Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Telekom Brief - Hinweis auf Necurs

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.12.2016, 06:38   #1
Royismus
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Hallo zusammen und frohe Weihnachten

Wir haben von der Telekom einen Brief bekommen das ein Endgeräte auf unserer Leitung von einem Virus befallen sein soll.
Ein kompletter Suchlauf des Antiviren Programm hat allerdings gar nichts gefunden.
Dennoch würde ich gerne auf Nummer sicher gehen, deshalb frage ich hier nach Hilfe

Ich warte auf Anweisungen

Liebe Grüße

Alt 26.12.2016, 07:26   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 26.12.2016, 09:12   #3
Royismus
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von Ines (Administrator) auf CUPCAKE (26-12-2016 10:03:55)
Gestartet von C:\Users\Ines\Desktop
Geladene Profile: Ines (Verfügbare Profile: Ines)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Pokki) C:\Users\Ines\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Ines\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Pokki) C:\Users\Ines\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Pokki) C:\Users\Ines\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Pokki) C:\Users\Ines\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2016-08-15] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2243132650-178954861-4037615448-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-2243132650-178954861-4037615448-1001\...\Run: [Amazon Music] => C:\Users\Ines\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-12] (Acer Incorporated)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7207da29-7c5e-4775-8193-0862b9089e03}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-2243132650-178954861-4037615448-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage-web.com/?s=acer&m=start
HKU\S-1-5-21-2243132650-178954861-4037615448-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2243132650-178954861-4037615448-1001 -> DefaultScope {49090589-2EE1-11E5-8271-206A8AA39BD5} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2243132650-178954861-4037615448-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2243132650-178954861-4037615448-1001 -> {4199ED11-D582-11E4-8261-206A8AA39BD5} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2243132650-178954861-4037615448-1001 -> {49090589-2EE1-11E5-8271-206A8AA39BD5} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2243132650-178954861-4037615448-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}

Edge: 
======
Edge Session Restore: HKU\S-1-5-21-2243132650-178954861-4037615448-1001 -> ist aktiviert.

FireFox:
========
FF ProfilePath: C:\Users\Ines\AppData\Roaming\Mozilla\Firefox\Profiles\pZygf6o5.default [2015-03-31]
FF Extension: (Avira Browser Safety) - C:\Users\Ines\AppData\Roaming\Mozilla\Firefox\Profiles\pZygf6o5.default\Extensions\abs@avira.com [2015-03-31] [ist nicht signiert]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://homepage-web.com/?s=acer&m=home
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default [2016-12-26]
CHR Extension: (Google Docs) - C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google-Suche) - C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Avira Browserschutz) - C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-21]
CHR Extension: (Google Docs Offline) - C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldmiahjidflgnbiadknkmaimfpjkelng [2016-12-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Ines\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-13] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [328624 2015-10-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-13] (Avira Operations GmbH & Co. KG)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [380768 2016-02-13] ()
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-26 10:03 - 2016-12-26 10:04 - 00016081 _____ C:\Users\Ines\Desktop\FRST.txt
2016-12-26 10:02 - 2016-12-26 10:03 - 02420736 _____ (Farbar) C:\Users\Ines\Desktop\FRST64.exe
2016-12-26 09:58 - 2016-12-26 10:03 - 00000000 ____D C:\FRST
2016-12-26 09:53 - 2016-12-26 09:53 - 00000000 ___HD C:\OneDriveTemp
2016-12-15 21:04 - 2016-12-12 00:56 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-15 21:04 - 2016-12-12 00:56 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-15 14:04 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-15 14:04 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-15 14:04 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-15 14:04 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-15 14:04 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-15 14:04 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-15 14:04 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-15 14:04 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-15 14:04 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-15 14:04 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-15 14:04 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-15 14:04 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-15 14:04 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-15 14:04 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-15 14:04 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-15 14:04 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-15 14:04 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-15 14:04 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-15 14:04 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-15 14:04 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-15 14:04 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-15 14:04 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-15 14:04 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-15 14:04 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-15 14:04 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-15 14:04 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-15 14:04 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-15 14:04 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-15 14:04 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-15 14:04 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-15 14:04 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-15 14:04 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-15 14:04 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-15 14:04 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-15 14:04 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-15 14:04 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-15 14:04 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-15 14:04 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-15 14:04 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-15 14:04 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-15 14:04 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-15 14:04 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-15 14:04 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-15 14:04 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-15 14:03 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-15 14:03 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-15 14:03 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-15 14:03 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-15 14:03 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-15 14:03 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-15 14:03 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-15 14:03 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-15 14:03 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-15 14:03 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-15 14:03 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-15 14:03 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-15 14:03 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-15 14:03 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-15 14:03 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-15 14:03 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-15 14:03 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-15 14:03 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-15 14:03 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-15 14:03 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-15 14:03 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-15 14:03 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-15 14:03 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-15 14:03 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-15 14:03 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-15 14:03 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-15 14:03 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-15 14:03 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-15 14:03 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-15 14:03 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-15 14:03 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-15 14:03 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-15 14:03 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-15 14:03 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-15 14:03 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-15 14:03 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-15 14:03 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-15 14:03 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-15 14:03 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-15 14:03 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-15 14:03 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-15 14:03 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-15 14:03 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-15 14:03 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-15 14:03 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-15 14:03 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-15 14:03 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-15 14:03 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-15 14:03 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-15 14:03 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-15 14:03 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-15 14:03 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-15 14:03 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-15 14:03 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-15 14:03 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-15 14:03 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-15 14:03 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-15 14:03 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-15 14:03 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-15 14:03 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-15 14:03 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-15 14:03 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-15 14:03 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-15 14:03 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-15 14:03 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-15 14:03 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-15 14:03 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-15 14:03 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-15 14:03 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-15 13:07 - 2016-12-15 13:07 - 00003272 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-10 16:17 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 16:17 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 16:17 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 16:17 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 16:17 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 16:17 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 16:17 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 16:17 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 16:17 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 16:17 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 16:17 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 16:17 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 16:17 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 16:17 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 16:17 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 16:17 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 16:17 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 16:17 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 16:17 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 16:17 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 16:17 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 16:17 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 16:17 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 16:17 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 16:17 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 16:17 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 16:17 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 16:17 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-10 16:17 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 16:17 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 16:17 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 16:17 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 16:17 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 16:17 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 16:17 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 16:17 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 16:17 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 16:17 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 16:17 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 16:17 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 16:17 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 16:17 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 16:17 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 16:17 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 16:17 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 16:17 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 16:17 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 16:17 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 16:17 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 16:17 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 16:17 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 16:17 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 16:17 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 16:17 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 16:17 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 16:17 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 16:17 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 16:17 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 16:17 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 16:17 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 16:17 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 16:17 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 16:17 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 16:17 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 16:17 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 16:17 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 16:17 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 16:16 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 16:16 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 16:16 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 16:16 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 16:16 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 16:16 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 16:16 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 16:16 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 16:16 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 16:16 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 16:16 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 16:16 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 16:16 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 16:16 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 16:16 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 16:16 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 16:16 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 16:16 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 16:16 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 16:16 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 16:16 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 16:16 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 16:16 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 16:16 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 16:16 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 16:16 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 16:16 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 16:16 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 16:16 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 16:16 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 16:16 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 16:16 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 16:16 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 16:16 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 16:16 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 16:16 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 16:16 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 16:16 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 16:16 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 16:16 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 16:16 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 16:16 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 16:16 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 16:16 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 16:16 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 16:16 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 16:16 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 16:16 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 16:16 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 16:16 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 16:16 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 16:16 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 16:16 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 16:16 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 16:16 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 16:16 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 16:16 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 16:16 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 16:16 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 16:16 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 16:16 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 16:16 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 16:16 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 16:16 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 16:16 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 16:16 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 16:16 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 16:16 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 16:16 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 16:16 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 16:16 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 16:16 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 16:16 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 16:16 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 16:16 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 16:16 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 16:16 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 16:16 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 16:16 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 16:16 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 16:16 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 16:16 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 16:16 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 16:16 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 16:16 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 16:16 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 16:16 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 16:16 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-10 16:16 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 16:16 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 16:16 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 16:16 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 16:16 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 16:16 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 16:16 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 16:16 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 16:16 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 16:16 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 16:16 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 16:16 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 16:16 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 16:16 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 16:16 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 16:16 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 16:16 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 16:16 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 16:16 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 16:16 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 16:16 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 16:16 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 16:16 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 16:16 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 16:16 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 16:16 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 16:16 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 16:16 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 16:16 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 16:16 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 16:16 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 16:16 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 16:16 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 16:16 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 16:16 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 16:16 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 16:16 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 16:16 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 16:16 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 16:16 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 16:16 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 16:16 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 16:16 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 16:16 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 16:16 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 16:16 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 16:16 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 16:16 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 16:16 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 16:16 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 16:15 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 16:15 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 16:15 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 16:15 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 16:15 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 16:15 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 16:15 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 16:15 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 16:15 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 16:15 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 16:15 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 16:15 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 16:15 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 16:15 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 16:15 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 16:15 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 16:15 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 16:15 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 16:15 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 16:15 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 16:15 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 16:15 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 16:15 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 16:15 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 16:15 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 16:15 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 16:15 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 16:15 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 16:15 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 16:15 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 16:15 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 16:15 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 16:15 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 16:15 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 16:15 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 16:15 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 16:15 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 16:15 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 16:15 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 16:15 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 16:15 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 16:15 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 16:15 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 16:15 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 16:15 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 16:15 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 16:15 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 16:15 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 16:15 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 16:15 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 16:15 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 16:15 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 16:15 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 16:15 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 16:15 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 16:15 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 16:15 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 16:15 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 16:15 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 16:15 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 16:15 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 16:15 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 16:15 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 16:15 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-08 08:59 - 2016-12-08 08:59 - 00001213 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-12-01 13:36 - 2016-12-01 13:36 - 00189067 _____ C:\Users\Ines\Downloads\DHL-Marke-TLCD9RHPHH.pdf
2016-12-01 13:36 - 2016-12-01 13:36 - 00189058 _____ C:\Users\Ines\Downloads\DHL-Marke-P6922FXY4A.pdf
2016-12-01 13:35 - 2016-12-01 13:35 - 00193949 _____ C:\Users\Ines\Downloads\DHL-Marke-62X4LNUU82.pdf
2016-12-01 13:32 - 2016-12-01 13:32 - 00190127 _____ C:\Users\Ines\Downloads\DHL-Marke-TPZQ8X6PGC.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-26 09:56 - 2015-03-25 18:49 - 00000000 ____D C:\Users\Ines\AppData\Local\SweetLabs App Platform
2016-12-26 09:53 - 2015-03-25 18:53 - 00000000 ___RD C:\Users\Ines\OneDrive
2016-12-26 09:52 - 2015-03-25 18:50 - 00000000 __SHD C:\Users\Ines\IntelGraphicsProfiles
2016-12-26 08:59 - 2016-08-28 13:08 - 00000000 ____D C:\Users\Ines
2016-12-26 08:13 - 2015-03-28 20:40 - 00000000 ____D C:\Users\Ines\AppData\Local\CrashDumps
2016-12-26 07:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-25 16:52 - 2016-08-28 13:00 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-24 00:12 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-21 19:09 - 2016-07-16 23:51 - 01008320 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-21 19:09 - 2016-07-16 23:51 - 00230994 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-21 19:09 - 2015-11-29 18:44 - 02405176 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-21 19:02 - 2016-08-28 13:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-16 01:52 - 2015-05-10 15:24 - 00000000 ____D C:\Users\Ines\AppData\Roaming\Skype
2016-12-15 21:06 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-15 21:06 - 2015-03-26 01:42 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-15 21:03 - 2016-08-28 13:00 - 00202856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-15 21:02 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-12-15 21:00 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-15 21:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-15 21:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-15 21:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-15 21:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-15 21:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-15 21:00 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-15 21:00 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-15 21:00 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-15 21:00 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-15 18:00 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-15 17:47 - 2015-03-25 20:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-15 17:41 - 2015-03-25 20:54 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-15 13:11 - 2015-03-31 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-15 13:08 - 2016-10-11 18:11 - 00028272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2016-12-15 13:08 - 2015-03-31 19:16 - 00153904 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-12-15 13:08 - 2015-03-31 19:16 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-12-15 13:07 - 2015-11-29 19:12 - 00002421 _____ C:\Users\Ines\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-10 12:55 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-08 08:59 - 2014-07-25 10:32 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-07 19:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-03 22:43 - 2015-03-25 18:50 - 00000000 ____D C:\Users\Ines\AppData\Local\Packages
2016-11-29 19:51 - 2016-05-20 17:26 - 00000000 ____D C:\Users\Ines\AppData\Local\ElevatedDiagnostics

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-08-28 13:03 - 2016-08-28 13:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Ines\AppData\Local\Temp\avgnt.exe
C:\Users\Ines\AppData\Local\Temp\oct62A8.tmp.exe
C:\Users\Ines\AppData\Local\Temp\octB344.tmp.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-17 12:43

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von Ines (26-12-2016 10:06:12)
Gestartet von C:\Users\Ines\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-28 12:42:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2243132650-178954861-4037615448-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2243132650-178954861-4037615448-503 - Limited - Disabled)
Gast (S-1-5-21-2243132650-178954861-4037615448-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2243132650-178954861-4037615448-1003 - Limited - Enabled)
Ines (S-1-5-21-2243132650-178954861-4037615448-1001 - Administrator - Enabled) => C:\Users\Ines

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Amazon Music (HKU\S-1-5-21-2243132650-178954861-4037615448-1001\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.37.20160609 - Landesfinanzdirektion Thüringen)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Host App Service (HKU\S-1-5-21-2243132650-178954861-4037615448-1001\...\SweetLabs_AP) (Version: 0.269.8.114 - Pokki)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2243132650-178954861-4037615448-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Pokki Start Menu (HKU\S-1-5-21-2243132650-178954861-4037615448-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.114 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
StarCraft II - Legacy of the Void Beta (HKLM-x32\...\StarCraft II - Legacy of the Void Beta) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
tiptoi® Manager 3.0.8 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.8 - Ravensburger AG)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2243132650-178954861-4037615448-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07D69482-80B7-495C-A520-0EA76EE0D1AA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {0C44A4D8-5EDB-444B-9FA7-5C11A5F307B2} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {0DD97686-735A-45A3-B288-563065697434} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {21187A77-E725-4C8E-AF83-DA5516BB8751} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {258832FB-7C7A-4143-A1A3-45A73B24EF9B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {26017BFB-4F6C-4228-BD0A-E1FD8088A606} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {38ABCC99-85FF-480C-9B8E-DC49E984E305} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {3AF28465-9EEE-4FBC-B9A0-55899045A027} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {4065EE2C-8C6B-4705-95BC-3A1756639DAC} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Ines\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {429E2EAE-A977-4CC0-9456-53E8DF825F6F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {52477EB9-235C-4F61-836C-4110E0816803} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {54B52970-1CB0-4ED0-AC92-03C7A4433653} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {5666D012-2635-40DF-948D-867E41EB501A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5E9358B8-D8DF-44B7-BE02-DA7ACA43A576} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {667B648E-7867-4F68-994E-BB8BF35FD822} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2016-08-15] ()
Task: {73295037-176F-4ECD-B4EB-B473CE2C8F1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {7F52A07E-5711-41CE-B17F-0DFA5A6B5CB2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {82C5C458-7018-4363-8354-E4DD3690EDDD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {839B6525-A2F5-49B9-B9FA-85C61D56EBC9} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {86BB18D0-8E2A-4B8A-94FB-650491D63458} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {9039095E-359A-497D-92FE-A722EF54C44A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-15] (Microsoft Corporation)
Task: {91493C07-7532-4C87-A6F4-547A3D2D8CF9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {93D48816-BEC9-473F-81CC-3088DBCDA99F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
Task: {9B225D04-7D76-435D-8AA5-56B887B0C34C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {A328D87C-CDB8-4497-AABD-A5C4929B9202} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {AC2BF2FB-C8E3-49E1-AC31-B40DCFCC6AAE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D07A8D33-91FA-4F1E-80D4-BA5377BF5985} - \WPD\SqmUpload_S-1-5-21-2243132650-178954861-4037615448-1001 -> Keine Datei <==== ACHTUNG
Task: {F10134CF-6799-4153-ACF0-8454F8DFCE15} - System32\Tasks\SweetLabs App Platform => C:\Users\Ines\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-11-16] (Pokki)
Task: {FC111A80-44F5-41AC-9138-F898BA37C4A9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Ines\Desktop\EPSON2692BF (Epson Stylus SX420W) - Verknüpfung.lnk -> hxxp://192.168.2.100:80/PRESENTATION/

ShortcutWithArgument: C:\Users\Public\Desktop\Booking.com.lnk -> C:\Program Files\Booking.COM\StartURL.exe () -> hxxp://www.booking.com/index.html?aid=379334

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-04-22 00:07 - 2016-04-22 00:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 00:07 - 2016-04-22 00:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-25 10:34 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 14:04 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-15 14:04 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-15 14:04 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-15 13:07 - 2016-12-15 13:07 - 01678560 _____ () C:\Users\Ines\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2014-07-25 10:39 - 2014-07-01 22:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-09-16 11:49 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-15 14:03 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 19:32 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 19:32 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 19:32 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 19:32 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 19:32 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 19:33 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-15 13:43 - 2016-12-15 13:47 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-15 13:43 - 2016-12-15 13:47 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-15 13:43 - 2016-12-15 13:47 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-15 13:43 - 2016-12-15 13:47 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-16 11:54 - 2016-06-16 21:05 - 05908968 _____ () C:\Users\Ines\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-08-15 14:24 - 2016-08-15 14:24 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2016-12-15 13:06 - 2016-12-15 13:06 - 01244376 _____ () C:\Users\Ines\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-11-15 19:57 - 2016-11-08 21:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-15 19:57 - 2016-11-08 21:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-08-15 17:03 - 2016-08-15 17:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 17:05 - 2016-08-15 17:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 17:05 - 2016-08-15 17:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 17:04 - 2016-08-15 17:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-09-20 14:58 - 2016-09-20 14:58 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 14:09 - 2016-08-30 14:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 14:05 - 2016-08-30 14:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 00569856 _____ () C:\Users\Ines\AppData\Local\SweetLabs App Platform\Engine\ppGoogleNaClPluginChrome.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 01400846 _____ () C:\Users\Ines\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 00151054 _____ () C:\Users\Ines\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 00222734 _____ () C:\Users\Ines\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2243132650-178954861-4037615448-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{F1D48FA5-A9C6-4D08-AB31-536F9B8C8E36}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{578DB32A-BD22-474B-A910-DEE54D6D9D07}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{54BCA8E2-5E83-474B-8568-77E3DAF0B8C6}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0561C6DA-8E75-4D0F-B9D6-11B33A4B7ABB}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C206ED29-A456-455F-8EE7-53CBAFC40F38}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{33935729-6C6F-49C4-AC30-5846026EB817}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{00E61A43-D62A-4834-B400-C32CC74057DF}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{3A27B848-F1C9-4DBE-9685-8FC2F44A679F}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F4EA125D-45A7-419F-944B-4698852C6CFA}] => C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{E4D5FD1A-9521-48E1-BCAD-B496414228BF}] => C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{681FEA0F-F081-4534-A5A6-68D460BCD30B}] => C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{1B86E0D5-8F02-4BCD-AF00-010F9C15BF65}] => C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{031506D5-F055-4B1D-BA53-449DC306E0E2}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{E37FCC9E-8934-424A-9AC4-8EB3487EF77C}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{C180B899-4E49-437C-9F7E-3D644DDFBABD}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{B8A74D46-D580-4474-BAAF-4E2A5CC83C4C}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{4FC5DEBA-CE2C-4437-98E7-788AABF1EBF9}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{044A626A-843F-427D-91D2-FBDAB0F8D1F5}] => C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{BCCD1224-0C06-4B6D-9125-82D54A8ED14E}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A4527C28-280E-4C3B-B3E7-3A0D73C563CE}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EDBB0F43-A6C0-4B84-8407-827663F86ADB}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1A019C7F-83D6-4FC5-AD5A-8F6D3FA6FF9E}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{5822D02C-CF4F-4F9F-A9F9-96D6B4F5AABC}C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{BED44270-CFD0-412B-9356-9E7DE5A08A76}C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{6BA72D67-5958-4C53-8C92-4839790FF671}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{83619CC8-60B2-44C8-9F03-BB89F8B5BB84}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{6067B899-C52E-47A3-8AE0-2AB0D4FA0040}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{79CC69A8-5D70-4F02-9ABA-6437341FF198}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1077BFB3-6DEB-4487-84F7-87DDD818A5B0}] => C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{1414C8AC-D04A-428C-8526-E809CA219532}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{693F7DA1-D651-42E5-97EE-8E63195D98F2}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{32364E85-BC96-4E5F-B66E-C42B64913155}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BB065535-F3C5-4A3C-9FB0-90E9F8496509}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A634A7B9-DC92-4733-91A5-62440209799E}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{5B0A8986-CF0E-444E-9980-89AA689A5F63}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{0BF25D37-7A6B-4E41-A12B-62590D2F2C8F}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{39D4C616-B61B-4A8A-AE8B-0B4DDA109BDB}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{8766ADEC-3832-4EAA-B199-265C8A4A484A}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E9A2A12E-384E-4E3C-B1A0-20E3F3BF19B2}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{92D1A3A5-5F29-4963-8ED0-6CA4C812D3A6}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{1E05B170-943E-4274-A791-210BE7896F1F}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{42BCA828-54C6-4FC0-89A9-C6190AB3EA30}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9DD3972B-9127-4819-B2AA-1BCF27CA6ED9}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1B320FD8-2C4F-4E62-8751-5006DA56E5D0}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9F09601B-0002-406C-A170-60D545A8DFA8}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A4CC0BD5-CFF3-4217-BBA6-4E81EA67E35E}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{587B4F01-899B-49BD-BC62-B158A5E0DA3F}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FB5F7D4D-E9F5-4AE8-A776-2C88F6AFFEFD}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CC125F3B-6E1D-4717-9425-421BF74E5653}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{5999DA11-8635-4BE6-BA70-855B29A1ACEC}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{CDE1136E-35AA-4F97-8D8B-69CA7D6E8CC0}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{9FA538E7-39F7-4517-8B78-4A83DAF6E9F1}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{6C8D0406-1223-4FE0-A90B-0885C18CEDA3}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{6E1C3332-ECC4-4522-BF1E-23FE50612F4B}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{E61C8BFC-2FA2-4056-9D74-1B3607A7DA7D}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{517AEF7E-03E9-4C22-9B11-9AE00205B434}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{B3C82947-E781-44C9-9119-2CDD20359C2B}] => C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{24934FED-623A-4235-95A3-06359138AEA9}] => C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{EF807192-AA21-49C5-BD97-CA3154A35CCB}] => C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{0A548765-FD44-4AA3-8DEC-1E647E0455B7}] => C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{EEDCE2DE-6201-4245-9D0B-61BA48A10488}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{57486A52-96AF-4871-9F86-FB21EF7F1DD2}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{29327DB9-AEA6-4AF8-85A2-0A955616B2F7}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{6F882710-ED70-4E0E-8872-EBE06283FBCC}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{16A599C2-372D-47A1-94B7-E80ADF14CAEE}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{D499AE0B-3815-4841-816A-1CC67B89D3B5}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{D552EF46-FD2B-4AEC-83AA-DA9255033C7F}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{7B333E20-E09B-4B06-B6A5-90F576BAC7EF}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{0056AC1F-D5DF-4001-9EA0-0B94571126E9}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4D380679-03CF-4237-8E81-82EB97137977}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6F7B5BF0-76FD-4F04-BBF2-051CF91D439B}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{78B5A111-C2E6-4AE4-9266-9D6AFB4DF0B4}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{62B18172-2597-461E-9290-A6F68FE5288C}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ABDE8CCA-19CD-4B7B-BDB1-8BC7CB79831C}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8A3FE2CF-0CAD-4AFB-9124-F62F64835EF0}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1F2DE185-C1F8-4767-B6B4-9170AF1C9096}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CDFDA8C5-436C-40E2-BA40-9B4F98947128}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{386571AD-4E42-4325-BAF3-BDDFC644D5BA}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{61FC8E82-DC2B-471D-BEB3-D3478BFB0EF7}] => C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{216F185C-531F-4AF6-8FDA-F19629C2A3BC}] => C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{64396E25-9203-403C-B796-B5A28FC5BDBF}] => C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{3BB46E47-B10A-4AD2-B0E8-E4652B6E588E}] => C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{194F6676-8E53-4D52-9EC2-21B02F62B370}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{893CB3F9-A469-4BA7-9A84-D15A01B19CE2}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{2C2D82B8-40B7-48AC-92CE-49338DACCE67}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9E319BEC-B83F-4155-B0F2-FF1C0BACE705}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{02A823A0-732F-4D8C-97C5-9041BA109484}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D566C178-89C2-45B4-8038-2F53255A765E}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BA39AE57-16FA-409A-933C-DDA8D09CF58B}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4792EB0C-295D-471C-856A-76F80197B670}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{88D15243-9808-4123-8A42-0E6C97F7E922}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{35F21BE2-D66D-4C7F-9927-244531CA3923}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{5C433597-0FED-4F60-A9E1-520642C41A69}C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base36442\sc2_x64.exe] => C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base36442\sc2_x64.exe
FirewallRules: [UDP Query User{4EA211FC-3306-440C-94AB-5672BA29ACE8}C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base36442\sc2_x64.exe] => C:\program files (x86)\starcraft ii - legacy of the void beta\versions\base36442\sc2_x64.exe
FirewallRules: [{A7F87A33-05D9-4EDC-8454-CA3F67F080A2}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2227F470-11F5-40F7-BEBC-ADF0ABA081EB}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{119624DB-EF39-4249-B759-D7EC922652B5}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CC4A39A7-4EDE-457F-9D0B-212083888BFD}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{15372701-CAFA-4EDA-8FA7-A50F250E9ACA}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B7D63945-CD18-4005-A44A-5B7A1BAB2C54}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{39545682-247F-4177-A40C-31454A3E564B}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BA638F71-4F10-4869-AFC3-2B6062573438}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FCFC8929-2C26-44EA-BF72-F2C1C7D018F4}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{730D6D0B-349A-4494-A125-09F56751E5CA}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{46F032D1-469F-4CF8-ABB2-80CEF22D3ACD}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{21DF003B-B435-4A64-9BD9-22375A1AB84D}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{F7F3FAC5-E626-4DCF-BF4A-E889F3EA1539}C:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [UDP Query User{DA923555-D3B4-4D62-B5B1-E2426E884475}C:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [TCP Query User{B8D99152-4528-4970-9981-2AA30F799880}C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [UDP Query User{04E1B476-D6B4-460E-924E-FDE287737DE7}C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [TCP Query User{DBD7B14B-98A9-4403-94DA-B98A78BBD2C5}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{57850D35-ADEE-4C4A-A000-76F3B52A0E12}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{B9ACA6BF-3891-4177-93AA-1C6DFDB938DD}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

12-12-2016 19:52:56 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/26/2016 08:13:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: CUPCAKE)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (12/26/2016 08:13:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.576, Zeitstempel: 0x584a7815
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.479, Zeitstempel: 0x58258ce8
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d675b
ID des fehlerhaften Prozesses: 0x5b58
Startzeit der fehlerhaften Anwendung: 0x01d25f4780b200a8
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 7e13a287-1b85-4a10-89c8-7f9f432669ba
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (12/25/2016 04:52:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CUPCAKE)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/25/2016 04:52:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CUPCAKE)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/25/2016 04:52:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CUPCAKE)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/24/2016 12:15:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15359

Error: (12/24/2016 12:15:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15359

Error: (12/24/2016 12:15:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/24/2016 07:54:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CUPCAKE)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/20/2016 08:13:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CUPCAKE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (12/26/2016 09:55:56 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/26/2016 09:52:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/26/2016 08:59:31 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/26/2016 08:56:31 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/26/2016 07:25:42 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/26/2016 07:22:42 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/26/2016 07:22:42 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (12/25/2016 04:52:24 PM) (Source: DCOM) (EventID: 10010) (User: CUPCAKE)
Description: Der Server "App.AppXwdcgcprz1jmf2x5501am32bsggn1cgpt.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/25/2016 04:52:23 PM) (Source: DCOM) (EventID: 10010) (User: CUPCAKE)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (12/25/2016 04:52:19 PM) (Source: DCOM) (EventID: 10010) (User: CUPCAKE)
Description: Der Server "App.AppXwdcgcprz1jmf2x5501am32bsggn1cgpt.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 3977.98 MB
Verfügbarer physikalischer RAM: 1841.74 MB
Summe virtueller Speicher: 4681.98 MB
Verfügbarer virtueller Speicher: 2138.79 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:450.62 GB) (Free:377.27 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5B0A6139)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
__________________

Alt 26.12.2016, 10:53   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 26.12.2016, 11:19   #5
Royismus
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Code:
ATTFilter
12:16:20.0051 0x63f4  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
12:16:20.0052 0x63f4  UEFI system
12:16:22.0325 0x63f4  ============================================================
12:16:22.0325 0x63f4  Current date / time: 2016/12/26 12:16:22.0325
12:16:22.0325 0x63f4  SystemInfo:
12:16:22.0325 0x63f4  
12:16:22.0325 0x63f4  OS Version: 10.0.14393 ServicePack: 0.0
12:16:22.0325 0x63f4  Product type: Workstation
12:16:22.0325 0x63f4  ComputerName: CUPCAKE
12:16:22.0325 0x63f4  UserName: Ines
12:16:22.0325 0x63f4  Windows directory: C:\WINDOWS
12:16:22.0325 0x63f4  System windows directory: C:\WINDOWS
12:16:22.0325 0x63f4  Running under WOW64
12:16:22.0325 0x63f4  Processor architecture: Intel x64
12:16:22.0325 0x63f4  Number of processors: 4
12:16:22.0325 0x63f4  Page size: 0x1000
12:16:22.0325 0x63f4  Boot type: Normal boot
12:16:22.0325 0x63f4  CodeIntegrityOptions = 0x00000001
12:16:22.0325 0x63f4  ============================================================
12:16:22.0325 0x63f4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.576, osProperties = 0x19
12:16:22.0563 0x63f4  System UUID: {C8D6DABB-8CA5-ABF2-A2E8-6EF2E672652F}
12:16:23.0014 0x63f4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:16:23.0030 0x63f4  ============================================================
12:16:23.0030 0x63f4  \Device\Harddisk0\DR0:
12:16:23.0030 0x63f4  GPT partitions:
12:16:23.0030 0x63f4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E59D3787-DD1E-498D-9DD8-7EAFD6A0EA18}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
12:16:23.0030 0x63f4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {152C61C2-27EC-4B0B-B5C8-2BA13DD75DCF}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
12:16:23.0030 0x63f4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {165EC34C-DC2E-4564-B643-AD331C2D0297}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
12:16:23.0030 0x63f4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1FB58771-6068-44F4-AFD8-087F0307E26A}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x3853C800
12:16:23.0030 0x63f4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7CAB3E14-6BB9-417C-A449-8E35A404167C}, Name: Basic data partition, StartLBA 0x3873F000, BlocksNum 0x1C47000
12:16:23.0030 0x63f4  MBR partitions:
12:16:23.0030 0x63f4  ============================================================
12:16:23.0061 0x63f4  C: <-> \Device\Harddisk0\DR0\Partition4
12:16:23.0061 0x63f4  ============================================================
12:16:23.0061 0x63f4  Initialize success
12:16:23.0061 0x63f4  ============================================================
12:16:29.0855 0x6190  ============================================================
12:16:29.0855 0x6190  Scan started
12:16:29.0855 0x6190  Mode: Manual; SigCheck; TDLFS; 
12:16:29.0855 0x6190  ============================================================
12:16:29.0855 0x6190  KSN ping started
12:16:29.0979 0x6190  KSN ping finished: true
12:16:30.0843 0x6190  ================ Scan system memory ========================
12:16:30.0843 0x6190  System memory - ok
12:16:30.0844 0x6190  ================ Scan services =============================
12:16:30.0991 0x6190  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
12:16:31.0092 0x6190  1394ohci - ok
12:16:31.0123 0x6190  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
12:16:31.0161 0x6190  3ware - ok
12:16:31.0223 0x6190  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
12:16:31.0276 0x6190  ACPI - ok
12:16:31.0308 0x6190  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
12:16:31.0340 0x6190  AcpiDev - ok
12:16:31.0345 0x6190  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
12:16:31.0376 0x6190  acpiex - ok
12:16:31.0392 0x6190  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
12:16:31.0408 0x6190  acpipagr - ok
12:16:31.0445 0x6190  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
12:16:31.0476 0x6190  AcpiPmi - ok
12:16:31.0492 0x6190  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
12:16:31.0507 0x6190  acpitime - ok
12:16:31.0576 0x6190  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:16:31.0645 0x6190  ADP80XX - ok
12:16:31.0692 0x6190  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
12:16:31.0746 0x6190  AFD - ok
12:16:31.0793 0x6190  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:16:31.0824 0x6190  ahcache - ok
12:16:31.0861 0x6190  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
12:16:31.0877 0x6190  AJRouter - ok
12:16:31.0908 0x6190  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
12:16:31.0946 0x6190  ALG - ok
12:16:31.0977 0x6190  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
12:16:32.0008 0x6190  AmdK8 - ok
12:16:32.0024 0x6190  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
12:16:32.0062 0x6190  AmdPPM - ok
12:16:32.0093 0x6190  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
12:16:32.0124 0x6190  amdsata - ok
12:16:32.0180 0x6190  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
12:16:32.0222 0x6190  amdsbs - ok
12:16:32.0249 0x6190  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
12:16:32.0275 0x6190  amdxata - ok
12:16:32.0399 0x6190  [ 98D7647EF729503A60EF870DA5C21D0D, 7E36E8E3D9D0BD940DC225E1DB7EFD90F76F7BE8DCAD9782255556C31D6FD476 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
12:16:32.0486 0x6190  AntiVirMailService - ok
12:16:32.0528 0x6190  [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:16:32.0566 0x6190  AntiVirSchedulerService - ok
12:16:32.0615 0x6190  [ 229E752A26B53E155524D6530B95CDD4, B4D3DEA52860143D16A57EBA31CD3394B8B4FEA642EB3A736C8388447AB7E0E9 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:16:32.0650 0x6190  AntiVirService - ok
12:16:32.0733 0x6190  [ F2B26CD2305E917B1EA1BF49E0C59E31, 8CCE64C68B80D56C7604DB6ABD187F66C624462328F4886C607F0A46D8E9DE92 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:16:32.0803 0x6190  AntiVirWebService - ok
12:16:32.0848 0x6190  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
12:16:32.0877 0x6190  AppID - ok
12:16:32.0910 0x6190  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
12:16:32.0950 0x6190  AppIDSvc - ok
12:16:32.0982 0x6190  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
12:16:33.0015 0x6190  Appinfo - ok
12:16:33.0082 0x6190  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:16:33.0101 0x6190  Apple Mobile Device Service - ok
12:16:33.0122 0x6190  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
12:16:33.0160 0x6190  applockerfltr - ok
12:16:33.0216 0x6190  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
12:16:33.0277 0x6190  AppReadiness - ok
12:16:33.0399 0x6190  [ 2C1CEC25F6D92871F38960E2E84CC3EE, 979DB74192644A71F3031EB29480ECEFE014B916636D85AACD64292CB58494A5 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
12:16:33.0553 0x6190  AppXSvc - ok
12:16:33.0598 0x6190  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
12:16:33.0625 0x6190  arcsas - ok
12:16:33.0645 0x6190  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
12:16:33.0674 0x6190  AsyncMac - ok
12:16:33.0690 0x6190  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
12:16:33.0714 0x6190  atapi - ok
12:16:33.0902 0x6190  [ 835E2C1A3D32492E2B90BD4FE5527CB6, DE129E570C85EE8AAE8084B40F4E32766B4B789A2EED81E46311712B0826053D ] athr            C:\WINDOWS\System32\drivers\athw8x.sys
12:16:34.0157 0x6190  athr - ok
12:16:34.0210 0x6190  [ 59F44051BCD479E70446506B7E4E78BB, CB58E55196EC702DC85916F963A3C16D429C141391F9AA7F415BD63E7328C4C6 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:16:34.0259 0x6190  AudioEndpointBuilder - ok
12:16:34.0312 0x6190  [ 1C986DC8F4FDA1B040AC1176FB24467F, DEDA2FF4D0369348C2A74D29FB08AC86219BBCFDF44C59339BC39A25AE0727EB ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
12:16:34.0389 0x6190  Audiosrv - ok
12:16:34.0419 0x6190  [ 19A629CC661BBB49E25203B9626354F9, 9FDE67E19CE0B5973441A11EB0D5CD8187C1B47B3A2C866FD6BD939D31F42924 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
12:16:34.0442 0x6190  avgntflt - ok
12:16:34.0456 0x6190  [ B34C86461D03F33E9B1A57699DCABED3, 127A63A3AEC796DDF7E19432CAF523CA23051058752B9772244655797B3B4CDB ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
12:16:34.0476 0x6190  avipbb - ok
12:16:34.0528 0x6190  [ 14FCA1D1720A68C2D586940ABBE2DB3C, 274DB01CFD3024357602748FE36882ACE6BB3764A9FB62B2B40F9232B84A9B3E ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:16:34.0559 0x6190  Avira.ServiceHost - ok
12:16:34.0588 0x6190  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
12:16:34.0606 0x6190  avkmgr - ok
12:16:34.0639 0x6190  [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
12:16:34.0658 0x6190  avnetflt - ok
12:16:34.0691 0x6190  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
12:16:34.0728 0x6190  AxInstSV - ok
12:16:34.0793 0x6190  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
12:16:34.0854 0x6190  b06bdrv - ok
12:16:34.0907 0x6190  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:16:34.0951 0x6190  BasicDisplay - ok
12:16:34.0986 0x6190  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
12:16:35.0015 0x6190  BasicRender - ok
12:16:35.0043 0x6190  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
12:16:35.0069 0x6190  bcmfn - ok
12:16:35.0082 0x6190  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
12:16:35.0110 0x6190  bcmfn2 - ok
12:16:35.0152 0x6190  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
12:16:35.0204 0x6190  BDESVC - ok
12:16:35.0281 0x6190  [ BE975A685EFF48013945DB9ADE6CF690, 67879168764E1375299DC44AC42F73EE66B76F4EDC5E124D461E604644F7F6B6 ] BEDaisy         C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys
12:16:35.0315 0x6190  BEDaisy - ok
12:16:35.0353 0x6190  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:16:35.0390 0x6190  Beep - ok
12:16:35.0462 0x6190  [ 8C3E38D724D5AEF4D979C321B7054BF8, 24A17689A8A4FE551E22E0CCDB186ABE7F1B39F3EB8E258C9BF6BE2F5AC2550E ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
12:16:35.0542 0x6190  BEService - ok
12:16:35.0599 0x6190  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
12:16:35.0680 0x6190  BFE - ok
12:16:35.0746 0x6190  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
12:16:35.0858 0x6190  BITS - ok
12:16:35.0922 0x6190  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:16:35.0963 0x6190  Bonjour Service - ok
12:16:36.0007 0x6190  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
12:16:36.0046 0x6190  bowser - ok
12:16:36.0110 0x6190  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:16:36.0201 0x6190  BrokerInfrastructure - ok
12:16:36.0245 0x6190  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
12:16:36.0293 0x6190  Browser - ok
12:16:36.0321 0x6190  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS       C:\WINDOWS\system32\drivers\btath_bus.sys
12:16:36.0338 0x6190  BTATH_BUS - ok
12:16:36.0388 0x6190  [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
12:16:36.0455 0x6190  BtFilter - ok
12:16:36.0496 0x6190  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:16:36.0525 0x6190  BthAvrcpTg - ok
12:16:36.0546 0x6190  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
12:16:36.0578 0x6190  BthHFEnum - ok
12:16:36.0592 0x6190  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
12:16:36.0621 0x6190  bthhfhid - ok
12:16:36.0660 0x6190  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
12:16:36.0706 0x6190  BthHFSrv - ok
12:16:36.0728 0x6190  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
12:16:36.0759 0x6190  BTHMODEM - ok
12:16:36.0830 0x6190  [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
12:16:36.0939 0x6190  BTHPORT - ok
12:16:36.0970 0x6190  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
12:16:37.0008 0x6190  bthserv - ok
12:16:37.0063 0x6190  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
12:16:37.0094 0x6190  BTHUSB - ok
12:16:37.0135 0x6190  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
12:16:37.0168 0x6190  buttonconverter - ok
12:16:37.0205 0x6190  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
12:16:37.0247 0x6190  CapImg - ok
12:16:37.0393 0x6190  [ 4147B5CA0C368FFE0FCE4116F558986A, F466B4556A140321B8F87C486CEBFB223D37526D877343BB6DA8FEFD03E16396 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
12:16:37.0539 0x6190  CCDMonitorService - ok
12:16:37.0581 0x6190  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:16:37.0618 0x6190  cdfs - ok
12:16:37.0665 0x6190  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
12:16:37.0731 0x6190  CDPSvc - ok
12:16:37.0771 0x6190  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
12:16:37.0820 0x6190  CDPUserSvc - ok
12:16:37.0878 0x6190  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
12:16:37.0919 0x6190  cdrom - ok
12:16:37.0963 0x6190  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
12:16:38.0019 0x6190  CertPropSvc - ok
12:16:38.0054 0x6190  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
12:16:38.0101 0x6190  cht4iscsi - ok
12:16:38.0208 0x6190  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
12:16:38.0337 0x6190  cht4vbd - ok
12:16:38.0369 0x6190  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
12:16:38.0405 0x6190  circlass - ok
12:16:38.0448 0x6190  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
12:16:38.0475 0x6190  CLFS - ok
12:16:38.0553 0x6190  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
12:16:38.0620 0x6190  ClipSVC - ok
12:16:38.0650 0x6190  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
12:16:38.0684 0x6190  clreg - ok
12:16:38.0737 0x6190  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
12:16:38.0767 0x6190  CmBatt - ok
12:16:38.0814 0x6190  [ B0D9B87B795B7833C9152441CBD55CC4, D86C0FE8BF03D6F3330E16728FE6645AE910F95D23A9EFBDF3A50F45AB5D525B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
12:16:38.0867 0x6190  CNG - ok
12:16:38.0906 0x6190  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
12:16:38.0914 0x6190  cnghwassist - ok
12:16:38.0989 0x6190  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
12:16:39.0030 0x6190  CompositeBus - ok
12:16:39.0038 0x6190  COMSysApp - ok
12:16:39.0053 0x6190  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
12:16:39.0068 0x6190  condrv - ok
12:16:39.0141 0x6190  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
12:16:39.0207 0x6190  CoreMessagingRegistrar - ok
12:16:39.0267 0x6190  [ 4C69FF8400D51D0008A8C8327FB4CEAD, F8970C33452B9ADF243E4019C801811DD43D2828865056166F131A42957CF907 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:16:39.0311 0x6190  cphs - ok
12:16:39.0338 0x6190  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
12:16:39.0367 0x6190  CryptSvc - ok
12:16:39.0401 0x6190  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\WINDOWS\system32\drivers\dam.sys
12:16:39.0426 0x6190  dam - ok
12:16:39.0485 0x6190  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:16:39.0567 0x6190  DcomLaunch - ok
12:16:39.0614 0x6190  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
12:16:39.0652 0x6190  DcpSvc - ok
12:16:39.0705 0x6190  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
12:16:39.0768 0x6190  defragsvc - ok
12:16:39.0826 0x6190  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:16:39.0925 0x6190  DeviceAssociationService - ok
12:16:39.0958 0x6190  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
12:16:40.0012 0x6190  DeviceInstall - ok
12:16:40.0044 0x6190  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
12:16:40.0083 0x6190  DevQueryBroker - ok
12:16:40.0114 0x6190  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
12:16:40.0165 0x6190  Dfsc - ok
12:16:40.0199 0x6190  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:16:40.0221 0x6190  dg_ssudbus - ok
12:16:40.0258 0x6190  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
12:16:40.0315 0x6190  Dhcp - ok
12:16:40.0381 0x6190  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
12:16:40.0427 0x6190  diagnosticshub.standardcollector.service - ok
12:16:40.0536 0x6190  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
12:16:40.0702 0x6190  DiagTrack - ok
12:16:40.0749 0x6190  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
12:16:40.0778 0x6190  disk - ok
12:16:40.0853 0x6190  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
12:16:40.0914 0x6190  DmEnrollmentSvc - ok
12:16:40.0927 0x6190  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
12:16:40.0971 0x6190  dmvsc - ok
12:16:41.0009 0x6190  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
12:16:41.0053 0x6190  dmwappushservice - ok
12:16:41.0084 0x6190  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:16:41.0134 0x6190  Dnscache - ok
12:16:41.0162 0x6190  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:16:41.0213 0x6190  dot3svc - ok
12:16:41.0244 0x6190  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
12:16:41.0294 0x6190  DPS - ok
12:16:41.0320 0x6190  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
12:16:41.0345 0x6190  drmkaud - ok
12:16:41.0386 0x6190  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
12:16:41.0431 0x6190  DsmSvc - ok
12:16:41.0455 0x6190  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
12:16:41.0501 0x6190  DsSvc - ok
12:16:41.0622 0x6190  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:16:41.0788 0x6190  DXGKrnl - ok
12:16:41.0840 0x6190  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
12:16:41.0884 0x6190  EapHost - ok
12:16:42.0050 0x6190  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
12:16:42.0272 0x6190  ebdrv - ok
12:16:42.0311 0x6190  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
12:16:42.0340 0x6190  EFS - ok
12:16:42.0357 0x6190  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
12:16:42.0384 0x6190  EhStorClass - ok
12:16:42.0426 0x6190  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:16:42.0453 0x6190  EhStorTcgDrv - ok
12:16:42.0478 0x6190  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
12:16:42.0520 0x6190  embeddedmode - ok
12:16:42.0559 0x6190  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
12:16:42.0609 0x6190  EntAppSvc - ok
12:16:42.0796 0x6190  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
12:16:43.0010 0x6190  ePowerSvc - ok
12:16:43.0042 0x6190  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
12:16:43.0075 0x6190  ErrDev - ok
12:16:43.0128 0x6190  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
12:16:43.0182 0x6190  EventSystem - ok
12:16:43.0227 0x6190  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
12:16:43.0278 0x6190  exfat - ok
12:16:43.0328 0x6190  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
12:16:43.0375 0x6190  fastfat - ok
12:16:43.0466 0x6190  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:16:43.0609 0x6190  Fax - ok
12:16:43.0625 0x6190  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
12:16:43.0656 0x6190  fdc - ok
12:16:43.0692 0x6190  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
12:16:43.0727 0x6190  fdPHost - ok
12:16:43.0741 0x6190  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
12:16:43.0778 0x6190  FDResPub - ok
12:16:43.0804 0x6190  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
12:16:43.0851 0x6190  fhsvc - ok
12:16:43.0890 0x6190  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
12:16:43.0937 0x6190  FileCrypt - ok
12:16:43.0962 0x6190  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
12:16:43.0989 0x6190  FileInfo - ok
12:16:44.0005 0x6190  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
12:16:44.0040 0x6190  Filetrace - ok
12:16:44.0057 0x6190  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
12:16:44.0090 0x6190  flpydisk - ok
12:16:44.0111 0x6190  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:16:44.0151 0x6190  FltMgr - ok
12:16:44.0251 0x6190  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\WINDOWS\system32\FntCache.dll
12:16:44.0434 0x6190  FontCache - ok
12:16:44.0528 0x6190  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:16:44.0553 0x6190  FontCache3.0.0.0 - ok
12:16:44.0611 0x6190  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
12:16:44.0702 0x6190  FrameServer - ok
12:16:44.0741 0x6190  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
12:16:44.0766 0x6190  FsDepends - ok
12:16:44.0790 0x6190  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:16:44.0813 0x6190  Fs_Rec - ok
12:16:44.0858 0x6190  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:16:44.0923 0x6190  fvevol - ok
12:16:44.0968 0x6190  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
12:16:44.0995 0x6190  gencounter - ok
12:16:45.0033 0x6190  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
12:16:45.0067 0x6190  genericusbfn - ok
12:16:45.0088 0x6190  [ 794F13178118C609BA4F59111EDB6758, 9B79A3E3ECA4493AE25231C7B158B41571A2960458E0F2DEBE3C8BF40F708188 ] GPIO            C:\WINDOWS\System32\drivers\iaiogpioe.sys
12:16:45.0130 0x6190  GPIO - ok
12:16:45.0153 0x6190  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:16:45.0182 0x6190  GPIOClx0101 - ok
12:16:45.0262 0x6190  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
12:16:45.0393 0x6190  gpsvc - ok
12:16:45.0416 0x6190  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
12:16:45.0451 0x6190  GpuEnergyDrv - ok
12:16:45.0509 0x6190  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:16:45.0528 0x6190  gupdate - ok
12:16:45.0537 0x6190  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:16:45.0556 0x6190  gupdatem - ok
12:16:45.0582 0x6190  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
12:16:45.0614 0x6190  HDAudBus - ok
12:16:45.0644 0x6190  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
12:16:45.0669 0x6190  HidBatt - ok
12:16:45.0706 0x6190  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
12:16:45.0738 0x6190  HidBth - ok
12:16:45.0763 0x6190  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
12:16:45.0794 0x6190  hidi2c - ok
12:16:45.0818 0x6190  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
12:16:45.0841 0x6190  hidinterrupt - ok
12:16:45.0865 0x6190  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
12:16:45.0894 0x6190  HidIr - ok
12:16:45.0914 0x6190  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
12:16:45.0950 0x6190  hidserv - ok
12:16:46.0002 0x6190  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
12:16:46.0039 0x6190  HidUsb - ok
12:16:46.0078 0x6190  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:16:46.0130 0x6190  HomeGroupListener - ok
12:16:46.0177 0x6190  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:16:46.0246 0x6190  HomeGroupProvider - ok
12:16:46.0281 0x6190  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
12:16:46.0307 0x6190  HpSAMD - ok
12:16:46.0390 0x6190  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
12:16:46.0480 0x6190  HTTP - ok
12:16:46.0511 0x6190  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
12:16:46.0547 0x6190  HvHost - ok
12:16:46.0604 0x6190  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
12:16:46.0630 0x6190  hvservice - ok
12:16:46.0671 0x6190  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
12:16:46.0694 0x6190  hwpolicy - ok
12:16:46.0718 0x6190  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
12:16:46.0745 0x6190  hyperkbd - ok
12:16:46.0791 0x6190  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
12:16:46.0839 0x6190  i8042prt - ok
12:16:46.0862 0x6190  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
12:16:46.0893 0x6190  iagpio - ok
12:16:46.0914 0x6190  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
12:16:46.0945 0x6190  iai2c - ok
12:16:46.0972 0x6190  [ F49D75806D962F85C44E32A1AFB9B8E0, DF033C79C478EB2EA82466F1A7CB58FE17E7C23FE0F24E7B18718750E9F98FF3 ] iaioi2c         C:\WINDOWS\System32\drivers\iaioi2ce.sys
12:16:47.0019 0x6190  iaioi2c - ok
12:16:47.0049 0x6190  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
12:16:47.0080 0x6190  iaLPSS2i_GPIO2 - ok
12:16:47.0100 0x6190  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
12:16:47.0125 0x6190  iaLPSS2i_I2C - ok
12:16:47.0149 0x6190  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:16:47.0168 0x6190  iaLPSSi_GPIO - ok
12:16:47.0189 0x6190  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:16:47.0226 0x6190  iaLPSSi_I2C - ok
12:16:47.0273 0x6190  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
12:16:47.0338 0x6190  iaStorAV - ok
12:16:47.0374 0x6190  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
12:16:47.0422 0x6190  iaStorV - ok
12:16:47.0459 0x6190  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
12:16:47.0512 0x6190  ibbus - ok
12:16:47.0562 0x6190  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
12:16:47.0584 0x6190  ICCS - ok
12:16:47.0626 0x6190  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
12:16:47.0683 0x6190  icssvc - ok
12:16:47.0854 0x6190  [ D440A4CC07DECA9C9E61A005C53666DB, 1BDFB81E7A41C794AA629490186691E988A393EBA4A81304CDA1F9C47CD32F0B ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:16:48.0059 0x6190  igfx - ok
12:16:48.0102 0x6190  [ CD4815866A54609462B197503E381F86, 616083B42DF358630889CD911A17DE70D91F1BE7186235A01A677A380615A8D8 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
12:16:48.0135 0x6190  igfxCUIService1.0.0.0 - ok
12:16:48.0204 0x6190  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
12:16:48.0304 0x6190  IKEEXT - ok
12:16:48.0327 0x6190  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
12:16:48.0363 0x6190  IndirectKmd - ok
12:16:48.0391 0x6190  [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
12:16:48.0417 0x6190  intaud_WaveExtensible - ok
12:16:48.0586 0x6190  [ AAB0607E015F07D342DD3CB04A311257, 681EE04F24D7DEC1E3C02549E7A5C70E2AA6D342ED9F3819178E03E8747F9277 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:16:48.0802 0x6190  IntcAzAudAddService - ok
12:16:48.0862 0x6190  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
12:16:48.0906 0x6190  IntcDAud - ok
12:16:48.0982 0x6190  [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
12:16:49.0053 0x6190  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
12:16:49.0237 0x6190  Detect skipped due to KSN trusted
12:16:49.0238 0x6190  Intel(R) Capability Licensing Service Interface - ok
12:16:49.0282 0x6190  [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
12:16:49.0339 0x6190  Intel(R) Capability Licensing Service TCP IP Interface - ok
12:16:49.0369 0x6190  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
12:16:49.0391 0x6190  intelide - ok
12:16:49.0410 0x6190  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
12:16:49.0435 0x6190  intelpep - ok
12:16:49.0458 0x6190  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
12:16:49.0492 0x6190  intelppm - ok
12:16:49.0526 0x6190  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
12:16:49.0551 0x6190  iorate - ok
12:16:49.0590 0x6190  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:16:49.0621 0x6190  IpFilterDriver - ok
12:16:49.0680 0x6190  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
12:16:49.0797 0x6190  iphlpsvc - ok
12:16:49.0830 0x6190  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:16:49.0856 0x6190  IPMIDRV - ok
12:16:49.0880 0x6190  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
12:16:49.0919 0x6190  IPNAT - ok
12:16:49.0955 0x6190  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
12:16:49.0991 0x6190  irda - ok
12:16:50.0010 0x6190  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
12:16:50.0041 0x6190  IRENUM - ok
12:16:50.0068 0x6190  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
12:16:50.0101 0x6190  irmon - ok
12:16:50.0122 0x6190  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
12:16:50.0145 0x6190  isapnp - ok
12:16:50.0182 0x6190  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
12:16:50.0218 0x6190  iScsiPrt - ok
12:16:50.0248 0x6190  [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
12:16:50.0267 0x6190  iwdbus - ok
12:16:50.0302 0x6190  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
12:16:50.0328 0x6190  kbdclass - ok
12:16:50.0363 0x6190  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
12:16:50.0398 0x6190  kbdhid - ok
12:16:50.0420 0x6190  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
12:16:50.0451 0x6190  kdnic - ok
12:16:50.0469 0x6190  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
12:16:50.0496 0x6190  KeyIso - ok
12:16:50.0523 0x6190  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
12:16:50.0552 0x6190  KSecDD - ok
12:16:50.0594 0x6190  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:16:50.0624 0x6190  KSecPkg - ok
12:16:50.0646 0x6190  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
12:16:50.0687 0x6190  ksthunk - ok
12:16:50.0733 0x6190  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
12:16:50.0792 0x6190  KtmRm - ok
12:16:50.0827 0x6190  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
12:16:50.0886 0x6190  LanmanServer - ok
12:16:50.0927 0x6190  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:16:50.0984 0x6190  LanmanWorkstation - ok
12:16:51.0028 0x6190  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
12:16:51.0070 0x6190  lfsvc - ok
12:16:51.0114 0x6190  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
12:16:51.0160 0x6190  LicenseManager - ok
12:16:51.0201 0x6190  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
12:16:51.0230 0x6190  lltdio - ok
12:16:51.0269 0x6190  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
12:16:51.0314 0x6190  lltdsvc - ok
12:16:51.0344 0x6190  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
12:16:51.0360 0x6190  LMDriver - ok
12:16:51.0385 0x6190  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
12:16:51.0419 0x6190  lmhosts - ok
12:16:51.0473 0x6190  [ 4C5177C5EA6A66C6CFAA49737C023ED1, 3FA54E51A7B8EF438A93E96B3067139B911D3128B6048C135CA39B8E7200D5F5 ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
12:16:51.0514 0x6190  LMSvc - ok
12:16:51.0552 0x6190  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
12:16:51.0579 0x6190  LSI_SAS - ok
12:16:51.0596 0x6190  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
12:16:51.0622 0x6190  LSI_SAS2i - ok
12:16:51.0637 0x6190  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
12:16:51.0665 0x6190  LSI_SAS3i - ok
12:16:51.0686 0x6190  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
12:16:51.0713 0x6190  LSI_SSS - ok
12:16:51.0828 0x6190  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\WINDOWS\System32\lsm.dll
12:16:51.0923 0x6190  LSM - ok
12:16:51.0954 0x6190  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
12:16:51.0994 0x6190  luafv - ok
12:16:52.0029 0x6190  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\WINDOWS\System32\moshost.dll
12:16:52.0071 0x6190  MapsBroker - ok
12:16:52.0106 0x6190  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
12:16:52.0132 0x6190  megasas - ok
12:16:52.0164 0x6190  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
12:16:52.0188 0x6190  megasas2i - ok
12:16:52.0233 0x6190  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
12:16:52.0296 0x6190  megasr - ok
12:16:52.0321 0x6190  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
12:16:52.0355 0x6190  MessagingService - ok
12:16:52.0421 0x6190  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
12:16:52.0491 0x6190  mlx4_bus - ok
12:16:52.0529 0x6190  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
12:16:52.0569 0x6190  MMCSS - ok
12:16:52.0616 0x6190  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\WINDOWS\system32\drivers\modem.sys
12:16:52.0658 0x6190  Modem - ok
12:16:52.0677 0x6190  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
12:16:52.0705 0x6190  monitor - ok
12:16:52.0737 0x6190  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
12:16:52.0762 0x6190  mouclass - ok
12:16:52.0792 0x6190  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
12:16:52.0820 0x6190  mouhid - ok
12:16:52.0842 0x6190  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
12:16:52.0870 0x6190  mountmgr - ok
12:16:52.0881 0x6190  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
12:16:52.0929 0x6190  mpsdrv - ok
12:16:52.0988 0x6190  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
12:16:53.0085 0x6190  MpsSvc - ok
12:16:53.0112 0x6190  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
12:16:53.0162 0x6190  MRxDAV - ok
12:16:53.0203 0x6190  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:16:53.0254 0x6190  mrxsmb - ok
12:16:53.0297 0x6190  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:16:53.0339 0x6190  mrxsmb10 - ok
12:16:53.0380 0x6190  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:16:53.0412 0x6190  mrxsmb20 - ok
12:16:53.0442 0x6190  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
12:16:53.0479 0x6190  MsBridge - ok
12:16:53.0512 0x6190  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
12:16:53.0550 0x6190  MSDTC - ok
12:16:53.0580 0x6190  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:16:53.0610 0x6190  Msfs - ok
12:16:53.0628 0x6190  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:16:53.0652 0x6190  msgpiowin32 - ok
12:16:53.0682 0x6190  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:16:53.0715 0x6190  mshidkmdf - ok
12:16:53.0730 0x6190  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
12:16:53.0757 0x6190  mshidumdf - ok
12:16:53.0778 0x6190  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
12:16:53.0802 0x6190  msisadrv - ok
12:16:53.0835 0x6190  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
12:16:53.0885 0x6190  MSiSCSI - ok
12:16:53.0893 0x6190  msiserver - ok
12:16:53.0920 0x6190  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
12:16:53.0960 0x6190  MSKSSRV - ok
12:16:53.0996 0x6190  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
12:16:54.0035 0x6190  MsLldp - ok
12:16:54.0052 0x6190  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
12:16:54.0090 0x6190  MSPCLOCK - ok
12:16:54.0111 0x6190  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
12:16:54.0153 0x6190  MSPQM - ok
12:16:54.0195 0x6190  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
12:16:54.0235 0x6190  MsRPC - ok
12:16:54.0253 0x6190  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
12:16:54.0277 0x6190  mssmbios - ok
12:16:54.0293 0x6190  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
12:16:54.0331 0x6190  MSTEE - ok
12:16:54.0353 0x6190  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
12:16:54.0382 0x6190  MTConfig - ok
12:16:54.0394 0x6190  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
12:16:54.0423 0x6190  Mup - ok
12:16:54.0450 0x6190  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
12:16:54.0474 0x6190  mvumis - ok
12:16:54.0536 0x6190  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:16:54.0610 0x6190  NativeWifiP - ok
12:16:54.0643 0x6190  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
12:16:54.0697 0x6190  NcaSvc - ok
12:16:54.0728 0x6190  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
12:16:54.0797 0x6190  NcbService - ok
12:16:54.0819 0x6190  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
12:16:54.0864 0x6190  NcdAutoSetup - ok
12:16:54.0899 0x6190  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
12:16:54.0927 0x6190  ndfltr - ok
12:16:54.0988 0x6190  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
12:16:55.0098 0x6190  NDIS - ok
12:16:55.0123 0x6190  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
12:16:55.0164 0x6190  NdisCap - ok
12:16:55.0201 0x6190  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
12:16:55.0245 0x6190  NdisImPlatform - ok
12:16:55.0268 0x6190  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:16:55.0308 0x6190  NdisTapi - ok
12:16:55.0328 0x6190  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
12:16:55.0371 0x6190  Ndisuio - ok
12:16:55.0399 0x6190  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:16:55.0433 0x6190  NdisVirtualBus - ok
12:16:55.0459 0x6190  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
12:16:55.0513 0x6190  NdisWan - ok
12:16:55.0536 0x6190  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:16:55.0587 0x6190  ndiswanlegacy - ok
12:16:55.0614 0x6190  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
12:16:55.0664 0x6190  ndproxy - ok
12:16:55.0693 0x6190  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
12:16:55.0739 0x6190  Ndu - ok
12:16:55.0758 0x6190  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
12:16:55.0798 0x6190  NetAdapterCx - ok
12:16:55.0814 0x6190  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
12:16:55.0840 0x6190  NetBIOS - ok
12:16:55.0883 0x6190  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:16:55.0929 0x6190  NetBT - ok
12:16:55.0949 0x6190  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:16:55.0976 0x6190  Netlogon - ok
12:16:56.0019 0x6190  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
12:16:56.0064 0x6190  Netman - ok
12:16:56.0106 0x6190  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
12:16:56.0190 0x6190  netprofm - ok
12:16:56.0234 0x6190  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
12:16:56.0296 0x6190  NetSetupSvc - ok
12:16:56.0339 0x6190  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:16:56.0364 0x6190  NetTcpPortSharing - ok
12:16:56.0403 0x6190  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
12:16:56.0467 0x6190  NgcCtnrSvc - ok
12:16:56.0536 0x6190  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
12:16:56.0649 0x6190  NgcSvc - ok
12:16:56.0697 0x6190  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
12:16:56.0770 0x6190  NlaSvc - ok
12:16:56.0806 0x6190  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:16:56.0838 0x6190  Npfs - ok
12:16:56.0856 0x6190  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
12:16:56.0883 0x6190  npsvctrig - ok
12:16:56.0919 0x6190  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
12:16:56.0950 0x6190  nsi - ok
12:16:56.0971 0x6190  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
12:16:57.0008 0x6190  nsiproxy - ok
12:16:57.0133 0x6190  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
12:16:57.0286 0x6190  NTFS - ok
12:16:57.0314 0x6190  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:16:57.0345 0x6190  Null - ok
12:16:57.0371 0x6190  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
12:16:57.0400 0x6190  nvraid - ok
12:16:57.0426 0x6190  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
12:16:57.0457 0x6190  nvstor - ok
12:16:57.0500 0x6190  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
12:16:57.0567 0x6190  OneSyncSvc - ok
12:16:57.0615 0x6190  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
12:16:57.0662 0x6190  p2pimsvc - ok
12:16:57.0705 0x6190  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
12:16:57.0767 0x6190  p2psvc - ok
12:16:57.0798 0x6190  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
12:16:57.0829 0x6190  Parport - ok
12:16:57.0873 0x6190  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
12:16:57.0900 0x6190  partmgr - ok
12:16:57.0944 0x6190  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
12:16:58.0045 0x6190  PcaSvc - ok
12:16:58.0089 0x6190  [ E2DD2E5BDCCD225670831B439826065B, 0153F1CE26D402C03CFC155F428EBA04D6EA8E19A28AF629B1CE347363B7697C ] pci             C:\WINDOWS\system32\drivers\pci.sys
12:16:58.0128 0x6190  pci - ok
12:16:58.0151 0x6190  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
12:16:58.0174 0x6190  pciide - ok
12:16:58.0208 0x6190  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
12:16:58.0236 0x6190  pcmcia - ok
12:16:58.0262 0x6190  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
12:16:58.0286 0x6190  pcw - ok
12:16:58.0328 0x6190  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
12:16:58.0357 0x6190  pdc - ok
12:16:58.0414 0x6190  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
12:16:58.0511 0x6190  PEAUTH - ok
12:16:58.0536 0x6190  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
12:16:58.0561 0x6190  percsas2i - ok
12:16:58.0585 0x6190  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
12:16:58.0610 0x6190  percsas3i - ok
12:16:58.0696 0x6190  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
12:16:58.0736 0x6190  PerfHost - ok
12:16:58.0817 0x6190  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
12:16:58.0921 0x6190  PhoneSvc - ok
12:16:58.0964 0x6190  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
12:16:59.0017 0x6190  PimIndexMaintenanceSvc - ok
12:16:59.0143 0x6190  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
12:16:59.0286 0x6190  pla - ok
12:16:59.0319 0x6190  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
12:16:59.0370 0x6190  PlugPlay - ok
12:16:59.0391 0x6190  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
12:16:59.0424 0x6190  PNRPAutoReg - ok
12:16:59.0452 0x6190  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
12:16:59.0503 0x6190  PNRPsvc - ok
12:16:59.0555 0x6190  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
12:16:59.0628 0x6190  PolicyAgent - ok
12:16:59.0654 0x6190  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
12:16:59.0695 0x6190  Power - ok
12:16:59.0721 0x6190  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
12:16:59.0766 0x6190  PptpMiniport - ok
12:16:59.0950 0x6190  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:17:00.0209 0x6190  PrintNotify - ok
12:17:00.0250 0x6190  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
12:17:00.0295 0x6190  Processor - ok
12:17:00.0333 0x6190  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
12:17:00.0407 0x6190  ProfSvc - ok
12:17:00.0435 0x6190  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
12:17:00.0464 0x6190  Psched - ok
12:17:00.0563 0x6190  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
12:17:00.0603 0x6190  QASvc - ok
12:17:00.0674 0x6190  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
12:17:00.0761 0x6190  QWAVE - ok
12:17:00.0790 0x6190  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
12:17:00.0823 0x6190  QWAVEdrv - ok
12:17:00.0857 0x6190  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
12:17:00.0871 0x6190  RadioShim - ok
12:17:00.0886 0x6190  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:17:00.0916 0x6190  RasAcd - ok
12:17:00.0948 0x6190  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
12:17:00.0998 0x6190  RasAgileVpn - ok
12:17:01.0029 0x6190  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:17:01.0067 0x6190  RasAuto - ok
12:17:01.0094 0x6190  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
12:17:01.0138 0x6190  Rasl2tp - ok
12:17:01.0193 0x6190  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:17:01.0271 0x6190  RasMan - ok
12:17:01.0294 0x6190  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:17:01.0328 0x6190  RasPppoe - ok
12:17:01.0358 0x6190  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
12:17:01.0400 0x6190  RasSstp - ok
12:17:01.0449 0x6190  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:17:01.0499 0x6190  rdbss - ok
12:17:01.0531 0x6190  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
12:17:01.0559 0x6190  rdpbus - ok
12:17:01.0581 0x6190  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
12:17:01.0620 0x6190  RDPDR - ok
12:17:01.0673 0x6190  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:17:01.0696 0x6190  RdpVideoMiniport - ok
12:17:01.0725 0x6190  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
12:17:01.0761 0x6190  rdyboost - ok
12:17:01.0815 0x6190  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
12:17:01.0902 0x6190  ReFSv1 - ok
12:17:01.0965 0x6190  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:17:02.0062 0x6190  RemoteAccess - ok
12:17:02.0096 0x6190  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:17:02.0145 0x6190  RemoteRegistry - ok
12:17:02.0199 0x6190  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
12:17:02.0284 0x6190  RetailDemo - ok
12:17:02.0366 0x6190  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
12:17:02.0391 0x6190  RichVideo - ok
12:17:02.0423 0x6190  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
12:17:02.0461 0x6190  RmSvc - ok
12:17:02.0484 0x6190  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
12:17:02.0518 0x6190  RpcEptMapper - ok
12:17:02.0540 0x6190  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:17:02.0569 0x6190  RpcLocator - ok
12:17:02.0621 0x6190  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:17:02.0700 0x6190  RpcSs - ok
12:17:02.0744 0x6190  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
12:17:02.0775 0x6190  rspndr - ok
12:17:02.0834 0x6190  [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168         C:\WINDOWS\System32\drivers\Rt630x64.sys
12:17:02.0900 0x6190  RTL8168 - ok
12:17:02.0953 0x6190  [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
12:17:03.0004 0x6190  RTSUER - ok
12:17:03.0019 0x6190  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
12:17:03.0047 0x6190  s3cap - ok
12:17:03.0078 0x6190  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:17:03.0104 0x6190  SamSs - ok
12:17:03.0133 0x6190  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
12:17:03.0159 0x6190  sbp2port - ok
12:17:03.0198 0x6190  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
12:17:03.0245 0x6190  SCardSvr - ok
12:17:03.0271 0x6190  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
12:17:03.0316 0x6190  ScDeviceEnum - ok
12:17:03.0352 0x6190  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:17:03.0385 0x6190  scfilter - ok
12:17:03.0434 0x6190  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:17:03.0540 0x6190  Schedule - ok
12:17:03.0566 0x6190  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
12:17:03.0592 0x6190  scmbus - ok
12:17:03.0634 0x6190  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
12:17:03.0668 0x6190  scmdisk0101 - ok
12:17:03.0711 0x6190  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
12:17:03.0753 0x6190  SCPolicySvc - ok
12:17:03.0786 0x6190  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
12:17:03.0823 0x6190  sdbus - ok
12:17:03.0854 0x6190  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
12:17:03.0906 0x6190  SDRSVC - ok
12:17:03.0937 0x6190  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
12:17:03.0964 0x6190  sdstor - ok
12:17:03.0981 0x6190  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
12:17:04.0016 0x6190  seclogon - ok
12:17:04.0042 0x6190  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
12:17:04.0087 0x6190  SENS - ok
12:17:04.0166 0x6190  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
12:17:04.0287 0x6190  SensorDataService - ok
12:17:04.0326 0x6190  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
12:17:04.0398 0x6190  SensorService - ok
12:17:04.0436 0x6190  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
12:17:04.0486 0x6190  SensrSvc - ok
12:17:04.0510 0x6190  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
12:17:04.0537 0x6190  SerCx - ok
12:17:04.0554 0x6190  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
12:17:04.0584 0x6190  SerCx2 - ok
12:17:04.0605 0x6190  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
12:17:04.0634 0x6190  Serenum - ok
12:17:04.0655 0x6190  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
12:17:04.0688 0x6190  Serial - ok
12:17:04.0704 0x6190  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
12:17:04.0732 0x6190  sermouse - ok
12:17:04.0790 0x6190  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
12:17:04.0875 0x6190  SessionEnv - ok
12:17:04.0899 0x6190  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
12:17:04.0927 0x6190  sfloppy - ok
12:17:05.0000 0x6190  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:17:05.0079 0x6190  SharedAccess - ok
12:17:05.0127 0x6190  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:17:05.0217 0x6190  ShellHWDetection - ok
12:17:05.0259 0x6190  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
12:17:05.0311 0x6190  shpamsvc - ok
12:17:05.0345 0x6190  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:17:05.0370 0x6190  SiSRaid2 - ok
12:17:05.0389 0x6190  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
12:17:05.0415 0x6190  SiSRaid4 - ok
12:17:05.0446 0x6190  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:17:05.0478 0x6190  SkypeUpdate - ok
12:17:05.0519 0x6190  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
12:17:05.0557 0x6190  smphost - ok
12:17:05.0607 0x6190  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
12:17:05.0688 0x6190  SmsRouter - ok
12:17:05.0723 0x6190  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
12:17:05.0756 0x6190  SNMPTRAP - ok
12:17:05.0801 0x6190  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
12:17:05.0865 0x6190  spaceport - ok
12:17:05.0894 0x6190  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
12:17:05.0920 0x6190  SpbCx - ok
12:17:05.0978 0x6190  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\WINDOWS\System32\spoolsv.exe
12:17:06.0072 0x6190  Spooler - ok
12:17:06.0320 0x6190  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
12:17:06.0645 0x6190  sppsvc - ok
12:17:06.0707 0x6190  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:17:06.0763 0x6190  srv - ok
12:17:06.0817 0x6190  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
12:17:06.0907 0x6190  srv2 - ok
12:17:06.0940 0x6190  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:17:06.0982 0x6190  srvnet - ok
12:17:07.0031 0x6190  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:17:07.0086 0x6190  SSDPSRV - ok
12:17:07.0121 0x6190  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
12:17:07.0165 0x6190  SstpSvc - ok
12:17:07.0208 0x6190  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:17:07.0232 0x6190  ssudmdm - ok
12:17:07.0410 0x6190  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
12:17:07.0708 0x6190  StateRepository - ok
12:17:07.0747 0x6190  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
12:17:07.0771 0x6190  stexstor - ok
12:17:07.0828 0x6190  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
12:17:07.0907 0x6190  stisvc - ok
12:17:07.0943 0x6190  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
12:17:07.0972 0x6190  storahci - ok
12:17:08.0032 0x6190  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
12:17:08.0077 0x6190  storflt - ok
12:17:08.0118 0x6190  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
12:17:08.0146 0x6190  stornvme - ok
12:17:08.0165 0x6190  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
12:17:08.0211 0x6190  storqosflt - ok
12:17:08.0290 0x6190  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
12:17:08.0362 0x6190  StorSvc - ok
12:17:08.0398 0x6190  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
12:17:08.0421 0x6190  storufs - ok
12:17:08.0443 0x6190  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
12:17:08.0468 0x6190  storvsc - ok
12:17:08.0499 0x6190  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
12:17:08.0535 0x6190  svsvc - ok
12:17:08.0552 0x6190  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
12:17:08.0575 0x6190  swenum - ok
12:17:08.0609 0x6190  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
12:17:08.0680 0x6190  swprv - ok
12:17:08.0727 0x6190  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
12:17:08.0768 0x6190  Synth3dVsc - ok
12:17:08.0828 0x6190  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
12:17:08.0936 0x6190  SysMain - ok
12:17:08.0978 0x6190  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:17:09.0050 0x6190  SystemEventsBroker - ok
12:17:09.0082 0x6190  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:17:09.0122 0x6190  TabletInputService - ok
12:17:09.0150 0x6190  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:17:09.0207 0x6190  TapiSrv - ok
12:17:09.0333 0x6190  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
12:17:09.0493 0x6190  Tcpip - ok
12:17:09.0609 0x6190  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
12:17:09.0738 0x6190  Tcpip6 - ok
12:17:09.0781 0x6190  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
12:17:09.0821 0x6190  tcpipreg - ok
12:17:09.0861 0x6190  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
12:17:09.0887 0x6190  tdx - ok
12:17:09.0905 0x6190  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
12:17:09.0929 0x6190  terminpt - ok
12:17:09.0985 0x6190  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
12:17:10.0097 0x6190  TermService - ok
12:17:10.0126 0x6190  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
12:17:10.0173 0x6190  Themes - ok
12:17:10.0234 0x6190  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
12:17:10.0304 0x6190  TieringEngineService - ok
12:17:10.0339 0x6190  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
12:17:10.0425 0x6190  tiledatamodelsvc - ok
12:17:10.0450 0x6190  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
12:17:10.0489 0x6190  TimeBrokerSvc - ok
12:17:10.0537 0x6190  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
12:17:10.0569 0x6190  TPM - ok
12:17:10.0597 0x6190  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
12:17:10.0636 0x6190  TrkWks - ok
12:17:10.0684 0x6190  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:17:10.0727 0x6190  TrustedInstaller - ok
12:17:10.0763 0x6190  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
12:17:10.0807 0x6190  tsusbflt - ok
12:17:10.0825 0x6190  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:17:10.0854 0x6190  TsUsbGD - ok
12:17:10.0875 0x6190  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
12:17:10.0917 0x6190  tunnel - ok
12:17:10.0952 0x6190  [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64         C:\WINDOWS\System32\drivers\TXEIx64.sys
12:17:10.0973 0x6190  TXEIx64 - ok
12:17:11.0007 0x6190  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
12:17:11.0052 0x6190  tzautoupdate - ok
12:17:11.0091 0x6190  [ A070ABB9D85582B2BECADBE6FCD12350, 3EBFA349F87933E20C4EADA2FA2E64206CCAC70DFB8B52C2E41670FFB16D7336 ] t_mouse.sys     C:\WINDOWS\system32\DRIVERS\t_mouse.sys
12:17:11.0120 0x6190  t_mouse.sys - ok
12:17:11.0141 0x6190  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
12:17:11.0167 0x6190  UASPStor - ok
12:17:11.0190 0x6190  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
12:17:11.0233 0x6190  UcmCx0101 - ok
12:17:11.0270 0x6190  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
12:17:11.0303 0x6190  UcmTcpciCx0101 - ok
12:17:11.0323 0x6190  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
12:17:11.0353 0x6190  UcmUcsi - ok
12:17:11.0382 0x6190  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
12:17:11.0414 0x6190  Ucx01000 - ok
12:17:11.0433 0x6190  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
12:17:11.0463 0x6190  UdeCx - ok
12:17:11.0501 0x6190  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
12:17:11.0559 0x6190  udfs - ok
12:17:11.0583 0x6190  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
12:17:11.0607 0x6190  UEFI - ok
12:17:11.0653 0x6190  [ EB7E8BF35D31BC9F111E282C2F263854, 8969BCC5072499A2ACFEFF583BC7849BA25629EB0CBB708D581FC8D58388E772 ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
12:17:11.0677 0x6190  UEIPSvc - ok
12:17:11.0703 0x6190  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
12:17:11.0738 0x6190  Ufx01000 - ok
12:17:11.0757 0x6190  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
12:17:11.0783 0x6190  UfxChipidea - ok
12:17:11.0809 0x6190  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
12:17:11.0837 0x6190  ufxsynopsys - ok
12:17:11.0879 0x6190  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
12:17:11.0916 0x6190  UI0Detect - ok
12:17:11.0937 0x6190  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
12:17:11.0968 0x6190  umbus - ok
12:17:11.0982 0x6190  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
12:17:12.0010 0x6190  UmPass - ok
12:17:12.0049 0x6190  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
12:17:12.0093 0x6190  UmRdpService - ok
12:17:12.0157 0x6190  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
12:17:12.0272 0x6190  UnistoreSvc - ok
12:17:12.0317 0x6190  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:17:12.0389 0x6190  upnphost - ok
12:17:12.0424 0x6190  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
12:17:12.0448 0x6190  UrsChipidea - ok
12:17:12.0485 0x6190  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
12:17:12.0509 0x6190  UrsCx01000 - ok
12:17:12.0525 0x6190  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
12:17:12.0549 0x6190  UrsSynopsys - ok
12:17:12.0576 0x6190  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
12:17:12.0606 0x6190  usbccgp - ok
12:17:12.0628 0x6190  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
12:17:12.0661 0x6190  usbcir - ok
12:17:12.0684 0x6190  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
12:17:12.0712 0x6190  usbehci - ok
12:17:12.0742 0x6190  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
12:17:12.0793 0x6190  usbhub - ok
12:17:12.0848 0x6190  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
12:17:12.0900 0x6190  USBHUB3 - ok
12:17:12.0918 0x6190  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
12:17:12.0949 0x6190  usbohci - ok
12:17:12.0976 0x6190  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
12:17:13.0006 0x6190  usbprint - ok
12:17:13.0023 0x6190  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
12:17:13.0056 0x6190  usbser - ok
12:17:13.0075 0x6190  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:17:13.0103 0x6190  USBSTOR - ok
12:17:13.0121 0x6190  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
12:17:13.0150 0x6190  usbuhci - ok
12:17:13.0191 0x6190  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
12:17:13.0240 0x6190  usbvideo - ok
12:17:13.0279 0x6190  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:17:13.0326 0x6190  USBXHCI - ok
12:17:13.0407 0x6190  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
12:17:13.0540 0x6190  UserDataSvc - ok
12:17:13.0607 0x6190  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
12:17:13.0714 0x6190  UserManager - ok
12:17:13.0768 0x6190  [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
12:17:13.0864 0x6190  UsoSvc - ok
12:17:13.0893 0x6190  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
12:17:13.0920 0x6190  VaultSvc - ok
12:17:13.0941 0x6190  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
12:17:13.0965 0x6190  vdrvroot - ok
12:17:14.0011 0x6190  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
12:17:14.0094 0x6190  vds - ok
12:17:14.0118 0x6190  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
12:17:14.0151 0x6190  VerifierExt - ok
12:17:14.0210 0x6190  [ 46ADD0CD4473AAEF1C68266A803F704D, D521E46891253884CF8285E864FAE63F2E8E0974AD8D2EB4D910E8A35350844F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
12:17:14.0278 0x6190  vhdmp - ok
12:17:14.0306 0x6190  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
12:17:14.0336 0x6190  vhf - ok
12:17:14.0353 0x6190  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
12:17:14.0381 0x6190  vmbus - ok
12:17:14.0398 0x6190  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
12:17:14.0428 0x6190  VMBusHID - ok
12:17:14.0449 0x6190  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
12:17:14.0478 0x6190  vmgid - ok
12:17:14.0515 0x6190  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
12:17:14.0580 0x6190  vmicguestinterface - ok
12:17:14.0595 0x6190  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
12:17:14.0640 0x6190  vmicheartbeat - ok
12:17:14.0657 0x6190  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
12:17:14.0700 0x6190  vmickvpexchange - ok
12:17:14.0743 0x6190  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
12:17:14.0798 0x6190  vmicrdv - ok
12:17:14.0817 0x6190  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
12:17:14.0860 0x6190  vmicshutdown - ok
12:17:14.0876 0x6190  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
12:17:14.0922 0x6190  vmictimesync - ok
12:17:14.0938 0x6190  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
12:17:14.0982 0x6190  vmicvmsession - ok
12:17:15.0002 0x6190  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
12:17:15.0048 0x6190  vmicvss - ok
12:17:15.0080 0x6190  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
12:17:15.0107 0x6190  volmgr - ok
12:17:15.0131 0x6190  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
12:17:15.0171 0x6190  volmgrx - ok
12:17:15.0193 0x6190  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
12:17:15.0233 0x6190  volsnap - ok
12:17:15.0250 0x6190  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
12:17:15.0272 0x6190  volume - ok
12:17:15.0292 0x6190  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
12:17:15.0317 0x6190  vpci - ok
12:17:15.0343 0x6190  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
12:17:15.0373 0x6190  vsmraid - ok
12:17:15.0462 0x6190  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
12:17:15.0598 0x6190  VSS - ok
12:17:15.0629 0x6190  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
12:17:15.0665 0x6190  VSTXRAID - ok
12:17:15.0704 0x6190  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
12:17:15.0745 0x6190  vwifibus - ok
12:17:15.0764 0x6190  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
12:17:15.0795 0x6190  vwififlt - ok
12:17:15.0808 0x6190  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
12:17:15.0838 0x6190  vwifimp - ok
12:17:15.0888 0x6190  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
12:17:15.0971 0x6190  W32Time - ok
12:17:16.0006 0x6190  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
12:17:16.0036 0x6190  WacomPen - ok
12:17:16.0071 0x6190  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
12:17:16.0146 0x6190  WalletService - ok
12:17:16.0169 0x6190  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:17:16.0212 0x6190  wanarp - ok
12:17:16.0220 0x6190  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:17:16.0261 0x6190  wanarpv6 - ok
12:17:16.0349 0x6190  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
12:17:16.0483 0x6190  wbengine - ok
12:17:16.0549 0x6190  [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
12:17:16.0649 0x6190  WbioSrvc - ok
12:17:16.0686 0x6190  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
12:17:16.0713 0x6190  wcifs - ok
12:17:16.0771 0x6190  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
12:17:16.0863 0x6190  Wcmsvc - ok
12:17:16.0902 0x6190  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
12:17:16.0977 0x6190  wcncsvc - ok
12:17:17.0014 0x6190  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
12:17:17.0045 0x6190  wcnfs - ok
12:17:17.0068 0x6190  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
12:17:17.0094 0x6190  WdBoot - ok
12:17:17.0139 0x6190  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
12:17:17.0199 0x6190  Wdf01000 - ok
12:17:17.0233 0x6190  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
12:17:17.0269 0x6190  WdFilter - ok
12:17:17.0300 0x6190  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
12:17:17.0342 0x6190  WdiServiceHost - ok
         


Alt 26.12.2016, 11:22   #6
Royismus
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Code:
ATTFilter
12:17:17.0350 0x6190  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
12:17:17.0392 0x6190  WdiSystemHost - ok
12:17:17.0445 0x6190  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
12:17:17.0526 0x6190  wdiwifi - ok
12:17:17.0547 0x6190  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:17:17.0575 0x6190  WdNisDrv - ok
12:17:17.0604 0x6190  WdNisSvc - ok
12:17:17.0638 0x6190  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:17:17.0687 0x6190  WebClient - ok
12:17:17.0708 0x6190  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
12:17:17.0754 0x6190  Wecsvc - ok
12:17:17.0772 0x6190  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
12:17:17.0807 0x6190  WEPHOSTSVC - ok
12:17:17.0825 0x6190  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
12:17:17.0867 0x6190  wercplsupport - ok
12:17:17.0886 0x6190  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
12:17:17.0934 0x6190  WerSvc - ok
12:17:17.0972 0x6190  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
12:17:18.0001 0x6190  WFPLWFS - ok
12:17:18.0018 0x6190  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
12:17:18.0054 0x6190  WiaRpc - ok
12:17:18.0081 0x6190  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
12:17:18.0106 0x6190  WIMMount - ok
12:17:18.0112 0x6190  WinDefend - ok
12:17:18.0145 0x6190  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
12:17:18.0173 0x6190  WindowsTrustedRT - ok
12:17:18.0201 0x6190  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
12:17:18.0225 0x6190  WindowsTrustedRTProxy - ok
12:17:18.0283 0x6190  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:17:18.0377 0x6190  WinHttpAutoProxySvc - ok
12:17:18.0408 0x6190  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
12:17:18.0433 0x6190  WinMad - ok
12:17:18.0476 0x6190  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:17:18.0519 0x6190  Winmgmt - ok
12:17:18.0653 0x6190  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
12:17:18.0896 0x6190  WinRM - ok
12:17:18.0962 0x6190  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
12:17:18.0993 0x6190  WINUSB - ok
12:17:19.0017 0x6190  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
12:17:19.0042 0x6190  WinVerbs - ok
12:17:19.0099 0x6190  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
12:17:19.0185 0x6190  wisvc - ok
12:17:19.0302 0x6190  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
12:17:19.0492 0x6190  WlanSvc - ok
12:17:19.0613 0x6190  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
12:17:19.0802 0x6190  wlidsvc - ok
12:17:19.0829 0x6190  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
12:17:19.0857 0x6190  WmiAcpi - ok
12:17:19.0900 0x6190  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:17:19.0939 0x6190  wmiApSrv - ok
12:17:19.0964 0x6190  WMPNetworkSvc - ok
12:17:19.0997 0x6190  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:17:20.0028 0x6190  Wof - ok
12:17:20.0121 0x6190  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
12:17:20.0287 0x6190  workfolderssvc - ok
12:17:20.0310 0x6190  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
12:17:20.0360 0x6190  WPDBusEnum - ok
12:17:20.0396 0x6190  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:17:20.0419 0x6190  WpdUpFltr - ok
12:17:20.0443 0x6190  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
12:17:20.0498 0x6190  WpnService - ok
12:17:20.0517 0x6190  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
12:17:20.0551 0x6190  WpnUserService - ok
12:17:20.0588 0x6190  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:17:20.0619 0x6190  ws2ifsl - ok
12:17:20.0665 0x6190  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
12:17:20.0719 0x6190  wscsvc - ok
12:17:20.0737 0x6190  [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
12:17:20.0766 0x6190  WSDPrintDevice - ok
12:17:20.0784 0x6190  [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
12:17:20.0812 0x6190  WSDScan - ok
12:17:20.0820 0x6190  WSearch - ok
12:17:20.0947 0x6190  [ 5163F5BABAE1FF8CCC0AFD60B6EDD20A, E4F3FC2D7E9995DD34D6DD392D33B51649077985ECA0BF2AF0552D72DC3DF08E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
12:17:21.0148 0x6190  wuauserv - ok
12:17:21.0181 0x6190  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
12:17:21.0215 0x6190  WudfPf - ok
12:17:21.0257 0x6190  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
12:17:21.0297 0x6190  WUDFRd - ok
12:17:21.0336 0x6190  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
12:17:21.0375 0x6190  wudfsvc - ok
12:17:21.0402 0x6190  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:17:21.0442 0x6190  WUDFWpdFs - ok
12:17:21.0455 0x6190  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:17:21.0495 0x6190  WUDFWpdMtp - ok
12:17:21.0568 0x6190  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
12:17:21.0703 0x6190  WwanSvc - ok
12:17:21.0763 0x6190  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
12:17:21.0863 0x6190  XblAuthManager - ok
12:17:21.0936 0x6190  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
12:17:22.0044 0x6190  XblGameSave - ok
12:17:22.0092 0x6190  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
12:17:22.0148 0x6190  xboxgip - ok
12:17:22.0204 0x6190  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
12:17:22.0300 0x6190  XboxNetApiSvc - ok
12:17:22.0342 0x6190  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
12:17:22.0372 0x6190  xinputhid - ok
12:17:22.0377 0x6190  ================ Scan global ===============================
12:17:22.0402 0x6190  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
12:17:22.0442 0x6190  [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\WINDOWS\system32\winsrv.dll
12:17:22.0481 0x6190  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
12:17:22.0530 0x6190  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
12:17:22.0554 0x6190  [ Global ] - ok
12:17:22.0554 0x6190  ================ Scan MBR ==================================
12:17:22.0571 0x6190  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:17:22.0679 0x6190  \Device\Harddisk0\DR0 - ok
12:17:22.0680 0x6190  ================ Scan VBR ==================================
12:17:22.0685 0x6190  [ D12E7EAE9E14B0F54089A8DACA45D7BF ] \Device\Harddisk0\DR0\Partition1
12:17:22.0687 0x6190  \Device\Harddisk0\DR0\Partition1 - ok
12:17:22.0720 0x6190  [ 16A545C8C5F56B09801C8F1DA54FEF95 ] \Device\Harddisk0\DR0\Partition2
12:17:22.0721 0x6190  \Device\Harddisk0\DR0\Partition2 - ok
12:17:22.0735 0x6190  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
12:17:22.0736 0x6190  \Device\Harddisk0\DR0\Partition3 - ok
12:17:22.0762 0x6190  [ B22A4D864ECE125939503B95307060B8 ] \Device\Harddisk0\DR0\Partition4
12:17:22.0764 0x6190  \Device\Harddisk0\DR0\Partition4 - ok
12:17:22.0799 0x6190  [ 34086F955FB12EC499BC69DCEE7CC34A ] \Device\Harddisk0\DR0\Partition5
12:17:22.0802 0x6190  \Device\Harddisk0\DR0\Partition5 - ok
12:17:22.0802 0x6190  ================ Scan generic autorun ======================
12:17:23.0360 0x6190  [ DA2D7BED47EF71BDFEEDDEEE76C965FD, 79DB43FB6E84AD492E45DD7F58235D65DF0750AED8E1CEF287D9D1379106A953 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:17:23.0968 0x6190  RTHDVCPL - ok
12:17:24.0030 0x6190  [ DB367E8C8F46C26A05BA982715CC0DB5, 63AE8DD8E41260123E8C98905BD3D444BED86AEA6353F690483E5CB116433AC2 ] C:\WINDOWS\system32\TiltWheelMouse.exe
12:17:24.0073 0x6190  MouseDriver - ok
12:17:24.0152 0x6190  [ 1BC31F797516DC7B7446B62A849D5905, 49B35A41F1C3739800CBA2A559C2AEFE89FBC090F8305681AF3B379B639E16AA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
12:17:24.0218 0x6190  avgnt - ok
12:17:24.0269 0x6190  [ C91635CC2BF215F9D7A5A7FC2E385D1D, A77AC38D3ACF7C199C0C8A3DB5EF9610FF0E8ED68D6F5E08C75771D5A3659EEB ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
12:17:24.0289 0x6190  abDocsDllLoader - ok
12:17:24.0325 0x6190  [ B69B3F28C5DB496202C88F5A181640AC, 6ECD6DCFE27A043457BA910289849534ED9D173856DAF694687366E1A2C7A135 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
12:17:24.0342 0x6190  Avira SystrayStartTrigger - ok
12:17:24.0735 0x6190  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:17:25.0149 0x6190  OneDriveSetup - ok
12:17:25.0514 0x6190  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:17:25.0834 0x6190  OneDriveSetup - ok
12:17:25.0871 0x6190  Skype - ok
12:17:26.0010 0x6190  [ 44348495F9D6ED21F4EFB3FF80677D99, 05B76248764B2BF7F9229626D7EFAFF96B724D38A82969EBE376CBE879E30450 ] C:\Users\Ines\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:17:26.0107 0x6190  OneDrive - ok
12:17:26.0385 0x6190  [ 20616E7A9E9A1D231FD232FC3ACAE46D, 017D06196BFE0B1D71D4BAA5BDD716E8320C8F64882B512540DA8739B4CD0C4A ] C:\Users\Ines\AppData\Local\Amazon Music\Amazon Music Helper.exe
12:17:26.0603 0x6190  Amazon Music - ok
12:17:26.0617 0x6190  Waiting for KSN requests completion. In queue: 226
12:17:26.0882 0x540c  Object required for P2P: [ 44348495F9D6ED21F4EFB3FF80677D99 ] C:\Users\Ines\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:17:27.0081 0x540c  Object send P2P result: true
12:17:27.0639 0x6190  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.24.143 ), 0x41000 ( enabled : updated )
12:17:27.0640 0x6190  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
12:17:27.0647 0x6190  Win FW state via NFP2: enabled ( trusted )
12:17:27.0750 0x6190  ============================================================
12:17:27.0750 0x6190  Scan finished
12:17:27.0750 0x6190  ============================================================
12:17:27.0767 0x137c  Detected object count: 0
12:17:27.0768 0x137c  Actual detected object count: 0
         
Der Scan hat nichts gefunden. Ich nutze noch einen alten Laptop mit Windows XP. Ich glaub das dies eher der Übeltäter ist wenn wir hier nichts finden

Alt 26.12.2016, 11:32   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Ja, mach mal bitte einen FRST-Scan auf dem Laptop.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 26.12.2016, 11:35   #8
Royismus
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Mir ging es nur um diesen Laptop hier. Den XP nutze ich für so gut wie gar nichts. Er ist auch komplett blank.

Wenn auf diesem nichts zu finden ist dann bin ich zufrieden

Alt 26.12.2016, 11:43   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Der hier ist auch nicht ganz frei von Adware. Aber ein Necurs habe ich schon im FRST-Log nicht gesehen. TDSS-Killer war nur eine allg. Kontrolle.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 26.12.2016, 12:10   #10
Royismus
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Nehmen wir mal an das der XP Rechner befallen wäre. Stellt das ein Risiko für die anderen Geräte her oder spielt das keine Rolle?
Es werden über den Telekomanschluss nicht nur der eine Rechner betrieben sondern noch andere, deswegen die etwas unwissende Frage von mir

Alt 26.12.2016, 12:14   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Zitat:
Zitat von Royismus Beitrag anzeigen
Nehmen wir mal an das der XP Rechner befallen wäre. Stellt das ein Risiko für die anderen Geräte her oder spielt das keine Rolle?
XP wird nicht mehr mit Updates versorgt und ist deshalb schon ein Problem. Ein mit aktiver Malware infizierter Rechner kann u.U. weitere Malware nachladen, die dann u.U. auch andere Geräte im Netzwerk befällt. Ausschließen kann man das nicht und eine Garantie bekommst von mir daher auch nicht.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 26.12.2016, 12:20   #12
Royismus
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Alles klar Dann nutze ich den alten einfach nicht mehr Gebraucht wird er ja eh nicht Dann bedanke ich mich noch recht Herzlich, und noch einen schönen Feiertag.
Wenn ich mehr Zeit habe melde ich mich vielleicht nochmal wegen dem aktuellen Laptop und der Adware.

Alt 26.12.2016, 12:30   #13
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



OK.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 29.12.2016, 09:31   #14
Royismus
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Hi

Sollen wir hier weiter machen ?

Alt 29.12.2016, 09:35   #15
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Telekom Brief - Hinweis auf Necurs - Standard

Telekom Brief - Hinweis auf Necurs



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Telekom Brief - Hinweis auf Necurs
antiviren, befallen, brief, frage, frohe, gefunde, gen, hallo zusammen, hilfe, hinweis, kompletter, leitung, necurs, nichts, nummer, programm, suchlauf, telekom, virus, weihnachten, würde, zusammen



Ähnliche Themen: Telekom Brief - Hinweis auf Necurs


  1. Email vom Telekom-Abuse Team mit Hinweis auf Trojaner gozi2
    Log-Analyse und Auswertung - 20.10.2015 (11)
  2. XP VM Telekom Abusemeldung Infektion: Necurs
    Plagegeister aller Art und deren Bekämpfung - 26.09.2015 (21)
  3. Telekom Brief Hinweis auf Trojaner
    Log-Analyse und Auswertung - 22.02.2015 (1)
  4. Windows Defender: Problem beim Entfernen von Trojan:Win32/Necurs.A und Trojan:WinNT/Necurs.A unter Windows 7
    Log-Analyse und Auswertung - 11.04.2014 (52)
  5. Win Vista: TR/Necurs.A.405
    Log-Analyse und Auswertung - 08.02.2014 (14)
  6. Trojan Win32/Necurs.A wie werde ich ihn los?
    Plagegeister aller Art und deren Bekämpfung - 03.02.2014 (20)
  7. Vista-Befall mit Trojan:Win32\Necurs.A und PUP.OfferBundler.ST
    Log-Analyse und Auswertung - 01.02.2014 (12)
  8. Telekom Deutschland GmbH Spam: Ihre Telekom Mobilfunk RechnungOnline für Geschäftskunden
    Diskussionsforum - 17.01.2014 (15)
  9. Windows 7: Viren im System gefunden > Hinweis durch Brief der Dt. Telekom auf "Hacking"
    Log-Analyse und Auswertung - 14.09.2013 (9)
  10. Nach Hinweis von Telekom Abuse Team Trojanerfund Trojan.Zbot.FV
    Log-Analyse und Auswertung - 11.06.2013 (10)
  11. Root.Necurs
    Log-Analyse und Auswertung - 08.05.2013 (10)
  12. Mit Avira tr-atraps.gen2 ; TR/necurs.a.71 ; TR/Sirefef.a.78
    Log-Analyse und Auswertung - 05.05.2013 (14)
  13. Telekom-Hinweis auf ZeuS/ZBot
    Log-Analyse und Auswertung - 18.02.2013 (7)
  14. mehrere Trojaner gefunden- Malagent,Necurs,Rogue
    Plagegeister aller Art und deren Bekämpfung - 14.01.2013 (61)
  15. MSE: Sirefef, Necurs, Fareit und CVE-2012-1723
    Log-Analyse und Auswertung - 13.09.2012 (14)
  16. Atraps(2)+Necurs+?
    Log-Analyse und Auswertung - 10.09.2012 (15)

Zum Thema Telekom Brief - Hinweis auf Necurs - Hallo zusammen und frohe Weihnachten Wir haben von der Telekom einen Brief bekommen das ein Endgeräte auf unserer Leitung von einem Virus befallen sein soll. Ein kompletter Suchlauf des Antiviren - Telekom Brief - Hinweis auf Necurs...
Archiv
Du betrachtest: Telekom Brief - Hinweis auf Necurs auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.