Windows 10 Tabs öffnen sich automatisch

Yvi1993 · 05.01.2017, 08:28

Hallo Liebes Team,
seid einiger Zeit habe ich das Problem das sich auf meinem Rechner (Windows 10)
immer wieder egal ob Internet Explorer oder Chrome selbstständig meist leere Tabs öffnen.
Ich benutze Kaspersky als Anti Virenprogramm dieses findet auch nichts.
Habe es ebenfalls mit Malewarebytes versucht aber auch dort lässt sich nichts finden und nun
bin ich ziemlich ratlos.
Da ich mich mit Computern jetzt nicht so gut auskenne und ihr ja immer die Logfiles braucht, stellt sich mir die Frage wie ich an diese ran komme?

MFG

Yvi

cosinus · 05.01.2017, 09:09

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Yvi1993 · 05.01.2017, 14:06

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von User1 (Administrator) auf DESKTOP-6NS9837 (05-01-2017 14:04:06)
Gestartet von C:\Users\User1\Downloads
Geladene Profile: User1 (Verfügbare Profile: defaultuser0 & User1)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Malwarebytes) E:\Anti-Malware\MBAMService.exe
(Electronic Arts) E:\Origins\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) E:\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\User1\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1473024 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [691560 2016-04-22] ()
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-05-25] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-10-31] (Razer Inc.)
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\Run: [Steam] => E:\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\MountPoints2: {7ab9537e-a1e4-11e6-824f-806e6f6e6963} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL D:\Autorun.hta
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\MountPoints2: {8f822d66-a84f-11e6-8254-806e6f6e6963} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL D:\Autorun.hta
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\MountPoints2: {ebaf5045-b171-11e6-825d-806e6f6e6963} - "D:\Setup.exe" 
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\MountPoints2: {f0d9c0be-b1a4-11e6-8259-806e6f6e6963} - "D:\DVDSetup.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-11-24]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{563dd4a2-a91d-477b-a920-3e511208712c}: [DhcpNameServer] 192.168.1.10
Tcpip\..\Interfaces\{9f8fb24a-5964-484b-a48a-55f9a45f09fb}: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{d6152445-4f23-4949-a60a-057b6211b4ec}: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{f9fe0009-6bc5-4d4f-abc4-210594062ecb}: [DhcpNameServer] 192.168.1.10

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default [2017-01-05]
CHR Extension: (Google Präsentationen) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-12]
CHR Extension: (Google Docs) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-12]
CHR Extension: (Google Drive) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-12]
CHR Extension: (YouTube) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-12]
CHR Extension: (Advanced System Surfing Protection) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdoebijggplldfolgeepnnfhfnoglak [2016-11-24]
CHR Extension: (Google Tabellen) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-12]
CHR Extension: (Google Docs Offline) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-12]
CHR Extension: (AdBlock) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-12]
CHR Extension: (Google Mail) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [448496 2016-11-01] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; E:\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-17] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origins\OriginClientService.exe [2119688 2016-12-23] (Electronic Arts)
R2 Origin Web Helper Service; E:\Origins\OriginWebHelperService.exe [2180624 2016-12-23] (Electronic Arts)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-11-11] (Qualcomm Atheros Communications, Inc.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2016-12-14] ()
R1 HWiNFO32; C:\Windows\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-09-12] (REALiX(tm))
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-07-20] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\System32\drivers\iaLPSS2_I2C.sys [185128 2015-07-20] (Intel Corporation)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [162456 2016-11-23] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [435032 2016-11-23] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2016-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1019616 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57424 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-09] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [85984 2016-12-15] ()
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-09] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-09] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-09] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [134880 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176064 2016-12-29] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-05] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-05] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-05] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_410e5247be0e5f00\nvlddmkm.sys [14174256 2016-11-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-09-23] (Realtek Semiconductor Corp.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [943112 2016-11-03] (Realtek                                            )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-11-11] (Realsil Semiconductor Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-24] (Sonix Co. Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [66168 2015-10-28] (Synaptics Incorporated)
R3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [32264 2015-07-22] (Creative Technology Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\User1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-05 14:04 - 2017-01-05 14:04 - 00021631 _____ C:\Users\User1\Downloads\FRST.txt
2017-01-05 14:03 - 2017-01-05 14:03 - 02418176 _____ (Farbar) C:\Users\User1\Downloads\FRST64.exe
2017-01-05 08:10 - 2017-01-05 14:04 - 00000000 ____D C:\FRST
2017-01-05 07:46 - 2017-01-05 08:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-05 06:43 - 2017-01-05 06:43 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-05 06:38 - 2017-01-05 06:38 - 00000499 _____ C:\Users\Public\Desktop\Recuva.lnk
2017-01-05 06:38 - 2017-01-05 06:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2017-01-05 06:37 - 2017-01-05 06:37 - 05562976 _____ (Piriform Ltd) C:\Users\User1\Downloads\rcsetup153.exe
2016-12-31 10:26 - 2016-12-31 10:26 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-12-31 10:26 - 2016-08-16 11:40 - 05660512 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2016-12-31 10:26 - 2005-01-03 07:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2016-12-31 10:26 - 2003-07-18 22:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2016-12-29 12:42 - 2016-12-29 12:42 - 11122883 _____ C:\Users\User1\Downloads\LifeInTheWoodsBasic.zip
2016-12-29 12:40 - 2016-12-29 12:51 - 00000000 ____D C:\Users\User1\AppData\Roaming\.minecraft
2016-12-29 12:40 - 2016-12-29 12:40 - 00000000 ____D C:\Users\User1\AppData\Roaming\java
2016-12-29 12:40 - 2016-12-29 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-12-29 12:39 - 2016-12-29 12:39 - 02314240 _____ C:\Users\User1\Downloads\MinecraftInstaller.msi
2016-12-29 10:58 - 2016-12-29 10:58 - 00000000 ____D C:\Users\User1\AppData\Roaming\LolClient
2016-12-29 10:11 - 2016-12-29 10:11 - 03977168 _____ C:\Users\User1\Downloads\adwcleaner_6.041 (3).exe
2016-12-29 10:11 - 2016-12-29 10:11 - 03977168 _____ C:\Users\User1\Downloads\adwcleaner_6.041 (2).exe
2016-12-28 20:18 - 2016-12-29 10:25 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2016-12-28 20:17 - 2017-01-05 07:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-28 20:17 - 2017-01-05 06:41 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-28 20:17 - 2017-01-05 06:41 - 00102856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2016-12-28 20:17 - 2017-01-05 06:41 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-28 20:17 - 2016-12-28 20:20 - 00091584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2016-12-28 20:17 - 2016-12-28 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-28 20:17 - 2016-12-14 12:55 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2016-12-28 20:16 - 2016-12-28 20:17 - 54199488 _____ (Malwarebytes ) C:\Users\User1\Downloads\mb3-setup-computerbild.8000-3.0.5.1299.exe
2016-12-28 20:02 - 2016-12-29 10:13 - 00000000 ____D C:\AdwCleaner
2016-12-28 20:02 - 2016-12-28 20:02 - 03977168 _____ C:\Users\User1\Downloads\adwcleaner_6.041 (1).exe
2016-12-24 15:18 - 2016-12-24 15:18 - 00000000 ____D C:\ProgramData\Riot Games
2016-12-24 15:17 - 2016-12-24 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-12-24 15:17 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-12-24 15:17 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-12-24 15:17 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-12-24 15:16 - 2016-12-24 15:17 - 00000000 ____D C:\Users\User1\AppData\Roaming\Riot Games
2016-12-24 15:16 - 2016-12-24 15:16 - 31876824 _____ (Riot Games) C:\Users\User1\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe
2016-12-23 22:17 - 2016-12-31 12:40 - 00000000 ____D C:\Users\User1\Documents\Electronic Arts
2016-12-23 21:46 - 2016-12-29 14:27 - 00000000 ____D C:\Users\User1\Desktop\Spiele
2016-12-23 21:46 - 2016-12-23 21:46 - 00000000 ____D C:\Users\User1\Desktop\Scirvener
2016-12-23 21:43 - 2016-12-23 21:43 - 03977168 _____ C:\Users\User1\Downloads\adwcleaner_6.041.exe
2016-12-23 20:22 - 2015-04-14 16:09 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2016-12-21 16:45 - 2016-12-21 16:46 - 00006332 _____ C:\Users\User1\Documents\cc_20161221_164556.reg
2016-12-18 11:16 - 2016-12-18 11:16 - 915729729 _____ C:\Users\User1\Downloads\Bless Fan Package.rar
2016-12-17 20:11 - 2016-12-29 10:27 - 00000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2016-12-17 20:10 - 2016-12-17 20:10 - 04385216 _____ (MY.COM B.V.) C:\Users\User1\Downloads\RevelationOnlineLoader_8098d244b4986b278b653ae0834e2f21__de.exe
2016-12-17 19:55 - 2016-12-17 19:55 - 00000000 ____D C:\Users\User1\AppData\LocalLow\Unity
2016-12-17 17:23 - 2016-12-17 17:23 - 00000000 ____D C:\Users\User1\AppData\Roaming\FiraxisLive
2016-12-17 12:59 - 2016-12-17 12:59 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 12:59 - 2016-12-17 12:59 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 15:14 - 2016-12-15 15:14 - 00085984 _____ C:\Windows\system32\Drivers\klupd_klif_kimul.sys
2016-12-14 17:43 - 2016-12-14 17:43 - 00000000 ____D C:\Users\User1\AppData\Local\Chromium
2016-12-13 19:51 - 2016-12-13 19:51 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-12-13 19:51 - 2013-03-24 05:00 - 00391168 _____ (CANON INC.) C:\Windows\system32\CNMLMBR.DLL
2016-12-13 19:41 - 2016-12-13 19:45 - 00101499 _____ C:\Users\User1\Documents\klangkugeln.pdf
2016-12-13 19:37 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-12-13 19:37 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-12-13 19:37 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-13 19:37 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-12-13 19:37 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-13 19:37 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-13 19:37 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-13 19:37 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-12-13 19:37 - 2016-12-09 11:29 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2016-12-13 19:37 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-12-13 19:37 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-13 19:37 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-12-13 19:37 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-12-13 19:37 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-12-13 19:37 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-12-13 19:37 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-12-13 19:37 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-12-13 19:37 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-13 19:37 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-12-13 19:37 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-12-13 19:37 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2016-12-13 19:37 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2016-12-13 19:37 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2016-12-13 19:37 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2016-12-13 19:37 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-13 19:37 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-12-13 19:37 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-12-13 19:37 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-12-13 19:37 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2016-12-13 19:37 - 2016-12-09 11:11 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-12-13 19:37 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2016-12-13 19:37 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-13 19:37 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2016-12-13 19:37 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-12-13 19:37 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-12-13 19:37 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-12-13 19:37 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-13 19:37 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-12-13 19:37 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-12-13 19:37 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-13 19:37 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-12-13 19:37 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-12-13 19:37 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-13 19:37 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2016-12-13 19:37 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-13 19:37 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-12-13 19:37 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-13 19:37 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll
2016-12-13 19:37 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-12-13 19:37 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2016-12-13 19:37 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WordBreakers.dll
2016-12-13 19:37 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2016-12-13 19:37 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-13 19:37 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2016-12-13 19:37 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2016-12-13 19:37 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-12-13 19:37 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-12-13 19:37 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-13 19:37 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2016-12-13 19:37 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-12-13 19:37 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-13 19:37 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-12-13 19:37 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-12-13 19:37 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-12-13 19:37 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2016-12-13 19:37 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-13 19:37 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-13 19:37 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-12-13 19:37 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll
2016-12-13 19:37 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-13 19:37 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-12-13 19:37 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-12-13 19:37 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-12-13 19:37 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-12-13 19:37 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-12-13 19:37 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-13 19:37 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-13 19:37 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2016-12-13 19:37 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-13 19:37 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-12-13 19:37 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2016-12-13 19:37 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2016-12-13 19:37 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-12-13 19:37 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-13 19:37 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2016-12-13 19:37 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-12-13 19:37 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-13 19:37 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-13 19:37 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-12-13 19:37 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-12-13 19:37 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2016-12-13 19:37 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-12-13 19:37 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2016-12-13 19:37 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-12-13 19:37 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-12-13 19:37 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-12-13 19:37 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-12-13 19:37 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2016-12-13 19:37 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-12-13 19:37 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2016-12-13 19:37 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll
2016-12-13 19:37 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-13 19:37 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2016-12-13 19:37 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-12-13 19:37 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2016-12-13 19:37 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2016-12-13 19:37 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2016-12-13 19:37 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-12-13 19:37 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2016-12-13 19:37 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-13 19:37 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputLocaleManager.dll
2016-12-13 19:37 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditBufferTestHook.dll
2016-12-13 19:37 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2016-12-13 19:37 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-13 19:37 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2016-12-13 19:37 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-12-10 20:48 - 2016-12-10 20:48 - 00000000 ____D C:\Users\User1\AppData\LocalLow\SKS
2016-12-09 16:25 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-12-09 16:25 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-12-09 16:25 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll
2016-12-09 16:25 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-12-09 16:25 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2016-12-09 16:25 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2016-12-09 16:25 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-09 16:25 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-09 16:25 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-12-09 16:25 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-12-09 16:25 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2016-12-09 16:25 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-12-09 16:25 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2016-12-09 16:25 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2016-12-09 16:25 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-12-09 16:25 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-12-09 16:25 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-12-09 16:25 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-12-09 16:25 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-12-09 16:25 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-12-09 16:25 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-09 16:25 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-12-09 16:25 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-12-09 16:25 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-12-09 16:25 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-12-09 16:25 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-12-09 16:25 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe
2016-12-09 16:25 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\Windows\system32\RTWorkQ.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\Windows\system32\mfaudiocnv.dll
2016-12-09 16:25 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-12-09 16:25 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2016-12-09 16:25 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-12-09 16:25 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-09 16:25 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-12-09 16:25 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-12-09 16:25 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2016-12-09 16:25 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2016-12-09 16:25 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\CbtBackgroundManagerPolicy.dll
2016-12-09 16:25 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-12-09 16:25 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2016-12-09 16:25 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2016-12-09 16:25 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-09 16:25 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\ReportingCSP.dll
2016-12-09 16:25 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys
2016-12-09 16:25 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2016-12-09 16:25 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\BcastDVRHelper.dll
2016-12-09 16:25 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-12-09 16:25 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-12-09 16:25 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-12-09 16:25 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-12-09 16:25 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2016-12-09 16:25 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-12-09 16:25 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-12-09 16:25 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2016-12-09 16:25 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-12-09 16:25 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\EAMProgressHandler.dll
2016-12-09 16:25 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-12-09 16:25 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-12-09 16:25 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\EDPCleanup.exe
2016-12-09 16:25 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2016-12-09 16:25 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
2016-12-09 16:25 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-12-09 16:25 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-12-09 16:25 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-12-09 16:25 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2016-12-09 16:25 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2016-12-09 16:25 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2016-12-09 16:25 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2016-12-09 16:25 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-12-09 16:25 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2016-12-09 16:25 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-09 16:25 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2016-12-09 16:25 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-12-09 16:25 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-12-09 16:25 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-12-09 16:25 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-12-09 16:25 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2016-12-09 16:25 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2016-12-09 16:25 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-12-09 16:25 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-12-09 16:25 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2016-12-09 16:25 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2016-12-09 16:25 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-12-09 16:25 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2016-12-09 16:25 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-12-09 16:25 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\umpoext.dll
2016-12-09 16:25 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-12-09 16:25 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\dialserver.dll
2016-12-09 16:25 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-12-09 16:25 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2016-12-09 16:25 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-12-09 16:25 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-12-09 16:25 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-12-09 16:25 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-12-09 16:25 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-09 16:25 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-09 16:25 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-12-09 16:25 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-12-09 16:25 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2016-12-09 16:25 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2016-12-09 16:25 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-12-09 16:25 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-12-09 16:25 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-12-09 16:25 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-12-09 16:25 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-12-09 16:25 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-12-09 16:25 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-12-09 16:25 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-09 16:25 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-09 16:25 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2016-12-09 16:25 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-12-09 16:25 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-09 16:25 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2016-12-09 16:25 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-12-09 16:25 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-12-09 16:25 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-09 16:25 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTWorkQ.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfaudiocnv.dll
2016-12-09 16:25 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-12-09 16:25 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe
2016-12-09 16:25 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-09 16:25 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-09 16:25 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-09 16:25 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2016-12-09 16:25 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2016-12-09 16:25 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-12-09 16:25 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-12-09 16:25 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2016-12-09 16:25 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRHelper.dll
2016-12-09 16:25 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-12-09 16:25 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-09 16:25 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll
2016-12-09 16:25 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-09 16:25 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-12-09 16:25 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2016-12-09 16:25 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-12-09 16:25 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-12-09 16:25 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 16:25 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-12-09 16:25 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-12-09 16:25 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2016-12-09 16:25 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2016-12-09 16:25 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-12-09 16:25 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2016-12-09 16:25 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2016-12-09 16:25 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2016-12-09 16:25 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-12-09 16:25 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2016-12-09 16:25 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2016-12-09 16:25 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-12-09 16:25 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 16:25 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-12-09 16:25 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-12-09 16:25 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-12-09 16:25 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-12-09 16:25 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2016-12-09 16:25 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2016-12-09 16:25 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-12-09 16:25 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2016-12-09 16:25 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-12-09 16:25 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2016-12-09 16:25 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-12-09 16:25 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2016-12-09 16:25 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2016-12-09 16:25 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2016-12-09 16:25 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2016-12-09 16:25 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2016-12-09 16:25 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-12-09 16:25 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2016-12-09 16:25 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2016-12-09 16:25 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-12-09 16:25 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2016-12-09 16:25 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-12-09 13:58 - 2016-12-09 13:58 - 00245512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2016-12-09 13:57 - 2016-12-09 13:57 - 00218920 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2016-12-09 13:57 - 2016-12-09 13:57 - 00164888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2016-12-09 13:57 - 2016-12-09 13:57 - 00104720 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2016-12-08 15:47 - 2016-12-08 15:47 - 07586311 _____ C:\Users\User1\Documents\bvc.pdf
2016-12-08 15:47 - 2016-12-08 15:47 - 00000000 ____D C:\Users\User1\AppData\LocalLow\Temp
2016-12-08 15:41 - 2016-12-08 15:41 - 01665710 _____ C:\Users\User1\Downloads\antworten_sachkunde.pdf
2016-12-08 15:40 - 2016-12-08 15:40 - 00609225 _____ C:\Users\User1\Downloads\fragen_sachkunde.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-05 14:02 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-01-05 14:01 - 2016-11-23 11:26 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-05 14:00 - 2016-11-23 19:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-01-05 14:00 - 2016-11-11 21:46 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-05 08:29 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-01-05 08:06 - 2016-09-09 20:48 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-01-05 07:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-05 07:58 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-01-05 06:45 - 2016-09-09 20:57 - 02357756 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-05 06:45 - 2016-07-16 23:51 - 00975980 _____ C:\Windows\system32\perfh007.dat
2017-01-05 06:45 - 2016-07-16 23:51 - 00225590 _____ C:\Windows\system32\perfc007.dat
2017-01-05 06:41 - 2016-09-09 20:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-05 06:40 - 2016-09-09 20:49 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-05 06:40 - 2016-07-16 07:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-01-03 18:54 - 2016-09-09 20:53 - 00000000 ____D C:\Users\User1
2016-12-31 23:46 - 2016-11-24 18:24 - 00000000 ____D C:\ProgramData\Origin
2016-12-31 23:46 - 2016-09-09 20:53 - 00524288 ___SH C:\Users\User1\NTUSER.DAT{f5b13604-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-31 23:46 - 2016-09-09 20:53 - 00065536 ___SH C:\Users\User1\NTUSER.DAT{f5b13604-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-31 23:43 - 2016-11-24 18:25 - 00000000 ____D C:\Users\User1\AppData\Roaming\Origin
2016-12-31 23:25 - 2016-11-24 18:22 - 00000000 ____D C:\Users\User1\AppData\Local\Battle.net
2016-12-31 22:22 - 2016-11-26 20:53 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-12-31 10:26 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\SysWOW64
2016-12-31 10:26 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files\Common Files
2016-12-31 10:25 - 2016-07-16 12:47 - 00000000 __SHD C:\Windows\Installer
2016-12-29 21:36 - 2016-11-25 13:55 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-12-29 12:40 - 2016-09-09 20:53 - 00000000 ____D C:\Users\User1\AppData\Roaming
2016-12-29 10:30 - 2016-11-23 20:13 - 00000000 ____D C:\Users\User1\Documents\My Games
2016-12-29 10:29 - 2016-11-24 11:17 - 00000000 ____D C:\MSI
2016-12-29 10:29 - 2016-07-16 07:04 - 00000000 ___RD C:\Program Files (x86)
2016-12-29 10:26 - 2016-09-12 09:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-29 10:26 - 2016-07-16 07:04 - 00000000 ___RD C:\Program Files
2016-12-29 10:22 - 2016-07-16 07:04 - 00032768 _____ C:\Windows\system32\config\ELAM
2016-12-28 20:18 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\drivers
2016-12-28 20:06 - 2016-09-09 20:53 - 00000000 ____D C:\Users\User1\AppData\Local\Packages
2016-12-28 20:05 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\Logs
2016-12-24 15:17 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\Tasks
2016-12-24 13:46 - 2016-11-26 20:53 - 00000000 ____D C:\Users\User1\Documents\Heroes of the Storm
2016-12-24 11:43 - 2016-11-24 11:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-23 22:17 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Documents
2016-12-22 16:14 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Saved Games
2016-12-21 16:41 - 2016-11-25 13:52 - 00000000 ____D C:\Users\User1\AppData\Local\CrashDumps
2016-12-21 16:41 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\debug
2016-12-17 20:11 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-17 20:10 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Pictures
2016-12-17 19:55 - 2016-09-09 20:53 - 00000000 ____D C:\Users\User1\AppData\LocalLow
2016-12-15 15:21 - 2016-09-09 20:50 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-15 15:19 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\rescache
2016-12-15 15:07 - 2016-07-16 12:47 - 00000000 ___RD C:\Windows\assembly
2016-12-14 17:43 - 2016-11-23 19:25 - 00000000 ____D C:\Users\User1\AppData\Local\Steam
2016-12-14 17:34 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\LogFiles
2016-12-14 15:01 - 2016-09-09 20:48 - 00194296 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 07:35 - 2016-09-09 20:48 - 00524288 ___SH C:\Windows\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-14 07:35 - 2016-09-09 20:48 - 00065536 ___SH C:\Windows\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-14 07:35 - 2016-07-16 12:47 - 00000666 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 07:35 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\SysWOW64\de-DE
2016-12-14 07:35 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\de-DE
2016-12-14 07:35 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\Boot
2016-12-14 07:35 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\ShellExperiences
2016-12-14 07:35 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppPatch
2016-12-14 07:22 - 2016-09-12 09:47 - 00002267 ____H C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 06:48 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2016-12-14 06:46 - 2016-09-12 09:40 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 06:45 - 2016-09-12 09:40 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-13 19:52 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-09 20:15 - 2016-09-09 20:53 - 00000402 ___SH C:\Users\User1\Documents\desktop.ini
2016-12-09 20:15 - 2016-09-09 20:53 - 00000282 ___SH C:\Users\User1\Downloads\desktop.ini
2016-12-09 20:15 - 2016-09-09 20:53 - 00000282 ___SH C:\Users\User1\Desktop\desktop.ini
2016-12-09 20:15 - 2016-09-09 20:53 - 00000174 ___SH C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-09 20:15 - 2016-09-09 20:53 - 00000174 ___SH C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Searches
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Music
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Links
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Favorites
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Contacts
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-09 20:15 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\wbem
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\oobe
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\bcastdvr
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-09 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-12-09 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\system32\Sysprep
2016-12-09 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\system32\Dism
2016-12-09 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\system32\CatRoot
2016-12-09 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\servicing
2016-12-09 16:16 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-12-08 15:03 - 2016-11-23 19:04 - 00001476 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2016-12-08 15:03 - 2016-11-23 19:03 - 01019616 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-08 15:03 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-12-08 15:03 - 2016-06-02 22:39 - 00134880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-11-23 13:26 - 2016-11-23 13:26 - 1307648 _____ () C:\Users\User1\AppData\Local\file__0.localstorage
2016-09-09 20:57 - 2016-09-09 20:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-05 06:55

==================== Ende von FRST.txt ============================

Yvi1993 · 05.01.2017, 14:07

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von User1 (05-01-2017 14:04:43)
Gestartet von C:\Users\User1\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-09 19:53:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3303905599-2245439626-354554511-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3303905599-2245439626-354554511-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3303905599-2245439626-354554511-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3303905599-2245439626-354554511-501 - Limited - Disabled)
User1 (S-1-5-21-3303905599-2245439626-354554511-1001 - Administrator - Enabled) => C:\Users\User1

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ansel (Version: 375.95 - NVIDIA Corporation) Hidden
ApoDispatchConfigurator (Version: 2.2.601 - Nahimic) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AudioLaunchpadConfigurator (Version: 2.2.601 - Nahimic) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
CheckDevicesConfigurator (Version: 2.2.601 - Nahimic) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 University Life) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
Dishonored 2 (HKLM\...\Steam App 403640) (Version:  - Arkane Studios)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Killer Bandwidth Control Filter Driver (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer E240x Drivers (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
LauncherSetup (Version: 2.2.601 - Nahimic) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.6.0.0 - Lightworks)
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Nahimic 2 (HKLM-x32\...\{3e7434ed-dffc-4264-a656-0087f9a875e6}) (Version: 2.2.6 - Nahimic)
Nahimic2UISetup (Version: 2.2.601 - Nahimic) Hidden
NahimicSettingsConfigurator (Version: 2.2.601 - Nahimic) Hidden
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.95 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
ProductDaemonSetup (Version: 2.2.601 - Nahimic) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1031 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Scrap Mechanic (HKLM\...\Steam App 387990) (Version:  - Axolot Games)
Sherlock Holmes: The Devil's Daughter (HKLM\...\Steam App 350640) (Version:  - Frogwares)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
SonicMapperConfigurator (Version: 2.2.601 - Nahimic) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Long Dark (HKLM\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.55 - TuneUp Software) Hidden
UIInstallUpgrade (Version: 2.2.601 - Nahimic) Hidden
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.) <==== ACHTUNG
Vegas Pro 13.0 (64-bit) (HKLM\...\{D2FD5391-6A9B-11E4-BBC6-F04DA23A5C58}) (Version: 13.0.428 - Sony)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Weapons of Mythology - New Age - (HKLM\...\Steam App 523190) (Version:  - Gamemag)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {3532E62E-151F-4832-820F-1D747FA26D65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {36C6A83C-846F-47CB-90BA-DDEE4579365B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {39546669-1F60-46A6-B2E9-220D613AD929} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {48528ED7-A926-4DDB-9520-1DD979F1C2B6} - System32\Tasks\Driver Booster SkipUAC (User1) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {5121F5D9-0FA5-4174-89BF-B437F1598280} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {5D69CD75-14E7-4FCD-A6C0-94DFA38A997C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {5E954971-DEAF-47DD-B56D-68A453553DAE} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2016-04-22] ()
Task: {682BDE58-6941-44DD-A3B3-3A26813B2DEB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {789A892E-6BFB-4408-960B-7F344176D323} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {8A009B95-EC9C-4FEE-B4E1-FC2B68CA1A00} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2016-04-22] ()
Task: {ACC5724B-4F37-4691-8E7A-C7A42334A65A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-12] (Google Inc.)
Task: {C2F59D90-4850-42CF-90A4-F242829312CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {C7957681-C2E4-4ACB-9A5A-0DA8384463E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {CD9C479D-068D-44C0-BE9E-3AA912BB93F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {CDF761A3-5D0F-481F-A7B0-44AEF6305A0C} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\User1\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D657AAA1-C3A8-4BB5-A87A-F8B458894A06} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [2016-04-22] ()
Task: {E20B44BD-1AC8-40BE-84E4-39F9DA6B05DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-12] (Google Inc.)
Task: {E9DE188A-0D4F-4526-88B8-1F72EDCBB822} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {EB868EF2-7486-4B3E-8BBF-2DD0E4724975} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-11-23 11:57 - 2016-11-17 14:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-23 11:57 - 2016-11-17 14:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-23 11:57 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-12-28 20:17 - 2016-12-14 12:55 - 02259232 _____ () E:\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-12-28 20:17 - 2016-12-14 12:55 - 02813904 _____ () E:\ANTI-MALWARE\arwlib.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-13 19:37 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-11-23 11:26 - 2016-11-17 02:03 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-13 19:37 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-12-13 19:37 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-09-12 09:40 - 2016-09-12 09:40 - 01864384 _____ () C:\Users\User1\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-04-22 17:53 - 2016-04-22 17:53 - 00211816 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll
2016-04-22 17:53 - 2016-04-22 17:53 - 00285032 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll
2016-11-03 12:00 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-13 19:37 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-11 22:55 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-11 22:55 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-11 22:55 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-11 22:55 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-11 22:55 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-11 22:55 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-11 22:55 - 2016-11-02 11:13 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-04-22 17:50 - 2016-04-22 17:50 - 00691560 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
2016-04-22 17:50 - 2016-04-22 17:50 - 01962496 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
2016-04-22 17:53 - 2016-04-22 17:53 - 00500224 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe
2016-09-28 17:25 - 2016-09-28 17:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-12-15 14:58 - 2016-12-15 14:58 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-12-23 19:56 - 2016-12-23 19:56 - 02493440 _____ () E:\Origins\libGLESv2.dll
2016-05-25 22:52 - 2016-05-25 22:52 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-11-23 11:57 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-23 11:57 - 2016-11-17 14:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-23 11:57 - 2016-11-17 14:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-04-22 17:49 - 2016-04-22 17:49 - 00180584 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2DevProps.dll
2016-04-22 17:47 - 2016-04-22 17:47 - 00252264 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2OSD.dll
2016-11-23 11:57 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-23 11:57 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-23 11:57 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-23 11:57 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-23 11:57 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-23 11:57 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-23 11:57 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-12 09:39 - 2016-09-12 09:39 - 01383616 _____ () C:\Users\User1\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-09-12 09:40 - 2016-09-12 09:40 - 00118976 _____ () C:\Users\User1\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-11-23 11:57 - 2016-11-17 14:44 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-11-01 08:58 - 2016-11-01 08:58 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-11-25 15:38 - 2016-09-07 21:42 - 50656768 _____ () C:\Users\User1\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2016-11-25 15:38 - 2016-09-07 21:42 - 01874944 _____ () C:\Users\User1\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2016-11-25 15:38 - 2016-09-07 21:42 - 00075264 _____ () C:\Users\User1\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2016-12-14 07:22 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 07:22 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2016-07-16 12:45 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3303905599-2245439626-354554511-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{429DE816-4FBD-42EE-B638-711BAFE6B702}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{65303912-7997-4DC7-A35A-3337BE31B493}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{DF13E15C-D484-4B92-9B7D-D76EB8EDE98C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DC49F3EC-25CD-487E-938D-216EDD544179}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ADB22972-1CBD-409C-97E6-DC3E02CF18B4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{829F417C-3502-430E-BE1D-DF49304A2EC2}] => E:\Steam\Steam.exe
FirewallRules: [{630D374E-DA6E-4E75-9EB5-AAA094AEE159}] => E:\Steam\Steam.exe
FirewallRules: [{7D64997E-069A-45B6-9D31-4F1DB3F5486A}] => E:\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{9A93C7A7-1A02-475D-A753-D40A80EFC3B1}] => E:\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{E040FDB7-D1EF-45BB-9B08-968610D69074}] => E:\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{755CCBFD-BEF1-4A7A-A5F1-6A7709D4D1AD}] => E:\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{9E63854F-7F3A-4660-B540-62512A195337}] => E:\Steam\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{3542887B-8F96-4B9D-87C5-9F617B9981D7}] => E:\Steam\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{E7262040-3705-4850-9D7F-2AD728E5F533}] => E:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{88E46CE9-BD25-4A47-9AD7-7EBFBC575E29}] => E:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{80D08ACC-04E3-4BEC-B63E-FF1506AA2681}] => E:\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{A8AEA435-CFFE-4BB5-AF25-CB654D8899A2}] => E:\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{EA713A1E-AEA1-4CF9-869C-619A64325955}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{1779807D-5B84-4419-97D7-8B44C2A78F46}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{3EE69F64-03CF-434A-B5C9-EE31ADD7006D}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{352C809B-9DB9-4F6C-BC5A-10169520A223}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{76495409-2962-44FC-B895-B8857EE2B451}] => E:\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{D0B11EC6-97BF-4D6F-8960-C780B2991A77}] => E:\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{B3CD45DC-8487-4CA2-A294-B5AFBACAC170}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7EB39559-6210-452B-9EEC-AC37585B8D09}] => E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F315852F-24F0-4C83-8239-444C7448CE12}] => E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{50617EDE-E957-4F87-A354-43593333CABA}] => E:\Steam\steamapps\common\Weapons of Mythology - New Age -\Weapons Of Mythology New Age.exe
FirewallRules: [{278EBC98-2332-4728-A265-A1A83A8B2849}] => E:\Steam\steamapps\common\Weapons of Mythology - New Age -\Weapons Of Mythology New Age.exe
FirewallRules: [{A14A0E3F-66B6-4BC5-A005-A4112F6E260E}] => E:\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{65D2B53C-373B-49E0-A0C8-D39682072A6F}] => E:\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{785A686F-05E1-4C74-B922-99CE5B22DE78}] => E:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{D18C3D10-2EB8-41A0-8C29-241D6B8420BC}] => E:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{1307ADC0-7EA4-43E3-BA39-16F7978ADF77}] => E:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{B1D50E74-3D0A-4E2F-AF20-7D8EC5E39ED2}] => E:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{468BEF7B-EEFB-4735-BEF5-C0A17177E818}] => E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AE26E809-ECCC-4193-96C3-9A04D11B7979}] => E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AB3EA093-C758-40E5-8007-2172EC5B5BAF}] => E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{151DD038-B952-4380-9730-4837936F60F4}] => E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{B1DC4F83-FF15-4568-A1A4-3483A857CF1D}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{D7ABA18E-7C47-4DEF-9300-7C23C7F5B326}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{8989120D-C8C6-48ED-B039-B1F7EA0D5D63}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{C9A92BAC-8EBC-41E4-9DCA-E9B09FFCD19A}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{D4EAF82B-B3BE-4CF8-9E85-EB4D0E3CD45C}] => E:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F8860564-0FF8-4275-981F-86C67DD0D21B}] => E:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/05/2017 07:45:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1980
Startzeit der fehlerhaften Anwendung: 0x01d2671e3938b202
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: e6809586-75cd-4a1b-b313-8a086fa729ca
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/05/2017 07:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1980
Startzeit der fehlerhaften Anwendung: 0x01d2671e3938b202
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 27dc32dd-ea65-4d82-af44-f4706ce506d7
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/05/2017 07:37:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x28cc
Startzeit der fehlerhaften Anwendung: 0x01d2671e32c8f052
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 957bd5e6-a5bb-4015-8e81-4a4c39054892
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/05/2017 07:37:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x28cc
Startzeit der fehlerhaften Anwendung: 0x01d2671e32c8f052
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 7ae786f1-8f29-4b3b-b8ea-7e7dfb6efe09
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/05/2017 07:35:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x25c8
Startzeit der fehlerhaften Anwendung: 0x01d2671d993e0f09
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 082f714b-2ca0-466f-917a-ad8342edd102
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/05/2017 07:35:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x25c8
Startzeit der fehlerhaften Anwendung: 0x01d2671d993e0f09
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: c31be262-3e31-4dbe-9915-7b18fa9d645b
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/05/2017 07:35:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x25c8
Startzeit der fehlerhaften Anwendung: 0x01d2671d993e0f09
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: a9d5f30e-4cf2-46a8-978a-bc532f7d017c
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/05/2017 07:35:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x25c8
Startzeit der fehlerhaften Anwendung: 0x01d2671d993e0f09
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 5c0d9125-b7f7-4d6b-a61d-fd4c254c6c6b
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/05/2017 07:35:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x25c8
Startzeit der fehlerhaften Anwendung: 0x01d2671d993e0f09
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 94565fd3-ec42-48ea-b184-6ecae19fbe30
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/05/2017 07:35:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x25c8
Startzeit der fehlerhaften Anwendung: 0x01d2671d993e0f09
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 375219bc-3d8c-4153-87ce-258df185962b
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge


Systemfehler:
=============
Error: (01/05/2017 02:04:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6NS9837)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/05/2017 02:02:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (01/05/2017 02:00:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/05/2017 07:58:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Candy Crush Soda Saga

Error: (01/05/2017 07:58:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Candy Crush Soda Saga

Error: (01/05/2017 07:58:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft Engagement Framework

Error: (01/05/2017 07:58:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Minecraft: Windows 10 Edition

Error: (01/05/2017 07:57:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Facebook

Error: (01/05/2017 07:57:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: MSN News

Error: (01/05/2017 07:57:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: MSN News


CodeIntegrity:
===================================
  Date: 2017-01-05 07:33:04.458
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 07:33:03.164
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 07:33:03.153
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 07:32:44.054
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 07:32:43.696
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 06:50:11.837
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 06:50:11.834
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 06:50:05.700
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 06:50:05.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

  Date: 2016-12-23 21:49:55.308
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 16333.83 MB
Verfügbarer physikalischer RAM: 13041.78 MB
Summe virtueller Speicher: 18765.83 MB
Verfügbarer virtueller Speicher: 15073.7 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:255.51 GB) (Free:196.89 GB) NTFS
Drive d: (TuneUp Utilities) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS
Drive e: (HDD) (Fixed) (Total:931.39 GB) (Free:706.47 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 256.2 GB) (Disk ID: 1349CB3B)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus · 05.01.2017, 18:32

1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Yvi1993 · 05.01.2017, 18:46

Code:

ATTFilter

18:34:58.0438 0x2e30  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
18:34:58.0438 0x2e30  UEFI system
18:35:02.0227 0x2e30  ============================================================
18:35:02.0227 0x2e30  Current date / time: 2017/01/05 18:35:02.0227
18:35:02.0230 0x2e30  SystemInfo:
18:35:02.0230 0x2e30  
18:35:02.0230 0x2e30  OS Version: 10.0.14393 ServicePack: 0.0
18:35:02.0230 0x2e30  Product type: Workstation
18:35:02.0230 0x2e30  ComputerName: DESKTOP-6NS9837
18:35:02.0230 0x2e30  UserName: User1
18:35:02.0230 0x2e30  Windows directory: C:\Windows
18:35:02.0230 0x2e30  System windows directory: C:\Windows
18:35:02.0230 0x2e30  Running under WOW64
18:35:02.0230 0x2e30  Processor architecture: Intel x64
18:35:02.0230 0x2e30  Number of processors: 4
18:35:02.0230 0x2e30  Page size: 0x1000
18:35:02.0230 0x2e30  Boot type: Normal boot
18:35:02.0230 0x2e30  CodeIntegrityOptions = 0x00000001
18:35:02.0230 0x2e30  ============================================================
18:35:02.0395 0x2e30  KLMD registered as C:\Windows\system32\drivers\64184519.sys
18:35:02.0395 0x2e30  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.576, osProperties = 0x19
18:35:02.0593 0x2e30  System UUID: {BDC32FED-319A-972D-E53A-FA313F0416A8}
18:35:03.0191 0x2e30  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:35:03.0192 0x2e30  Drive \Device\Harddisk1\DR1 - Size: 0x400B1AA000 ( 256.17 Gb ), SectorSize: 0x200, Cylinders: 0x82A1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:35:03.0198 0x2e30  ============================================================
18:35:03.0198 0x2e30  \Device\Harddisk0\DR0:
18:35:03.0200 0x2e30  GPT partitions:
18:35:03.0200 0x2e30  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {77651BF8-B66F-4536-AABB-5E103FF24CB8}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
18:35:03.0200 0x2e30  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {42E6F29F-4DE1-4C4A-A71D-4CA759FE84C0}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
18:35:03.0200 0x2e30  MBR partitions:
18:35:03.0200 0x2e30  \Device\Harddisk1\DR1:
18:35:03.0200 0x2e30  GPT partitions:
18:35:03.0201 0x2e30  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {308C02BE-7BE0-4E7E-9566-0C17EE006FEA}, Name: , StartLBA 0x22, BlocksNum 0x40000
18:35:03.0201 0x2e30  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {289CB0E0-40DE-4644-B398-46940A71FD7C}, Name: , StartLBA 0x40800, BlocksNum 0xE1000
18:35:03.0201 0x2e30  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {279EEDC0-8A6B-4B96-920C-C8D925B32E62}, Name: , StartLBA 0x121800, BlocksNum 0x32000
18:35:03.0201 0x2e30  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {14526AAF-1F1E-4507-A4AC-48DD23BB5072}, Name: , StartLBA 0x153800, BlocksNum 0x1FF05000
18:35:03.0201 0x2e30  MBR partitions:
18:35:03.0201 0x2e30  ============================================================
18:35:03.0201 0x2e30  C: <-> \Device\Harddisk1\DR1\Partition4
18:35:03.0216 0x2e30  E: <-> \Device\Harddisk0\DR0\Partition2
18:35:03.0216 0x2e30  ============================================================
18:35:03.0216 0x2e30  Initialize success
18:35:03.0216 0x2e30  ============================================================
18:35:10.0765 0x1db4  ============================================================
18:35:10.0765 0x1db4  Scan started
18:35:10.0765 0x1db4  Mode: Manual; 
18:35:10.0765 0x1db4  ============================================================
18:35:10.0765 0x1db4  KSN ping started
18:35:11.0847 0x1db4  KSN ping finished: true
18:35:12.0332 0x1db4  ================ Scan system memory ========================
18:35:12.0332 0x1db4  System memory - ok
18:35:12.0332 0x1db4  ================ Scan services =============================
18:35:12.0363 0x1db4  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
18:35:12.0367 0x1db4  1394ohci - ok
18:35:12.0380 0x1db4  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\Windows\system32\drivers\3ware.sys
18:35:12.0382 0x1db4  3ware - ok
18:35:12.0397 0x1db4  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:35:12.0406 0x1db4  ACPI - ok
18:35:12.0410 0x1db4  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
18:35:12.0411 0x1db4  AcpiDev - ok
18:35:12.0422 0x1db4  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
18:35:12.0424 0x1db4  acpiex - ok
18:35:12.0427 0x1db4  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
18:35:12.0428 0x1db4  acpipagr - ok
18:35:12.0431 0x1db4  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
18:35:12.0433 0x1db4  AcpiPmi - ok
18:35:12.0435 0x1db4  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
18:35:12.0436 0x1db4  acpitime - ok
18:35:12.0440 0x1db4  [ E13DE7CD2B62254DD4FF658B7798A37D, 9FCCC90DEF6BE83F8C41D4552D235A7BB5534954D2E7CB7B1C336A31FCCAB3AD ] ACPIVPC         C:\Windows\System32\drivers\AcpiVpc.sys
18:35:12.0441 0x1db4  ACPIVPC - ok
18:35:12.0447 0x1db4  [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:35:12.0449 0x1db4  AdobeARMservice - ok
18:35:12.0471 0x1db4  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
18:35:12.0484 0x1db4  ADP80XX - ok
18:35:12.0498 0x1db4  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\Windows\system32\drivers\afd.sys
18:35:12.0505 0x1db4  AFD - ok
18:35:12.0512 0x1db4  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
18:35:12.0516 0x1db4  ahcache - ok
18:35:12.0519 0x1db4  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\Windows\System32\AJRouter.dll
18:35:12.0520 0x1db4  AJRouter - ok
18:35:12.0523 0x1db4  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\Windows\System32\alg.exe
18:35:12.0525 0x1db4  ALG - ok
18:35:12.0532 0x1db4  ALSysIO - ok
18:35:12.0536 0x1db4  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
18:35:12.0538 0x1db4  AmdK8 - ok
18:35:12.0542 0x1db4  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
18:35:12.0544 0x1db4  AmdPPM - ok
18:35:12.0548 0x1db4  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:35:12.0549 0x1db4  amdsata - ok
18:35:12.0556 0x1db4  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:35:12.0561 0x1db4  amdsbs - ok

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.01.04.10
  rootkit: v2016.11.20.01

Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
User1 :: DESKTOP-6NS9837 [administrator]

05.01.2017 07:46:29
mbar-log-2017-01-05 (07-46-29).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 353407
Time elapsed: 6 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 05.01.2017, 18:56

1. Log vom tdsskiller ist unvollständig
2. tdsskiller wurde nicht lt. Anleitung eingestellt

Yvi1993 · 05.01.2017, 19:11

Code:

ATTFilter

19:04:05.0421 0x2f6c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
19:04:05.0421 0x2f6c  UEFI system
19:04:08.0547 0x2f6c  ============================================================
19:04:08.0547 0x2f6c  Current date / time: 2017/01/05 19:04:08.0547
19:04:08.0550 0x2f6c  SystemInfo:
19:04:08.0550 0x2f6c  
19:04:08.0550 0x2f6c  OS Version: 10.0.14393 ServicePack: 0.0
19:04:08.0550 0x2f6c  Product type: Workstation
19:04:08.0550 0x2f6c  ComputerName: DESKTOP-6NS9837
19:04:08.0551 0x2f6c  UserName: User1
19:04:08.0551 0x2f6c  Windows directory: C:\Windows
19:04:08.0551 0x2f6c  System windows directory: C:\Windows
19:04:08.0551 0x2f6c  Running under WOW64
19:04:08.0551 0x2f6c  Processor architecture: Intel x64
19:04:08.0551 0x2f6c  Number of processors: 4
19:04:08.0551 0x2f6c  Page size: 0x1000
19:04:08.0551 0x2f6c  Boot type: Normal boot
19:04:08.0551 0x2f6c  CodeIntegrityOptions = 0x00000001
19:04:08.0551 0x2f6c  ============================================================
19:04:08.0696 0x2f6c  KLMD registered as C:\Windows\system32\drivers\40459998.sys
19:04:08.0696 0x2f6c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.576, osProperties = 0x19
19:04:08.0896 0x2f6c  System UUID: {BDC32FED-319A-972D-E53A-FA313F0416A8}
19:04:09.0487 0x2f6c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:04:09.0487 0x2f6c  Drive \Device\Harddisk1\DR1 - Size: 0x400B1AA000 ( 256.17 Gb ), SectorSize: 0x200, Cylinders: 0x82A1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:04:09.0497 0x2f6c  ============================================================
19:04:09.0497 0x2f6c  \Device\Harddisk0\DR0:
19:04:09.0497 0x2f6c  GPT partitions:
19:04:09.0497 0x2f6c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {77651BF8-B66F-4536-AABB-5E103FF24CB8}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
19:04:09.0497 0x2f6c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {42E6F29F-4DE1-4C4A-A71D-4CA759FE84C0}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
19:04:09.0497 0x2f6c  MBR partitions:
19:04:09.0497 0x2f6c  \Device\Harddisk1\DR1:
19:04:09.0497 0x2f6c  GPT partitions:
19:04:09.0497 0x2f6c  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {308C02BE-7BE0-4E7E-9566-0C17EE006FEA}, Name: , StartLBA 0x22, BlocksNum 0x40000
19:04:09.0497 0x2f6c  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {289CB0E0-40DE-4644-B398-46940A71FD7C}, Name: , StartLBA 0x40800, BlocksNum 0xE1000
19:04:09.0497 0x2f6c  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {279EEDC0-8A6B-4B96-920C-C8D925B32E62}, Name: , StartLBA 0x121800, BlocksNum 0x32000
19:04:09.0497 0x2f6c  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {14526AAF-1F1E-4507-A4AC-48DD23BB5072}, Name: , StartLBA 0x153800, BlocksNum 0x1FF05000
19:04:09.0499 0x2f6c  MBR partitions:
19:04:09.0499 0x2f6c  ============================================================
19:04:09.0499 0x2f6c  C: <-> \Device\Harddisk1\DR1\Partition4
19:04:09.0512 0x2f6c  E: <-> \Device\Harddisk0\DR0\Partition2
19:04:09.0512 0x2f6c  ============================================================
19:04:09.0512 0x2f6c  Initialize success
19:04:09.0512 0x2f6c  ============================================================
19:05:09.0730 0x2790  ============================================================
19:05:09.0730 0x2790  Scan started
19:05:09.0730 0x2790  Mode: Manual; SigCheck; TDLFS; 
19:05:09.0730 0x2790  ============================================================
19:05:09.0730 0x2790  KSN ping started
19:05:10.0941 0x2790  KSN ping finished: true
19:05:11.0394 0x2790  ================ Scan system memory ========================
19:05:11.0394 0x2790  System memory - ok
19:05:11.0395 0x2790  ================ Scan services =============================
19:05:11.0425 0x2790  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
19:05:11.0497 0x2790  1394ohci - ok
19:05:11.0507 0x2790  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\Windows\system32\drivers\3ware.sys
19:05:11.0522 0x2790  3ware - ok
19:05:11.0536 0x2790  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:05:11.0563 0x2790  ACPI - ok
19:05:11.0566 0x2790  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
19:05:11.0585 0x2790  AcpiDev - ok
19:05:11.0589 0x2790  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
19:05:11.0602 0x2790  acpiex - ok
19:05:11.0606 0x2790  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
19:05:11.0623 0x2790  acpipagr - ok
19:05:11.0626 0x2790  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
19:05:11.0642 0x2790  AcpiPmi - ok
19:05:11.0645 0x2790  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
19:05:11.0659 0x2790  acpitime - ok
19:05:11.0663 0x2790  [ E13DE7CD2B62254DD4FF658B7798A37D, 9FCCC90DEF6BE83F8C41D4552D235A7BB5534954D2E7CB7B1C336A31FCCAB3AD ] ACPIVPC         C:\Windows\System32\drivers\AcpiVpc.sys
19:05:11.0679 0x2790  ACPIVPC - ok
19:05:11.0684 0x2790  [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:05:11.0693 0x2790  AdobeARMservice - ok
19:05:11.0713 0x2790  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
19:05:11.0743 0x2790  ADP80XX - ok
19:05:11.0757 0x2790  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\Windows\system32\drivers\afd.sys
19:05:11.0783 0x2790  AFD - ok
19:05:11.0789 0x2790  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
19:05:11.0812 0x2790  ahcache - ok
19:05:11.0815 0x2790  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\Windows\System32\AJRouter.dll
19:05:11.0833 0x2790  AJRouter - ok
19:05:11.0837 0x2790  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\Windows\System32\alg.exe
19:05:11.0857 0x2790  ALG - ok
19:05:11.0865 0x2790  ALSysIO - ok
19:05:11.0869 0x2790  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
19:05:11.0889 0x2790  AmdK8 - ok
19:05:11.0893 0x2790  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
19:05:11.0910 0x2790  AmdPPM - ok
19:05:11.0914 0x2790  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:05:11.0926 0x2790  amdsata - ok
19:05:11.0932 0x2790  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:05:11.0948 0x2790  amdsbs - ok
19:05:11.0951 0x2790  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:05:11.0965 0x2790  amdxata - ok
19:05:11.0970 0x2790  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\Windows\system32\drivers\appid.sys
19:05:11.0988 0x2790  AppID - ok
19:05:11.0993 0x2790  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:05:12.0015 0x2790  AppIDSvc - ok
19:05:12.0019 0x2790  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\Windows\System32\appinfo.dll
19:05:12.0038 0x2790  Appinfo - ok
19:05:12.0041 0x2790  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\Windows\system32\drivers\applockerfltr.sys
19:05:12.0065 0x2790  applockerfltr - ok
19:05:12.0070 0x2790  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:05:12.0091 0x2790  AppMgmt - ok
19:05:12.0102 0x2790  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
19:05:12.0133 0x2790  AppReadiness - ok
19:05:12.0148 0x2790  [ 6010A920FDE5BFE4EA056F9736FBDC06, F55F68D5AD1F272BC285E716E02090C62FC87476DD6CE7ABA6BE7EF8EF6178DE ] AppVClient      C:\Windows\system32\AppVClient.exe
19:05:12.0177 0x2790  AppVClient - ok
19:05:12.0181 0x2790  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\Windows\system32\drivers\AppvStrm.sys
19:05:12.0195 0x2790  AppvStrm - ok
19:05:12.0205 0x2790  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\Windows\system32\drivers\AppvVemgr.sys
19:05:12.0218 0x2790  AppvVemgr - ok
19:05:12.0223 0x2790  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\Windows\system32\drivers\AppvVfs.sys
19:05:12.0236 0x2790  AppvVfs - ok
19:05:12.0271 0x2790  [ 2C1CEC25F6D92871F38960E2E84CC3EE, 979DB74192644A71F3031EB29480ECEFE014B916636D85AACD64292CB58494A5 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
19:05:12.0344 0x2790  AppXSvc - ok
19:05:12.0351 0x2790  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:05:12.0365 0x2790  arcsas - ok
19:05:12.0369 0x2790  [ 9B480B472D6826E7257C90E2D0EE2954, C52C198602D180011A9345AE6F108EC4B1FD91234AF2E6296B2E39C1888B0D4D ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
19:05:12.0382 0x2790  aswHwid - ok
19:05:12.0386 0x2790  [ 1BB00571CC2C78463ABD7E9C32970758, BF523468754CB1628D66F28B06FAF7C545C5724801B04888517A2FB4BF9582BF ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
19:05:12.0397 0x2790  aswMonFlt - ok
19:05:12.0401 0x2790  [ 7010B57D708DA5C9686A5923EE621776, 5A554B8941C156EC341C602F34679A7475802B19EE6A99AA29AE2628A123ECB1 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
19:05:12.0412 0x2790  aswRdr - ok
19:05:12.0416 0x2790  [ 937885085BFE5BD08EC1BC0245DD203B, 6DDD89245EEA3B8106C5F2EB6FA8CF525F3B42AA7032276DE78953E06FE7F4B4 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
19:05:12.0425 0x2790  aswRvrt - ok
19:05:12.0442 0x2790  [ 0B6352251C5D84130DF4252D33D266C2, C6A2E0074A7FCFB5799949431F5660B9AF6441001EA9B609F7B3900F4007EBD0 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
19:05:12.0465 0x2790  aswSnx - ok
19:05:12.0476 0x2790  [ 28213B34725B18387CC1B8C3D73858A1, D86113D89C62F090B393B68B522581248AEF3568F8FD0FF86B3625F2E6DD4DB8 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
19:05:12.0493 0x2790  aswSP - ok
19:05:12.0499 0x2790  [ 9C58B6E9663D0A76D00D83E43C765BDF, 3F474932E77318CD450A3A9C89667D2B26A7E3FAB9AA95D97FF3B1979623A7F2 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
19:05:12.0510 0x2790  aswStm - ok
19:05:12.0519 0x2790  [ D60D9201739400F0FBDB9E36A3212D91, 01A17516AB7F4D2C72E2DC51F7B49D1C4F50F564992F78A71E73821D7F8220E7 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
19:05:12.0532 0x2790  aswVmm - ok
19:05:12.0535 0x2790  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
19:05:12.0553 0x2790  AsyncMac - ok
19:05:12.0556 0x2790  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:05:12.0567 0x2790  atapi - ok
19:05:12.0631 0x2790  [ 9E6592755C8A8C2C716FBC36D49D7D43, 51A86935971D2E62E8902769B503201C4FA69E08C822B66DBDDD3A42585BABE2 ] athr            C:\Windows\System32\drivers\athw10x.sys
19:05:12.0703 0x2790  athr - ok
19:05:12.0714 0x2790  [ 59F44051BCD479E70446506B7E4E78BB, CB58E55196EC702DC85916F963A3C16D429C141391F9AA7F415BD63E7328C4C6 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
19:05:12.0741 0x2790  AudioEndpointBuilder - ok
19:05:12.0758 0x2790  [ 1C986DC8F4FDA1B040AC1176FB24467F, DEDA2FF4D0369348C2A74D29FB08AC86219BBCFDF44C59339BC39A25AE0727EB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:05:12.0801 0x2790  Audiosrv - ok
19:05:12.0808 0x2790  [ F4E0580B5789474385E7ACB189C4AF2C, DB5BE2C852AC102AB8EB186362E582E250B843BA52B3B71AF08A5FDA8A6F91AF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:05:12.0820 0x2790  avast! Antivirus - ok
19:05:12.0828 0x2790  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
19:05:12.0840 0x2790  AVP17.0.0 - ok
19:05:12.0846 0x2790  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:05:12.0864 0x2790  AxInstSV - ok
19:05:12.0875 0x2790  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:05:12.0895 0x2790  b06bdrv - ok
19:05:12.0898 0x2790  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
19:05:12.0916 0x2790  BasicDisplay - ok
19:05:12.0919 0x2790  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
19:05:12.0933 0x2790  BasicRender - ok
19:05:12.0937 0x2790  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\Windows\System32\drivers\bcmfn.sys
19:05:12.0952 0x2790  bcmfn - ok
19:05:12.0955 0x2790  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
19:05:12.0970 0x2790  bcmfn2 - ok
19:05:12.0979 0x2790  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:05:13.0009 0x2790  BDESVC - ok
19:05:13.0012 0x2790  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\Windows\system32\drivers\Beep.sys
19:05:13.0030 0x2790  Beep - ok
19:05:13.0048 0x2790  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\Windows\System32\bfe.dll
19:05:13.0083 0x2790  BFE - ok
19:05:13.0088 0x2790  [ A9C299A036F7BAB662868D7250BAC799, A45B440A4BD2595E524E9ADA4CAFBF7768983B75C792BA38A22734A0B4512573 ] BfLwf           C:\Windows\system32\DRIVERS\bwcW10x64.sys
19:05:13.0100 0x2790  BfLwf - ok
19:05:13.0118 0x2790  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\Windows\System32\qmgr.dll
19:05:13.0162 0x2790  BITS - ok
19:05:13.0167 0x2790  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:05:13.0185 0x2790  bowser - ok
19:05:13.0199 0x2790  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
19:05:13.0238 0x2790  BrokerInfrastructure - ok
19:05:13.0243 0x2790  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\Windows\System32\browser.dll
19:05:13.0263 0x2790  Browser - ok
19:05:13.0275 0x2790  [ 2922536D781DDF1F8321FB64F8A713C3, 2D93CD8C1FFC302F61AA0D504410CE4B9BD91DDAC37846C3401E44226FB7E36F ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
19:05:13.0297 0x2790  BtFilter - ok
19:05:13.0301 0x2790  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
19:05:13.0319 0x2790  BthAvrcpTg - ok
19:05:13.0323 0x2790  [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
19:05:13.0342 0x2790  BthEnum - ok
19:05:13.0346 0x2790  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
19:05:13.0362 0x2790  BthHFEnum - ok
19:05:13.0365 0x2790  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
19:05:13.0379 0x2790  bthhfhid - ok
19:05:13.0387 0x2790  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
19:05:13.0415 0x2790  BthHFSrv - ok
19:05:13.0421 0x2790  [ 0AB691736D4D4029444AF62DE59CFD37, C1C22EFBF67331B87AB261BBF9813009257437BA02F728EC2DFA1A49ECC5FABF ] BthLEEnum       C:\Windows\System32\drivers\BthLEEnum.sys
19:05:13.0441 0x2790  BthLEEnum - ok
19:05:13.0444 0x2790  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
19:05:13.0460 0x2790  BTHMODEM - ok
19:05:13.0464 0x2790  [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
19:05:13.0483 0x2790  BthPan - ok
19:05:13.0500 0x2790  [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT         C:\Windows\System32\drivers\BTHport.sys
19:05:13.0536 0x2790  BTHPORT - ok
19:05:13.0541 0x2790  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\Windows\system32\bthserv.dll
19:05:13.0617 0x2790  bthserv - ok
19:05:13.0622 0x2790  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\Windows\System32\drivers\BTHUSB.sys
19:05:13.0638 0x2790  BTHUSB - ok
19:05:13.0642 0x2790  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
19:05:13.0660 0x2790  buttonconverter - ok
19:05:13.0666 0x2790  [ E6B613546ED6D2FFFF1D263BAC7721B8, 429CB42B52645900F1AF4BAB6A404047C0F5C24E9753CA07A08BCED2771B56B7 ] ByteFenceService C:\Program Files\ByteFence\ByteFenceService.exe
19:05:13.0678 0x2790  ByteFenceService - ok
19:05:13.0682 0x2790  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\Windows\System32\drivers\capimg.sys
19:05:13.0702 0x2790  CapImg - ok
19:05:13.0706 0x2790  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:05:13.0725 0x2790  cdfs - ok
19:05:13.0734 0x2790  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\Windows\System32\CDPSvc.dll
19:05:13.0760 0x2790  CDPSvc - ok
19:05:13.0767 0x2790  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\Windows\System32\CDPUserSvc.dll
19:05:13.0789 0x2790  CDPUserSvc - ok
19:05:13.0796 0x2790  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\Windows\System32\drivers\cdrom.sys
19:05:13.0817 0x2790  cdrom - ok
19:05:13.0823 0x2790  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:05:13.0843 0x2790  CertPropSvc - ok
19:05:13.0852 0x2790  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\Windows\system32\drivers\cht4sx64.sys
19:05:13.0868 0x2790  cht4iscsi - ok
19:05:13.0900 0x2790  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\Windows\System32\drivers\cht4vx64.sys
19:05:13.0947 0x2790  cht4vbd - ok
19:05:13.0952 0x2790  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\Windows\System32\drivers\circlass.sys
19:05:13.0968 0x2790  circlass - ok
19:05:13.0977 0x2790  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
19:05:13.0994 0x2790  CLFS - ok
19:05:14.0009 0x2790  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\Windows\System32\ClipSVC.dll
19:05:14.0036 0x2790  ClipSVC - ok
19:05:14.0040 0x2790  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\Windows\System32\drivers\registry.sys
19:05:14.0058 0x2790  clreg - ok
19:05:14.0065 0x2790  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
19:05:14.0079 0x2790  CmBatt - ok
19:05:14.0086 0x2790  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
19:05:14.0099 0x2790  cm_km - ok
19:05:14.0111 0x2790  [ B0D9B87B795B7833C9152441CBD55CC4, D86C0FE8BF03D6F3330E16728FE6645AE910F95D23A9EFBDF3A50F45AB5D525B ] CNG             C:\Windows\system32\Drivers\cng.sys
19:05:14.0132 0x2790  CNG - ok
19:05:14.0136 0x2790  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
19:05:14.0150 0x2790  cnghwassist - ok
19:05:14.0160 0x2790  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
19:05:14.0175 0x2790  CompositeBus - ok
19:05:14.0178 0x2790  COMSysApp - ok
19:05:14.0181 0x2790  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\Windows\system32\drivers\condrv.sys
19:05:14.0193 0x2790  condrv - ok
19:05:14.0207 0x2790  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
19:05:14.0234 0x2790  CoreMessagingRegistrar - ok
19:05:14.0252 0x2790  [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:05:14.0268 0x2790  cphs - ok
19:05:14.0277 0x2790  [ 0FBCAA4ECCD17513E4D3BFF3C86DF62E, E1129A4D38883BBBF84ECA32CFB2AE001C9175D337572E0ED2BD5253C858C3A3 ] cplspcon        C:\Windows\system32\IntelCpHDCPSvc.exe
19:05:14.0293 0x2790  cplspcon - ok
19:05:14.0299 0x2790  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:05:14.0319 0x2790  CryptSvc - ok
19:05:14.0329 0x2790  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC             C:\Windows\system32\drivers\csc.sys
19:05:14.0358 0x2790  CSC - ok
19:05:14.0373 0x2790  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\Windows\System32\cscsvc.dll
19:05:14.0405 0x2790  CscService - ok
19:05:14.0409 0x2790  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\Windows\system32\drivers\dam.sys
19:05:14.0427 0x2790  dam - ok
19:05:14.0443 0x2790  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:05:14.0481 0x2790  DcomLaunch - ok
19:05:14.0487 0x2790  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\Windows\system32\dcpsvc.dll
19:05:14.0509 0x2790  DcpSvc - ok
19:05:14.0520 0x2790  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:05:14.0550 0x2790  defragsvc - ok
19:05:14.0559 0x2790  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\Windows\system32\das.dll
19:05:14.0586 0x2790  DeviceAssociationService - ok
19:05:14.0591 0x2790  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
19:05:14.0614 0x2790  DeviceInstall - ok
19:05:14.0617 0x2790  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
19:05:14.0639 0x2790  DevQueryBroker - ok
19:05:14.0644 0x2790  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
19:05:14.0665 0x2790  Dfsc - ok
19:05:14.0669 0x2790  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
19:05:14.0680 0x2790  dg_ssudbus - ok
19:05:14.0688 0x2790  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:05:14.0715 0x2790  Dhcp - ok
19:05:14.0720 0x2790  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:05:14.0738 0x2790  diagnosticshub.standardcollector.service - ok
19:05:14.0769 0x2790  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:05:14.0839 0x2790  DiagTrack - ok
19:05:14.0845 0x2790  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\Windows\system32\drivers\disk.sys
19:05:14.0857 0x2790  disk - ok
19:05:14.0867 0x2790  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
19:05:14.0895 0x2790  DmEnrollmentSvc - ok
19:05:14.0898 0x2790  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
19:05:14.0914 0x2790  dmvsc - ok
19:05:14.0918 0x2790  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
19:05:14.0942 0x2790  dmwappushservice - ok
19:05:14.0949 0x2790  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:05:14.0973 0x2790  Dnscache - ok
19:05:14.0980 0x2790  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\Windows\System32\dot3svc.dll
19:05:15.0004 0x2790  dot3svc - ok
19:05:15.0009 0x2790  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\Windows\system32\dps.dll
19:05:15.0034 0x2790  DPS - ok
19:05:15.0036 0x2790  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\Windows\system32\DRIVERS\drmkaud.sys
19:05:15.0051 0x2790  drmkaud - ok
19:05:15.0057 0x2790  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
19:05:15.0082 0x2790  DsmSvc - ok
19:05:15.0088 0x2790  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\Windows\System32\DsSvc.dll
19:05:15.0108 0x2790  DsSvc - ok
19:05:15.0142 0x2790  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:05:15.0189 0x2790  DXGKrnl - ok
19:05:15.0196 0x2790  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\Windows\System32\eapsvc.dll
19:05:15.0219 0x2790  EapHost - ok
19:05:15.0269 0x2790  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:05:15.0336 0x2790  ebdrv - ok
19:05:15.0343 0x2790  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\Windows\System32\lsass.exe
19:05:15.0355 0x2790  EFS - ok
19:05:15.0359 0x2790  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
19:05:15.0372 0x2790  EhStorClass - ok
19:05:15.0377 0x2790  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
19:05:15.0389 0x2790  EhStorTcgDrv - ok
19:05:15.0394 0x2790  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
19:05:15.0415 0x2790  embeddedmode - ok
19:05:15.0422 0x2790  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
19:05:15.0448 0x2790  EntAppSvc - ok
19:05:15.0451 0x2790  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
19:05:15.0468 0x2790  ErrDev - ok
19:05:15.0473 0x2790  [ 4D7F3114147C31390262F19F74E5BF07, E89F5304149B51327DFE1314AE13352923B752BC24585FF42F28EF5F00936A6A ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
19:05:15.0483 0x2790  ESProtectionDriver - ok
19:05:15.0495 0x2790  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
19:05:15.0512 0x2790  ETD - ok
19:05:15.0524 0x2790  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\Windows\system32\es.dll
19:05:15.0550 0x2790  EventSystem - ok
19:05:15.0558 0x2790  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\Windows\system32\drivers\exfat.sys
19:05:15.0582 0x2790  exfat - ok
19:05:15.0591 0x2790  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:05:15.0607 0x2790  fastfat - ok
19:05:15.0620 0x2790  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\Windows\system32\fxssvc.exe
19:05:15.0654 0x2790  Fax - ok
19:05:15.0657 0x2790  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\Windows\System32\drivers\fdc.sys
19:05:15.0673 0x2790  fdc - ok
19:05:15.0676 0x2790  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:05:15.0697 0x2790  fdPHost - ok
19:05:15.0700 0x2790  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\Windows\system32\fdrespub.dll
19:05:15.0717 0x2790  FDResPub - ok
19:05:15.0722 0x2790  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\Windows\system32\fhsvc.dll
19:05:15.0741 0x2790  fhsvc - ok
19:05:15.0745 0x2790  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
19:05:15.0763 0x2790  FileCrypt - ok
19:05:15.0767 0x2790  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:05:15.0780 0x2790  FileInfo - ok
19:05:15.0782 0x2790  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:05:15.0802 0x2790  Filetrace - ok
19:05:15.0805 0x2790  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
19:05:15.0820 0x2790  flpydisk - ok
19:05:15.0829 0x2790  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:05:15.0848 0x2790  FltMgr - ok
19:05:15.0877 0x2790  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\Windows\system32\FntCache.dll
19:05:15.0937 0x2790  FontCache - ok
19:05:15.0943 0x2790  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:05:15.0954 0x2790  FontCache3.0.0.0 - ok
19:05:15.0969 0x2790  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer     C:\Windows\system32\FrameServer.dll
19:05:16.0006 0x2790  FrameServer - ok
19:05:16.0011 0x2790  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:05:16.0023 0x2790  FsDepends - ok
19:05:16.0026 0x2790  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:05:16.0037 0x2790  Fs_Rec - ok
19:05:16.0051 0x2790  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:05:16.0073 0x2790  fvevol - ok
19:05:16.0077 0x2790  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
19:05:16.0094 0x2790  gencounter - ok
19:05:16.0097 0x2790  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\Windows\System32\drivers\genericusbfn.sys
19:05:16.0114 0x2790  genericusbfn - ok
19:05:16.0119 0x2790  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
19:05:16.0133 0x2790  GPIOClx0101 - ok
19:05:16.0152 0x2790  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:05:16.0202 0x2790  gpsvc - ok
19:05:16.0205 0x2790  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
19:05:16.0221 0x2790  GpuEnergyDrv - ok
19:05:16.0227 0x2790  [ 50FCC5C822A6B4FC6F377EE9F9F37C7B, 57BD4032367D91EF19931E927127AA1D54DA6118B36C219B0FFD95326A2FFCA0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:05:16.0238 0x2790  gupdate - ok
19:05:16.0242 0x2790  [ 50FCC5C822A6B4FC6F377EE9F9F37C7B, 57BD4032367D91EF19931E927127AA1D54DA6118B36C219B0FFD95326A2FFCA0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:05:16.0255 0x2790  gupdatem - ok
19:05:16.0264 0x2790  [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
19:05:16.0290 0x2790  HdAudAddService - ok
19:05:16.0294 0x2790  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
19:05:16.0310 0x2790  HDAudBus - ok
19:05:16.0314 0x2790  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
19:05:16.0325 0x2790  HidBatt - ok
19:05:16.0329 0x2790  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\Windows\System32\drivers\hidbth.sys
19:05:16.0346 0x2790  HidBth - ok
19:05:16.0349 0x2790  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
19:05:16.0364 0x2790  hidi2c - ok
19:05:16.0367 0x2790  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
19:05:16.0378 0x2790  hidinterrupt - ok
19:05:16.0382 0x2790  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\Windows\System32\drivers\hidir.sys
19:05:16.0397 0x2790  HidIr - ok
19:05:16.0401 0x2790  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\Windows\system32\hidserv.dll
19:05:16.0418 0x2790  hidserv - ok
19:05:16.0422 0x2790  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
19:05:16.0439 0x2790  HidUsb - ok
19:05:16.0447 0x2790  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:05:16.0473 0x2790  HomeGroupListener - ok
19:05:16.0483 0x2790  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:05:16.0512 0x2790  HomeGroupProvider - ok
19:05:16.0516 0x2790  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:05:16.0528 0x2790  HpSAMD - ok
19:05:16.0548 0x2790  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:05:16.0578 0x2790  HTTP - ok
19:05:16.0583 0x2790  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\Windows\System32\hvhostsvc.dll
19:05:16.0601 0x2790  HvHost - ok
19:05:16.0604 0x2790  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\Windows\system32\drivers\hvservice.sys
19:05:16.0616 0x2790  hvservice - ok
19:05:16.0629 0x2790  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\Windows\SysWoW64\drivers\HWiNFO64A.SYS
19:05:16.0639 0x2790  HWiNFO32 - ok
19:05:16.0641 0x2790  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:05:16.0656 0x2790  hwpolicy - ok
19:05:16.0658 0x2790  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
19:05:16.0677 0x2790  hyperkbd - ok
19:05:16.0682 0x2790  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
19:05:16.0700 0x2790  i8042prt - ok
19:05:16.0704 0x2790  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\Windows\System32\drivers\iagpio.sys
19:05:16.0722 0x2790  iagpio - ok
19:05:16.0725 0x2790  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\Windows\System32\drivers\iai2c.sys
19:05:16.0742 0x2790  iai2c - ok
19:05:16.0747 0x2790  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
19:05:16.0762 0x2790  iaLPSS2i_GPIO2 - ok
19:05:16.0768 0x2790  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
19:05:16.0779 0x2790  iaLPSS2i_I2C - ok
19:05:16.0784 0x2790  [ 82488F82A68274CC466645A7C0BF4D2A, 13D82EF2948E28E3BE4A2495534674EB5D0B312C880618E06D50C9DA56C5FF5B ] iaLPSS2_GPIO2   C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys
19:05:16.0794 0x2790  iaLPSS2_GPIO2 - ok
19:05:16.0801 0x2790  [ E0F6721DD9BA31948CAB9D027C9EE255, 16EBFD26A76803F9157FD49DC3787B8235DE835C5924797B1C7A0B55CAE76B5F ] iaLPSS2_I2C     C:\Windows\System32\drivers\iaLPSS2_I2C.sys
19:05:16.0813 0x2790  iaLPSS2_I2C - ok
19:05:16.0816 0x2790  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
19:05:16.0825 0x2790  iaLPSSi_GPIO - ok
19:05:16.0830 0x2790  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
19:05:16.0846 0x2790  iaLPSSi_I2C - ok
19:05:16.0861 0x2790  [ 7675D8E247732F45F60AA450BA2C207D, DBB591E56BBF9A93BE66A993D143A97964CC628457CF47EB5231D0DF62B59ADE ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
19:05:16.0885 0x2790  iaStorA - ok
19:05:16.0898 0x2790  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
19:05:16.0920 0x2790  iaStorAV - ok
19:05:16.0929 0x2790  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:05:16.0946 0x2790  iaStorV - ok
19:05:16.0957 0x2790  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\Windows\System32\drivers\ibbus.sys
19:05:16.0977 0x2790  ibbus - ok
19:05:16.0980 0x2790  ibtsiva - ok
19:05:16.0988 0x2790  [ 445E2B8B742D430CDD979FF8551B97BA, C9DA1B2FAD3875ECAF6360D844204266C986F917B5272699BE00A1D5F99839EB ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
19:05:17.0002 0x2790  ibtusb - ok
19:05:17.0008 0x2790  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\Windows\System32\tetheringservice.dll
19:05:17.0032 0x2790  icssvc - ok
19:05:17.0144 0x2790  [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:05:17.0273 0x2790  igfx - ok
19:05:17.0288 0x2790  [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\Windows\system32\igfxCUIService.exe
19:05:17.0303 0x2790  igfxCUIService2.0.0.0 - ok
19:05:17.0320 0x2790  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:05:17.0357 0x2790  IKEEXT - ok
19:05:17.0361 0x2790  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\Windows\System32\drivers\IndirectKmd.sys
19:05:17.0379 0x2790  IndirectKmd - ok
19:05:17.0383 0x2790  [ AFA7F1696B431C07729E9BF2565D6045, 77966485A23581C079A480BEC13982AB926F5C62686F48A44F8C562B3C67745B ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
19:05:17.0394 0x2790  intaud_WaveExtensible - ok
19:05:17.0472 0x2790  [ 86236BC32512027B32A3E124C7306A7D, A9BFA35E4AD007EC556703B890FB2B3B6C34B3BA98E5DF53FB03A70D377F8B13 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:05:17.0557 0x2790  IntcAzAudAddService - ok
19:05:17.0572 0x2790  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
19:05:17.0589 0x2790  IntcDAud - ok
19:05:17.0608 0x2790  [ AE32376564771525DCDD2F0280619E1A, 233B7B272DCD9080DE7C9593EB7993745D1037EA87B69617E7176F074DFD5968 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:05:17.0636 0x2790  Intel(R) Capability Licensing Service TCP IP Interface - ok
19:05:17.0645 0x2790  [ 56BA2118E48D0BBB980ADAA830220C1D, 88FF0A1E7A87D1B50F90D3088436BE91CFEC6BB3B888EB536D6537468DDC8C29 ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
19:05:17.0659 0x2790  Intel(R) Security Assist - detected UnsignedFile.Multi.Generic ( 1 )
19:05:18.0846 0x2790  Detect skipped due to KSN trusted
19:05:18.0847 0x2790  Intel(R) Security Assist - ok
19:05:18.0850 0x2790  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\Windows\system32\drivers\intelide.sys
19:05:18.0861 0x2790  intelide - ok
19:05:18.0865 0x2790  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\Windows\system32\drivers\intelpep.sys
19:05:18.0877 0x2790  intelpep - ok
19:05:18.0882 0x2790  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
19:05:18.0905 0x2790  intelppm - ok
19:05:18.0909 0x2790  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\Windows\system32\drivers\iorate.sys
19:05:18.0925 0x2790  iorate - ok
19:05:18.0929 0x2790  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:05:18.0947 0x2790  IpFilterDriver - ok
19:05:18.0964 0x2790  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:05:19.0007 0x2790  iphlpsvc - ok
19:05:19.0012 0x2790  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
19:05:19.0024 0x2790  IPMIDRV - ok
19:05:19.0030 0x2790  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:05:19.0050 0x2790  IPNAT - ok
19:05:19.0055 0x2790  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\Windows\system32\drivers\irda.sys
19:05:19.0073 0x2790  irda - ok
19:05:19.0077 0x2790  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:05:19.0092 0x2790  IRENUM - ok
19:05:19.0096 0x2790  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\Windows\System32\irmon.dll
19:05:19.0116 0x2790  irmon - ok
19:05:19.0118 0x2790  [ 8CA2C261AB69D0195BED81E58EDF167D, B192B7E42543C277BF8F6D48649DA4C121E6C23BDD0B51A973BA7A2D95525478 ] isaHelperSvc    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
19:05:19.0125 0x2790  isaHelperSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:05:20.0256 0x2790  Detect skipped due to KSN trusted
19:05:20.0256 0x2790  isaHelperSvc - ok
19:05:20.0263 0x2790  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:05:20.0275 0x2790  isapnp - ok
19:05:20.0282 0x2790  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
19:05:20.0298 0x2790  iScsiPrt - ok
19:05:20.0301 0x2790  [ DA0A946E6C4228B659FA798EF0B075C1, BC2F5710D6165615CD578A970BC154C8DB1ECCA5725D09A29954E9BE8FAC0ED7 ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
19:05:20.0312 0x2790  iwdbus - ok
19:05:20.0318 0x2790  [ 025A4E7D215B3ECF28D12BAE1C54889D, 3F678A9871CA7680D2B455031A57ACB74CCA9076C908A678A88735C8BD192FCE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:05:20.0330 0x2790  jhi_service - ok
19:05:20.0334 0x2790  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
19:05:20.0349 0x2790  kbdclass - ok
19:05:20.0353 0x2790  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
19:05:20.0373 0x2790  kbdhid - ok
19:05:20.0376 0x2790  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
19:05:20.0392 0x2790  kdnic - ok
19:05:20.0396 0x2790  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\Windows\system32\lsass.exe
19:05:20.0408 0x2790  KeyIso - ok
19:05:20.0417 0x2790  [ 2B3FA3CB022478DE79721CA25612C5EF, 8A639764C37E61ADE1A09973D3C66BA6D6BB92D174BD03D55AABC9F01837FD51 ] Killer Service V2 C:\Program Files\Killer Networking\Network Manager\KillerService.exe
19:05:20.0432 0x2790  Killer Service V2 - ok
19:05:20.0438 0x2790  [ F4B2D598BBDA47CA29024AC52F1804CC, 7866C7F95A711325B48F08A494478E09BAC603466865255229952A8320CDF366 ] KillerEth       C:\Windows\System32\drivers\e2xw10x64.sys
19:05:20.0448 0x2790  KillerEth - ok
19:05:20.0452 0x2790  KingoSoftService - ok
19:05:20.0465 0x2790  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
19:05:20.0482 0x2790  kl1 - ok
19:05:20.0487 0x2790  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
19:05:20.0497 0x2790  klbackupdisk - ok
19:05:20.0501 0x2790  [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
19:05:20.0511 0x2790  klbackupflt - ok
19:05:20.0516 0x2790  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
19:05:20.0526 0x2790  kldisk - ok
19:05:20.0529 0x2790  [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam          C:\Windows\system32\DRIVERS\klelam.sys
19:05:20.0542 0x2790  klelam - ok
19:05:20.0548 0x2790  [ 63FD545876EF4248BE3C8788D8270758, 5FF6529F8D7F94848E68142D8B2CAA446342AF95644C9223E689E303E8AB7336 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
19:05:20.0563 0x2790  klflt - ok
19:05:20.0573 0x2790  [ 3524D3B8F5BEF8C01EAF7EEFFA5EAB3F, 0908A6E3E62017F7099900850D58A1B775D808F7DC0951B09781689DF3994DA2 ] klhk            C:\Windows\System32\drivers\klhk.sys
19:05:20.0588 0x2790  klhk - ok
19:05:20.0598 0x2790  [ 7796EAD58D8C1A42AAB6B6CA9A3F106C, 7DA8A05A0210F63C7D120DCF0101AD895D53368C0DED23E275F2BA79239FCE28 ] klids           C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
19:05:20.0610 0x2790  klids - ok
19:05:20.0628 0x2790  [ 2CE22F21119A089277B067A1B1BDC592, 7CDE229899B6344967098FB03C7C1C360CC3DC2DCC096F8AAC6CC96536FF1AE9 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
19:05:20.0653 0x2790  KLIF - ok
19:05:20.0657 0x2790  [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
19:05:20.0667 0x2790  KLIM6 - ok
19:05:20.0670 0x2790  [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
19:05:20.0681 0x2790  klkbdflt - ok
19:05:20.0684 0x2790  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
19:05:20.0694 0x2790  klmouflt - ok
19:05:20.0697 0x2790  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
19:05:20.0707 0x2790  klpd - ok
19:05:20.0711 0x2790  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap           C:\Windows\System32\drivers\kltap.sys
19:05:20.0721 0x2790  kltap - ok
19:05:20.0727 0x2790  [ 66516A704F1D378E58B85D79633C103D, 54E3EB342D2FD17CF742A8ACADCA81A553216AA289955DD176A54D6414727DA5 ] klupd_klif_arkmon C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
19:05:20.0739 0x2790  klupd_klif_arkmon - ok
19:05:20.0744 0x2790  [ 941727CDC11A0E1A407B602D88CD58CB, 8E290245A42E75FC532A72A850BAF5516BA7488BEF015F46CA9D215BCA0D7CE0 ] klupd_klif_kimul C:\Windows\system32\Drivers\klupd_klif_kimul.sys
19:05:20.0757 0x2790  klupd_klif_kimul - ok
19:05:20.0764 0x2790  [ 55FC7F42A5AA55A265CE466227ABD0DE, AB72152F39460327D74DB693BFB36A93BC2D752653D3633BB7F439DC4B9AB081 ] klupd_klif_klark C:\Windows\system32\Drivers\klupd_klif_klark.sys
19:05:20.0780 0x2790  klupd_klif_klark - ok
19:05:20.0784 0x2790  [ D7709E365C10F99DE58BB688C45358B7, C028FB885B7A4AFB98FD2B8EABF99E913F480891A9ED859FE5B4E077BDE8ACB5 ] klupd_klif_klbg C:\Windows\system32\Drivers\klupd_klif_klbg.sys
19:05:20.0794 0x2790  klupd_klif_klbg - ok
19:05:20.0800 0x2790  [ 8D7E0B5D4F843D39AA1F644B2578B0EE, C4A8E569A253738AA7B7CDE8D0E987954D1DA6BE6F32D962BD458CA5275A5D76 ] klupd_klif_mark C:\Windows\system32\Drivers\klupd_klif_mark.sys
19:05:20.0813 0x2790  klupd_klif_mark - ok
19:05:20.0819 0x2790  [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
19:05:20.0829 0x2790  klvssbrigde64 - ok
19:05:20.0833 0x2790  [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp           C:\Windows\system32\DRIVERS\klwfp.sys
19:05:20.0843 0x2790  klwfp - ok
19:05:20.0848 0x2790  [ EF1AFCADCA485B3846D7A8B71F87509B, C27B579742389ACD8804EC372CBA3C4FDFFB1A8AA6280AE1353BC089E8E34C76 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
19:05:20.0859 0x2790  Klwtp - ok
19:05:20.0865 0x2790  [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
19:05:20.0876 0x2790  kneps - ok
19:05:20.0884 0x2790  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
19:05:20.0896 0x2790  KSDE1.0.0 - ok
19:05:20.0901 0x2790  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:05:20.0914 0x2790  KSecDD - ok
19:05:20.0920 0x2790  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:05:20.0933 0x2790  KSecPkg - ok
19:05:20.0939 0x2790  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:05:20.0960 0x2790  ksthunk - ok
19:05:20.0969 0x2790  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:05:20.0995 0x2790  KtmRm - ok
19:05:21.0003 0x2790  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:05:21.0028 0x2790  LanmanServer - ok
19:05:21.0036 0x2790  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:05:21.0059 0x2790  LanmanWorkstation - ok
19:05:21.0064 0x2790  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\Windows\System32\lfsvc.dll
19:05:21.0082 0x2790  lfsvc - ok
19:05:21.0085 0x2790  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
19:05:21.0102 0x2790  LicenseManager - ok
19:05:21.0105 0x2790  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\Windows\system32\drivers\lltdio.sys
19:05:21.0128 0x2790  lltdio - ok
19:05:21.0136 0x2790  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:05:21.0157 0x2790  lltdsvc - ok
19:05:21.0160 0x2790  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:05:21.0180 0x2790  lmhosts - ok
19:05:21.0189 0x2790  [ B77C2CCB7C1BC3836B3AB5644E63739E, 917749905E68FEE0D8A5752F77CC4EB313990875B02387D294029F9FC5E4ADD0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:05:21.0205 0x2790  LMS - ok
19:05:21.0211 0x2790  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:05:21.0224 0x2790  LSI_SAS - ok
19:05:21.0228 0x2790  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
19:05:21.0240 0x2790  LSI_SAS2i - ok
19:05:21.0245 0x2790  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
19:05:21.0257 0x2790  LSI_SAS3i - ok
19:05:21.0261 0x2790  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
19:05:21.0274 0x2790  LSI_SSS - ok
19:05:21.0288 0x2790  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\Windows\System32\lsm.dll
19:05:21.0321 0x2790  LSM - ok
19:05:21.0326 0x2790  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:05:21.0345 0x2790  luafv - ok
19:05:21.0349 0x2790  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\Windows\System32\moshost.dll
19:05:21.0372 0x2790  MapsBroker - ok
19:05:21.0378 0x2790  [ 3BEC6134F1E45AEF5E971F69F0D38510, 245D7CEEB6561166EE0472551D39A9D3CFDDA52A6BF2E924AB243CCA7FBC9009 ] MBAMChameleon   C:\Windows\system32\drivers\MBAMChameleon.sys
19:05:21.0394 0x2790  MBAMChameleon - ok
19:05:21.0399 0x2790  [ F3960CA85778E5D7611EE0F501972340, 0DE5C8509A9A66C8185B9FAA7EAF69C0FA9C28CD9DE84AA23E128E4FF8E06BF4 ] MBAMFarflt      C:\Windows\system32\drivers\farflt.sys
19:05:21.0410 0x2790  MBAMFarflt - ok
19:05:21.0413 0x2790  [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection  C:\Windows\system32\drivers\mbam.sys
19:05:21.0423 0x2790  MBAMProtection - ok
19:05:21.0528 0x2790  [ 28E521A6ABA9DE062A3719452816F495, B312A37DA052229DFB19353170CD5828582F8AC6426E857CA7C8ACA0DD91C160 ] MBAMService     E:\Anti-Malware\mbamservice.exe
19:05:21.0608 0x2790  MBAMService - ok
19:05:21.0621 0x2790  [ ABB371D9AEF728B0489B0E6872B4A1C0, E9539A4F85FE30F5BAED742778CA74C879995728668ABE6877C37633716D8770 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:05:21.0634 0x2790  MBAMSwissArmy - ok
19:05:21.0638 0x2790  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\Windows\system32\drivers\megasas.sys
19:05:21.0649 0x2790  megasas - ok
19:05:21.0653 0x2790  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\Windows\system32\drivers\MegaSas2i.sys
19:05:21.0665 0x2790  megasas2i - ok
19:05:21.0677 0x2790  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\Windows\system32\drivers\megasr.sys
19:05:21.0697 0x2790  megasr - ok
19:05:21.0704 0x2790  [ 220B49994DCFAC3BB242A8C3047E58A2, B01EA1751CE80E357DB643938F603DAE11A7F88B7B1187D769C5A3209A932E64 ] MEIx64          C:\Windows\System32\drivers\TeeDriverW8x64.sys
19:05:21.0718 0x2790  MEIx64 - ok
19:05:21.0723 0x2790  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\Windows\System32\MessagingService.dll
19:05:21.0739 0x2790  MessagingService - ok
19:05:21.0757 0x2790  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
19:05:21.0783 0x2790  mlx4_bus - ok
19:05:21.0787 0x2790  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
19:05:21.0808 0x2790  MMCSS - ok
19:05:21.0811 0x2790  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\Windows\system32\drivers\modem.sys
19:05:21.0828 0x2790  Modem - ok
19:05:21.0831 0x2790  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\Windows\System32\drivers\monitor.sys
19:05:21.0846 0x2790  monitor - ok
19:05:21.0850 0x2790  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
19:05:21.0862 0x2790  mouclass - ok
19:05:21.0865 0x2790  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\Windows\System32\drivers\mouhid.sys
19:05:21.0901 0x2790  mouhid - ok
19:05:21.0906 0x2790  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:05:21.0918 0x2790  mountmgr - ok
19:05:21.0923 0x2790  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:05:21.0942 0x2790  mpsdrv - ok
19:05:21.0960 0x2790  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:05:22.0000 0x2790  MpsSvc - ok
19:05:22.0007 0x2790  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:05:22.0027 0x2790  MRxDAV - ok
19:05:22.0037 0x2790  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:05:22.0056 0x2790  mrxsmb - ok
19:05:22.0063 0x2790  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:05:22.0085 0x2790  mrxsmb10 - ok
19:05:22.0092 0x2790  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:05:22.0106 0x2790  mrxsmb20 - ok
19:05:22.0111 0x2790  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\Windows\system32\drivers\bridge.sys
19:05:22.0128 0x2790  MsBridge - ok
19:05:22.0133 0x2790  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\Windows\System32\msdtc.exe
19:05:22.0151 0x2790  MSDTC - ok
19:05:22.0158 0x2790  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:05:22.0175 0x2790  Msfs - ok
19:05:22.0179 0x2790  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
19:05:22.0193 0x2790  msgpiowin32 - ok
19:05:22.0196 0x2790  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:05:22.0217 0x2790  mshidkmdf - ok
19:05:22.0220 0x2790  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
19:05:22.0237 0x2790  mshidumdf - ok
19:05:22.0239 0x2790  MSICDSetup - ok
19:05:22.0243 0x2790  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:05:22.0254 0x2790  msisadrv - ok
19:05:22.0260 0x2790  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:05:22.0280 0x2790  MSiSCSI - ok
19:05:22.0283 0x2790  msiserver - ok
19:05:22.0286 0x2790  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\Windows\system32\DRIVERS\MSKSSRV.sys
19:05:22.0304 0x2790  MSKSSRV - ok
19:05:22.0309 0x2790  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
19:05:22.0326 0x2790  MsLldp - ok
19:05:22.0329 0x2790  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\Windows\system32\DRIVERS\MSPCLOCK.sys
19:05:22.0347 0x2790  MSPCLOCK - ok
19:05:22.0350 0x2790  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\Windows\system32\DRIVERS\MSPQM.sys
19:05:22.0368 0x2790  MSPQM - ok
19:05:22.0377 0x2790  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:05:22.0395 0x2790  MsRPC - ok
19:05:22.0403 0x2790  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\Windows\system32\drivers\mssecflt.sys
19:05:22.0419 0x2790  MsSecFlt - ok
19:05:22.0423 0x2790  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
19:05:22.0434 0x2790  mssmbios - ok
19:05:22.0438 0x2790  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\Windows\system32\DRIVERS\MSTEE.sys
19:05:22.0457 0x2790  MSTEE - ok
19:05:22.0460 0x2790  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
19:05:22.0475 0x2790  MTConfig - ok
19:05:22.0479 0x2790  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:05:22.0492 0x2790  Mup - ok
19:05:22.0496 0x2790  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
19:05:22.0509 0x2790  mvumis - ok
19:05:22.0522 0x2790  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:05:22.0551 0x2790  NativeWifiP - ok
19:05:22.0556 0x2790  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\Windows\System32\ncasvc.dll
19:05:22.0578 0x2790  NcaSvc - ok
19:05:22.0588 0x2790  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\Windows\System32\ncbservice.dll
19:05:22.0615 0x2790  NcbService - ok
19:05:22.0620 0x2790  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
19:05:22.0653 0x2790  NcdAutoSetup - ok
19:05:22.0657 0x2790  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
19:05:22.0670 0x2790  ndfltr - ok
19:05:22.0691 0x2790  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:05:22.0722 0x2790  NDIS - ok
19:05:22.0728 0x2790  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
19:05:22.0744 0x2790  NdisCap - ok
19:05:22.0750 0x2790  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
19:05:22.0770 0x2790  NdisImPlatform - ok
19:05:22.0774 0x2790  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:05:22.0792 0x2790  NdisTapi - ok
19:05:22.0796 0x2790  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
19:05:22.0816 0x2790  Ndisuio - ok
19:05:22.0820 0x2790  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
19:05:22.0840 0x2790  NdisVirtualBus - ok
19:05:22.0846 0x2790  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
19:05:22.0868 0x2790  NdisWan - ok
19:05:22.0874 0x2790  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
19:05:22.0897 0x2790  ndiswanlegacy - ok
19:05:22.0901 0x2790  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
19:05:22.0920 0x2790  ndproxy - ok
19:05:22.0925 0x2790  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
19:05:22.0946 0x2790  Ndu - ok
19:05:22.0951 0x2790  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\Windows\system32\drivers\NetAdapterCx.sys
19:05:22.0970 0x2790  NetAdapterCx - ok
19:05:22.0974 0x2790  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
19:05:22.0986 0x2790  NetBIOS - ok
19:05:22.0994 0x2790  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:05:23.0019 0x2790  NetBT - ok
19:05:23.0024 0x2790  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\Windows\system32\lsass.exe
19:05:23.0040 0x2790  Netlogon - ok
19:05:23.0047 0x2790  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\Windows\System32\netman.dll
19:05:23.0068 0x2790  Netman - ok
19:05:23.0079 0x2790  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\Windows\System32\netprofmsvc.dll
19:05:23.0109 0x2790  netprofm - ok
19:05:23.0117 0x2790  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
19:05:23.0141 0x2790  NetSetupSvc - ok
19:05:23.0149 0x2790  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:05:23.0161 0x2790  NetTcpPortSharing - ok
19:05:23.0214 0x2790  [ 1F91B1E5FD41BDC3DF8AFFB81C8AA277, B8CB13863C1F0C589C008E191A393DF241F3067DD7CADE02B3B7D36B28BBA2ED ] NETwNb64        C:\Windows\System32\drivers\Netwbw02.sys
19:05:23.0308 0x2790  NETwNb64 - ok
19:05:23.0319 0x2790  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
19:05:23.0345 0x2790  NgcCtnrSvc - ok
19:05:23.0363 0x2790  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
19:05:23.0404 0x2790  NgcSvc - ok
19:05:23.0414 0x2790  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:05:23.0443 0x2790  NlaSvc - ok
19:05:23.0448 0x2790  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:05:23.0466 0x2790  Npfs - ok
19:05:23.0469 0x2790  npggsvc - ok
19:05:23.0472 0x2790  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
19:05:23.0489 0x2790  npsvctrig - ok
19:05:23.0493 0x2790  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\Windows\system32\nsisvc.dll
19:05:23.0511 0x2790  nsi - ok
19:05:23.0514 0x2790  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:05:23.0530 0x2790  nsiproxy - ok
19:05:23.0568 0x2790  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\Windows\system32\drivers\NTFS.sys
19:05:23.0617 0x2790  NTFS - ok
19:05:23.0620 0x2790  NTIOLib_1_0_C - ok
19:05:23.0628 0x2790  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\Windows\system32\drivers\Null.sys
19:05:23.0646 0x2790  Null - ok
19:05:23.0656 0x2790  [ 5CE986C82313E6F9D0973E2A74A0BA20, 9367D5A8257EA15B0DBCD6C8FDBFDF0B5B132A7C436E4F03AD84B958112DFA28 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
19:05:23.0672 0x2790  NvContainerLocalSystem - ok
19:05:23.0680 0x2790  [ 5CE986C82313E6F9D0973E2A74A0BA20, 9367D5A8257EA15B0DBCD6C8FDBFDF0B5B132A7C436E4F03AD84B958112DFA28 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
19:05:23.0695 0x2790  NvContainerNetworkService - ok
19:05:23.0703 0x2790  [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
19:05:23.0715 0x2790  NVHDA - ok
19:05:23.0734 0x2790  [ 0B7CFF94C247E661A9D5F7FDAB2F726B, 16D651A50347131CC6B96EB17096EFB22F9767572964E6C12CA1BF928E6C1397 ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
19:05:23.0760 0x2790  NVIDIA Wireless Controller Service - ok
19:05:23.0965 0x2790  [ 70BC7D732B4AA50EC77D262A89E63E08, 781507DB55582F8BD367020DA844DA6A5D75005E416A2E843255E0F4CA8F896D ] nvlddmkm        C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_410e5247be0e5f00\nvlddmkm.sys
19:05:24.0181 0x2790  nvlddmkm - ok
19:05:24.0196 0x2790  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:05:24.0209 0x2790  nvraid - ok
19:05:24.0215 0x2790  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:05:24.0228 0x2790  nvstor - ok
19:05:24.0232 0x2790  [ 5FA3A8CE5BAA23E2C9D18EA154017BC4, 6C2B0546FB9D8A4C7A747AB776BB98C8A90D2745FA0D293FA63DABBF67C7ED58 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:05:24.0241 0x2790  NvStreamKms - ok
19:05:24.0245 0x2790  [ 1D54A108BFAD4ED568E393518769F516, D0BE8343784DDD2B7CADFC85779CC72C78D49601E9C746D13D8134CE38DD920F ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:05:24.0257 0x2790  nvvad_WaveExtensible - ok
19:05:24.0266 0x2790  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\Windows\System32\APHostService.dll
19:05:24.0291 0x2790  OneSyncSvc - ok
19:05:24.0365 0x2790  [ AD851D818F399DD946A9C17AB2156F22, 4A541E7A3A3164581BFB9080DE0976E18F6DD00E39458EBBCBD3B2445708BEB5 ] Origin Client Service E:\Origins\OriginClientService.exe
19:05:24.0405 0x2790  Origin Client Service - ok
19:05:24.0450 0x2790  [ 788363C87EBD90AC1EAD2DC5A9A40759, B565663B459414C5C9F81451D9A127D62CDF605BC2A9E686F74A2E4FD44A9B43 ] Origin Web Helper Service E:\Origins\OriginWebHelperService.exe
19:05:24.0490 0x2790  Origin Web Helper Service - ok
19:05:24.0504 0x2790  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:05:24.0531 0x2790  p2pimsvc - ok
19:05:24.0540 0x2790  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\Windows\system32\p2psvc.dll
19:05:24.0565 0x2790  p2psvc - ok
19:05:24.0570 0x2790  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\Windows\System32\drivers\parport.sys
19:05:24.0587 0x2790  Parport - ok

Yvi1993 · 05.01.2017, 19:11

Code:

ATTFilter

19:05:24.0592 0x2790  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:05:24.0605 0x2790  partmgr - ok
19:05:24.0616 0x2790  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:05:24.0637 0x2790  PcaSvc - ok
19:05:24.0646 0x2790  [ E2DD2E5BDCCD225670831B439826065B, 0153F1CE26D402C03CFC155F428EBA04D6EA8E19A28AF629B1CE347363B7697C ] pci             C:\Windows\system32\drivers\pci.sys
19:05:24.0665 0x2790  pci - ok
19:05:24.0669 0x2790  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\Windows\system32\drivers\pciide.sys
19:05:24.0685 0x2790  pciide - ok
19:05:24.0690 0x2790  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:05:24.0703 0x2790  pcmcia - ok
19:05:24.0711 0x2790  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:05:24.0723 0x2790  pcw - ok
19:05:24.0728 0x2790  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\Windows\system32\drivers\pdc.sys
19:05:24.0740 0x2790  pdc - ok
19:05:24.0755 0x2790  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:05:24.0788 0x2790  PEAUTH - ok
19:05:24.0820 0x2790  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:05:24.0889 0x2790  PeerDistSvc - ok
19:05:24.0895 0x2790  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
19:05:24.0906 0x2790  percsas2i - ok
19:05:24.0911 0x2790  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
19:05:24.0923 0x2790  percsas3i - ok
19:05:24.0937 0x2790  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:05:24.0954 0x2790  PerfHost - ok
19:05:24.0974 0x2790  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\Windows\System32\PhoneService.dll
19:05:25.0009 0x2790  PhoneSvc - ok
19:05:25.0018 0x2790  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
19:05:25.0040 0x2790  PimIndexMaintenanceSvc - ok
19:05:25.0066 0x2790  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\Windows\system32\pla.dll
19:05:25.0119 0x2790  pla - ok
19:05:25.0126 0x2790  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:05:25.0146 0x2790  PlugPlay - ok
19:05:25.0150 0x2790  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:05:25.0165 0x2790  PNRPAutoReg - ok
19:05:25.0175 0x2790  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:05:25.0197 0x2790  PNRPsvc - ok
19:05:25.0207 0x2790  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:05:25.0233 0x2790  PolicyAgent - ok
19:05:25.0239 0x2790  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\Windows\system32\umpo.dll
19:05:25.0259 0x2790  Power - ok
19:05:25.0264 0x2790  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
19:05:25.0288 0x2790  PptpMiniport - ok
19:05:25.0341 0x2790  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
19:05:25.0440 0x2790  PrintNotify - ok
19:05:25.0447 0x2790  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\Windows\System32\drivers\processr.sys
19:05:25.0464 0x2790  Processor - ok
19:05:25.0473 0x2790  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:05:25.0504 0x2790  ProfSvc - ok
19:05:25.0511 0x2790  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\Windows\system32\drivers\pacer.sys
19:05:25.0524 0x2790  Psched - ok
19:05:25.0532 0x2790  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\Windows\system32\qwave.dll
19:05:25.0555 0x2790  QWAVE - ok
19:05:25.0559 0x2790  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:05:25.0574 0x2790  QWAVEdrv - ok
19:05:25.0577 0x2790  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:05:25.0591 0x2790  RasAcd - ok
19:05:25.0597 0x2790  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
19:05:25.0615 0x2790  RasAgileVpn - ok
19:05:25.0619 0x2790  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\Windows\System32\rasauto.dll
19:05:25.0637 0x2790  RasAuto - ok
19:05:25.0642 0x2790  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
19:05:25.0663 0x2790  Rasl2tp - ok
19:05:25.0677 0x2790  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\Windows\System32\rasmans.dll
19:05:25.0713 0x2790  RasMan - ok
19:05:25.0718 0x2790  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:05:25.0734 0x2790  RasPppoe - ok
19:05:25.0739 0x2790  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
19:05:25.0759 0x2790  RasSstp - ok
19:05:25.0766 0x2790  [ 5753CD9159718444F6D9E1634B984BF5, A4D6FB6583724F3DDDBA768D7786EB7E3AB1C8074F66DA9462BBB159CDFA2868 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
19:05:25.0778 0x2790  Razer Game Scanner Service - ok
19:05:25.0788 0x2790  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:05:25.0806 0x2790  rdbss - ok
19:05:25.0812 0x2790  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
19:05:25.0828 0x2790  rdpbus - ok
19:05:25.0834 0x2790  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:05:25.0853 0x2790  RDPDR - ok
19:05:25.0860 0x2790  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:05:25.0871 0x2790  RdpVideoMiniport - ok
19:05:25.0879 0x2790  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:05:25.0898 0x2790  rdyboost - ok
19:05:25.0916 0x2790  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
19:05:25.0943 0x2790  ReFSv1 - ok
19:05:25.0957 0x2790  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:05:25.0987 0x2790  RemoteAccess - ok
19:05:25.0993 0x2790  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:05:26.0016 0x2790  RemoteRegistry - ok
19:05:26.0030 0x2790  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\Windows\system32\RDXService.dll
19:05:26.0069 0x2790  RetailDemo - ok
19:05:26.0075 0x2790  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
19:05:26.0097 0x2790  RFCOMM - ok
19:05:26.0103 0x2790  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\Windows\System32\RMapi.dll
19:05:26.0123 0x2790  RmSvc - ok
19:05:26.0128 0x2790  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:05:26.0146 0x2790  RpcEptMapper - ok
19:05:26.0149 0x2790  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\Windows\system32\locator.exe
19:05:26.0164 0x2790  RpcLocator - ok
19:05:26.0180 0x2790  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\Windows\system32\rpcss.dll
19:05:26.0217 0x2790  RpcSs - ok
19:05:26.0225 0x2790  [ 5BEBB8AFA0203EE5283C1049647F7B3C, 6B98A3965951E3BF7A098E033C7AF9F66563E71B6747BC6319519B691A471072 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
19:05:26.0239 0x2790  RSP2STOR - ok
19:05:26.0244 0x2790  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\Windows\system32\drivers\rspndr.sys
19:05:26.0260 0x2790  rspndr - ok
19:05:26.0277 0x2790  [ 62F6CEF17A33CA0F97033E0F0ABB4020, B47577F910EB444F5C992B8DFC4A6586606C50F55482DBA82AB4B20A52DA48D6 ] rt640x64        C:\Windows\System32\drivers\rt640x64.sys
19:05:26.0302 0x2790  rt640x64 - ok
19:05:26.0312 0x2790  [ 1E3B00B7645272F9033DDA2E26A0285B, 36E8BA7F2356227650E00AE85857BC06DB15E2A93132A4A5FCBC60E1E8EC33C4 ] rtop            C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
19:05:26.0324 0x2790  rtop - ok
19:05:26.0335 0x2790  [ AE4607D7C7AA83A863BFA214483E8EE4, 828CC9F40BAB2F65AF75608D37ED17EF608E73E911132DD085F0685F163EFEC6 ] RTSUER          C:\Windows\system32\Drivers\RtsUer.sys
19:05:26.0349 0x2790  RTSUER - ok
19:05:26.0353 0x2790  [ 55FFB814690A7D8A9E592B3DE1E0F6B6, 860F42D44D8C811D657BAF404939AE3451D6E766BAFFD6FD4912E313683EA316 ] rzendpt         C:\Windows\System32\drivers\rzendpt.sys
19:05:26.0363 0x2790  rzendpt - ok
19:05:26.0367 0x2790  [ 21B6EA7F223FF574AA4C1A0635224E54, F4A8774A0CBD9887C9FD07E7C8A1A2D5BC3731140024E44821C60C2A507C6EC4 ] rzmpos          C:\Windows\System32\drivers\rzmpos.sys
19:05:26.0377 0x2790  rzmpos - ok
19:05:26.0381 0x2790  [ 30A186D6A2A2853EEFAD7011E212E41B, 367B8FCCF29470C9237FC1F0EAEB59AE51E33778BC9914A2730AC7DDBC84942B ] rzpmgrk         C:\Windows\system32\drivers\rzpmgrk.sys
19:05:26.0391 0x2790  rzpmgrk - ok
19:05:26.0396 0x2790  [ B4598C05D5440250633E25933FFF42B0, A66D2FB7EF7350EA74D4290C57FB62BC59C6EA93F759D4CA93C3FEBCA7AEB512 ] rzpnk           C:\Windows\system32\drivers\rzpnk.sys
19:05:26.0406 0x2790  rzpnk - ok
19:05:26.0413 0x2790  [ 421497E425AFB40502013F362E4FA230, 20E2372BEE4BFB21138CA574C9806EC399DDA9D3439F3C391E34ABB2E518106D ] rzudd           C:\Windows\System32\drivers\rzudd.sys
19:05:26.0424 0x2790  rzudd - ok
19:05:26.0429 0x2790  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
19:05:26.0443 0x2790  s3cap - ok
19:05:26.0447 0x2790  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\Windows\system32\lsass.exe
19:05:26.0458 0x2790  SamSs - ok
19:05:26.0464 0x2790  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:05:26.0476 0x2790  sbp2port - ok
19:05:26.0484 0x2790  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:05:26.0510 0x2790  SCardSvr - ok
19:05:26.0518 0x2790  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
19:05:26.0539 0x2790  ScDeviceEnum - ok
19:05:26.0543 0x2790  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:05:26.0559 0x2790  scfilter - ok
19:05:26.0576 0x2790  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\Windows\system32\schedsvc.dll
19:05:26.0618 0x2790  Schedule - ok
19:05:26.0623 0x2790  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\Windows\system32\drivers\scmbus.sys
19:05:26.0636 0x2790  scmbus - ok
19:05:26.0641 0x2790  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\Windows\System32\drivers\scmdisk0101.sys
19:05:26.0658 0x2790  scmdisk0101 - ok
19:05:26.0664 0x2790  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:05:26.0684 0x2790  SCPolicySvc - ok
19:05:26.0692 0x2790  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\Windows\System32\drivers\sdbus.sys
19:05:26.0713 0x2790  sdbus - ok
19:05:26.0719 0x2790  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:05:26.0740 0x2790  SDRSVC - ok
19:05:26.0745 0x2790  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
19:05:26.0758 0x2790  sdstor - ok
19:05:26.0761 0x2790  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\Windows\system32\seclogon.dll
19:05:26.0779 0x2790  seclogon - ok
19:05:26.0783 0x2790  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\Windows\System32\sens.dll
19:05:26.0802 0x2790  SENS - ok
19:05:26.0804 0x2790  Sense - ok
19:05:26.0827 0x2790  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\Windows\System32\SensorDataService.exe
19:05:26.0871 0x2790  SensorDataService - ok
19:05:26.0882 0x2790  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\Windows\system32\SensorService.dll
19:05:26.0913 0x2790  SensorService - ok
19:05:26.0919 0x2790  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:05:26.0941 0x2790  SensrSvc - ok
19:05:26.0945 0x2790  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
19:05:26.0957 0x2790  SerCx - ok
19:05:26.0962 0x2790  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
19:05:26.0975 0x2790  SerCx2 - ok
19:05:26.0979 0x2790  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\Windows\System32\drivers\serenum.sys
19:05:26.0994 0x2790  Serenum - ok
19:05:26.0998 0x2790  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\Windows\System32\drivers\serial.sys
19:05:27.0014 0x2790  Serial - ok
19:05:27.0018 0x2790  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\Windows\System32\drivers\sermouse.sys
19:05:27.0034 0x2790  sermouse - ok
19:05:27.0048 0x2790  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\Windows\system32\sessenv.dll
19:05:27.0072 0x2790  SessionEnv - ok
19:05:27.0076 0x2790  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
19:05:27.0091 0x2790  sfloppy - ok
19:05:27.0104 0x2790  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:05:27.0136 0x2790  SharedAccess - ok
19:05:27.0150 0x2790  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:05:27.0184 0x2790  ShellHWDetection - ok
19:05:27.0190 0x2790  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\Windows\system32\Windows.SharedPC.AccountManager.dll
19:05:27.0210 0x2790  shpamsvc - ok
19:05:27.0214 0x2790  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:05:27.0226 0x2790  SiSRaid2 - ok
19:05:27.0230 0x2790  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:05:27.0242 0x2790  SiSRaid4 - ok
19:05:27.0246 0x2790  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\Windows\System32\smphost.dll
19:05:27.0264 0x2790  smphost - ok
19:05:27.0276 0x2790  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
19:05:27.0307 0x2790  SmsRouter - ok
19:05:27.0317 0x2790  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:05:27.0336 0x2790  SNMPTRAP - ok
19:05:27.0388 0x2790  [ BAD3D2689B3A4BC770CDD07B5B5AEBED, BA59C0BF99840FAD1537DAA5F6DCC45ED262E22F1D7E6D73AEBFF50A5C8F584D ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
19:05:27.0447 0x2790  SNP2UVC - ok
19:05:27.0465 0x2790  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\Windows\system32\drivers\spaceport.sys
19:05:27.0486 0x2790  spaceport - ok
19:05:27.0491 0x2790  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
19:05:27.0503 0x2790  SpbCx - ok
19:05:27.0519 0x2790  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\Windows\System32\spoolsv.exe
19:05:27.0552 0x2790  Spooler - ok
19:05:27.0635 0x2790  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\Windows\system32\sppsvc.exe
19:05:27.0745 0x2790  sppsvc - ok
19:05:27.0762 0x2790  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:05:27.0786 0x2790  srv - ok
19:05:27.0801 0x2790  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:05:27.0833 0x2790  srv2 - ok
19:05:27.0841 0x2790  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:05:27.0860 0x2790  srvnet - ok
19:05:27.0867 0x2790  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:05:27.0890 0x2790  SSDPSRV - ok
19:05:27.0897 0x2790  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:05:27.0918 0x2790  SstpSvc - ok
19:05:27.0924 0x2790  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
19:05:27.0939 0x2790  ssudmdm - ok
19:05:28.0000 0x2790  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\Windows\system32\windows.staterepository.dll
19:05:28.0118 0x2790  StateRepository - ok
19:05:28.0147 0x2790  [ 9867A86327E8AE3806305F1BCF01211A, CCDDB2560B30D27CE662F1B02710E1FAA9331E6A27D9A6629EEDED2CBA822062 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:05:28.0177 0x2790  Steam Client Service - ok
19:05:28.0182 0x2790  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:05:28.0193 0x2790  stexstor - ok
19:05:28.0206 0x2790  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\Windows\System32\wiaservc.dll
19:05:28.0242 0x2790  stisvc - ok
19:05:28.0248 0x2790  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\Windows\system32\drivers\storahci.sys
19:05:28.0261 0x2790  storahci - ok
19:05:28.0265 0x2790  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:05:28.0276 0x2790  storflt - ok
19:05:28.0281 0x2790  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\Windows\system32\drivers\stornvme.sys
19:05:28.0293 0x2790  stornvme - ok
19:05:28.0298 0x2790  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
19:05:28.0317 0x2790  storqosflt - ok
19:05:28.0327 0x2790  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\Windows\system32\storsvc.dll
19:05:28.0356 0x2790  StorSvc - ok
19:05:28.0361 0x2790  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\Windows\system32\drivers\storufs.sys
19:05:28.0372 0x2790  storufs - ok
19:05:28.0376 0x2790  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:05:28.0389 0x2790  storvsc - ok
19:05:28.0393 0x2790  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\Windows\system32\svsvc.dll
19:05:28.0410 0x2790  svsvc - ok
19:05:28.0414 0x2790  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\Windows\System32\drivers\swenum.sys
19:05:28.0425 0x2790  swenum - ok
19:05:28.0436 0x2790  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\Windows\System32\swprv.dll
19:05:28.0465 0x2790  swprv - ok
19:05:28.0469 0x2790  [ 50A11202CD60C90149907D53D34EF98F, 45C3E79EF6ABC9D3BADC6AB9E66DA8AFDC6CDDA68C3B5D20193D7D1AA8271EFA ] SynRMIHID       C:\Windows\system32\DRIVERS\SynRMIHID.sys
19:05:28.0480 0x2790  SynRMIHID - ok
19:05:28.0484 0x2790  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
19:05:28.0501 0x2790  Synth3dVsc - ok
19:05:28.0520 0x2790  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\Windows\system32\sysmain.dll
19:05:28.0563 0x2790  SysMain - ok
19:05:28.0573 0x2790  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
19:05:28.0599 0x2790  SystemEventsBroker - ok
19:05:28.0605 0x2790  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:05:28.0625 0x2790  TabletInputService - ok
19:05:28.0633 0x2790  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:05:28.0655 0x2790  TapiSrv - ok
19:05:28.0696 0x2790  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:05:28.0754 0x2790  Tcpip - ok
19:05:28.0799 0x2790  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
19:05:28.0854 0x2790  Tcpip6 - ok
19:05:28.0865 0x2790  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:05:28.0882 0x2790  tcpipreg - ok
19:05:28.0891 0x2790  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:05:28.0903 0x2790  tdx - ok
19:05:28.0908 0x2790  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
19:05:28.0919 0x2790  terminpt - ok
19:05:28.0938 0x2790  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\Windows\System32\termsrv.dll
19:05:28.0982 0x2790  TermService - ok
19:05:28.0988 0x2790  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\Windows\system32\themeservice.dll
19:05:29.0008 0x2790  Themes - ok
19:05:29.0017 0x2790  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
19:05:29.0041 0x2790  TieringEngineService - ok
19:05:29.0053 0x2790  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
19:05:29.0086 0x2790  tiledatamodelsvc - ok
19:05:29.0094 0x2790  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\Windows\System32\TimeBrokerServer.dll
19:05:29.0114 0x2790  TimeBrokerSvc - ok
19:05:29.0122 0x2790  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\Windows\System32\drivers\tpm.sys
19:05:29.0137 0x2790  TPM - ok
19:05:29.0143 0x2790  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\Windows\System32\trkwks.dll
19:05:29.0164 0x2790  TrkWks - ok
19:05:29.0170 0x2790  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:05:29.0192 0x2790  TrustedInstaller - ok
19:05:29.0198 0x2790  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\Windows\system32\drivers\TsUsbFlt.sys
19:05:29.0215 0x2790  tsusbflt - ok
19:05:29.0220 0x2790  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
19:05:29.0234 0x2790  TsUsbGD - ok
19:05:29.0240 0x2790  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
19:05:29.0259 0x2790  tsusbhub - ok
19:05:29.0266 0x2790  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\Windows\System32\drivers\tunnel.sys
19:05:29.0284 0x2790  tunnel - ok
19:05:29.0290 0x2790  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
19:05:29.0309 0x2790  tzautoupdate - ok
19:05:29.0314 0x2790  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
19:05:29.0325 0x2790  UASPStor - ok
19:05:29.0332 0x2790  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
19:05:29.0349 0x2790  UcmCx0101 - ok
19:05:29.0354 0x2790  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\Windows\system32\Drivers\UcmTcpciCx.sys
19:05:29.0374 0x2790  UcmTcpciCx0101 - ok
19:05:29.0378 0x2790  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\Windows\System32\drivers\UcmUcsi.sys
19:05:29.0396 0x2790  UcmUcsi - ok
19:05:29.0403 0x2790  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
19:05:29.0419 0x2790  Ucx01000 - ok
19:05:29.0424 0x2790  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\Windows\system32\drivers\udecx.sys
19:05:29.0441 0x2790  UdeCx - ok
19:05:29.0450 0x2790  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:05:29.0476 0x2790  udfs - ok
19:05:29.0480 0x2790  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
19:05:29.0491 0x2790  UEFI - ok
19:05:29.0495 0x2790  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\Windows\system32\drivers\UevAgentDriver.sys
19:05:29.0507 0x2790  UevAgentDriver - ok
19:05:29.0531 0x2790  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\Windows\system32\AgentService.exe
19:05:29.0575 0x2790  UevAgentService - ok
19:05:29.0585 0x2790  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
19:05:29.0603 0x2790  Ufx01000 - ok
19:05:29.0609 0x2790  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\Windows\System32\drivers\UfxChipidea.sys
19:05:29.0621 0x2790  UfxChipidea - ok
19:05:29.0627 0x2790  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
19:05:29.0640 0x2790  ufxsynopsys - ok
19:05:29.0648 0x2790  [ 60ED10E6373966FE44CAC9CEC77B2433, 14CB93F174793D53BABFC00EF20C9F05F97D802B92052BA7476DEA83737EB582 ] UHSfiltv        C:\Windows\system32\drivers\UHSfiltv.sys
19:05:29.0659 0x2790  UHSfiltv - ok
19:05:29.0664 0x2790  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:05:29.0681 0x2790  UI0Detect - ok
19:05:29.0685 0x2790  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\Windows\System32\drivers\umbus.sys
19:05:29.0701 0x2790  umbus - ok
19:05:29.0705 0x2790  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\Windows\System32\drivers\umpass.sys
19:05:29.0719 0x2790  UmPass - ok
19:05:29.0727 0x2790  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:05:29.0749 0x2790  UmRdpService - ok
19:05:29.0770 0x2790  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\Windows\System32\unistore.dll
19:05:29.0818 0x2790  UnistoreSvc - ok
19:05:29.0831 0x2790  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\Windows\System32\upnphost.dll
19:05:29.0861 0x2790  upnphost - ok
19:05:29.0866 0x2790  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\Windows\System32\drivers\urschipidea.sys
19:05:29.0877 0x2790  UrsChipidea - ok
19:05:29.0881 0x2790  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
19:05:29.0892 0x2790  UrsCx01000 - ok
19:05:29.0897 0x2790  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\Windows\System32\drivers\urssynopsys.sys
19:05:29.0908 0x2790  UrsSynopsys - ok
19:05:29.0913 0x2790  [ 93F169DE94DBAC5DAF4755AFF10193DD, 381E6751EB97426B9BF30929E4B82A665D1ED985DA60BE18D3C17CF2BB41F848 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:05:29.0931 0x2790  usbaudio - ok
19:05:29.0937 0x2790  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
19:05:29.0951 0x2790  usbccgp - ok
19:05:29.0956 0x2790  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\Windows\System32\drivers\usbcir.sys
19:05:29.0972 0x2790  usbcir - ok
19:05:29.0977 0x2790  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
19:05:29.0991 0x2790  usbehci - ok
19:05:30.0003 0x2790  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
19:05:30.0023 0x2790  usbhub - ok
19:05:30.0035 0x2790  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
19:05:30.0056 0x2790  USBHUB3 - ok
19:05:30.0061 0x2790  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
19:05:30.0074 0x2790  usbohci - ok
19:05:30.0078 0x2790  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
19:05:30.0093 0x2790  usbprint - ok
19:05:30.0100 0x2790  [ 4BAAADF7DA222BB74E9A0A01CCF42A80, 1578A275F62DDD5DD22A8ADCBF575EBA77041CABA0C7E4FFC181F8AB9236953B ] usbrndis6       C:\Windows\System32\drivers\usb80236.sys
19:05:30.0117 0x2790  usbrndis6 - ok
19:05:30.0122 0x2790  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\Windows\System32\drivers\usbser.sys
19:05:30.0138 0x2790  usbser - ok
19:05:30.0144 0x2790  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
19:05:30.0157 0x2790  USBSTOR - ok
19:05:30.0161 0x2790  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
19:05:30.0176 0x2790  usbuhci - ok
19:05:30.0183 0x2790  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:05:30.0208 0x2790  usbvideo - ok
19:05:30.0218 0x2790  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
19:05:30.0235 0x2790  USBXHCI - ok
19:05:30.0240 0x2790  [ 836828E40B9EEFBC77B3032DB677555C, 8AC045B43086E800B03412895D4DBCF506D1B729791CF24EB2ECA3F0F1C9BDEB ] usb_rndisx      C:\Windows\System32\drivers\usb8023x.sys
19:05:30.0254 0x2790  usb_rndisx - ok
19:05:30.0280 0x2790  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\Windows\System32\userdataservice.dll
19:05:30.0333 0x2790  UserDataSvc - ok
19:05:30.0355 0x2790  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\Windows\System32\usermgr.dll
19:05:30.0399 0x2790  UserManager - ok
19:05:30.0413 0x2790  [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc          C:\Windows\system32\usocore.dll
19:05:30.0444 0x2790  UsoSvc - ok
19:05:30.0448 0x2790  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\Windows\system32\lsass.exe
19:05:30.0461 0x2790  VaultSvc - ok
19:05:30.0465 0x2790  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:05:30.0476 0x2790  vdrvroot - ok
19:05:30.0492 0x2790  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\Windows\System32\vds.exe
19:05:30.0525 0x2790  vds - ok
19:05:30.0532 0x2790  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
19:05:30.0546 0x2790  VerifierExt - ok
19:05:30.0562 0x2790  [ 46ADD0CD4473AAEF1C68266A803F704D, D521E46891253884CF8285E864FAE63F2E8E0974AD8D2EB4D910E8A35350844F ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
19:05:30.0585 0x2790  vhdmp - ok
19:05:30.0590 0x2790  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\Windows\System32\drivers\vhf.sys
19:05:30.0608 0x2790  vhf - ok
19:05:30.0614 0x2790  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:05:30.0629 0x2790  vmbus - ok
19:05:30.0633 0x2790  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
19:05:30.0648 0x2790  VMBusHID - ok
19:05:30.0652 0x2790  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\Windows\System32\drivers\vmgid.sys
19:05:30.0667 0x2790  vmgid - ok
19:05:30.0675 0x2790  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\Windows\System32\icsvc.dll
19:05:30.0700 0x2790  vmicguestinterface - ok
19:05:30.0707 0x2790  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\Windows\System32\icsvc.dll
19:05:30.0728 0x2790  vmicheartbeat - ok
19:05:30.0735 0x2790  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\Windows\System32\icsvc.dll
19:05:30.0756 0x2790  vmickvpexchange - ok
19:05:30.0766 0x2790  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\Windows\System32\icsvcext.dll
19:05:30.0791 0x2790  vmicrdv - ok
19:05:30.0799 0x2790  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\Windows\System32\icsvc.dll
19:05:30.0826 0x2790  vmicshutdown - ok
19:05:30.0834 0x2790  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\Windows\System32\icsvc.dll
19:05:30.0855 0x2790  vmictimesync - ok
19:05:30.0862 0x2790  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\Windows\System32\icsvc.dll
19:05:30.0882 0x2790  vmicvmsession - ok
19:05:30.0892 0x2790  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\Windows\System32\icsvcext.dll
19:05:30.0913 0x2790  vmicvss - ok
19:05:30.0918 0x2790  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:05:30.0930 0x2790  volmgr - ok
19:05:30.0939 0x2790  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:05:30.0956 0x2790  volmgrx - ok
19:05:30.0966 0x2790  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:05:30.0985 0x2790  volsnap - ok
19:05:30.0989 0x2790  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\Windows\system32\drivers\volume.sys
19:05:31.0000 0x2790  volume - ok
19:05:31.0005 0x2790  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\Windows\System32\drivers\vpci.sys
19:05:31.0021 0x2790  vpci - ok
19:05:31.0028 0x2790  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:05:31.0042 0x2790  vsmraid - ok
19:05:31.0066 0x2790  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\Windows\system32\vssvc.exe
19:05:31.0115 0x2790  VSS - ok
19:05:31.0128 0x2790  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
19:05:31.0144 0x2790  VSTXRAID - ok
19:05:31.0148 0x2790  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:05:31.0165 0x2790  vwifibus - ok
19:05:31.0170 0x2790  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
19:05:31.0186 0x2790  vwififlt - ok
19:05:31.0190 0x2790  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\Windows\System32\drivers\vwifimp.sys
19:05:31.0205 0x2790  vwifimp - ok
19:05:31.0216 0x2790  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\Windows\system32\w32time.dll
19:05:31.0248 0x2790  W32Time - ok
19:05:31.0253 0x2790  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
19:05:31.0267 0x2790  WacomPen - ok
19:05:31.0278 0x2790  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\Windows\system32\WalletService.dll
19:05:31.0305 0x2790  WalletService - ok
19:05:31.0311 0x2790  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
19:05:31.0331 0x2790  wanarp - ok
19:05:31.0335 0x2790  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:05:31.0354 0x2790  wanarpv6 - ok
19:05:31.0381 0x2790  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\Windows\system32\wbengine.exe
19:05:31.0440 0x2790  wbengine - ok
19:05:31.0458 0x2790  [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:05:31.0496 0x2790  WbioSrvc - ok
19:05:31.0502 0x2790  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\Windows\system32\drivers\wcifs.sys
19:05:31.0514 0x2790  wcifs - ok
19:05:31.0529 0x2790  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
19:05:31.0567 0x2790  Wcmsvc - ok
19:05:31.0579 0x2790  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:05:31.0608 0x2790  wcncsvc - ok
19:05:31.0613 0x2790  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\Windows\system32\drivers\wcnfs.sys
19:05:31.0631 0x2790  wcnfs - ok
19:05:31.0636 0x2790  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
19:05:31.0650 0x2790  WdBoot - ok
19:05:31.0667 0x2790  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:05:31.0690 0x2790  Wdf01000 - ok
19:05:31.0710 0x2790  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
19:05:31.0727 0x2790  WdFilter - ok
19:05:31.0732 0x2790  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:05:31.0752 0x2790  WdiServiceHost - ok
19:05:31.0756 0x2790  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:05:31.0776 0x2790  WdiSystemHost - ok
19:05:31.0792 0x2790  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
19:05:31.0822 0x2790  wdiwifi - ok
19:05:31.0830 0x2790  [ 9955F303C20C4F58DB6645C6248DE1C8, 1A04B5C0EF2FE0CDBA054104727C54A02072B829BEAF4F3E4D16E581B50593F1 ] wdm_usb         C:\Windows\system32\DRIVERS\usb2ser.sys
19:05:31.0847 0x2790  wdm_usb - ok
19:05:31.0853 0x2790  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
19:05:31.0866 0x2790  WdNisDrv - ok
19:05:31.0869 0x2790  WdNisSvc - ok
19:05:31.0877 0x2790  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\Windows\System32\webclnt.dll
19:05:31.0899 0x2790  WebClient - ok
19:05:31.0906 0x2790  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:05:31.0931 0x2790  Wecsvc - ok
19:05:31.0935 0x2790  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
19:05:31.0953 0x2790  WEPHOSTSVC - ok
19:05:31.0959 0x2790  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:05:31.0981 0x2790  wercplsupport - ok
19:05:31.0987 0x2790  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:05:32.0008 0x2790  WerSvc - ok
19:05:32.0015 0x2790  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
19:05:32.0032 0x2790  WFPLWFS - ok
19:05:32.0037 0x2790  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\Windows\System32\wiarpc.dll
19:05:32.0057 0x2790  WiaRpc - ok
19:05:32.0061 0x2790  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:05:32.0072 0x2790  WIMMount - ok
19:05:32.0075 0x2790  WinDefend - ok
19:05:32.0085 0x2790  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
19:05:32.0098 0x2790  WindowsTrustedRT - ok
19:05:32.0102 0x2790  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
19:05:32.0113 0x2790  WindowsTrustedRTProxy - ok
19:05:32.0129 0x2790  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
19:05:32.0164 0x2790  WinHttpAutoProxySvc - ok
19:05:32.0169 0x2790  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\Windows\System32\drivers\winmad.sys
19:05:32.0180 0x2790  WinMad - ok
19:05:32.0189 0x2790  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:05:32.0211 0x2790  Winmgmt - ok
19:05:32.0256 0x2790  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:05:32.0346 0x2790  WinRM - ok
19:05:32.0358 0x2790  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
19:05:32.0373 0x2790  WINUSB - ok
19:05:32.0378 0x2790  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
19:05:32.0390 0x2790  WinVerbs - ok
19:05:32.0404 0x2790  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc           C:\Windows\system32\flightsettings.dll
19:05:32.0437 0x2790  wisvc - ok
19:05:32.0477 0x2790  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\Windows\System32\wlansvc.dll
19:05:32.0548 0x2790  WlanSvc - ok
19:05:32.0586 0x2790  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
19:05:32.0659 0x2790  wlidsvc - ok
19:05:32.0665 0x2790  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
19:05:32.0680 0x2790  WmiAcpi - ok
19:05:32.0691 0x2790  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:05:32.0710 0x2790  wmiApSrv - ok
19:05:32.0713 0x2790  WMPNetworkSvc - ok
19:05:32.0721 0x2790  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\Windows\system32\drivers\Wof.sys
19:05:32.0735 0x2790  Wof - ok
19:05:32.0769 0x2790  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
19:05:32.0864 0x2790  workfolderssvc - ok
19:05:32.0871 0x2790  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:05:32.0892 0x2790  WPDBusEnum - ok
19:05:32.0897 0x2790  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
19:05:32.0907 0x2790  WpdUpFltr - ok
19:05:32.0915 0x2790  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\Windows\system32\WpnService.dll
19:05:32.0938 0x2790  WpnService - ok
19:05:32.0943 0x2790  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\Windows\System32\WpnUserService.dll
19:05:32.0961 0x2790  WpnUserService - ok
19:05:32.0968 0x2790  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:05:32.0985 0x2790  ws2ifsl - ok
19:05:32.0991 0x2790  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\Windows\System32\wscsvc.dll
19:05:33.0013 0x2790  wscsvc - ok
19:05:33.0017 0x2790  [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
19:05:33.0033 0x2790  WSDPrintDevice - ok
19:05:33.0037 0x2790  [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
19:05:33.0053 0x2790  WSDScan - ok
19:05:33.0057 0x2790  WSearch - ok
19:05:33.0098 0x2790  [ 5163F5BABAE1FF8CCC0AFD60B6EDD20A, E4F3FC2D7E9995DD34D6DD392D33B51649077985ECA0BF2AF0552D72DC3DF08E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:05:33.0175 0x2790  wuauserv - ok
19:05:33.0182 0x2790  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:05:33.0199 0x2790  WudfPf - ok
19:05:33.0206 0x2790  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\Windows\system32\drivers\WudfRd.sys
19:05:33.0226 0x2790  WUDFRd - ok
19:05:33.0232 0x2790  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:05:33.0249 0x2790  wudfsvc - ok
19:05:33.0256 0x2790  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
19:05:33.0279 0x2790  WUDFWpdFs - ok
19:05:33.0287 0x2790  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
19:05:33.0305 0x2790  WUDFWpdMtp - ok
19:05:33.0328 0x2790  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:05:33.0378 0x2790  WwanSvc - ok
19:05:33.0398 0x2790  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
19:05:33.0440 0x2790  XblAuthManager - ok
19:05:33.0462 0x2790  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\Windows\System32\XblGameSave.dll
19:05:33.0509 0x2790  XblGameSave - ok
19:05:33.0518 0x2790  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
19:05:33.0541 0x2790  xboxgip - ok
19:05:33.0560 0x2790  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
19:05:33.0605 0x2790  XboxNetApiSvc - ok
19:05:33.0611 0x2790  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
19:05:33.0626 0x2790  xinputhid - ok
19:05:33.0628 0x2790  ================ Scan global ===============================
19:05:33.0633 0x2790  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\Windows\system32\basesrv.dll
19:05:33.0639 0x2790  [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\Windows\system32\winsrv.dll
19:05:33.0645 0x2790  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\Windows\system32\sxssrv.dll
19:05:33.0655 0x2790  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\Windows\system32\services.exe
19:05:33.0662 0x2790  [ Global ] - ok
19:05:33.0662 0x2790  ================ Scan MBR ==================================
19:05:33.0675 0x2790  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:05:33.0741 0x2790  \Device\Harddisk0\DR0 - ok
19:05:33.0746 0x2790  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:05:33.0764 0x2790  \Device\Harddisk1\DR1 - ok
19:05:33.0765 0x2790  ================ Scan VBR ==================================
19:05:33.0766 0x2790  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
19:05:33.0766 0x2790  \Device\Harddisk0\DR0\Partition1 - ok
19:05:33.0798 0x2790  [ 7D6BED9601F04D8101AB300670AE4582 ] \Device\Harddisk0\DR0\Partition2
19:05:33.0799 0x2790  \Device\Harddisk0\DR0\Partition2 - ok
19:05:33.0801 0x2790  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
19:05:33.0801 0x2790  \Device\Harddisk1\DR1\Partition1 - ok
19:05:33.0803 0x2790  [ FBD6C43245002F3B5AC7D1DF0C8B737C ] \Device\Harddisk1\DR1\Partition2
19:05:33.0805 0x2790  \Device\Harddisk1\DR1\Partition2 - ok
19:05:33.0806 0x2790  [ 3667AB74489876BDBFC8872365259F10 ] \Device\Harddisk1\DR1\Partition3
19:05:33.0806 0x2790  \Device\Harddisk1\DR1\Partition3 - ok
19:05:33.0809 0x2790  [ 17C48690D40597759DF5E46997AE1F5E ] \Device\Harddisk1\DR1\Partition4
19:05:33.0811 0x2790  \Device\Harddisk1\DR1\Partition4 - ok
19:05:33.0811 0x2790  ================ Scan generic autorun ======================
19:05:33.0835 0x2790  [ 57946DCD3AEE6F0CEB764336F9AF073F, 7DAFF6624811BF536780B96AD8AB9845097E762B13FF4AB7D0F6DBECB8DF7D63 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
19:05:33.0865 0x2790  RtHDVBg_LENOVO_DOLBYDRAGON - ok
19:05:33.0879 0x2790  [ 84AA8972CC2570465DCCB6CEEDD89AB9, 85A379BD4D257A665DF3CEC79328AEBDFDEB0E27AE94B3AA304F356DC6605253 ] C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
19:05:33.0900 0x2790  Nahimic2UILauncher - ok
19:05:33.0904 0x2790  [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe
19:05:33.0925 0x2790  ShadowPlay - ok
19:05:34.0052 0x2790  [ 08B627D08EDC160BFB8C13C1F26BCF87, 9F71CAE092F1BFE04620EAFF359A3EC1F4D08397EDCA40974943C79FDB72D79F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:05:34.0188 0x2790  RTHDVCPL - ok
19:05:34.0199 0x2790  WindowsDefender - ok
19:05:34.0267 0x2790  [ 666FEA598D1776C7F8EDD7746F0F7F59, 54E330BCDBAB646B555DACC15F9CFB0AD6A05BF4E273F73C5133259EEE976C21 ] E:\ANTI-MALWARE\mbamtray.exe
19:05:34.0314 0x2790  Malwarebytes TrayApp - ok
19:05:34.0324 0x2790  [ 77B3161CA6E0F2F94DB70CE9216FCE3B, 705A31350CBC69248E03B6174B92605BC1176AA77B6C67DC0AC14680A7247A22 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
19:05:34.0335 0x2790  IMSS - ok
19:05:34.0472 0x2790  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:05:34.0625 0x2790  OneDriveSetup - ok
19:05:34.0757 0x2790  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:05:34.0891 0x2790  OneDriveSetup - ok
19:05:35.0028 0x2790  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:05:35.0163 0x2790  OneDriveSetup - ok
19:05:35.0186 0x2790  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\User1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:05:35.0205 0x2790  OneDrive - ok
19:05:35.0332 0x2790  [ A70E699E0B0DD9C2B3B35E9A8167F903, 6CC7AFFEED646AA9C46C709C8B36751CA9EBCDDC70438ECE1D1328E6C1A02421 ] C:\Program Files\CCleaner\CCleaner64.exe
19:05:35.0466 0x2790  CCleaner Monitoring - ok
19:05:35.0556 0x2790  [ FF206944E3A8590FABE10FB2C321AA6D, 77C555667674C9E4473C64921C5F2A7D723FBE28A73EB5EBAA777CD04D11C06B ] E:\Steam\steam.exe
19:05:35.0605 0x2790  Steam - ok
19:05:35.0609 0x2790  Waiting for KSN requests completion. In queue: 274
19:05:36.0610 0x2790  Waiting for KSN requests completion. In queue: 274
19:05:37.0629 0x2790  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
19:05:37.0630 0x2790  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
19:05:37.0630 0x2790  AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x40000 ( disabled : updated )
19:05:37.0631 0x2790  AV detected via SS2: Malwarebytes, E:\Anti-Malware\MBAMWsc.exe ( 3.0.0.134 ), 0x61000 ( enabled : updated )
19:05:37.0632 0x2790  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
19:05:38.0759 0x2790  ============================================================
19:05:38.0759 0x2790  Scan finished
19:05:38.0759 0x2790  ============================================================
19:05:38.0767 0x0ab8  Detected object count: 0
19:05:38.0767 0x0ab8  Actual detected object count: 0

cosinus · 05.01.2017, 19:18

So wars richtig

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Yvi1993 · 05.01.2017, 19:43

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Pro x64 
Ran by User1 (Administrator) on 05.01.2017 at 19:31:42,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.01.2017 at 19:35:32,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

# AdwCleaner v6.041 - Bericht erstellt am 05/01/2017 um 19:40:56
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2017-01-05.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : User1 - DESKTOP-6NS9837
# Gestartet von : C:\Users\User1\Downloads\AdwCleaner_6.041 (4).exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

[-] Dienst gelöscht: rtop
[-] Dienst gelöscht: ByteFenceService


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Program Files\ByteFence
[-] Ordner gelöscht: C:\ProgramData\ByteFence
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: ByteFence


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService
[-] Schlüssel gelöscht: HKU\S-1-5-21-3303905599-2245439626-354554511-1001\Software\ByteFence
[-] Schlüssel gelöscht: HKU\S-1-5-21-3303905599-2245439626-354554511-1001\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-3303905599-2245439626-354554511-1001\Software\csastats
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\ByteFence
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\csastats
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ByteFence
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\ByteFence
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\csastats
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\ByteFence
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2506 Bytes] - [05/01/2017 19:40:56]
C:\AdwCleaner\AdwCleaner[S0].txt - [2554 Bytes] - [05/01/2017 19:40:08]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2652 Bytes] ##########

cosinus · 05.01.2017, 19:58

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

Yvi1993 · 05.01.2017, 20:06

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von User1 (Administrator) auf DESKTOP-6NS9837 (05-01-2017 20:04:25)
Gestartet von C:\Users\User1\Downloads
Geladene Profile: User1 (Verfügbare Profile: defaultuser0 & User1)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
() C:\Users\User1\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Electronic Arts) E:\Origins\OriginWebHelperService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) E:\Steam\Steam.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\User1\AppData\Local\Razer\InGameEngine\cache\RzSynapse\rzcefrenderprocess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\User1\Downloads\FRST64 (1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1473024 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [691560 2016-04-22] ()
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-05-25] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-10-31] (Razer Inc.)
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\Run: [Steam] => E:\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\MountPoints2: {7ab9537e-a1e4-11e6-824f-806e6f6e6963} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL D:\Autorun.hta
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\MountPoints2: {8f822d66-a84f-11e6-8254-806e6f6e6963} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL D:\Autorun.hta
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\MountPoints2: {ebaf5045-b171-11e6-825d-806e6f6e6963} - "D:\Setup.exe" 
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\...\MountPoints2: {f0d9c0be-b1a4-11e6-8259-806e6f6e6963} - "D:\DVDSetup.exe" 
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-11-24]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{563dd4a2-a91d-477b-a920-3e511208712c}: [DhcpNameServer] 192.168.1.10
Tcpip\..\Interfaces\{9f8fb24a-5964-484b-a48a-55f9a45f09fb}: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{d6152445-4f23-4949-a60a-057b6211b4ec}: [DhcpNameServer] 192.168.192.1
Tcpip\..\Interfaces\{f9fe0009-6bc5-4d4f-abc4-210594062ecb}: [DhcpNameServer] 192.168.1.10

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3303905599-2245439626-354554511-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default [2017-01-05]
CHR Extension: (Google Präsentationen) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-12]
CHR Extension: (Google Docs) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-12]
CHR Extension: (Google Drive) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-12]
CHR Extension: (YouTube) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-12]
CHR Extension: (Advanced System Surfing Protection) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdoebijggplldfolgeepnnfhfnoglak [2016-11-24]
CHR Extension: (Google Tabellen) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-12]
CHR Extension: (Google Docs Offline) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-12]
CHR Extension: (AdBlock) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-12]
CHR Extension: (Google Mail) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-12]
CHR Extension: (Chrome Media Router) - C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [448496 2016-11-01] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
R2 KingoSoftService; C:\Users\User1\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe [367584 2016-10-19] ()
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5660512 2016-08-16] (INCA Internet Co., Ltd.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-17] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origins\OriginClientService.exe [2119688 2016-12-23] (Electronic Arts)
R2 Origin Web Helper Service; E:\Origins\OriginWebHelperService.exe [2180624 2016-12-23] (Electronic Arts)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-11-11] (Qualcomm Atheros Communications, Inc.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-09-12] (REALiX(tm))
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-07-20] (Intel Corporation)
R3 iaLPSS2_I2C; C:\Windows\System32\drivers\iaLPSS2_I2C.sys [185128 2015-07-20] (Intel Corporation)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation)
R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [162456 2016-11-23] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [435032 2016-11-23] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2016-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1019616 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57424 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-09] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [85984 2016-12-15] ()
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-09] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-09] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-09] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [134880 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_410e5247be0e5f00\nvlddmkm.sys [14174256 2016-11-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-09-23] (Realtek Semiconductor Corp.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [943112 2016-11-03] (Realtek                                            )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2016-11-11] (Realsil Semiconductor Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R3 rzmpos; C:\Windows\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-24] (Sonix Co. Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [66168 2015-10-28] (Synaptics Incorporated)
R3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [32264 2015-07-22] (Creative Technology Ltd.)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [23040 2016-07-16] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\User1\AppData\Local\Temp\ALSysIO64.sys [X]
U0 aswVmm; kein ImagePath
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-05 20:04 - 2017-01-05 20:04 - 02418176 _____ (Farbar) C:\Users\User1\Downloads\FRST64 (1).exe
2017-01-05 19:37 - 2017-01-05 19:40 - 00000000 ____D C:\AdwCleaner
2017-01-05 19:37 - 2017-01-05 19:37 - 03977168 _____ C:\Users\User1\Downloads\AdwCleaner_6.041 (4).exe
2017-01-05 19:35 - 2017-01-05 19:35 - 00000546 _____ C:\Users\User1\Desktop\JRT.txt
2017-01-05 19:31 - 2017-01-05 19:31 - 01663040 _____ (Malwarebytes) C:\Users\User1\Downloads\JRT (1).exe
2017-01-05 19:26 - 2017-01-05 19:26 - 01663040 _____ (Malwarebytes) C:\Users\User1\Downloads\JRT.exe
2017-01-05 19:04 - 2017-01-05 19:08 - 00297410 _____ C:\TDSSKiller.3.1.0.12_05.01.2017_19.04.05_log.txt
2017-01-05 18:51 - 2017-01-05 18:51 - 00000000 ____D C:\Users\User1\AppData\Local\ESET
2017-01-05 18:36 - 2017-01-05 18:42 - 00296638 _____ C:\TDSSKiller.3.1.0.12_05.01.2017_18.36.54_log.txt
2017-01-05 18:34 - 2017-01-05 18:35 - 00016888 _____ C:\Users\User1\Desktop\TDSSKiller.3.1.0.12_05.01.2017_18.34.58_log.txt
2017-01-05 18:34 - 2017-01-05 18:34 - 16563352 _____ (Malwarebytes Corp.) C:\Users\User1\Downloads\mbar-1.09.3.1001.exe
2017-01-05 18:34 - 2017-01-05 18:34 - 04747704 _____ (AO Kaspersky Lab) C:\Users\User1\Downloads\tdsskiller.exe
2017-01-05 16:45 - 2017-01-05 19:25 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-05 16:45 - 2017-01-05 17:31 - 00000163 _____ C:\Users\User1\AppData\Local\uts.ini
2017-01-05 16:45 - 2017-01-05 16:45 - 00000000 ____D C:\Users\User1\AppData\Roaming\Kingosoft
2017-01-05 16:45 - 2017-01-05 16:45 - 00000000 ____D C:\Users\User1\AppData\Local\uts
2017-01-05 16:45 - 2017-01-05 16:45 - 00000000 ____D C:\Users\User1\AppData\Local\Kingosoft
2017-01-05 16:45 - 2017-01-05 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT
2017-01-05 16:44 - 2017-01-05 16:44 - 01345872 _____ ( ) C:\Users\User1\Downloads\KingoRoot.exe
2017-01-05 14:32 - 2017-01-05 14:32 - 00000000 ____D C:\Users\User1\AppData\Local\Aiseesoft Studio
2017-01-05 14:32 - 2017-01-05 14:32 - 00000000 ____D C:\Users\User1\.android
2017-01-05 14:31 - 2017-01-05 14:31 - 00000754 _____ C:\Users\Public\Desktop\FoneLab für Android.lnk
2017-01-05 14:31 - 2017-01-05 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2017-01-05 14:31 - 2017-01-05 14:31 - 00000000 ____D C:\ProgramData\Aiseesoft Studio
2017-01-05 14:30 - 2017-01-05 14:30 - 41414008 _____ (Aiseesoft Studio ) C:\Users\User1\Downloads\as-android-recovery.exe
2017-01-05 14:23 - 2017-01-05 14:23 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-01-05 14:04 - 2017-01-05 20:04 - 00021344 _____ C:\Users\User1\Downloads\FRST.txt
2017-01-05 14:04 - 2017-01-05 14:05 - 00045302 _____ C:\Users\User1\Downloads\Addition.txt
2017-01-05 14:03 - 2017-01-05 14:03 - 02418176 _____ (Farbar) C:\Users\User1\Downloads\FRST64.exe
2017-01-05 08:10 - 2017-01-05 20:04 - 00000000 ____D C:\FRST
2017-01-05 07:46 - 2017-01-05 18:46 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-05 06:43 - 2017-01-05 06:43 - 00003290 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-05 06:38 - 2017-01-05 06:38 - 00000499 _____ C:\Users\Public\Desktop\Recuva.lnk
2017-01-05 06:38 - 2017-01-05 06:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2017-01-05 06:37 - 2017-01-05 06:37 - 05562976 _____ (Piriform Ltd) C:\Users\User1\Downloads\rcsetup153.exe
2016-12-31 10:26 - 2016-12-31 10:26 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-12-31 10:26 - 2016-08-16 11:40 - 05660512 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2016-12-31 10:26 - 2005-01-03 07:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2016-12-31 10:26 - 2003-07-18 22:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2016-12-29 12:42 - 2016-12-29 12:42 - 11122883 _____ C:\Users\User1\Downloads\LifeInTheWoodsBasic.zip
2016-12-29 12:40 - 2016-12-29 12:51 - 00000000 ____D C:\Users\User1\AppData\Roaming\.minecraft
2016-12-29 12:40 - 2016-12-29 12:40 - 00000000 ____D C:\Users\User1\AppData\Roaming\java
2016-12-29 12:40 - 2016-12-29 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-12-29 12:39 - 2016-12-29 12:39 - 02314240 _____ C:\Users\User1\Downloads\MinecraftInstaller.msi
2016-12-29 10:58 - 2016-12-29 10:58 - 00000000 ____D C:\Users\User1\AppData\Roaming\LolClient
2016-12-29 10:11 - 2016-12-29 10:11 - 03977168 _____ C:\Users\User1\Downloads\adwcleaner_6.041 (3).exe
2016-12-29 10:11 - 2016-12-29 10:11 - 03977168 _____ C:\Users\User1\Downloads\adwcleaner_6.041 (2).exe
2016-12-28 20:17 - 2017-01-05 19:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-28 20:16 - 2016-12-28 20:17 - 54199488 _____ (Malwarebytes ) C:\Users\User1\Downloads\mb3-setup-computerbild.8000-3.0.5.1299.exe
2016-12-28 20:02 - 2016-12-28 20:02 - 03977168 _____ C:\Users\User1\Downloads\adwcleaner_6.041 (1).exe
2016-12-24 15:18 - 2016-12-24 15:18 - 00000000 ____D C:\ProgramData\Riot Games
2016-12-24 15:17 - 2016-12-24 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-12-24 15:17 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-12-24 15:17 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-12-24 15:17 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-12-24 15:16 - 2016-12-24 15:17 - 00000000 ____D C:\Users\User1\AppData\Roaming\Riot Games
2016-12-24 15:16 - 2016-12-24 15:16 - 31876824 _____ (Riot Games) C:\Users\User1\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe
2016-12-23 22:17 - 2016-12-31 12:40 - 00000000 ____D C:\Users\User1\Documents\Electronic Arts
2016-12-23 21:46 - 2016-12-29 14:27 - 00000000 ____D C:\Users\User1\Desktop\Spiele
2016-12-23 21:46 - 2016-12-23 21:46 - 00000000 ____D C:\Users\User1\Desktop\Scirvener
2016-12-23 21:43 - 2016-12-23 21:43 - 03977168 _____ C:\Users\User1\Downloads\adwcleaner_6.041.exe
2016-12-23 20:22 - 2015-04-14 16:09 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2016-12-21 16:45 - 2016-12-21 16:46 - 00006332 _____ C:\Users\User1\Documents\cc_20161221_164556.reg
2016-12-18 11:16 - 2016-12-18 11:16 - 915729729 _____ C:\Users\User1\Downloads\Bless Fan Package.rar
2016-12-17 20:11 - 2016-12-29 10:27 - 00000000 ____D C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2016-12-17 20:10 - 2016-12-17 20:10 - 04385216 _____ (MY.COM B.V.) C:\Users\User1\Downloads\RevelationOnlineLoader_8098d244b4986b278b653ae0834e2f21__de.exe
2016-12-17 19:55 - 2016-12-17 19:55 - 00000000 ____D C:\Users\User1\AppData\LocalLow\Unity
2016-12-17 17:23 - 2016-12-17 17:23 - 00000000 ____D C:\Users\User1\AppData\Roaming\FiraxisLive
2016-12-17 12:59 - 2016-12-17 12:59 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 12:59 - 2016-12-17 12:59 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 15:14 - 2016-12-15 15:14 - 00085984 _____ C:\Windows\system32\Drivers\klupd_klif_kimul.sys
2016-12-14 17:43 - 2016-12-14 17:43 - 00000000 ____D C:\Users\User1\AppData\Local\Chromium
2016-12-13 19:51 - 2016-12-13 19:51 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-12-13 19:51 - 2013-03-24 05:00 - 00391168 _____ (CANON INC.) C:\Windows\system32\CNMLMBR.DLL
2016-12-13 19:41 - 2016-12-13 19:45 - 00101499 _____ C:\Users\User1\Documents\klangkugeln.pdf
2016-12-13 19:37 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-12-13 19:37 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-12-13 19:37 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-13 19:37 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-12-13 19:37 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-13 19:37 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-13 19:37 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-13 19:37 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-12-13 19:37 - 2016-12-09 11:29 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2016-12-13 19:37 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-12-13 19:37 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-13 19:37 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-12-13 19:37 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-12-13 19:37 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-12-13 19:37 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-12-13 19:37 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-12-13 19:37 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-12-13 19:37 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-13 19:37 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-12-13 19:37 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-12-13 19:37 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2016-12-13 19:37 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2016-12-13 19:37 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2016-12-13 19:37 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2016-12-13 19:37 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-13 19:37 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-12-13 19:37 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-12-13 19:37 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-12-13 19:37 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2016-12-13 19:37 - 2016-12-09 11:11 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-12-13 19:37 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2016-12-13 19:37 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-13 19:37 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2016-12-13 19:37 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-12-13 19:37 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-12-13 19:37 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-12-13 19:37 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-13 19:37 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-12-13 19:37 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-12-13 19:37 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-13 19:37 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-12-13 19:37 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-12-13 19:37 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-13 19:37 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2016-12-13 19:37 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-13 19:37 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-12-13 19:37 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-13 19:37 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll
2016-12-13 19:37 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-12-13 19:37 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2016-12-13 19:37 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WordBreakers.dll
2016-12-13 19:37 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2016-12-13 19:37 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-13 19:37 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2016-12-13 19:37 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2016-12-13 19:37 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-12-13 19:37 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-12-13 19:37 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-13 19:37 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2016-12-13 19:37 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-12-13 19:37 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-13 19:37 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-12-13 19:37 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-12-13 19:37 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-12-13 19:37 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2016-12-13 19:37 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-13 19:37 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-13 19:37 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-12-13 19:37 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll
2016-12-13 19:37 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-13 19:37 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-12-13 19:37 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-12-13 19:37 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-12-13 19:37 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-12-13 19:37 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-12-13 19:37 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-13 19:37 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-13 19:37 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2016-12-13 19:37 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-13 19:37 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-12-13 19:37 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2016-12-13 19:37 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2016-12-13 19:37 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-12-13 19:37 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-13 19:37 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2016-12-13 19:37 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-12-13 19:37 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-13 19:37 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-13 19:37 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-12-13 19:37 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-12-13 19:37 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2016-12-13 19:37 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-12-13 19:37 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2016-12-13 19:37 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-12-13 19:37 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-12-13 19:37 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-12-13 19:37 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-12-13 19:37 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2016-12-13 19:37 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-12-13 19:37 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2016-12-13 19:37 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll
2016-12-13 19:37 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-13 19:37 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2016-12-13 19:37 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-12-13 19:37 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2016-12-13 19:37 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2016-12-13 19:37 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2016-12-13 19:37 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-12-13 19:37 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2016-12-13 19:37 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-13 19:37 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputLocaleManager.dll
2016-12-13 19:37 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditBufferTestHook.dll
2016-12-13 19:37 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2016-12-13 19:37 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-13 19:37 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2016-12-13 19:37 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-12-10 20:48 - 2016-12-10 20:48 - 00000000 ____D C:\Users\User1\AppData\LocalLow\SKS
2016-12-09 16:25 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-12-09 16:25 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-12-09 16:25 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll
2016-12-09 16:25 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-12-09 16:25 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2016-12-09 16:25 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2016-12-09 16:25 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-09 16:25 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-09 16:25 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-12-09 16:25 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-12-09 16:25 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2016-12-09 16:25 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-12-09 16:25 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2016-12-09 16:25 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2016-12-09 16:25 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-12-09 16:25 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-12-09 16:25 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-12-09 16:25 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-12-09 16:25 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-12-09 16:25 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-12-09 16:25 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-09 16:25 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-12-09 16:25 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-12-09 16:25 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-12-09 16:25 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-12-09 16:25 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-12-09 16:25 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe
2016-12-09 16:25 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\Windows\system32\RTWorkQ.dll
2016-12-09 16:25 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\Windows\system32\mfaudiocnv.dll
2016-12-09 16:25 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-12-09 16:25 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2016-12-09 16:25 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-12-09 16:25 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-12-09 16:25 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-12-09 16:25 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-12-09 16:25 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2016-12-09 16:25 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2016-12-09 16:25 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\CbtBackgroundManagerPolicy.dll
2016-12-09 16:25 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-12-09 16:25 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2016-12-09 16:25 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2016-12-09 16:25 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-09 16:25 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\ReportingCSP.dll
2016-12-09 16:25 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\modem.sys
2016-12-09 16:25 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2016-12-09 16:25 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\BcastDVRHelper.dll
2016-12-09 16:25 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-12-09 16:25 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-12-09 16:25 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-12-09 16:25 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-12-09 16:25 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2016-12-09 16:25 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2016-12-09 16:25 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-12-09 16:25 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-12-09 16:25 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2016-12-09 16:25 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-12-09 16:25 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\EAMProgressHandler.dll
2016-12-09 16:25 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-12-09 16:25 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-12-09 16:25 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\EDPCleanup.exe
2016-12-09 16:25 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-12-09 16:25 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2016-12-09 16:25 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2016-12-09 16:25 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
2016-12-09 16:25 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-12-09 16:25 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2016-12-09 16:25 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-12-09 16:25 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-12-09 16:25 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2016-12-09 16:25 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2016-12-09 16:25 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2016-12-09 16:25 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2016-12-09 16:25 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-12-09 16:25 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2016-12-09 16:25 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2016-12-09 16:25 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-09 16:25 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2016-12-09 16:25 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-12-09 16:25 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-12-09 16:25 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-12-09 16:25 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-12-09 16:25 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2016-12-09 16:25 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2016-12-09 16:25 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-12-09 16:25 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-12-09 16:25 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2016-12-09 16:25 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2016-12-09 16:25 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-12-09 16:25 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2016-12-09 16:25 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-12-09 16:25 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\umpoext.dll
2016-12-09 16:25 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-12-09 16:25 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\dialserver.dll
2016-12-09 16:25 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-12-09 16:25 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-12-09 16:25 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2016-12-09 16:25 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-12-09 16:25 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-12-09 16:25 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-12-09 16:25 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-12-09 16:25 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-09 16:25 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-09 16:25 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-12-09 16:25 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-12-09 16:25 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2016-12-09 16:25 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-12-09 16:25 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-12-09 16:25 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2016-12-09 16:25 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-12-09 16:25 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-12-09 16:25 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-12-09 16:25 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-12-09 16:25 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-12-09 16:25 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-12-09 16:25 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-12-09 16:25 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-09 16:25 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-09 16:25 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2016-12-09 16:25 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-12-09 16:25 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-09 16:25 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2016-12-09 16:25 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-12-09 16:25 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-12-09 16:25 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-09 16:25 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTWorkQ.dll
2016-12-09 16:25 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfaudiocnv.dll
2016-12-09 16:25 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-12-09 16:25 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe
2016-12-09 16:25 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-12-09 16:25 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-09 16:25 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-09 16:25 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2016-12-09 16:25 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2016-12-09 16:25 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-12-09 16:25 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-12-09 16:25 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2016-12-09 16:25 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRHelper.dll
2016-12-09 16:25 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-12-09 16:25 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-09 16:25 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll
2016-12-09 16:25 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-09 16:25 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-12-09 16:25 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2016-12-09 16:25 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-12-09 16:25 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-12-09 16:25 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 16:25 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-12-09 16:25 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-12-09 16:25 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2016-12-09 16:25 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2016-12-09 16:25 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2016-12-09 16:25 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-12-09 16:25 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2016-12-09 16:25 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2016-12-09 16:25 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2016-12-09 16:25 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-12-09 16:25 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2016-12-09 16:25 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2016-12-09 16:25 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-12-09 16:25 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 16:25 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-12-09 16:25 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-12-09 16:25 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-12-09 16:25 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-12-09 16:25 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2016-12-09 16:25 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2016-12-09 16:25 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-12-09 16:25 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2016-12-09 16:25 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-12-09 16:25 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2016-12-09 16:25 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-12-09 16:25 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2016-12-09 16:25 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2016-12-09 16:25 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2016-12-09 16:25 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2016-12-09 16:25 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2016-12-09 16:25 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-12-09 16:25 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2016-12-09 16:25 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2016-12-09 16:25 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-12-09 16:25 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-12-09 16:25 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-12-09 16:25 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2016-12-09 16:25 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-12-09 13:58 - 2016-12-09 13:58 - 00245512 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2016-12-09 13:57 - 2016-12-09 13:57 - 00218920 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2016-12-09 13:57 - 2016-12-09 13:57 - 00164888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2016-12-09 13:57 - 2016-12-09 13:57 - 00104720 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2016-12-08 15:47 - 2016-12-08 15:47 - 07586311 _____ C:\Users\User1\Documents\bvc.pdf
2016-12-08 15:47 - 2016-12-08 15:47 - 00000000 ____D C:\Users\User1\AppData\LocalLow\Temp
2016-12-08 15:41 - 2016-12-08 15:41 - 01665710 _____ C:\Users\User1\Downloads\antworten_sachkunde.pdf
2016-12-08 15:40 - 2016-12-08 15:40 - 00609225 _____ C:\Users\User1\Downloads\fragen_sachkunde.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-05 19:47 - 2016-09-09 20:57 - 02503706 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-05 19:47 - 2016-07-16 23:51 - 01054420 _____ C:\Windows\system32\perfh007.dat
2017-01-05 19:47 - 2016-07-16 23:51 - 00248180 _____ C:\Windows\system32\perfc007.dat
2017-01-05 19:44 - 2016-11-23 19:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-01-05 19:42 - 2016-11-23 11:26 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-05 19:41 - 2016-11-11 21:46 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-05 19:41 - 2016-09-09 20:49 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-05 19:41 - 2016-07-16 07:04 - 00262144 _____ C:\Windows\system32\config\BBI
2017-01-05 19:25 - 2016-07-16 12:45 - 00000000 ____D C:\Windows\INF
2017-01-05 19:22 - 2016-07-16 07:04 - 00032768 _____ C:\Windows\system32\config\ELAM
2017-01-05 18:50 - 2016-11-25 13:52 - 00000000 ____D C:\Users\User1\AppData\Local\CrashDumps
2017-01-05 18:50 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-01-05 18:28 - 2016-09-09 20:48 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-01-05 14:32 - 2016-09-09 20:53 - 00000000 ____D C:\Users\User1
2017-01-05 07:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-05 07:58 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppReadiness
2017-01-05 06:41 - 2016-09-09 20:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-31 23:46 - 2016-11-24 18:24 - 00000000 ____D C:\ProgramData\Origin
2016-12-31 23:46 - 2016-09-09 20:53 - 00524288 ___SH C:\Users\User1\NTUSER.DAT{f5b13604-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-31 23:46 - 2016-09-09 20:53 - 00065536 ___SH C:\Users\User1\NTUSER.DAT{f5b13604-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-31 23:43 - 2016-11-24 18:25 - 00000000 ____D C:\Users\User1\AppData\Roaming\Origin
2016-12-31 23:25 - 2016-11-24 18:22 - 00000000 ____D C:\Users\User1\AppData\Local\Battle.net
2016-12-31 10:26 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files\Common Files
2016-12-31 10:25 - 2016-07-16 12:47 - 00000000 __SHD C:\Windows\Installer
2016-12-29 21:36 - 2016-11-25 13:55 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-12-29 10:30 - 2016-11-23 20:13 - 00000000 ____D C:\Users\User1\Documents\My Games
2016-12-29 10:29 - 2016-11-24 11:17 - 00000000 ____D C:\MSI
2016-12-29 10:26 - 2016-09-12 09:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-28 20:06 - 2016-09-09 20:53 - 00000000 ____D C:\Users\User1\AppData\Local\Packages
2016-12-28 20:05 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\Logs
2016-12-24 15:17 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\Tasks
2016-12-24 13:46 - 2016-11-26 20:53 - 00000000 ____D C:\Users\User1\Documents\Heroes of the Storm
2016-12-24 11:43 - 2016-11-24 11:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-23 22:17 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Documents
2016-12-22 16:14 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Saved Games
2016-12-21 16:41 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\debug
2016-12-17 20:11 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-17 20:10 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Pictures
2016-12-17 19:55 - 2016-09-09 20:53 - 00000000 ____D C:\Users\User1\AppData\LocalLow
2016-12-15 15:21 - 2016-09-09 20:50 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-15 15:19 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\rescache
2016-12-15 15:07 - 2016-07-16 12:47 - 00000000 ___RD C:\Windows\assembly
2016-12-14 17:43 - 2016-11-23 19:25 - 00000000 ____D C:\Users\User1\AppData\Local\Steam
2016-12-14 17:34 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\LogFiles
2016-12-14 15:01 - 2016-09-09 20:48 - 00194296 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 07:35 - 2016-09-09 20:48 - 00524288 ___SH C:\Windows\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-14 07:35 - 2016-09-09 20:48 - 00065536 ___SH C:\Windows\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-14 07:35 - 2016-07-16 12:47 - 00000666 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 07:35 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\SysWOW64\de-DE
2016-12-14 07:35 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\de-DE
2016-12-14 07:35 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\Boot
2016-12-14 07:35 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\ShellExperiences
2016-12-14 07:35 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\AppPatch
2016-12-14 07:22 - 2016-09-12 09:47 - 00002267 ____H C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 06:48 - 2016-07-16 12:36 - 00000000 ____D C:\Windows\CbsTemp
2016-12-14 06:46 - 2016-09-12 09:40 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 06:45 - 2016-09-12 09:40 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-13 19:52 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-09 20:15 - 2016-09-09 20:53 - 00000402 ___SH C:\Users\User1\Documents\desktop.ini
2016-12-09 20:15 - 2016-09-09 20:53 - 00000282 ___SH C:\Users\User1\Downloads\desktop.ini
2016-12-09 20:15 - 2016-09-09 20:53 - 00000282 ___SH C:\Users\User1\Desktop\desktop.ini
2016-12-09 20:15 - 2016-09-09 20:53 - 00000174 ___SH C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-09 20:15 - 2016-09-09 20:53 - 00000174 ___SH C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Searches
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Music
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Links
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Favorites
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\Contacts
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-09 20:15 - 2016-09-09 20:53 - 00000000 ___RD C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-09 20:15 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\wbem
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\system32\oobe
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Windows\bcastdvr
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-09 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-09 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-12-09 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\system32\Sysprep
2016-12-09 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\system32\Dism
2016-12-09 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\system32\CatRoot
2016-12-09 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\Windows\servicing
2016-12-09 16:16 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-12-08 15:03 - 2016-11-23 19:04 - 00001476 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2016-12-08 15:03 - 2016-11-23 19:03 - 01019616 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-12-08 15:03 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-12-08 15:03 - 2016-06-02 22:39 - 00134880 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-11-23 13:26 - 2016-11-23 13:26 - 1307648 _____ () C:\Users\User1\AppData\Local\file__0.localstorage
2017-01-05 16:45 - 2017-01-05 17:31 - 0000163 _____ () C:\Users\User1\AppData\Local\uts.ini
2016-09-09 20:57 - 2016-09-09 20:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\User1\AppData\Local\Temp\libeay32.dll
C:\Users\User1\AppData\Local\Temp\msvcr120.dll
C:\Users\User1\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-05 06:55

==================== Ende von FRST.txt ============================

Yvi1993 · 05.01.2017, 20:07

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von User1 (05-01-2017 20:04:47)
Gestartet von C:\Users\User1\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-09 19:53:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3303905599-2245439626-354554511-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3303905599-2245439626-354554511-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3303905599-2245439626-354554511-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3303905599-2245439626-354554511-501 - Limited - Disabled)
User1 (S-1-5-21-3303905599-2245439626-354554511-1001 - Administrator - Enabled) => C:\Users\User1

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ansel (Version: 375.95 - NVIDIA Corporation) Hidden
ApoDispatchConfigurator (Version: 2.2.601 - Nahimic) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AudioLaunchpadConfigurator (Version: 2.2.601 - Nahimic) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
CheckDevicesConfigurator (Version: 2.2.601 - Nahimic) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 University Life) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
Dishonored 2 (HKLM\...\Steam App 403640) (Version:  - Arkane Studios)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
FoneLab für Android 1.1.30 (HKLM-x32\...\{7A7ACBDD-FED6-4ec5-BD26-5549FEB5B968}_is1) (Version: 1.1.30 - Aiseesoft Studio)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Killer Bandwidth Control Filter Driver (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer E240x Drivers (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
Kingo ROOT version 1.4.9.2848 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.4.9.2848 - Kingosoft Technology Ltd.)
LauncherSetup (Version: 2.2.601 - Nahimic) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.6.0.0 - Lightworks)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Nahimic 2 (HKLM-x32\...\{3e7434ed-dffc-4264-a656-0087f9a875e6}) (Version: 2.2.6 - Nahimic)
Nahimic2UISetup (Version: 2.2.601 - Nahimic) Hidden
NahimicSettingsConfigurator (Version: 2.2.601 - Nahimic) Hidden
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.95 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.95 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
ProductDaemonSetup (Version: 2.2.601 - Nahimic) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1031 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Scrap Mechanic (HKLM\...\Steam App 387990) (Version:  - Axolot Games)
Sherlock Holmes: The Devil's Daughter (HKLM\...\Steam App 350640) (Version:  - Frogwares)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
SonicMapperConfigurator (Version: 2.2.601 - Nahimic) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Long Dark (HKLM\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.55 - TuneUp Software) Hidden
UIInstallUpgrade (Version: 2.2.601 - Nahimic) Hidden
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.) <==== ACHTUNG
Vegas Pro 13.0 (64-bit) (HKLM\...\{D2FD5391-6A9B-11E4-BBC6-F04DA23A5C58}) (Version: 13.0.428 - Sony)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Weapons of Mythology - New Age - (HKLM\...\Steam App 523190) (Version:  - Gamemag)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {3532E62E-151F-4832-820F-1D747FA26D65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {36C6A83C-846F-47CB-90BA-DDEE4579365B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {39546669-1F60-46A6-B2E9-220D613AD929} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {5121F5D9-0FA5-4174-89BF-B437F1598280} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {5D69CD75-14E7-4FCD-A6C0-94DFA38A997C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {5E954971-DEAF-47DD-B56D-68A453553DAE} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2016-04-22] ()
Task: {682BDE58-6941-44DD-A3B3-3A26813B2DEB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {789A892E-6BFB-4408-960B-7F344176D323} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {8A009B95-EC9C-4FEE-B4E1-FC2B68CA1A00} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2016-04-22] ()
Task: {ACC5724B-4F37-4691-8E7A-C7A42334A65A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-12] (Google Inc.)
Task: {C2F59D90-4850-42CF-90A4-F242829312CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {C7957681-C2E4-4ACB-9A5A-0DA8384463E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {CD9C479D-068D-44C0-BE9E-3AA912BB93F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {CDF761A3-5D0F-481F-A7B0-44AEF6305A0C} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\User1\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D657AAA1-C3A8-4BB5-A87A-F8B458894A06} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [2016-04-22] ()
Task: {E20B44BD-1AC8-40BE-84E4-39F9DA6B05DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-12] (Google Inc.)
Task: {E9DE188A-0D4F-4526-88B8-1F72EDCBB822} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {EB868EF2-7486-4B3E-8BBF-2DD0E4724975} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-13 19:37 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-01-05 16:45 - 2016-10-19 10:23 - 00017376 _____ () C:\Users\User1\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-11-23 11:57 - 2016-11-17 14:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-23 11:57 - 2016-11-17 14:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-23 11:57 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-12-13 19:37 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-09-12 09:40 - 2016-09-12 09:40 - 01864384 _____ () C:\Users\User1\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-04-22 17:53 - 2016-04-22 17:53 - 00211816 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll
2016-04-22 17:53 - 2016-04-22 17:53 - 00285032 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll
2016-11-23 11:26 - 2016-11-17 02:03 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-03 12:00 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-13 19:37 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-11 22:55 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-11 22:55 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-11 22:55 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-11 22:55 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-11 22:55 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-11 22:55 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-22 17:50 - 2016-04-22 17:50 - 00691560 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
2016-04-22 17:50 - 2016-04-22 17:50 - 01962496 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
2016-04-22 17:53 - 2016-04-22 17:53 - 00500224 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe
2016-09-28 17:25 - 2016-09-28 17:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-12-15 14:58 - 2016-12-15 14:58 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-15 14:58 - 2016-12-15 14:58 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-15 14:58 - 2016-12-15 14:58 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-15 14:58 - 2016-12-15 14:58 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-12-23 19:56 - 2016-12-23 19:56 - 02493440 _____ () E:\Origins\libGLESv2.dll
2016-11-23 11:57 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-11-23 11:57 - 2016-11-17 14:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-23 11:57 - 2016-11-17 14:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-04-22 17:49 - 2016-04-22 17:49 - 00180584 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2DevProps.dll
2016-04-22 17:47 - 2016-04-22 17:47 - 00252264 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2OSD.dll
2016-11-23 11:57 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-23 11:57 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-23 11:57 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-23 11:57 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-23 11:57 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-23 11:57 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-23 11:57 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-12 09:39 - 2016-09-12 09:39 - 01383616 _____ () C:\Users\User1\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-09-12 09:40 - 2016-09-12 09:40 - 00118976 _____ () C:\Users\User1\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-11-23 11:57 - 2016-11-17 14:44 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-11-01 08:58 - 2016-11-01 08:58 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-11-25 15:38 - 2016-09-07 21:42 - 50656768 _____ () C:\Users\User1\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2016-11-25 15:38 - 2016-09-07 21:42 - 01874944 _____ () C:\Users\User1\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2016-11-25 15:38 - 2016-09-07 21:42 - 00075264 _____ () C:\Users\User1\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2016-12-14 07:22 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 07:22 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-05-25 22:52 - 2016-05-25 22:52 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2017-01-05 19:25 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Da befinden sich 4 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3303905599-2245439626-354554511-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 192.168.192.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{429DE816-4FBD-42EE-B638-711BAFE6B702}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{65303912-7997-4DC7-A35A-3337BE31B493}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{DF13E15C-D484-4B92-9B7D-D76EB8EDE98C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DC49F3EC-25CD-487E-938D-216EDD544179}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ADB22972-1CBD-409C-97E6-DC3E02CF18B4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{829F417C-3502-430E-BE1D-DF49304A2EC2}] => E:\Steam\Steam.exe
FirewallRules: [{630D374E-DA6E-4E75-9EB5-AAA094AEE159}] => E:\Steam\Steam.exe
FirewallRules: [{7D64997E-069A-45B6-9D31-4F1DB3F5486A}] => E:\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{9A93C7A7-1A02-475D-A753-D40A80EFC3B1}] => E:\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{E040FDB7-D1EF-45BB-9B08-968610D69074}] => E:\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{755CCBFD-BEF1-4A7A-A5F1-6A7709D4D1AD}] => E:\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{9E63854F-7F3A-4660-B540-62512A195337}] => E:\Steam\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{3542887B-8F96-4B9D-87C5-9F617B9981D7}] => E:\Steam\steamapps\common\Sherlock Holmes - The Devil's Daughter\Binaries\Win64\Sherlock.exe
FirewallRules: [{E7262040-3705-4850-9D7F-2AD728E5F533}] => E:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{88E46CE9-BD25-4A47-9AD7-7EBFBC575E29}] => E:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{80D08ACC-04E3-4BEC-B63E-FF1506AA2681}] => E:\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{A8AEA435-CFFE-4BB5-AF25-CB654D8899A2}] => E:\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{EA713A1E-AEA1-4CF9-869C-619A64325955}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{1779807D-5B84-4419-97D7-8B44C2A78F46}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{3EE69F64-03CF-434A-B5C9-EE31ADD7006D}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{352C809B-9DB9-4F6C-BC5A-10169520A223}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{76495409-2962-44FC-B895-B8857EE2B451}] => E:\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{D0B11EC6-97BF-4D6F-8960-C780B2991A77}] => E:\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{B3CD45DC-8487-4CA2-A294-B5AFBACAC170}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7EB39559-6210-452B-9EEC-AC37585B8D09}] => E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F315852F-24F0-4C83-8239-444C7448CE12}] => E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{50617EDE-E957-4F87-A354-43593333CABA}] => E:\Steam\steamapps\common\Weapons of Mythology - New Age -\Weapons Of Mythology New Age.exe
FirewallRules: [{278EBC98-2332-4728-A265-A1A83A8B2849}] => E:\Steam\steamapps\common\Weapons of Mythology - New Age -\Weapons Of Mythology New Age.exe
FirewallRules: [{A14A0E3F-66B6-4BC5-A005-A4112F6E260E}] => E:\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{65D2B53C-373B-49E0-A0C8-D39682072A6F}] => E:\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{785A686F-05E1-4C74-B922-99CE5B22DE78}] => E:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{D18C3D10-2EB8-41A0-8C29-241D6B8420BC}] => E:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{1307ADC0-7EA4-43E3-BA39-16F7978ADF77}] => E:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{B1D50E74-3D0A-4E2F-AF20-7D8EC5E39ED2}] => E:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{468BEF7B-EEFB-4735-BEF5-C0A17177E818}] => E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AE26E809-ECCC-4193-96C3-9A04D11B7979}] => E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{AB3EA093-C758-40E5-8007-2172EC5B5BAF}] => E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{151DD038-B952-4380-9730-4837936F60F4}] => E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{B1DC4F83-FF15-4568-A1A4-3483A857CF1D}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{D7ABA18E-7C47-4DEF-9300-7C23C7F5B326}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{8989120D-C8C6-48ED-B039-B1F7EA0D5D63}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{C9A92BAC-8EBC-41E4-9DCA-E9B09FFCD19A}] => E:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{D4EAF82B-B3BE-4CF8-9E85-EB4D0E3CD45C}] => E:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F8860564-0FF8-4275-981F-86C67DD0D21B}] => E:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/05/2017 07:31:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\User1\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x80070422).

Error: (01/05/2017 07:27:06 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\User1\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x80070422).

Error: (01/05/2017 07:25:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzSynapse.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
   bei Razer.Emily.Common.RzProtocol.GetFWVersion(UInt32, UInt32, Int64, System.String ByRef)
   bei Razer.Emily.Common.RzDevice.ReadFWVersion()
   bei Razer.Emily.Common.RzDevice.getDeviceInfo()
   bei Razer.Emily.Common.RzDevice.RefreshData()
   bei Razer.Emily.UI.App.plugUnplug(System.Collections.Generic.List`1<Razer.Emily.Common.RzDevice>, Boolean)
   bei Razer.Emily.UI.App+<>c__DisplayClass1b.<ReportActiveDevices>b__1a()
   bei System.Threading.Tasks.Task.InnerInvoke()
   bei System.Threading.Tasks.Task.Execute()
   bei System.Threading.Tasks.Task.ExecutionContextCallback(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.Tasks.Task.ExecuteWithThreadLocal(System.Threading.Tasks.Task ByRef)
   bei System.Threading.Tasks.Task.ExecuteEntry(Boolean)
   bei System.Threading.Tasks.Task.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (01/05/2017 07:00:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/05/2017 06:50:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (10308) testing: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\User1\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (01/05/2017 06:50:29 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (10308) testing: Der Versuch, die Datei "C:\Users\User1\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (01/05/2017 06:35:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: {885943EF-A4E3-4A9A-BBB3-35DA10F29DE8}.exe, Version: 3.1.0.12, Zeitstempel: 0x581ffeb3
Name des fehlerhaften Moduls: {885943EF-A4E3-4A9A-BBB3-35DA10F29DE8}.exe, Version: 3.1.0.12, Zeitstempel: 0x581ffeb3
Ausnahmecode: 0x40000015
Fehleroffset: 0x0014376c
ID des fehlerhaften Prozesses: 0x1198
Startzeit der fehlerhaften Anwendung: 0x01d2677a08bd2754
Pfad der fehlerhaften Anwendung: C:\Users\User1\AppData\Local\Temp\{C360F441-825E-40F5-8410-03887139760E}\{885943EF-A4E3-4A9A-BBB3-35DA10F29DE8}.exe
Pfad des fehlerhaften Moduls: C:\Users\User1\AppData\Local\Temp\{C360F441-825E-40F5-8410-03887139760E}\{885943EF-A4E3-4A9A-BBB3-35DA10F29DE8}.exe
Berichtskennung: ac09182c-c88f-4e2d-b8a5-9c5d89b44969
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/05/2017 04:46:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
Die abhängige Assemblierung "Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/05/2017 07:45:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1980
Startzeit der fehlerhaften Anwendung: 0x01d2671e3938b202
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: e6809586-75cd-4a1b-b313-8a086fa729ca
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/05/2017 07:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1980
Startzeit der fehlerhaften Anwendung: 0x01d2671e3938b202
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 27dc32dd-ea65-4d82-af44-f4706ce506d7
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge


Systemfehler:
=============
Error: (01/05/2017 07:45:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6NS9837)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/05/2017 07:43:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (01/05/2017 07:42:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/05/2017 07:41:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (01/05/2017 07:40:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (01/05/2017 07:40:44 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "NVIDIA LocalSystem Container" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (01/05/2017 07:40:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/05/2017 07:40:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kaspersky Secure Connection Service 1.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/05/2017 07:40:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/05/2017 07:40:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-01-05 07:33:04.458
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 07:33:03.164
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 07:33:03.153
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 07:32:44.054
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 07:32:43.696
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 06:50:11.837
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 06:50:11.834
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 06:50:05.700
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

  Date: 2017-01-05 06:50:05.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

  Date: 2016-12-23 21:49:55.308
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16333.83 MB
Verfügbarer physikalischer RAM: 13618.25 MB
Summe virtueller Speicher: 18765.83 MB
Verfügbarer virtueller Speicher: 15643.64 MB

==================== Laufwerke ================================

Drive c: (SSD) (Fixed) (Total:255.51 GB) (Free:197.33 GB) NTFS
Drive d: (TuneUp Utilities) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS
Drive e: (HDD) (Fixed) (Total:931.39 GB) (Free:705.1 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 256.2 GB) (Disk ID: 1349CB3B)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus · 06.01.2017, 10:55

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKLM-x32\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

05.01.2017, 18:56	#7
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 10 Tabs öffnen sich automatisch 1. Log vom tdsskiller ist unvollständig 2. tdsskiller wurde nicht lt. Anleitung eingestellt __________________ Logfiles bitte immer in CODE-Tags posten

05.01.2017, 19:58	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Windows 10 Tabs öffnen sich automatisch Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken __________________ Logfiles bitte immer in CODE-Tags posten

Windows 10 Tabs öffnen sich automatisch

Plagegeister aller Art und deren Bekämpfung: Windows 10 Tabs öffnen sich automatisch