewKingrootV4.92.apk a variant of Android/DroidRooter.AG potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\BSMultiTool\xmod.apk a variant of Android/Autoins.P potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\NCH Debut Video Capture Software v1.68 with Key by filehippo69\debutsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
C:\Users\Ali Affandi\DATA\Switch Sound File Converter Plus 4.27\switchsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
C:\Users\Ali Affandi\DATA\[BAGAS31] Youtubers Life v0.7.6\Youtubers Life V0.7.5 Trainer +9 MrAntiFun.EXE a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting
D:\S6 Backup\TWRP\BACKUPS\04157df4531ee43f\2016-06-07--10-12-09_MMB29K.G920FXXU3DPDP\data.ext4.win002 a variant of Android/Autoins.P potentially unsafe application deleted


#7 Johnny5478

Johnny5478
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 28 July 2016 - 10:25 AM

UPDATE Adwcleaner (latest version)
 

# AdwCleaner v5.201 - Bericht erstellt am 25/07/2016 um 15:28:51
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-25.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Ali Affandi - ANONYMOUS
# Gestartet von : C:\Desktop\adwcleaner_5.201.exe
# Option : Suchlauf
# Unterstützung : https://toolslib.net/forum
 
***** [ Dienste ] *****
 
 
***** [ Ordner ] *****
 
Ordner gefunden : C:\ProgramData\Systweak
Ordner gefunden : C:\Users\Ali Affandi\AppData\Local\PackageAware
Ordner gefunden : C:\Users\Ali Affandi\AppData\Roaming\rightbackup
Ordner gefunden : C:\Users\Ali Affandi\AppData\Roaming\tencent
Ordner gefunden : C:\Users\Ali Affandi\AppData\Roaming\Mozilla\Firefox\Profiles\t0jnynor.default-1448838902286\extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1}
 
***** [ Dateien ] *****
 
Datei gefunden : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
Datei gefunden : C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
Datei gefunden : C:\WINDOWS\SysNative\LavasoftTcpService64.dll
Datei gefunden : C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
 
***** [ DLL ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Verknüpfungen ] *****
 
 
***** [ Aufgabenplanung ] *****
 
 
***** [ Registrierungsdatenbank ] *****
 
Wert gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]
Schlüssel gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Schlüssel gefunden : HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
Schlüssel gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Wert gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Schlüssel gefunden : HKCU\Software\Conduit
Schlüssel gefunden : HKCU\Software\eSupport.com
Schlüssel gefunden : HKCU\Software\IM
Schlüssel gefunden : HKCU\Software\WEBAPP
Schlüssel gefunden : HKCU\Software\WIN
Schlüssel gefunden : HKLM\SOFTWARE\Conduit
Schlüssel gefunden : HKU\S-1-5-21-1993809284-1810740912-1198980261-1001\Software\Conduit
Schlüssel gefunden : HKU\S-1-5-21-1993809284-1810740912-1198980261-1001\Software\eSupport.com
Schlüssel gefunden : HKU\S-1-5-21-1993809284-1810740912-1198980261-1001\Software\IM
Schlüssel gefunden : HKU\S-1-5-21-1993809284-1810740912-1198980261-1001\Software\WEBAPP
Schlüssel gefunden : HKU\S-1-5-21-1993809284-1810740912-1198980261-1001\Software\WIN
 
***** [ Internetbrowser ] *****
 
[C:\Users\Ali Affandi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gefunden : hegneaniplmfjcmohoclabblbahcbjoe
 
*************************
 
C:\AdwCleaner\AdwCleaner[R0].txt - [6649 Bytes] - [15/08/2014 16:15:23]
C:\AdwCleaner\AdwCleaner[R1].txt - [6709 Bytes] - [15/08/2014 16:16:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [4822 Bytes] - [15/08/2014 16:17:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [5081 Bytes] - [25/07/2016 15:28:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5154 Bytes] ##########
# AdwCleaner v5.201 - Bericht erstellt am 28/07/2016 um 17:18:39
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-28.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Ali Affandi - ANONYMOUS
# Gestartet von : C:\Desktop\virus report\AdwCleaner.exe
# Option : Suchlauf
# Unterstützung : https://toolslib.net/forum
 
***** [ Dienste ] *****
 
 
***** [ Ordner ] *****
 
 
***** [ Dateien ] *****
 
Datei gefunden : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
Datei gefunden : C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
Datei gefunden : C:\Users\Ali Affandi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hegneaniplmfjcmohoclabblbahcbjoe_0.localstorage
Datei gefunden : C:\WINDOWS\SysNative\LavasoftTcpService64.dll
Datei gefunden : C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
 
***** [ DLL ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Verknüpfungen ] *****
 
 
***** [ Aufgabenplanung ] *****
 
 
***** [ Registrierungsdatenbank ] *****
 
Wert gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]
Schlüssel gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Schlüssel gefunden : HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
Schlüssel gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel gefunden : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Wert gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Schlüssel gefunden : HKCU\Software\eSupport.com
Schlüssel gefunden : HKCU\Software\IM
Schlüssel gefunden : HKCU\Software\WEBAPP
Schlüssel gefunden : HKCU\Software\WIN
Schlüssel gefunden : HKU\S-1-5-21-1993809284-1810740912-1198980261-1001\Software\eSupport.com
Schlüssel gefunden : HKU\S-1-5-21-1993809284-1810740912-1198980261-1001\Software\IM
Schlüssel gefunden : HKU\S-1-5-21-1993809284-1810740912-1198980261-1001\Software\WEBAPP
Schlüssel gefunden : HKU\S-1-5-21-1993809284-1810740912-1198980261-1001\Software\WIN
 
***** [ Internetbrowser ] *****
 
[C:\Users\Ali Affandi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gefunden : hegneaniplmfjcmohoclabblbahcbjoe
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [5194 Bytes] - [25/07/2016 15:35:00]
C:\AdwCleaner\AdwCleaner[R0].txt - [6649 Bytes] - [15/08/2014 16:15:23]
C:\AdwCleaner\AdwCleaner[R1].txt - [6709 Bytes] - [15/08/2014 16:16:18]
C:\AdwCleaner\AdwCleaner[R2].txt - [3176 Bytes] - [28/07/2016 01:42:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [4822 Bytes] - [15/08/2014 16:17:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [10047 Bytes] - [25/07/2016 15:28:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [1188 Bytes] - [25/07/2016 15:50:03]
C:\AdwCleaner\AdwCleaner[S3].txt - [1260 Bytes] - [27/07/2016 00:35:12]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [10267 Bytes] ##########


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:21 AM

Posted 28 July 2016 - 11:38 AM

Hi , I see some files not found.. I am going to ask for a German to look here so I don't mis translate.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Johnny5478

Johnny5478
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 28 July 2016 - 12:32 PM

Hi , I see some files not found.. I am going to ask for a German to look here so I don't mis translate.

Hi, ok no problem.  :thumbup2:



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:21 AM

Posted 01 August 2016 - 10:01 AM

Ok, thanks... looks good. Did you click clean after the ADWcleaner scan.

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • The tool will start to update its database...please wait until complete.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a report (AdwCleaner[SX].txt) will open in Notepad (where the largest value of X represents the most recent report).
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Johnny5478

Johnny5478
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 01 August 2016 - 02:42 PM

Hi,
I just did it. But my default browser still opening that website after I restart my laptop. Adwcleaner also detecting my windows version as pro version even though I already go back to home version after using system restore point. Interresting.
Spoiler


#12 Johnny5478

Johnny5478
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 01 August 2016 - 02:44 PM

Here the latest log from Adwcleaner.

# AdwCleaner v5.201 - Bericht erstellt am 25/07/2016 um 15:35:00
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-25.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Ali Affandi - ANONYMOUS
# Gestartet von : C:\Desktop\adwcleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\Systweak
[-] Ordner gelöscht : C:\Users\Ali Affandi\AppData\Local\PackageAware
[-] Ordner gelöscht : C:\Users\Ali Affandi\AppData\Roaming\rightbackup
[-] Ordner gelöscht : C:\Users\Ali Affandi\AppData\Roaming\tencent
[-] Ordner gelöscht : C:\Users\Ali Affandi\AppData\Roaming\Mozilla\Firefox\Profiles\t0jnynor.default-1448838902286\extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1}

***** [ Dateien ] *****

[-] Datei gelöscht : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] Datei gelöscht : C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
[-] Datei gelöscht : C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] Datei gelöscht : C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Schlüssel gelöscht : HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
[-] Schlüssel gelöscht : HKCU\Software\Conduit
[-] Schlüssel gelöscht : HKCU\Software\eSupport.com
[-] Schlüssel gelöscht : HKCU\Software\IM
[-] Schlüssel gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel gelöscht : HKCU\Software\WIN
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Conduit

***** [ Internetbrowser ] *****

[-] [C:\Users\Ali Affandi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : hegneaniplmfjcmohoclabblbahcbjoe

*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4750 Bytes] - [25/07/2016 15:35:00]
C:\AdwCleaner\AdwCleaner[R0].txt - [6649 Bytes] - [15/08/2014 16:15:23]
C:\AdwCleaner\AdwCleaner[R1].txt - [6709 Bytes] - [15/08/2014 16:16:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [4822 Bytes] - [15/08/2014 16:17:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [5233 Bytes] - [25/07/2016 15:28:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5115 Bytes] ##########
# AdwCleaner v5.201 - Bericht erstellt am 01/08/2016 um 21:19:59
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-31.4 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Ali Affandi - ANONYMOUS
# Gestartet von : C:\Desktop\virus report\AdwCleaner xplode.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei gelöscht : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] Datei gelöscht : C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
[-] Datei gelöscht : C:\Users\Ali Affandi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hegneaniplmfjcmohoclabblbahcbjoe_0.localstorage
[-] Datei gelöscht : C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] Datei gelöscht : C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Schlüssel gelöscht : HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
[-] Schlüssel gelöscht : HKCU\Software\eSupport.com
[-] Schlüssel gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel gelöscht : HKCU\Software\WIN

***** [ Internetbrowser ] *****

[-] [C:\Users\Ali Affandi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : hegneaniplmfjcmohoclabblbahcbjoe

*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [9554 Bytes] - [25/07/2016 15:35:00]
C:\AdwCleaner\AdwCleaner[R0].txt - [6649 Bytes] - [15/08/2014 16:15:23]
C:\AdwCleaner\AdwCleaner[R1].txt - [6709 Bytes] - [15/08/2014 16:16:18]
C:\AdwCleaner\AdwCleaner[R2].txt - [3176 Bytes] - [28/07/2016 01:42:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [4822 Bytes] - [15/08/2014 16:17:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [10347 Bytes] - [25/07/2016 15:28:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [6182 Bytes] - [25/07/2016 15:50:03]
C:\AdwCleaner\AdwCleaner[S3].txt - [1260 Bytes] - [27/07/2016 00:35:12]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [10139 Bytes] ##########
# AdwCleaner v5.201 - Bericht erstellt am 25/07/2016 um 15:35:00
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-25.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Ali Affandi - ANONYMOUS
# Gestartet von : C:\Desktop\adwcleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\Systweak
[-] Ordner gelöscht : C:\Users\Ali Affandi\AppData\Local\PackageAware
[-] Ordner gelöscht : C:\Users\Ali Affandi\AppData\Roaming\rightbackup
[-] Ordner gelöscht : C:\Users\Ali Affandi\AppData\Roaming\tencent
[-] Ordner gelöscht : C:\Users\Ali Affandi\AppData\Roaming\Mozilla\Firefox\Profiles\t0jnynor.default-1448838902286\extensions\{068e178c-61a9-4a63-b74f-87404a6f5ea1}

***** [ Dateien ] *****

[-] Datei gelöscht : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] Datei gelöscht : C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
[-] Datei gelöscht : C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] Datei gelöscht : C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Schlüssel gelöscht : HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
[-] Schlüssel gelöscht : HKCU\Software\Conduit
[-] Schlüssel gelöscht : HKCU\Software\eSupport.com
[-] Schlüssel gelöscht : HKCU\Software\IM
[-] Schlüssel gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel gelöscht : HKCU\Software\WIN
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Conduit

***** [ Internetbrowser ] *****

[-] [C:\Users\Ali Affandi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : hegneaniplmfjcmohoclabblbahcbjoe

*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4750 Bytes] - [25/07/2016 15:35:00]
C:\AdwCleaner\AdwCleaner[R0].txt - [6649 Bytes] - [15/08/2014 16:15:23]
C:\AdwCleaner\AdwCleaner[R1].txt - [6709 Bytes] - [15/08/2014 16:16:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [4822 Bytes] - [15/08/2014 16:17:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [5233 Bytes] - [25/07/2016 15:28:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5115 Bytes] ##########
# AdwCleaner v5.201 - Bericht erstellt am 01/08/2016 um 21:19:59
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-31.4 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Ali Affandi - ANONYMOUS
# Gestartet von : C:\Desktop\virus report\AdwCleaner xplode.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei gelöscht : C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] Datei gelöscht : C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
[-] Datei gelöscht : C:\Users\Ali Affandi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hegneaniplmfjcmohoclabblbahcbjoe_0.localstorage
[-] Datei gelöscht : C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] Datei gelöscht : C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [AndroidServer.exe]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Schlüssel gelöscht : HKCU\Software\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Wert gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
[-] Schlüssel gelöscht : HKCU\Software\eSupport.com
[-] Schlüssel gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel gelöscht : HKCU\Software\WIN

***** [ Internetbrowser ] *****

[-] [C:\Users\Ali Affandi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : hegneaniplmfjcmohoclabblbahcbjoe

*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [9554 Bytes] - [25/07/2016 15:35:00]
C:\AdwCleaner\AdwCleaner[R0].txt - [6649 Bytes] - [15/08/2014 16:15:23]
C:\AdwCleaner\AdwCleaner[R1].txt - [6709 Bytes] - [15/08/2014 16:16:18]
C:\AdwCleaner\AdwCleaner[R2].txt - [3176 Bytes] - [28/07/2016 01:42:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [4822 Bytes] - [15/08/2014 16:17:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [10347 Bytes] - [25/07/2016 15:28:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [6182 Bytes] - [25/07/2016 15:50:03]
C:\AdwCleaner\AdwCleaner[S3].txt - [1260 Bytes] - [27/07/2016 00:35:12]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [10139 Bytes] ##########

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:21 AM

Posted 01 August 2016 - 03:05 PM

Did you run ESET?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Johnny5478

Johnny5478
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 01 August 2016 - 04:21 PM

Did you run ESET?

Yes I did. I have posted the log before

 

Here log from ESET

 

ESET
 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Debut\debut.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Debut\debutsetup_v1.68.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe.vir a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\ExpressBurn\expressburnsetup_v4.68.exe.vir a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Switch\switch.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Switch\switchsetup_v4.27.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Switch\uninst.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\VideoPad\videopad.exe.vir a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\VideoPad\videopadsetup_v3.29.exe.vir a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir Win32/Thinknice.E potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\web\js\xagainit.js.vir JS/Lightning.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\C\Windows\System32\sasnative64.exe.vir Win64/AdvancedSystemProtector.A potentially unwanted application cleaned by deleting
C:\Desktop\Neuer Ordner\CoC Bot.Core.dll a variant of MSIL/GameTool.U potentially unsafe application cleaned by deleting
C:\Desktop\Test\WIN64AST.DLL a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting
C:\Program Files (x86)\Cheat Engine 6.5.1\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting
C:\Program Files (x86)\NCH Software\Switch\switchsetup_v4.27.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
C:\Program Files (x86)\NCH Software\Switch\uninst.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application cleaned by deleting
C:\Program Files (x86)\netcut\netcut.exe a variant of Win32/NetTool.Netcut.A potentially unsafe application cleaned by deleting
C:\Program Files (x86)\Tftpd32\tftpd32.exe a variant of Win32/TFTPD32.A potentially unsafe application cleaned by deleting
C:\Users\Ali Affandi\AppData\LocalLow\Sun\Java\jre1.7.0_55\java_sp.dll a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application cleaned by deleting
C:\Users\Ali Affandi\DATA\CCleaner.Professional.Plus.5.17.5590.rar Win32/Keygen.KG potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\netcut.exe a variant of Win32/NetTool.Netcut.A potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\Unlocker1.9.2.exe Win32/WebDevAZ.C potentially unwanted application deleted
C:\Users\Ali Affandi\DATA\_Scrambler 3.9 Premium _.rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\APK Authority\Input-APK\th.co.tdp.eden.apk a variant of Android/Packed.Secneo.A potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\APK Authority\Sharedroid\KingRoot.apk a variant of Android/DroidRooter.AG potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\Backup PC lama\Backup\FoxitReader514.0104_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\Backup PC lama\Backup\GooEarPro7.1.1.1871.rar a variant of Win32/HackTool.Patcher.A potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\Backup PC lama\Backup\yusetup 7.5.2013.02.zip a variant of Win32/Toolbar.Babylon.A potentially unwanted application deleted
C:\Users\Ali Affandi\DATA\Backup PC lama\Backup\Power director 11\BitTorrent.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
C:\Users\Ali Affandi\DATA\Backup PC lama\Naruto Shippuden FulL Burst 3\rld-nashulni.rar a variant of Win32/HackTool.Crack.BL potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\BSMultiTool\NewKingrootV4.92.apk a variant of Android/DroidRooter.AG potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\BSMultiTool\xmod.apk a variant of Android/Autoins.P potentially unsafe application deleted
C:\Users\Ali Affandi\DATA\NCH Debut Video Capture Software v1.68 with Key by filehippo69\debutsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
C:\Users\Ali Affandi\DATA\Switch Sound File Converter Plus 4.27\switchsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted
C:\Users\Ali Affandi\DATA\[BAGAS31] Youtubers Life v0.7.6\Youtubers Life V0.7.5 Trainer +9 MrAntiFun.EXE a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting
D:\S6 Backup\TWRP\BACKUPS\04157df4531ee43f\2016-06-07--10-12-09_MMB29K.G920FXXU3DPDP\data.ext4.win002 a variant of Android/Autoins.P potentially unsafe application deleted

 



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:21 AM

Posted 02 August 2016 - 09:28 AM

Ok,,, we need a deeper look to find it's hooks.

Start at step 6.

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users