Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Werbung bei jedem Klick/ immer neue Tabs

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.09.2016, 21:05   #1
Winja
 
Werbung bei jedem Klick/ immer neue Tabs - Rotes Gesicht

Werbung bei jedem Klick/ immer neue Tabs



Hallo,

ich habe seit zwei, drei Tagen das Problem, dass bei jeder Internetseite die sich öffnet, Werbung und sonstiges auch öffnet...

Ich habe schon viele Threads gelesen aber irgendwie war nie das Passende dabei...

Das Problem kommt sogar in Steam vor und ich bin mir nicht sicher ob da nicht noch mehr im Hintergrund passiert...

Habe einen Log von einer Überprüfung von Malwarebytes:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 08.09.2016
Suchlaufzeit: 19:09
Protokolldatei: Suchergebnisse Malwarebytes 2.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.08.07
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: stock

Suchlauftyp: Hyper-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 267135
Abgelaufene Zeit: 6 Min., 35 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Deaktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
-----------------------------------------------------------
Und außerdem von Spybot:

Search results from Spybot - Search & Destroy

08.09.2016 19:34:31
Scan took 00:29:25.
31 items found.

DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): stock) (Browser: Cookie, nothing done)


CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): stock) (Browser: Cookie, nothing done)


MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): stock) (Browser: Cookie, nothing done)


MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): stock) (Browser: Cookie, nothing done)


FastClick: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): stock) (Browser: Cookie, nothing done)


Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation

MS Office 12.0 (Access): [SBI $B63675A5] Recent Used DB #1 (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\Access\Settings\MRU1

MS Office 12.0 (Access): [SBI $5FED5527] Recent Used DB Date #1 (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1

MS Office 12.0 (Excel): [SBI $546355D5] Recent Cartel List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\Excel\File MRU

MS Office 12.0 (PowerPoint): [SBI $242E8728] Recent Slideshow List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\PowerPoint\File MRU

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\Word\File MRU

Windows.OpenWith: [SBI $59A5380C] Open with list - .ACF extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ACF\OpenWithList

----------------------------------------------------------------------------------------------------

Mein Kaspersky habe ich auch schon drüberlaufen lassen, dass hat das hier gesagt...
Mmh hängt sich immer auf beim Log Erstellen...
Eine Datei, die ich rausriegen konnte: Trojan.Win32.SelfDel.dadk

Ich hoffe mal ihr könnt mir bitte helfen...
Wenn irgendwas fehlt, sagt es mir und ich mache das und schicke es euch!

Viele Grüße
Winja

Alt 08.09.2016, 21:26   #2
M-K-D-B
/// TB-Ausbilder
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 09.09.2016, 14:33   #3
Winja
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Hallo Matthias, danke für deine Hilfe... Hier die Logdatei von TTDS-Killer:



Hallo Matthias, danke für deine Hilfe...
Hier die Logdatei von FRST-Killer:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von stock (Administrator) auf MARKSPC (09-09-2016 14:06:20)
Gestartet von C:\Users\stock\Downloads
Geladene Profile: stock &  (Verfügbare Profile: stock)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Malwarebytes) C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe
(Safer-Networking Ltd.) C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes) C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Valve Corporation) C:\Mark\Programme\Steam\Steam.exe
(Valve Corporation) C:\Mark\Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Mark\Programme\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [SDTray] => C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Steam] => C:\Mark\Programme\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Spotify Web Helper] => C:\Users\stock\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Spotify] => C:\Users\stock\AppData\Roaming\Spotify\Spotify.exe [6930544 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Mark\Programme\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\stock\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\stock\AppData\Roaming\Spotify\Spotify.exe [6930544 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-602346101-288533717-1331706006-1002\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{dc3228ef-604e-40f1-8dab-f847f3d1ba0a}: [NameServer] 138.201.48.176,8.8.8.8
Tcpip\..\Interfaces\{dc3228ef-604e-40f1-8dab-f847f3d1ba0a}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pesonal-spage.com/sall/
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pesonal-spage.com/sall/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-07] (Oracle Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-07] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\stock\AppData\Roaming\Mozilla\Firefox\Profiles\yb2u8nal.default
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-07] (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-24]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-01-09] (Kaspersky Lab ZAO)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 MBAMScheduler; C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SDScannerService; C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-01-09] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-05-24] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-05-24] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-08-25] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-01-09] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-05-24] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-09] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-09 14:06 - 2016-09-09 14:07 - 00016318 _____ C:\Users\stock\Downloads\FRST.txt
2016-09-09 14:05 - 2016-09-09 14:06 - 00000000 ____D C:\FRST
2016-09-09 14:04 - 2016-09-09 14:04 - 02397696 _____ (Farbar) C:\Users\stock\Desktop\FRST64.exe
2016-09-08 20:20 - 2016-09-08 20:23 - 00000000 ____D C:\Users\stock\Desktop\Planet Coaster Piratenschiff
2016-09-08 19:35 - 2016-09-08 19:35 - 00000000 ____D C:\Users\stock\Desktop\Adware oder sowas
2016-09-07 19:34 - 2016-09-09 13:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-07 19:34 - 2016-09-07 19:34 - 00001241 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-07 19:34 - 2016-09-07 19:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-07 19:34 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-07 19:34 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-07 19:34 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-07 19:12 - 2016-09-07 19:12 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-07 19:12 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-09-07 19:09 - 2016-09-07 19:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-09-07 19:08 - 2016-09-07 19:43 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-07 19:08 - 2016-09-07 19:08 - 00002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-09-07 19:08 - 2016-09-07 19:08 - 00002372 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-09-07 19:08 - 2016-09-07 19:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-09-07 19:08 - 2016-09-07 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-09-07 19:08 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-09-07 18:24 - 2016-09-07 18:31 - 00000000 ____D C:\AdwCleaner
2016-09-05 18:20 - 2016-09-05 18:20 - 00000000 ____D C:\Users\stock\AppData\Roaming\SPI
2016-09-01 19:54 - 2013-12-10 08:27 - 00016344 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2016-09-01 19:53 - 2013-12-10 08:27 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-09-01 19:53 - 2013-12-10 08:27 - 00100312 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2016-09-01 19:04 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 19:04 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-01 19:04 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-01 19:04 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 19:04 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-01 19:04 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-01 19:04 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 19:04 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-01 19:04 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 19:04 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 19:04 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-01 19:04 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-01 19:04 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 19:04 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-01 19:04 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-01 19:04 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-01 19:04 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-01 19:04 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 19:04 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 19:04 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-01 19:04 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-01 19:04 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-01 19:04 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-01 19:04 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-01 19:04 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-01 19:04 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-01 19:04 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-01 19:04 - 2016-08-20 07:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-01 19:04 - 2016-08-20 07:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-01 19:04 - 2016-08-20 07:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-01 19:04 - 2016-08-20 07:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-01 19:04 - 2016-08-20 07:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-01 19:04 - 2016-08-20 07:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-01 19:04 - 2016-08-20 07:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-01 19:04 - 2016-08-20 07:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-01 19:04 - 2016-08-20 07:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-01 19:04 - 2016-08-20 07:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-01 19:04 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-01 19:04 - 2016-08-20 07:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-01 19:04 - 2016-08-20 07:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-01 19:04 - 2016-08-20 07:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-01 19:04 - 2016-08-20 07:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-01 19:04 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-01 19:04 - 2016-08-20 07:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-01 19:04 - 2016-08-20 07:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-01 19:04 - 2016-08-20 07:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-01 19:04 - 2016-08-20 07:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-01 19:04 - 2016-08-20 07:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-01 19:04 - 2016-08-20 07:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-01 19:04 - 2016-08-20 07:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-01 19:04 - 2016-08-20 07:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-01 19:04 - 2016-08-20 07:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-01 19:04 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-01 19:04 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 19:04 - 2016-08-20 07:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 19:04 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 19:04 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 19:04 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 19:04 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-01 19:04 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 19:04 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 19:04 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 19:04 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 19:04 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-01 19:04 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-01 19:04 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 19:04 - 2016-08-20 07:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-01 19:04 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 19:04 - 2016-08-20 07:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-01 19:04 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-01 19:04 - 2016-08-20 07:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-01 19:04 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-01 19:04 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-01 19:04 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-01 19:04 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-01 19:04 - 2016-08-20 07:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-01 19:04 - 2016-08-20 07:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-01 19:04 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-01 19:04 - 2016-08-20 07:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-01 19:04 - 2016-08-20 07:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-01 19:04 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-01 19:04 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 19:04 - 2016-08-20 07:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-01 19:04 - 2016-08-20 07:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-01 19:04 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-01 19:04 - 2016-08-20 07:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-01 19:04 - 2016-08-20 07:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-01 19:04 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-01 19:04 - 2016-08-20 07:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-01 19:04 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 19:04 - 2016-08-20 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-01 19:04 - 2016-08-20 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-01 19:04 - 2016-08-20 07:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-01 19:04 - 2016-08-20 07:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-01 19:04 - 2016-08-20 07:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-01 19:04 - 2016-08-20 07:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-01 19:04 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-01 19:04 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-01 19:04 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-01 19:04 - 2016-08-20 06:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-01 19:04 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-01 19:04 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-01 19:04 - 2016-08-20 06:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-01 19:04 - 2016-08-20 06:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-01 19:04 - 2016-08-20 06:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-01 19:04 - 2016-08-20 06:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-01 19:04 - 2016-08-20 06:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-01 19:04 - 2016-08-20 06:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-01 19:04 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-01 19:04 - 2016-08-20 06:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-01 19:04 - 2016-08-20 06:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-01 19:04 - 2016-08-20 06:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-01 19:04 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-08-25 19:48 - 2016-08-25 19:17 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-25 19:45 - 2016-08-25 19:45 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-25 19:45 - 2016-08-25 19:45 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-25 19:45 - 2016-08-25 19:45 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-25 19:45 - 2016-08-25 19:45 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-25 19:45 - 2016-08-25 19:45 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-25 19:45 - 2016-08-25 19:45 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-25 19:45 - 2016-08-25 19:45 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-25 19:40 - 2016-08-25 19:40 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-25 19:38 - 2016-08-25 19:38 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\Program Files\MSBuild
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-25 19:38 - 2016-08-25 19:04 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-25 19:38 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-25 19:38 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-25 19:23 - 2016-08-25 19:23 - 00000000 ___RD C:\Users\stock\3D Objects
2016-08-25 19:20 - 2016-08-25 19:20 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-25 19:18 - 2016-08-25 19:18 - 00000000 ____D C:\ProgramData\USOShared
2016-08-25 19:17 - 2016-08-27 17:51 - 00000000 ____D C:\Users\stock\AppData\Local\ConnectedDevicesPlatform
2016-08-25 19:17 - 2016-08-25 19:17 - 00000656 __RSH C:\Users\stock\ntuser.pol
2016-08-25 19:17 - 2016-08-25 19:17 - 00000020 ___SH C:\Users\stock\ntuser.ini
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-08-25 19:14 - 2016-08-25 19:16 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-25 19:14 - 2016-08-25 19:16 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-25 19:10 - 2016-08-25 19:10 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-25 19:09 - 2016-09-08 21:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-25 19:09 - 2016-08-25 19:10 - 00002264 _____ C:\WINDOWS\System32\Tasks\{C70BA00D-C100-4D41-94D6-FDDE3DFCEAEC}
2016-08-25 19:02 - 2016-08-25 19:02 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2016-08-25 18:58 - 2016-08-25 19:04 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-25 18:56 - 2016-09-09 13:55 - 00000000 ____D C:\Users\stock
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Vorlagen
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Startmenü
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Netzwerkumgebung
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Lokale Einstellungen
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Eigene Dateien
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Druckumgebung
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Documents\Eigene Videos
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Documents\Eigene Musik
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Documents\Eigene Bilder
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\AppData\Local\Verlauf
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\AppData\Local\Anwendungsdaten
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Anwendungsdaten
2016-08-25 18:53 - 2016-09-09 13:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-25 18:53 - 2016-09-01 19:54 - 00000000 ____D C:\Program Files\Intel
2016-08-25 18:53 - 2016-08-25 19:04 - 00000000 ____D C:\Program Files\Elantech
2016-08-25 18:53 - 2016-08-25 18:53 - 01618211 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2016-08-25 18:53 - 2016-08-25 18:53 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____D C:\Program Files\Realtek
2016-08-25 18:52 - 2016-08-25 18:52 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-08-25 18:52 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-25 18:51 - 2016-08-25 19:02 - 00000000 ____D C:\Program Files\AMD
2016-08-25 18:50 - 2016-09-08 21:53 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-25 18:50 - 2016-08-25 18:50 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-25 18:49 - 2016-09-01 19:59 - 00343744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-23 10:01 - 2016-08-23 10:01 - 00000000 ____D C:\Users\stock\Desktop\Planet Coaster MapBackup
2016-08-23 09:41 - 2016-08-23 09:42 - 00000096 _____ C:\Users\stock\Desktop\To-Do.txt
2016-08-12 18:45 - 2016-08-12 18:45 - 00000000 ____D C:\Users\stock\AppData\Roaming\Greenshot
2016-08-12 18:45 - 2016-08-12 18:45 - 00000000 ____D C:\Users\stock\AppData\Local\Greenshot
2016-08-10 12:10 - 2016-08-10 12:10 - 00000000 ____D C:\Users\stock\AppData\Local\TurboDismount

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-09 14:05 - 2016-01-09 15:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-09-09 13:54 - 2016-07-17 00:51 - 00517536 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-09 13:54 - 2016-07-17 00:51 - 00094184 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-09 13:54 - 2016-01-09 14:49 - 01505234 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-09 13:52 - 2016-01-09 14:52 - 00000000 __SHD C:\Users\stock\IntelGraphicsProfiles
2016-09-08 19:36 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-08 19:33 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-08 19:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-07 19:29 - 2016-01-09 16:24 - 00000000 ____D C:\Users\stock\AppData\Roaming\Skype
2016-09-07 18:25 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-05 19:06 - 2016-01-09 23:35 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-05 18:40 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-05 18:22 - 2016-01-09 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-09-05 17:30 - 2016-07-01 13:43 - 00000000 ____D C:\Users\stock\AppData\Local\Spotify
2016-09-05 17:28 - 2016-07-01 13:41 - 00000000 ____D C:\Users\stock\AppData\Roaming\Spotify
2016-09-05 17:08 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 20:02 - 2016-01-09 14:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-01 19:56 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-01 19:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-01 19:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-01 19:54 - 2016-03-28 18:32 - 00000000 ____D C:\ProgramData\Intel
2016-09-01 19:54 - 2016-03-28 18:32 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-01 18:58 - 2016-07-16 13:42 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-01 18:57 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-01 18:57 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-01 18:57 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-01 18:57 - 2016-07-16 13:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-01 18:57 - 2016-07-16 13:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-01 18:57 - 2016-07-16 13:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-30 20:06 - 2016-01-09 14:52 - 00000000 ____D C:\Users\stock\AppData\Local\Packages
2016-08-28 19:24 - 2016-01-09 18:08 - 00000000 ____D C:\Users\stock\AppData\Roaming\.minecraft
2016-08-27 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-26 07:43 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-26 07:43 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-25 19:48 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-25 19:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-25 19:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-25 19:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-25 19:38 - 2016-07-16 13:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-08-25 19:38 - 2016-07-16 13:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-08-25 19:38 - 2016-07-16 13:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-08-25 19:38 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-08-25 19:22 - 2015-06-11 20:35 - 00049240 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-08-25 19:21 - 2016-01-09 14:55 - 00002387 _____ C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-25 19:21 - 2016-01-09 14:55 - 00000000 ___RD C:\Users\stock\OneDrive
2016-08-25 19:18 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-25 19:18 - 2016-01-09 14:53 - 00000000 ____D C:\Users\stock\AppData\Local\PackageStaging
2016-08-25 19:17 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-25 19:16 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-25 19:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-25 19:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-25 19:14 - 2016-01-09 14:21 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-25 19:10 - 2016-01-09 14:21 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicyUsers
2016-08-25 19:09 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-25 19:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-25 19:04 - 2016-07-16 08:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-08-25 19:04 - 2016-04-16 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-25 19:04 - 2016-03-28 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-25 19:04 - 2016-01-09 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-25 19:04 - 2016-01-09 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-08-25 19:04 - 2016-01-09 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-08-25 19:04 - 2016-01-09 14:21 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-25 19:02 - 2016-01-09 14:11 - 00000000 ____D C:\Users\Default.migrated
2016-08-25 19:00 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-25 19:00 - 2016-01-29 14:18 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2016-08-25 19:00 - 2016-01-09 17:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-25 18:59 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-25 18:59 - 2016-01-25 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-25 18:59 - 2016-01-09 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-08-25 18:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-25 18:54 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-25 18:54 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-25 18:51 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-23 09:34 - 2016-01-25 21:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-23 09:34 - 2016-01-09 16:24 - 00000000 ____D C:\ProgramData\Skype
2016-08-15 13:23 - 2016-01-09 17:47 - 00000000 ____D C:\Users\stock\AppData\Roaming\vlc
2016-08-10 11:46 - 2016-01-09 17:02 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-06-18 17:53 - 2016-06-18 17:53 - 0007601 _____ () C:\Users\stock\AppData\Local\Resmon.ResmonCfg
2016-01-09 15:26 - 2016-01-09 15:26 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-08-25 18:53 - 2016-08-25 18:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\stock\AppData\Local\Temp\adblocker4.exe
C:\Users\stock\AppData\Local\Temp\AutoRun.exe
C:\Users\stock\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\stock\AppData\Local\Temp\EAInstall.dll
C:\Users\stock\AppData\Local\Temp\eauninstall.exe
C:\Users\stock\AppData\Local\Temp\libeay32.dll
C:\Users\stock\AppData\Local\Temp\msvcr120.dll
C:\Users\stock\AppData\Local\Temp\MusicStudio.exe
C:\Users\stock\AppData\Local\Temp\sqlite3.dll
C:\Users\stock\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\stock\AppData\Local\Temp\ysins.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-05 17:57

==================== Ende von FRST.txt ============================
         
Und die Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von stock (09-09-2016 14:07:57)
Gestartet von C:\Users\stock\Downloads
Windows 10 Home Version 1607 (X64) (2016-08-25 17:17:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-602346101-288533717-1331706006-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-602346101-288533717-1331706006-503 - Limited - Disabled)
Gast (S-1-5-21-602346101-288533717-1331706006-501 - Limited - Disabled)
stock (S-1-5-21-602346101-288533717-1331706006-1002 - Administrator - Enabled) => C:\Users\stock

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ashampoo Cover Studio 1.01 (HKLM-x32\...\Ashampoo Cover Studio_is1) (Version: 1.0.1 - ashampoo GmbH & Co. KG)
Ashampoo Music Studio 5 v.5.0.7 (HKLM-x32\...\{91B33C97-5BBE-576E-893B-711D4D8298ED}_is1) (Version: 5.0.7 - Ashampoo GmbH & Co. KG)
Besiege (HKLM\...\Steam App 346010) (Version:  - Spiderling Studios)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
FlatOut: Ultimate Carnage (HKLM-x32\...\Steam App 12360) (Version:  - Bugbear Entertainment)
Frontier Launchpad version 1.0.3 (HKLM-x32\...\{8916D4AB-BBCB-4FBC-A203-B4C3144CF89B}_is1) (Version: 1.0.3 - Frontier Developments plc)
Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version:  - Rockstar North)
HP Officejet 4620 series - Grundlegende Software für das Gerät (HKLM\...\{B16F9E6E-1388-472C-98C3-F32D397EF85D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KeePass Password Safe 1.30 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.30 - Dominik Reichl)
LEGO® Der Herr der Ringe™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® STAR WARS™: The Force Awakens (HKLM\...\Steam App 438640) (Version:  - Traveller's Tales)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Parkitect (HKLM\...\Steam App 453090) (Version:  - Texel Raptor)
Planet Coaster Alpha (HKLM\...\Steam App 518340) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7808 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
RollerCoaster Tycoon World (HKLM\...\Steam App 282560) (Version:  - Nvizzio Creations)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB)
Spotify (HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version:  - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version:  - FireFly Studios)
Turbo Dismount (HKLM\...\Steam App 263760) (Version:  - Secret Exit Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Who's Your Daddy (HKLM\...\Steam App 427730) (Version:  - Evil Tortilla Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\stock\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-602346101-288533717-1331706006-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\stock\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {426EA321-796E-4710-AF0C-BAABF540CA54} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {91A85246-2555-457C-AF00-59E693280084} - System32\Tasks\{C70BA00D-C100-4D41-94D6-FDDE3DFCEAEC} => launchwinapp.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.16.0.105&amp;LastError=404
Task: {A078B1E2-C61C-4567-8C6F-50DBD4F270A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {E63B7A3A-2D1D-4D41-8C4E-4EEBC5F1890C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-25 19:21 - 2016-08-25 19:21 - 00959168 _____ () C:\Users\stock\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2015-09-30 21:39 - 2015-09-30 21:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-01 19:04 - 2016-08-20 06:54 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-01 19:04 - 2016-08-20 06:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-01-09 14:21 - 2016-01-09 14:19 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-602346101-288533717-1331706006-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\stock\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4d0e7f78-e0a0-4636-af55-9903d7b648da}.jpg
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\stock\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4d0e7f78-e0a0-4636-af55-9903d7b648da}.jpg
DNS Servers: 138.201.48.176 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "HP Officejet 4620 series (NET)"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "HP Officejet 4620 series (NET)"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{26E1D222-FF96-425A-8E3E-4B792788946E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Planet Coaster Alpha\PlanetCoaster.exe
FirewallRules: [{5857033A-88E2-48D2-A5F3-751C4E4B1A1B}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Planet Coaster Alpha\PlanetCoaster.exe
FirewallRules: [{124A3183-5373-4FDC-B946-9022697EE095}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{7CB20BF4-CB64-464F-B415-658C77209CFA}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{E32A3583-D079-45CF-A180-F9F5ABA71CA8}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{EB7AB245-D869-4FCB-9F4C-D72DBE2B4C6B}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{A9FB80ED-3746-4C81-BA1A-F834A0E8875C}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{50D0F11C-9011-481E-B94E-C2810A4FA7B4}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{E1D760B3-2946-4EB5-8824-E3B4B0922BEC}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\LEGO STAR WARS The Force Awakens\LEGOSWTFA.exe
FirewallRules: [{C8B13388-078C-4205-BB18-56386B4EA57E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\LEGO STAR WARS The Force Awakens\LEGOSWTFA.exe
FirewallRules: [{900D399C-7B4E-4C18-8406-45E5AC66C30A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Schlacht um Mittelerde II\game.dat
FirewallRules: [{8BCF9091-996B-4B42-94C4-062BC4259837}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Schlacht um Mittelerde II\game.dat
FirewallRules: [{C376C7D5-734B-4715-ADE5-668EF001D04A}] => (Allow) C:\Mark\Programme\Die Schlacht um Mittelerde 2\game.dat
FirewallRules: [{E91968F1-BB4A-4B79-864B-02882B43AB1F}] => (Allow) C:\Mark\Programme\Die Schlacht um Mittelerde 2\game.dat
FirewallRules: [{D4AE444C-0EC0-4963-891C-599612C3B82E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{58F2DB48-2A20-4653-8818-3DDDD44AB5BB}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{184B9B41-6481-4939-AB3F-620D737819AB}] => (Allow) C:\Mark\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{7F22833E-C70D-4993-AA95-95D5F3CC9D07}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{EDE7DE8C-0760-4FD6-BE1C-9616BD52D023}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{E0544AFC-F753-4BF9-888E-FF567BBB4342}] => (Allow) C:\Mark\Programme\Microsoft Office 2007\Office12\outlook.exe
FirewallRules: [{FBECCB82-34BB-48AA-A084-3EB9D0FC06F6}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{DDECFE45-6864-4F7C-A0E2-C05F820710BF}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{11017D06-9BFD-49E2-A6A4-971A9D665728}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{FFDDE0D2-B7E4-4201-A0F1-3BCA8A0CE834}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9B404727-7A5C-488D-B684-1E867A809C0D}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\FlatOut Ultimate Carnage\launcher.exe
FirewallRules: [{0CEC5434-02D8-4B52-AA09-42D887C46891}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\FlatOut Ultimate Carnage\launcher.exe
FirewallRules: [{9AC100BD-A373-48AE-9F5F-F382CF44D4D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BE3FC896-4AE7-46FC-B5A6-660A5928BB8B}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{0A7F7B5B-577D-40A1-8331-62BFF43A447D}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{4CC810DD-7F8C-4E73-9E0E-71B202639E4F}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{6A6F2824-E299-4B99-9F45-EFCD38F30D47}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{6BE0D75F-45DB-4A68-A29F-B33A7AFB7EED}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{FB070DED-DF22-4BD2-9092-D1572374BA39}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{4B42BB83-62C9-4A06-AE63-937A53E5B19F}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{026A885A-1142-49ED-9B73-BD035930D4A9}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{1768DC1B-0D41-43B3-B231-5A4B07DCCA2C}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{4419FD9E-6044-4B51-BB8E-23BCEA3FD2F2}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{F8E95C5E-2695-46E9-9B75-021689406D72}] => (Allow) C:\Mark\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{FEDE4AED-4383-4EF7-A0FB-64EF5BF896F9}] => (Allow) C:\Mark\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{5D47808F-075C-4137-9DE3-B4379B47630C}] => (Allow) C:\Mark\Programme\Steam\Steam.exe
FirewallRules: [{ECBF68FB-77AF-46BA-9DD9-846F8E6E6F7B}] => (Allow) C:\Mark\Programme\Steam\Steam.exe
FirewallRules: [{7434FFA2-1C6F-4927-816D-E9FBCAF1E478}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E513770F-049F-41F6-A1E8-4D98900E5BE4}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{CBEC0D68-8748-45B9-8F49-7C5786746AA9}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\DeviceSetup.exe
FirewallRules: [{AB9E073E-CA44-4861-894E-2DCA0C27A884}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\SendAFax.exe
FirewallRules: [{353584F4-FE38-441C-AE1F-F526A4EFAF8F}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\DigitalWizards.exe
FirewallRules: [{01480B04-5C67-4124-A4FA-178C3CD2F30F}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\FaxApplications.exe
FirewallRules: [{8A06A2E9-B165-40E9-8523-7F1526A46935}] => (Allow) C:\Program Files (x86)\Electronic Arts\Aufstieg des Hexenkönigs\game.dat
FirewallRules: [{49B9260C-14B3-4011-92C8-EE678E6ED502}] => (Allow) C:\Program Files (x86)\Electronic Arts\Aufstieg des Hexenkönigs\game.dat
FirewallRules: [{217FD394-A7CA-4E74-AA1C-299F67DB13F9}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D3152B8F-D6DD-471D-AF8A-558FA3E3A4CC}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4D084C9D-B17E-484E-95AD-215396A0EEB7}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{22E8F859-1F7E-4CF3-9444-D8A2CE59622E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{57ADE48C-A8A4-4C08-922A-7FE3D8AB2184}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{9EFB8671-7E14-491F-A8A5-2D2B9A3C115F}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

27-08-2016 18:01:05 Windows Update
01-09-2016 19:17:11 Windows Modules Installer
05-09-2016 17:06:58 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/09/2016 02:08:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\GTAIV.exe".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/09/2016 02:08:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\gta4Browser.exe".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/09/2016 01:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WpcMon.exe, Version: 10.0.14393.0, Zeitstempel: 0x578998a9
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.14393.0, Zeitstempel: 0x578997b5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000006ea1e
ID des fehlerhaften Prozesses: 0x1568
Startzeit der fehlerhaften Anwendung: 0x01d20a908c59ee52
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\WpcMon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: b65565cf-c5ad-419a-bc94-7221e9a3a8c8
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/08/2016 09:02:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avpui.exe, Version 16.0.0.625 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 23f0

Startzeit: 01d20a031e3623f8

Beendigungszeit: 0

Anwendungspfad: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe

Berichts-ID: a9bac75a-75f6-11e6-b081-201a0647e01d

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (09/08/2016 08:59:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avpui.exe, Version 16.0.0.625 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1240

Startzeit: 01d209f7a40e0bd1

Beendigungszeit: 48549

Anwendungspfad: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe

Berichts-ID: 36cd6fa5-75f6-11e6-b081-201a0647e01d

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (09/08/2016 06:10:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARKSPC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023673. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/08/2016 04:52:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WpcMon.exe, Version: 10.0.14393.0, Zeitstempel: 0x578998a9
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.14393.0, Zeitstempel: 0x578997b5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000006ea1e
ID des fehlerhaften Prozesses: 0x2794
Startzeit der fehlerhaften Anwendung: 0x01d209e08df8f8c3
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\WpcMon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: b1d2edaa-cc9e-43cd-8ee2-adc13573d770
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/07/2016 07:45:34 PM) (Source: SideBySide) (EventID: 79) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\mark\programme\spybot - search & destroy 2\spybot - search & destroy 2\updates\extracts\SDWSCSvc.exe".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.

Error: (09/07/2016 07:45:31 PM) (Source: SideBySide) (EventID: 79) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\mark\programme\spybot - search & destroy 2\spybot - search & destroy 2\SDWSCSvc.exe".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.

Error: (09/07/2016 07:02:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 7.26.0.101 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f1c

Startzeit: 01d209280c1bd3b4

Beendigungszeit: 42

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID: cef5cce2-751c-11e6-b080-201a0647e01d

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:


Systemfehler:
=============
Error: (09/09/2016 01:51:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2016 09:53:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎09.‎2016 um 21:36:32 unerwartet heruntergefahren.

Error: (09/08/2016 09:52:57 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212254874609120

Error: (09/08/2016 07:37:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2016 04:52:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2016 06:32:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2016 06:31:41 PM) (Source: DCOM) (EventID: 10010) (User: MARKSPC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/07/2016 06:31:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/07/2016 06:31:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/07/2016 06:31:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8072.27 MB
Verfügbarer physikalischer RAM: 4739.84 MB
Summe virtueller Speicher: 9352.27 MB
Verfügbarer virtueller Speicher: 5945.63 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:907.73 GB) (Free:750.19 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9128D2BB)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
__________________

Alt 09.09.2016, 14:38   #4
Winja
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Kaspersky TEIL1:
Code:
ATTFilter
14:13:10.0749 0x08d4  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
14:13:10.0749 0x08d4  UEFI system
14:13:13.0312 0x08d4  ============================================================
14:13:13.0312 0x08d4  Current date / time: 2016/09/09 14:13:13.0312
14:13:13.0312 0x08d4  SystemInfo:
14:13:13.0312 0x08d4  
14:13:13.0312 0x08d4  OS Version: 10.0.14393 ServicePack: 0.0
14:13:13.0312 0x08d4  Product type: Workstation
14:13:13.0312 0x08d4  ComputerName: MARKSPC
14:13:13.0312 0x08d4  UserName: stock
14:13:13.0312 0x08d4  Windows directory: C:\WINDOWS
14:13:13.0312 0x08d4  System windows directory: C:\WINDOWS
14:13:13.0312 0x08d4  Running under WOW64
14:13:13.0312 0x08d4  Processor architecture: Intel x64
14:13:13.0312 0x08d4  Number of processors: 4
14:13:13.0312 0x08d4  Page size: 0x1000
14:13:13.0312 0x08d4  Boot type: Normal boot
14:13:13.0312 0x08d4  CodeIntegrityOptions = 0x00000001
14:13:13.0312 0x08d4  ============================================================
14:13:13.0312 0x08d4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.103, osProperties = 0x19
14:13:13.0671 0x08d4  System UUID: {04D2B240-15B6-8500-46FB-4CFF741C9411}
14:13:14.0499 0x08d4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:13:14.0515 0x08d4  ============================================================
14:13:14.0515 0x08d4  \Device\Harddisk0\DR0:
14:13:14.0546 0x08d4  GPT partitions:
14:13:14.0562 0x08d4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F23B358F-0339-4785-8744-C3CAFBE0295B}, Name: , StartLBA 0x800, BlocksNum 0xC8000
14:13:14.0562 0x08d4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {5926DE6E-E71A-4766-9E4D-D5868BCE1C9E}, Name: EFI , StartLBA 0xC8800, BlocksNum 0x96000
14:13:14.0562 0x08d4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6E80BC50-2159-4F07-86CC-CEB6DAFA993C}, Name: Micr, StartLBA 0x15E800, BlocksNum 0x40000
14:13:14.0562 0x08d4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3B99A2AB-4704-4E31-ACFC-C514833D1EBF}, Name: , StartLBA 0x19E800, BlocksNum 0x71776000
14:13:14.0562 0x08d4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5124F157-E73D-4C8F-8BBB-2F7702490BF6}, Name: , StartLBA 0x71914800, BlocksNum 0x2DF2000
14:13:14.0562 0x08d4  MBR partitions:
14:13:14.0562 0x08d4  ============================================================
14:13:14.0640 0x08d4  C: <-> \Device\Harddisk0\DR0\Partition4
14:13:14.0640 0x08d4  ============================================================
14:13:14.0640 0x08d4  Initialize success
14:13:14.0640 0x08d4  ============================================================
14:13:18.0906 0x1128  ============================================================
14:13:18.0906 0x1128  Scan started
14:13:18.0906 0x1128  Mode: Manual; SigCheck; TDLFS; 
14:13:18.0906 0x1128  ============================================================
14:13:18.0906 0x1128  KSN ping started
14:13:19.0031 0x1128  KSN ping finished: true
14:13:21.0921 0x1128  ================ Scan system memory ========================
14:13:21.0921 0x1128  System memory - ok
14:13:21.0921 0x1128  ================ Scan services =============================
14:13:22.0702 0x1128  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
14:13:22.0781 0x1128  1394ohci - ok
14:13:22.0812 0x1128  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
14:13:22.0827 0x1128  3ware - ok
14:13:22.0937 0x1128  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
14:13:22.0984 0x1128  ACPI - ok
14:13:22.0999 0x1128  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
14:13:23.0015 0x1128  AcpiDev - ok
14:13:23.0031 0x1128  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
14:13:23.0046 0x1128  acpiex - ok
14:13:23.0078 0x1128  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
14:13:23.0078 0x1128  acpipagr - ok
14:13:23.0109 0x1128  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
14:13:23.0124 0x1128  AcpiPmi - ok
14:13:23.0156 0x1128  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
14:13:23.0156 0x1128  acpitime - ok
14:13:23.0218 0x1128  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:13:23.0265 0x1128  ADP80XX - ok
14:13:23.0296 0x1128  [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD             C:\WINDOWS\system32\drivers\afd.sys
14:13:23.0327 0x1128  AFD - ok
14:13:23.0343 0x1128  [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:13:23.0374 0x1128  ahcache - ok
14:13:23.0390 0x1128  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
14:13:23.0406 0x1128  AJRouter - ok
14:13:23.0437 0x1128  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
14:13:23.0452 0x1128  ALG - ok
14:13:23.0499 0x1128  [ CA5D49FE7992628A02BB110248E1DDFE, AFB28A1F465A0C470C0EDF8708AADD3ABCD23AC9987C9E8B4C0015FD827EB576 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
14:13:23.0531 0x1128  AMD External Events Utility - ok
14:13:23.0593 0x1128  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
14:13:23.0624 0x1128  AmdK8 - ok
14:13:23.0640 0x1128  amdkmdag - ok
14:13:23.0765 0x1128  [ 3A261C58BC747EBED2CB58069B497F69, E13C0F6340E398BB5BF519B750A5A9019BC589F1A5CE7C77D3DCF038A79EE903 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
14:13:23.0859 0x1128  amdkmdap - ok
14:13:23.0890 0x1128  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
14:13:23.0906 0x1128  amdkmpfd - ok
14:13:23.0937 0x1128  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
14:13:23.0968 0x1128  AmdPPM - ok
14:13:23.0984 0x1128  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
14:13:23.0984 0x1128  amdsata - ok
14:13:24.0015 0x1128  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
14:13:24.0031 0x1128  amdsbs - ok
14:13:24.0046 0x1128  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
14:13:24.0062 0x1128  amdxata - ok
14:13:24.0124 0x1128  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
14:13:24.0140 0x1128  AppID - ok
14:13:24.0203 0x1128  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
14:13:24.0218 0x1128  AppIDSvc - ok
14:13:24.0249 0x1128  [ 008E4CCA7A4B33042276061E0A5B8244, DAD980540B564EFA06760435AF1B3213056E6DE8B2A55DF98E7D871625D4B080 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
14:13:24.0265 0x1128  Appinfo - ok
14:13:24.0343 0x1128  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
14:13:24.0374 0x1128  applockerfltr - ok
14:13:24.0484 0x1128  [ 41BF82B41BD24BAC9D9890DAC3212007, 0644BEE740244188B3D39F875D313B560D288B7FC33064E352C2A5F09073E361 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
14:13:24.0546 0x1128  AppReadiness - ok
14:13:24.0781 0x1128  [ 1212D65C0B8757ACF1201785B3BD4CDC, 7FDB781ED2DEB296371E7ACFC2A34DDB5A7742A2883C486E465C1D4617D9EC80 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
14:13:24.0859 0x1128  AppXSvc - ok
14:13:24.0890 0x1128  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
14:13:24.0906 0x1128  arcsas - ok
14:13:24.0937 0x1128  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
14:13:24.0952 0x1128  AsyncMac - ok
14:13:24.0968 0x1128  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
14:13:24.0984 0x1128  atapi - ok
14:13:25.0187 0x1128  [ 835E2C1A3D32492E2B90BD4FE5527CB6, DE129E570C85EE8AAE8084B40F4E32766B4B789A2EED81E46311712B0826053D ] athr            C:\WINDOWS\System32\drivers\athw8x.sys
14:13:25.0343 0x1128  athr - ok
14:13:25.0390 0x1128  [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:13:25.0421 0x1128  AudioEndpointBuilder - ok
14:13:25.0468 0x1128  [ FDD11F6C771FC6FD5EAE7D2D7502D39A, 4E75EA7BB36D2FACF71DEDFC604E1A618978273448D16FCAFE98D244642E9EAD ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
14:13:25.0515 0x1128  Audiosrv - ok
14:13:25.0687 0x1128  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
14:13:25.0718 0x1128  AVP16.0.0 - ok
14:13:25.0749 0x1128  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
14:13:25.0781 0x1128  AxInstSV - ok
14:13:25.0859 0x1128  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
14:13:25.0874 0x1128  b06bdrv - ok
14:13:25.0921 0x1128  [ C0D49B86B9A3C081FD96E5EDEB7373FA, F9C70993A0F92CD5A798DE3C6150845C1965A1AF43C59001285F3BBEC0681A6F ] b57xdbd         C:\WINDOWS\System32\drivers\b57xdbd.sys
14:13:25.0937 0x1128  b57xdbd - ok
14:13:25.0968 0x1128  [ B2B4C0169F3D2BB1106B61C04EE6145B, FD58739228479F525AB748C293C6112A94792584773C6A17E1D1478611B606C0 ] b57xdmp         C:\WINDOWS\System32\drivers\b57xdmp.sys
14:13:25.0968 0x1128  b57xdmp - ok
14:13:26.0015 0x1128  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:13:26.0031 0x1128  BasicDisplay - ok
14:13:26.0062 0x1128  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
14:13:26.0078 0x1128  BasicRender - ok
14:13:26.0109 0x1128  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
14:13:26.0124 0x1128  bcmfn - ok
14:13:26.0171 0x1128  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
14:13:26.0203 0x1128  bcmfn2 - ok
14:13:26.0265 0x1128  [ D4EFDA0D56429018281F8F3188E6F86C, 020B861338BAF8E2A861CA1D2D22640CCD39BA84F18260F9862F7E3AC5014985 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
14:13:26.0312 0x1128  BDESVC - ok
14:13:26.0343 0x1128  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:13:26.0359 0x1128  Beep - ok
14:13:26.0406 0x1128  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
14:13:26.0453 0x1128  BFE - ok
14:13:26.0562 0x1128  [ BC27BF1FCD63540A194E549FB80C9C8D, E0D698201AC00BA8A8D8E2B19FAAB6DD0488E837EDB011943ACAD5E72EF281DA ] BITS            C:\WINDOWS\System32\qmgr.dll
14:13:26.0640 0x1128  BITS - ok
14:13:26.0656 0x1128  [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
14:13:26.0718 0x1128  bowser - ok
14:13:26.0796 0x1128  [ 78C35DD7CF780428650B1EE9B0F8D41E, C5A3111383CD9813A4ED33E244E20E2E0607CDEFC5BF00A760F63DAD019EE90E ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:13:26.0843 0x1128  BrokerInfrastructure - ok
14:13:26.0874 0x1128  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
14:13:26.0906 0x1128  Browser - ok
14:13:26.0953 0x1128  [ F4598EF1BE59937A578F3F68724552A7, 67F2B580462A925583F272BBF664BF2042D2E2B18B1CB21B994B12A9B6288779 ] bScsiMSa        C:\WINDOWS\System32\drivers\bScsiMSa.sys
14:13:26.0968 0x1128  bScsiMSa - ok
14:13:27.0031 0x1128  [ 53EA7FADB45D4A212CE6E22E053111AB, F8EF4C90261E67433BC3E3330CF1745D2E13C667E5F71C48C785E673E8031DED ] bScsiSDa        C:\WINDOWS\System32\drivers\bScsiSDa.sys
14:13:27.0046 0x1128  bScsiSDa - ok
14:13:27.0109 0x1128  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
14:13:27.0124 0x1128  BTATH_BUS - ok
14:13:27.0234 0x1128  [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
14:13:27.0281 0x1128  BtFilter - ok
14:13:27.0328 0x1128  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:13:27.0328 0x1128  BthAvrcpTg - ok
14:13:27.0374 0x1128  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
14:13:27.0390 0x1128  BthHFEnum - ok
14:13:27.0406 0x1128  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
14:13:27.0421 0x1128  bthhfhid - ok
14:13:27.0453 0x1128  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
14:13:27.0484 0x1128  BthHFSrv - ok
14:13:27.0515 0x1128  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
14:13:27.0531 0x1128  BTHMODEM - ok
14:13:27.0718 0x1128  [ 7A167521DC7A190B2FC37D6AB660CBF1, 627E41713C3A381525327EA42FFE2EFDD35A0FFDD3C44FE9DB45258B1474EB3B ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
14:13:27.0796 0x1128  BTHPORT - ok
14:13:27.0874 0x1128  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
14:13:27.0921 0x1128  bthserv - ok
14:13:27.0968 0x1128  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
14:13:27.0984 0x1128  BTHUSB - ok
14:13:28.0031 0x1128  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
14:13:28.0062 0x1128  buttonconverter - ok
14:13:28.0093 0x1128  [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
14:13:28.0109 0x1128  CapImg - ok
14:13:28.0140 0x1128  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:13:28.0156 0x1128  cdfs - ok
14:13:28.0265 0x1128  [ 7AD576CF28F1E7AEFC3D6E8279DF84F6, 1F7E26F9354B543881E940F5183086AC00684CDC0AB7A797E1F0AB21C4AD8716 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
14:13:28.0296 0x1128  CDPSvc - ok
14:13:28.0390 0x1128  [ 0415CA08674F64D63329CB51D4004685, 12F3AB9A263F2E131F4969E6CED2AE6DD7AF06C10AF02923256FF4C9E34698BF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
14:13:28.0421 0x1128  CDPUserSvc - ok
14:13:28.0484 0x1128  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
14:13:28.0499 0x1128  cdrom - ok
14:13:28.0578 0x1128  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
14:13:28.0593 0x1128  CertPropSvc - ok
14:13:28.0656 0x1128  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
14:13:28.0718 0x1128  cht4iscsi - ok
14:13:28.0968 0x1128  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
14:13:29.0062 0x1128  cht4vbd - ok
14:13:29.0140 0x1128  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
14:13:29.0171 0x1128  circlass - ok
14:13:29.0203 0x1128  [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
14:13:29.0234 0x1128  CLFS - ok
14:13:29.0328 0x1128  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
14:13:29.0390 0x1128  ClipSVC - ok
14:13:29.0437 0x1128  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
14:13:29.0468 0x1128  clreg - ok
14:13:29.0484 0x1128  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
14:13:29.0499 0x1128  CmBatt - ok
14:13:29.0609 0x1128  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
14:13:29.0656 0x1128  cm_km - ok
14:13:29.0749 0x1128  [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
14:13:29.0796 0x1128  CNG - ok
14:13:29.0828 0x1128  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
14:13:29.0843 0x1128  cnghwassist - ok
14:13:30.0140 0x1128  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
14:13:30.0171 0x1128  CompositeBus - ok
14:13:30.0171 0x1128  COMSysApp - ok
14:13:30.0203 0x1128  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
14:13:30.0218 0x1128  condrv - ok
14:13:30.0281 0x1128  [ 9CE94A05A5BA6A92013CAD1B924B1EC2, 19ECE2C607BAE5DCE7ED4AB46722E63EF834B219716F3A90AF661C02B58088C4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
14:13:30.0312 0x1128  CoreMessagingRegistrar - ok
14:13:30.0921 0x1128  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:13:30.0937 0x1128  cphs - ok
14:13:30.0984 0x1128  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
14:13:31.0031 0x1128  CryptSvc - ok
14:13:31.0046 0x1128  [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam             C:\WINDOWS\system32\drivers\dam.sys
14:13:31.0062 0x1128  dam - ok
14:13:31.0140 0x1128  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:13:31.0187 0x1128  DcomLaunch - ok
14:13:31.0249 0x1128  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
14:13:31.0296 0x1128  DcpSvc - ok
14:13:31.0359 0x1128  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
14:13:31.0406 0x1128  defragsvc - ok
14:13:31.0484 0x1128  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:13:31.0562 0x1128  DeviceAssociationService - ok
14:13:31.0624 0x1128  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
14:13:31.0656 0x1128  DeviceInstall - ok
14:13:31.0687 0x1128  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
14:13:31.0718 0x1128  DevQueryBroker - ok
14:13:31.0781 0x1128  [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
14:13:31.0828 0x1128  Dfsc - ok
14:13:31.0890 0x1128  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
14:13:31.0921 0x1128  Dhcp - ok
14:13:31.0999 0x1128  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
14:13:32.0031 0x1128  diagnosticshub.standardcollector.service - ok
14:13:32.0296 0x1128  [ 6079A6F6406C4FFB552F66384F25F919, 8B38645F1F4A8F72DF18373EDCD3828DDF8D4E2A406E42E654F21C0C1A5EB661 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
14:13:32.0406 0x1128  DiagTrack - ok
14:13:32.0421 0x1128  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
14:13:32.0437 0x1128  disk - ok
14:13:32.0499 0x1128  [ 53757B27986CDC970725FAE35F45CA11, 3B332C2FBD502BAD959DDD65C86FEAFA78DFDDF6405F130F2F26A8AF9424E21B ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
14:13:32.0546 0x1128  DmEnrollmentSvc - ok
14:13:32.0593 0x1128  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
14:13:32.0640 0x1128  dmvsc - ok
14:13:32.0718 0x1128  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
14:13:32.0765 0x1128  dmwappushservice - ok
14:13:32.0874 0x1128  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:13:32.0906 0x1128  Dnscache - ok
14:13:32.0999 0x1128  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:13:33.0109 0x1128  dot3svc - ok
14:13:33.0140 0x1128  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
14:13:33.0218 0x1128  DPS - ok
14:13:33.0249 0x1128  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
14:13:33.0265 0x1128  drmkaud - ok
14:13:33.0328 0x1128  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
14:13:33.0359 0x1128  DsmSvc - ok
14:13:33.0390 0x1128  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
14:13:33.0421 0x1128  DsSvc - ok
14:13:33.0749 0x1128  [ A39F5D1A0BB032DDDBAD3A0C050B1049, BDA669BCF60EFB17A539CE8474613B0AC69E9976F6C3080ED325B9EA4D8C0AF5 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:13:33.0812 0x1128  DXGKrnl - ok
14:13:33.0859 0x1128  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
14:13:33.0874 0x1128  EapHost - ok
14:13:34.0265 0x1128  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
14:13:34.0437 0x1128  ebdrv - ok
14:13:34.0453 0x1128  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] EFS             C:\WINDOWS\System32\lsass.exe
14:13:34.0468 0x1128  EFS - ok
14:13:34.0531 0x1128  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
14:13:34.0562 0x1128  EhStorClass - ok
14:13:34.0609 0x1128  [ 4D49B99DCACA1FC782A94DB596246504, 878B27A128093640830AB4C78973E1D896CF3AA918FA24FAB1029F0C9D1CB98B ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:13:34.0624 0x1128  EhStorTcgDrv - ok
14:13:34.0671 0x1128  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
14:13:34.0718 0x1128  embeddedmode - ok
14:13:34.0765 0x1128  [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
14:13:34.0796 0x1128  EntAppSvc - ok
14:13:34.0843 0x1128  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
14:13:34.0874 0x1128  ErrDev - ok
14:13:34.0953 0x1128  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
14:13:34.0984 0x1128  ETD - ok
14:13:35.0062 0x1128  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
14:13:35.0093 0x1128  ETDService - ok
14:13:35.0203 0x1128  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
14:13:35.0249 0x1128  EventSystem - ok
14:13:35.0296 0x1128  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
14:13:35.0328 0x1128  exfat - ok
14:13:35.0421 0x1128  [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
14:13:35.0453 0x1128  fastfat - ok
14:13:35.0562 0x1128  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
14:13:35.0687 0x1128  Fax - ok
14:13:35.0703 0x1128  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
14:13:35.0718 0x1128  fdc - ok
14:13:35.0812 0x1128  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
14:13:36.0000 0x1128  fdPHost - ok
14:13:36.0078 0x1128  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
14:13:36.0093 0x1128  FDResPub - ok
14:13:36.0125 0x1128  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
14:13:36.0171 0x1128  fhsvc - ok
14:13:36.0218 0x1128  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
14:13:36.0250 0x1128  FileCrypt - ok
14:13:36.0265 0x1128  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
14:13:36.0281 0x1128  FileInfo - ok
14:13:36.0359 0x1128  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
14:13:36.0421 0x1128  Filetrace - ok
14:13:36.0453 0x1128  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
14:13:36.0484 0x1128  flpydisk - ok
14:13:36.0500 0x1128  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:13:36.0531 0x1128  FltMgr - ok
14:13:36.0718 0x1128  [ 289EFA0470B308F01BAF955DE81E0682, F88081AD427BD90B3085A07439D1BDBB4966A898D49B0ABEFF7829D68BE532A5 ] FontCache       C:\WINDOWS\system32\FntCache.dll
14:13:36.0781 0x1128  FontCache - ok
14:13:36.0890 0x1128  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:13:36.0906 0x1128  FontCache3.0.0.0 - ok
14:13:37.0000 0x1128  [ AF0811F38B56B57B3FF53F14E04AA1B0, 45DC6775762E4E9216DAF3914A3C99C536BFF96E1CF8577FC4B5758248D1D043 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
14:13:37.0046 0x1128  FrameServer - ok
14:13:37.0062 0x1128  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
14:13:37.0078 0x1128  FsDepends - ok
14:13:37.0093 0x1128  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:13:37.0109 0x1128  Fs_Rec - ok
14:13:37.0140 0x1128  [ B719EAA1EC93586955B013BD7DD61356, 0D0D94CF33322EEC0AD08835D0314E578F9687F361CD436A2073A4D2C0D56C86 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:13:37.0171 0x1128  fvevol - ok
14:13:37.0234 0x1128  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
14:13:37.0265 0x1128  gencounter - ok
14:13:37.0296 0x1128  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
14:13:37.0359 0x1128  genericusbfn - ok
14:13:37.0406 0x1128  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:13:37.0421 0x1128  GPIOClx0101 - ok
14:13:37.0562 0x1128  [ C9316C91895057669386E620C89580E5, 5C7BF2C890E77AE3D401BB1F9F76B42D8A0ECD98118F17929FCD4097C768D90A ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
14:13:37.0640 0x1128  gpsvc - ok
14:13:37.0656 0x1128  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
14:13:37.0671 0x1128  GpuEnergyDrv - ok
14:13:37.0703 0x1128  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
14:13:37.0734 0x1128  HDAudBus - ok
14:13:37.0796 0x1128  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
14:13:37.0812 0x1128  HidBatt - ok
14:13:37.0812 0x1128  Scan was interrupted by user!
14:13:37.0812 0x1128  Waiting for KSN requests completion. In queue: 114
14:13:38.0828 0x1128  Waiting for KSN requests completion. In queue: 114
14:13:39.0906 0x1128  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
14:13:40.0000 0x1128  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.0 ), 0x62100 ( disabled : updated )
14:13:40.0015 0x1128  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
14:13:50.0156 0x1128  ============================================================
14:13:50.0172 0x1128  Scan finished
14:13:50.0172 0x1128  ============================================================
14:13:50.0187 0x2a0c  Detected object count: 0
14:13:50.0187 0x2a0c  Actual detected object count: 0
14:13:59.0859 0x2434  ============================================================
14:13:59.0859 0x2434  Scan started
14:13:59.0859 0x2434  Mode: Manual; SigCheck; TDLFS; 
14:13:59.0859 0x2434  ============================================================
14:13:59.0859 0x2434  KSN ping started
14:14:19.0906 0x2434  KSN ping finished: true
14:14:22.0453 0x2434  ================ Scan system memory ========================
14:14:22.0453 0x2434  System memory - ok
14:14:22.0469 0x2434  ================ Scan services =============================
14:14:23.0375 0x2434  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
14:14:23.0406 0x2434  1394ohci - ok
14:14:23.0453 0x2434  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
14:14:23.0453 0x2434  3ware - ok
14:14:23.0578 0x2434  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
14:14:23.0625 0x2434  ACPI - ok
14:14:23.0672 0x2434  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
14:14:23.0688 0x2434  AcpiDev - ok
14:14:23.0719 0x2434  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
14:14:23.0750 0x2434  acpiex - ok
14:14:23.0766 0x2434  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
14:14:23.0781 0x2434  acpipagr - ok
14:14:23.0860 0x2434  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
14:14:23.0891 0x2434  AcpiPmi - ok
14:14:23.0906 0x2434  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
14:14:23.0938 0x2434  acpitime - ok
14:14:24.0110 0x2434  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:14:24.0141 0x2434  ADP80XX - ok
14:14:24.0203 0x2434  [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD             C:\WINDOWS\system32\drivers\afd.sys
14:14:24.0219 0x2434  AFD - ok
14:14:24.0281 0x2434  [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:14:24.0313 0x2434  ahcache - ok
14:14:24.0375 0x2434  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
14:14:24.0406 0x2434  AJRouter - ok
14:14:24.0438 0x2434  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
14:14:24.0453 0x2434  ALG - ok
14:14:24.0485 0x2434  [ CA5D49FE7992628A02BB110248E1DDFE, AFB28A1F465A0C470C0EDF8708AADD3ABCD23AC9987C9E8B4C0015FD827EB576 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
14:14:24.0500 0x2434  AMD External Events Utility - ok
14:14:24.0610 0x2434  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
14:14:24.0641 0x2434  AmdK8 - ok
14:14:24.0688 0x2434  amdkmdag - ok
14:14:24.0797 0x2434  [ 3A261C58BC747EBED2CB58069B497F69, E13C0F6340E398BB5BF519B750A5A9019BC589F1A5CE7C77D3DCF038A79EE903 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
14:14:24.0828 0x2434  amdkmdap - ok
14:14:24.0891 0x2434  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
14:14:24.0906 0x2434  amdkmpfd - ok
14:14:24.0969 0x2434  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
14:14:25.0000 0x2434  AmdPPM - ok
14:14:25.0047 0x2434  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
14:14:25.0047 0x2434  amdsata - ok
14:14:25.0141 0x2434  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
14:14:25.0172 0x2434  amdsbs - ok
14:14:25.0203 0x2434  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
14:14:25.0219 0x2434  amdxata - ok
14:14:25.0281 0x2434  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
14:14:25.0313 0x2434  AppID - ok
14:14:25.0391 0x2434  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
14:14:25.0422 0x2434  AppIDSvc - ok
14:14:25.0469 0x2434  [ 008E4CCA7A4B33042276061E0A5B8244, DAD980540B564EFA06760435AF1B3213056E6DE8B2A55DF98E7D871625D4B080 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
14:14:25.0500 0x2434  Appinfo - ok
14:14:25.0578 0x2434  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
14:14:25.0610 0x2434  applockerfltr - ok
14:14:25.0703 0x2434  [ 41BF82B41BD24BAC9D9890DAC3212007, 0644BEE740244188B3D39F875D313B560D288B7FC33064E352C2A5F09073E361 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
14:14:25.0813 0x2434  AppReadiness - ok
14:14:26.0078 0x2434  [ 1212D65C0B8757ACF1201785B3BD4CDC, 7FDB781ED2DEB296371E7ACFC2A34DDB5A7742A2883C486E465C1D4617D9EC80 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
14:14:26.0156 0x2434  AppXSvc - ok
14:14:26.0188 0x2434  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
14:14:26.0188 0x2434  arcsas - ok
14:14:26.0219 0x2434  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
14:14:26.0219 0x2434  AsyncMac - ok
14:14:26.0281 0x2434  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
14:14:26.0297 0x2434  atapi - ok
14:14:26.0672 0x2434  [ 835E2C1A3D32492E2B90BD4FE5527CB6, DE129E570C85EE8AAE8084B40F4E32766B4B789A2EED81E46311712B0826053D ] athr            C:\WINDOWS\System32\drivers\athw8x.sys
14:14:26.0813 0x2434  athr - ok
14:14:26.0875 0x2434  [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:14:26.0922 0x2434  AudioEndpointBuilder - ok
14:14:27.0141 0x2434  [ FDD11F6C771FC6FD5EAE7D2D7502D39A, 4E75EA7BB36D2FACF71DEDFC604E1A618978273448D16FCAFE98D244642E9EAD ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
14:14:27.0203 0x2434  Audiosrv - ok
14:14:27.0391 0x2434  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
14:14:27.0406 0x2434  AVP16.0.0 - ok
14:14:27.0438 0x2434  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
14:14:27.0453 0x2434  AxInstSV - ok
14:14:27.0563 0x2434  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
14:14:27.0594 0x2434  b06bdrv - ok
14:14:27.0625 0x2434  [ C0D49B86B9A3C081FD96E5EDEB7373FA, F9C70993A0F92CD5A798DE3C6150845C1965A1AF43C59001285F3BBEC0681A6F ] b57xdbd         C:\WINDOWS\System32\drivers\b57xdbd.sys
14:14:27.0641 0x2434  b57xdbd - ok
14:14:27.0656 0x2434  [ B2B4C0169F3D2BB1106B61C04EE6145B, FD58739228479F525AB748C293C6112A94792584773C6A17E1D1478611B606C0 ] b57xdmp         C:\WINDOWS\System32\drivers\b57xdmp.sys
14:14:27.0672 0x2434  b57xdmp - ok
14:14:27.0703 0x2434  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:14:27.0735 0x2434  BasicDisplay - ok
14:14:27.0891 0x2434  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
14:14:27.0906 0x2434  BasicRender - ok
14:14:27.0953 0x2434  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
14:14:27.0969 0x2434  bcmfn - ok
14:14:27.0985 0x2434  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
14:14:28.0016 0x2434  bcmfn2 - ok
14:14:28.0047 0x2434  [ D4EFDA0D56429018281F8F3188E6F86C, 020B861338BAF8E2A861CA1D2D22640CCD39BA84F18260F9862F7E3AC5014985 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
14:14:28.0094 0x2434  BDESVC - ok
14:14:28.0125 0x2434  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:14:28.0141 0x2434  Beep - ok
14:14:28.0297 0x2434  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
14:14:28.0360 0x2434  BFE - ok
14:14:28.0500 0x2434  [ BC27BF1FCD63540A194E549FB80C9C8D, E0D698201AC00BA8A8D8E2B19FAAB6DD0488E837EDB011943ACAD5E72EF281DA ] BITS            C:\WINDOWS\System32\qmgr.dll
14:14:28.0594 0x2434  BITS - ok
14:14:28.0625 0x2434  [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
14:14:28.0656 0x2434  bowser - ok
14:14:28.0735 0x2434  [ 78C35DD7CF780428650B1EE9B0F8D41E, C5A3111383CD9813A4ED33E244E20E2E0607CDEFC5BF00A760F63DAD019EE90E ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:14:28.0797 0x2434  BrokerInfrastructure - ok
14:14:28.0875 0x2434  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
14:14:28.0922 0x2434  Browser - ok
14:14:28.0953 0x2434  [ F4598EF1BE59937A578F3F68724552A7, 67F2B580462A925583F272BBF664BF2042D2E2B18B1CB21B994B12A9B6288779 ] bScsiMSa        C:\WINDOWS\System32\drivers\bScsiMSa.sys
14:14:28.0985 0x2434  bScsiMSa - ok
14:14:29.0031 0x2434  [ 53EA7FADB45D4A212CE6E22E053111AB, F8EF4C90261E67433BC3E3330CF1745D2E13C667E5F71C48C785E673E8031DED ] bScsiSDa        C:\WINDOWS\System32\drivers\bScsiSDa.sys
14:14:29.0047 0x2434  bScsiSDa - ok
14:14:29.0110 0x2434  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
14:14:29.0141 0x2434  BTATH_BUS - ok
14:14:29.0203 0x2434  [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
14:14:29.0266 0x2434  BtFilter - ok
14:14:29.0328 0x2434  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:14:29.0360 0x2434  BthAvrcpTg - ok
14:14:29.0391 0x2434  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
14:14:29.0406 0x2434  BthHFEnum - ok
14:14:29.0438 0x2434  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
14:14:29.0453 0x2434  bthhfhid - ok
14:14:29.0500 0x2434  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
14:14:29.0516 0x2434  BthHFSrv - ok
14:14:29.0563 0x2434  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
14:14:29.0578 0x2434  BTHMODEM - ok
14:14:29.0688 0x2434  [ 7A167521DC7A190B2FC37D6AB660CBF1, 627E41713C3A381525327EA42FFE2EFDD35A0FFDD3C44FE9DB45258B1474EB3B ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
14:14:29.0797 0x2434  BTHPORT - ok
14:14:29.0860 0x2434  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
14:14:29.0891 0x2434  bthserv - ok
14:14:29.0953 0x2434  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
14:14:29.0985 0x2434  BTHUSB - ok
14:14:30.0016 0x2434  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
14:14:30.0031 0x2434  buttonconverter - ok
14:14:30.0063 0x2434  [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
14:14:30.0078 0x2434  CapImg - ok
14:14:30.0110 0x2434  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:14:30.0141 0x2434  cdfs - ok
14:14:30.0188 0x2434  [ 7AD576CF28F1E7AEFC3D6E8279DF84F6, 1F7E26F9354B543881E940F5183086AC00684CDC0AB7A797E1F0AB21C4AD8716 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
14:14:30.0203 0x2434  CDPSvc - ok
14:14:30.0235 0x2434  [ 0415CA08674F64D63329CB51D4004685, 12F3AB9A263F2E131F4969E6CED2AE6DD7AF06C10AF02923256FF4C9E34698BF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
14:14:30.0266 0x2434  CDPUserSvc - ok
14:14:30.0297 0x2434  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
14:14:30.0297 0x2434  cdrom - ok
14:14:30.0344 0x2434  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
14:14:30.0360 0x2434  CertPropSvc - ok
14:14:30.0453 0x2434  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
14:14:30.0485 0x2434  cht4iscsi - ok
14:14:30.0641 0x2434  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
14:14:30.0688 0x2434  cht4vbd - ok
14:14:30.0766 0x2434  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
14:14:30.0797 0x2434  circlass - ok
14:14:30.0844 0x2434  [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
14:14:30.0860 0x2434  CLFS - ok
14:14:30.0938 0x2434  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
14:14:30.0969 0x2434  ClipSVC - ok
14:14:31.0016 0x2434  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
14:14:31.0047 0x2434  clreg - ok
14:14:31.0110 0x2434  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
14:14:31.0156 0x2434  CmBatt - ok
14:14:31.0235 0x2434  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
14:14:31.0266 0x2434  cm_km - ok
14:14:31.0360 0x2434  [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
14:14:31.0391 0x2434  CNG - ok
14:14:31.0438 0x2434  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
14:14:31.0438 0x2434  cnghwassist - ok
14:14:31.0813 0x2434  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
14:14:31.0844 0x2434  CompositeBus - ok
14:14:31.0860 0x2434  COMSysApp - ok
14:14:31.0907 0x2434  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
14:14:31.0938 0x2434  condrv - ok
14:14:32.0032 0x2434  [ 9CE94A05A5BA6A92013CAD1B924B1EC2, 19ECE2C607BAE5DCE7ED4AB46722E63EF834B219716F3A90AF661C02B58088C4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
14:14:32.0063 0x2434  CoreMessagingRegistrar - ok
14:14:32.0438 0x2434  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:14:32.0469 0x2434  cphs - ok
14:14:32.0516 0x2434  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
14:14:32.0531 0x2434  CryptSvc - ok
14:14:32.0547 0x2434  [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam             C:\WINDOWS\system32\drivers\dam.sys
14:14:32.0563 0x2434  dam - ok
14:14:32.0625 0x2434  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:14:32.0672 0x2434  DcomLaunch - ok
14:14:32.0719 0x2434  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
14:14:32.0735 0x2434  DcpSvc - ok
14:14:32.0844 0x2434  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
14:14:32.0891 0x2434  defragsvc - ok
14:14:32.0985 0x2434  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:14:33.0063 0x2434  DeviceAssociationService - ok
14:14:33.0094 0x2434  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
14:14:33.0125 0x2434  DeviceInstall - ok
14:14:33.0172 0x2434  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
14:14:33.0203 0x2434  DevQueryBroker - ok
14:14:33.0235 0x2434  [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
14:14:33.0250 0x2434  Dfsc - ok
14:14:33.0328 0x2434  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
14:14:33.0438 0x2434  Dhcp - ok
14:14:33.0516 0x2434  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
14:14:33.0547 0x2434  diagnosticshub.standardcollector.service - ok
14:14:33.0735 0x2434  [ 6079A6F6406C4FFB552F66384F25F919, 8B38645F1F4A8F72DF18373EDCD3828DDF8D4E2A406E42E654F21C0C1A5EB661 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
14:14:33.0844 0x2434  DiagTrack - ok
14:14:33.0875 0x2434  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
14:14:33.0891 0x2434  disk - ok
14:14:33.0922 0x2434  [ 53757B27986CDC970725FAE35F45CA11, 3B332C2FBD502BAD959DDD65C86FEAFA78DFDDF6405F130F2F26A8AF9424E21B ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
14:14:33.0953 0x2434  DmEnrollmentSvc - ok
14:14:33.0985 0x2434  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
14:14:34.0016 0x2434  dmvsc - ok
14:14:34.0047 0x2434  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
14:14:34.0063 0x2434  dmwappushservice - ok
14:14:34.0188 0x2434  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:14:34.0219 0x2434  Dnscache - ok
14:14:34.0313 0x2434  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:14:34.0344 0x2434  dot3svc - ok
14:14:34.0391 0x2434  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
14:14:34.0422 0x2434  DPS - ok
14:14:34.0453 0x2434  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
14:14:34.0469 0x2434  drmkaud - ok
14:14:34.0516 0x2434  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
14:14:34.0547 0x2434  DsmSvc - ok
14:14:34.0578 0x2434  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
14:14:34.0594 0x2434  DsSvc - ok
14:14:34.0688 0x2434  [ A39F5D1A0BB032DDDBAD3A0C050B1049, BDA669BCF60EFB17A539CE8474613B0AC69E9976F6C3080ED325B9EA4D8C0AF5 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:14:34.0828 0x2434  DXGKrnl - ok
14:14:34.0875 0x2434  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
14:14:34.0891 0x2434  EapHost - ok
14:14:35.0219 0x2434  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
14:14:35.0375 0x2434  ebdrv - ok
14:14:35.0407 0x2434  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] EFS             C:\WINDOWS\System32\lsass.exe
14:14:35.0422 0x2434  EFS - ok
14:14:35.0453 0x2434  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
14:14:35.0469 0x2434  EhStorClass - ok
14:14:35.0500 0x2434  [ 4D49B99DCACA1FC782A94DB596246504, 878B27A128093640830AB4C78973E1D896CF3AA918FA24FAB1029F0C9D1CB98B ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:14:35.0532 0x2434  EhStorTcgDrv - ok
14:14:35.0563 0x2434  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
14:14:35.0594 0x2434  embeddedmode - ok
14:14:35.0703 0x2434  [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
14:14:35.0750 0x2434  EntAppSvc - ok
14:14:35.0782 0x2434  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
14:14:35.0813 0x2434  ErrDev - ok
14:14:35.0860 0x2434  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
14:14:35.0891 0x2434  ETD - ok
14:14:36.0016 0x2434  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
14:14:36.0047 0x2434  ETDService - ok
14:14:36.0188 0x2434  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
14:14:36.0235 0x2434  EventSystem - ok
14:14:36.0297 0x2434  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
14:14:36.0344 0x2434  exfat - ok
14:14:36.0391 0x2434  [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
14:14:36.0407 0x2434  fastfat - ok
14:14:36.0469 0x2434  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
14:14:36.0516 0x2434  Fax - ok
14:14:36.0563 0x2434  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
14:14:36.0563 0x2434  fdc - ok
14:14:36.0625 0x2434  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
14:14:36.0672 0x2434  fdPHost - ok
14:14:36.0688 0x2434  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
14:14:36.0719 0x2434  FDResPub - ok
14:14:36.0750 0x2434  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
14:14:36.0766 0x2434  fhsvc - ok
14:14:36.0797 0x2434  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
14:14:36.0813 0x2434  FileCrypt - ok
14:14:36.0844 0x2434  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
14:14:36.0844 0x2434  FileInfo - ok
14:14:36.0907 0x2434  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
14:14:36.0938 0x2434  Filetrace - ok
14:14:36.0969 0x2434  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
14:14:36.0985 0x2434  flpydisk - ok
14:14:37.0016 0x2434  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:14:37.0032 0x2434  FltMgr - ok
14:14:37.0297 0x2434  [ 289EFA0470B308F01BAF955DE81E0682, F88081AD427BD90B3085A07439D1BDBB4966A898D49B0ABEFF7829D68BE532A5 ] FontCache       C:\WINDOWS\system32\FntCache.dll
14:14:37.0422 0x2434  FontCache - ok
14:14:37.0547 0x2434  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:14:37.0578 0x2434  FontCache3.0.0.0 - ok
14:14:37.0657 0x2434  [ AF0811F38B56B57B3FF53F14E04AA1B0, 45DC6775762E4E9216DAF3914A3C99C536BFF96E1CF8577FC4B5758248D1D043 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
14:14:37.0735 0x2434  FrameServer - ok
14:14:37.0766 0x2434  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
14:14:37.0782 0x2434  FsDepends - ok
14:14:37.0797 0x2434  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:14:37.0813 0x2434  Fs_Rec - ok
14:14:37.0860 0x2434  [ B719EAA1EC93586955B013BD7DD61356, 0D0D94CF33322EEC0AD08835D0314E578F9687F361CD436A2073A4D2C0D56C86 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:14:37.0891 0x2434  fvevol - ok
14:14:37.0953 0x2434  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
14:14:37.0985 0x2434  gencounter - ok
14:14:38.0016 0x2434  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
14:14:38.0047 0x2434  genericusbfn - ok
14:14:38.0078 0x2434  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:14:38.0094 0x2434  GPIOClx0101 - ok
14:14:38.0203 0x2434  [ C9316C91895057669386E620C89580E5, 5C7BF2C890E77AE3D401BB1F9F76B42D8A0ECD98118F17929FCD4097C768D90A ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
14:14:38.0313 0x2434  gpsvc - ok
14:14:38.0328 0x2434  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
14:14:38.0344 0x2434  GpuEnergyDrv - ok
14:14:38.0375 0x2434  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
14:14:38.0485 0x2434  HDAudBus - ok
14:14:38.0532 0x2434  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
14:14:38.0547 0x2434  HidBatt - ok
14:14:38.0578 0x2434  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
14:14:38.0610 0x2434  HidBth - ok
14:14:38.0641 0x2434  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
14:14:38.0672 0x2434  hidi2c - ok
14:14:38.0703 0x2434  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
14:14:38.0735 0x2434  hidinterrupt - ok
14:14:38.0766 0x2434  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
14:14:38.0797 0x2434  HidIr - ok
14:14:38.0844 0x2434  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
14:14:38.0844 0x2434  hidserv - ok
14:14:38.0875 0x2434  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
14:14:38.0891 0x2434  HidUsb - ok
14:14:38.0938 0x2434  [ 44D54C8356588525D7AD0FDCFDDA0811, 46963ADBF14FA8A9B0E6564106ADEA49BBD4EBD9E43DF389CCD31F9B9BD080D9 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
14:14:38.0953 0x2434  HomeGroupListener - ok
14:14:39.0047 0x2434  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
14:14:39.0110 0x2434  HomeGroupProvider - ok
14:14:39.0157 0x2434  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
14:14:39.0188 0x2434  HpSAMD - ok
14:14:39.0266 0x2434  [ 65E358D604267CBAACB74A2598BBE22B, A645E48641D638A58789B7948FC3DD5072179C0919B546A6DB08094FA9321A30 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
14:14:39.0344 0x2434  HTTP - ok
14:14:39.0407 0x2434  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
14:14:39.0438 0x2434  HvHost - ok
14:14:39.0516 0x2434  [ 9B6C35343348CC1B5E9D81F0702A3271, DB25C9FA14A197568B1023A40A83348CE14C9C118854B83372C6D2AE3C323156 ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
14:14:39.0547 0x2434  hvservice - ok
14:14:39.0594 0x2434  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
14:14:39.0610 0x2434  hwpolicy - ok
14:14:39.0688 0x2434  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
14:14:39.0719 0x2434  hyperkbd - ok
14:14:39.0782 0x2434  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
14:14:39.0813 0x2434  i8042prt - ok
14:14:39.0844 0x2434  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
14:14:39.0875 0x2434  iagpio - ok
14:14:39.0891 0x2434  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
14:14:39.0922 0x2434  iai2c - ok
14:14:39.0954 0x2434  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
14:14:39.0969 0x2434  iaLPSS2i_GPIO2 - ok
14:14:40.0032 0x2434  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
14:14:40.0063 0x2434  iaLPSS2i_I2C - ok
14:14:40.0110 0x2434  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
14:14:40.0125 0x2434  iaLPSSi_GPIO - ok
14:14:40.0141 0x2434  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
14:14:40.0172 0x2434  iaLPSSi_I2C - ok
14:14:40.0344 0x2434  [ D502656B5AD89DA2FA32A8C971963D65, 7CCC4458B36FC8E7CF2271668D90787E1D5240C81881F8C47F04945530F162CB ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
14:14:40.0391 0x2434  iaStorA - ok
14:14:40.0438 0x2434  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
14:14:40.0485 0x2434  iaStorAV - ok
14:14:40.0578 0x2434  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
14:14:40.0625 0x2434  iaStorV - ok
14:14:40.0672 0x2434  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
14:14:40.0688 0x2434  ibbus - ok
14:14:40.0828 0x2434  [ D8808F658B310B89EEA036FA618A3BD4, FD43C69FC6110614ED5542210F7BC3326A09B73C67144B84194591247844A021 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
14:14:40.0860 0x2434  ICCS - ok
14:14:41.0000 0x2434  [ 231ADCE77616144B8E3D29707B282C82, D2429E0CAABE3E3A50D62DEC6C9F8D13AC8786EB57D9075489425E623EC84165 ] ICCWDT          C:\WINDOWS\System32\drivers\ICCWDT.sys
14:14:41.0032 0x2434  ICCWDT - ok
14:14:41.0079 0x2434  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
14:14:41.0094 0x2434  icssvc - ok
14:14:41.0610 0x2434  [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:14:41.0891 0x2434  igfx - ok
14:14:41.0938 0x2434  [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
14:14:41.0953 0x2434  igfxCUIService2.0.0.0 - ok
14:14:42.0000 0x2434  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
14:14:42.0047 0x2434  IKEEXT - ok
14:14:42.0079 0x2434  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
14:14:42.0094 0x2434  IndirectKmd - ok
14:14:42.0516 0x2434  [ AE9504C852D3A9C7A12D0E46E29C2639, 251BF92A1F9FC0371D2FB5EBB5AE0D243C27E917DF81299810B6BFD589091725 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:14:42.0703 0x2434  IntcAzAudAddService - ok
14:14:42.0797 0x2434  [ 75F82406DF455D812101146EE4EB6FCD, 771D24DFF69097C1181C46D635A6CF2FDBE3EBC81BA2C156F571875C23F11676 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
14:14:42.0829 0x2434  IntcDAud - ok
14:14:42.0954 0x2434  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:14:43.0000 0x2434  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
14:14:44.0079 0x2434  Detect skipped due to KSN trusted
14:14:44.0079 0x2434  Intel(R) Capability Licensing Service Interface - ok
14:14:44.0172 0x2434  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:14:44.0204 0x2434  Intel(R) Capability Licensing Service TCP IP Interface - ok
14:14:44.0219 0x2434  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
14:14:44.0250 0x2434  intelide - ok
14:14:44.0266 0x2434  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
14:14:44.0282 0x2434  intelpep - ok
14:14:44.0297 0x2434  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
14:14:44.0329 0x2434  intelppm - ok
14:14:44.0360 0x2434  [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
14:14:44.0391 0x2434  iorate - ok
14:14:44.0422 0x2434  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:14:44.0454 0x2434  IpFilterDriver - ok
14:14:44.0625 0x2434  [ 89548E57FD0A7BC703541C69C0286B13, 261698B302DF5B80C57FC4257E0A0AABC8DEFFED16D8CD142AD8E7CB51AF2007 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
14:14:44.0657 0x2434  iphlpsvc - ok
14:14:44.0688 0x2434  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
14:14:44.0719 0x2434  IPMIDRV - ok
14:14:44.0797 0x2434  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
14:14:44.0844 0x2434  IPNAT - ok
14:14:44.0860 0x2434  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
14:14:44.0875 0x2434  irda - ok
14:14:44.0938 0x2434  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
         

Alt 09.09.2016, 14:39   #5
Winja
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Teil 2:
Code:
ATTFilter
Teil 2:
Code:
ATTFilter
14:14:44.0985 0x2434  IRENUM - ok
14:14:45.0032 0x2434  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
14:14:45.0047 0x2434  irmon - ok
14:14:45.0079 0x2434  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
14:14:45.0094 0x2434  isapnp - ok
14:14:45.0157 0x2434  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
14:14:45.0204 0x2434  iScsiPrt - ok
14:14:45.0313 0x2434  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:14:45.0329 0x2434  jhi_service - ok
14:14:45.0438 0x2434  [ 8438B8A45E16258064C19FBEC4EE069F, 9128F825403B26A39BC769A53555DF1FD2B82882AF1384135D0329FCF2BBAC6D ] k57nd60a        C:\WINDOWS\System32\drivers\k57nd60a.sys
14:14:45.0469 0x2434  k57nd60a - ok
14:14:45.0500 0x2434  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
14:14:45.0500 0x2434  kbdclass - ok
14:14:45.0532 0x2434  [ 2D05785B0C58D90A34EA15032EADBBA9, 3E1238FF7F6ECA522761830FE7EA7587B704FCB3ECE8C6BF94CC17A640B678ED ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
14:14:45.0563 0x2434  kbdhid - ok
14:14:45.0594 0x2434  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
14:14:45.0594 0x2434  kdnic - ok
14:14:45.0610 0x2434  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] KeyIso          C:\WINDOWS\system32\lsass.exe
14:14:45.0625 0x2434  KeyIso - ok
14:14:45.0750 0x2434  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
14:14:45.0813 0x2434  kl1 - ok
14:14:45.0844 0x2434  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
14:14:45.0860 0x2434  klbackupdisk - ok
14:14:45.0922 0x2434  [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
14:14:45.0954 0x2434  klbackupflt - ok
14:14:45.0985 0x2434  [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
14:14:46.0000 0x2434  kldisk - ok
14:14:46.0047 0x2434  [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
14:14:46.0079 0x2434  klelam - ok
14:14:46.0172 0x2434  [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
14:14:46.0188 0x2434  klflt - ok
14:14:46.0297 0x2434  [ BE1DF4E950FF00A19BB72FA29CAEE32E, 24D8111B8782B4FB8612AB9DCE6A3A5EA63CE4B75DC717D0ECC5C6BCBCCF01AA ] klhk            C:\WINDOWS\system32\DRIVERS\klhk.sys
14:14:46.0329 0x2434  klhk - ok
14:14:46.0485 0x2434  [ B72D1864B3EC6E429DB127A642CFB8BB, 43954F7E04158D79D44D0D6866838043A2B49B49EBF15A57DB120DB7AC3C19CE ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
14:14:46.0547 0x2434  KLIF - ok
14:14:46.0641 0x2434  [ 161573B8BE82D24ED8B5B8EBA01245EA, 3CC124C717C2484A4DE0D415A2564D62D1A4B6E9DED65136B094304FCDE74CE0 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
14:14:46.0672 0x2434  KLIM6 - ok
14:14:46.0735 0x2434  [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
14:14:46.0735 0x2434  klkbdflt - ok
14:14:46.0766 0x2434  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
14:14:46.0766 0x2434  klmouflt - ok
14:14:46.0813 0x2434  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
14:14:46.0813 0x2434  klpd - ok
14:14:46.0844 0x2434  [ 8334692AFEB3289984B40898B6B30C06, 6A337CC33B0EFC3B61BFCABFDFE305BE1D334620FB4D87DDEDBC8214966D6DDE ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
14:14:46.0860 0x2434  klwfp - ok
14:14:46.0922 0x2434  [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
14:14:46.0954 0x2434  Klwtp - ok
14:14:47.0016 0x2434  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
14:14:47.0032 0x2434  kneps - ok
14:14:47.0063 0x2434  [ 9FA1B5D84F596F0664F0465F302044DC, 47B41D3D6119B5B20C83AF84D315C4AB40B5534D687736A8B67BD985A3B232C1 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
14:14:47.0079 0x2434  KSecDD - ok
14:14:47.0110 0x2434  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
14:14:47.0125 0x2434  KSecPkg - ok
14:14:47.0125 0x2434  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
14:14:47.0157 0x2434  ksthunk - ok
14:14:47.0188 0x2434  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
14:14:47.0219 0x2434  KtmRm - ok
14:14:47.0266 0x2434  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
14:14:47.0282 0x2434  LanmanServer - ok
14:14:47.0329 0x2434  [ 752FE77F22592016A5EBBF399EC12E14, 231CF3E069FF64A4E8C81D0799A73924D864585B25382EFF8D1707F87747AC9E ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
14:14:47.0375 0x2434  LanmanWorkstation - ok
14:14:47.0407 0x2434  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
14:14:47.0422 0x2434  lfsvc - ok
14:14:47.0469 0x2434  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
14:14:47.0500 0x2434  LicenseManager - ok
14:14:47.0516 0x2434  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
14:14:47.0547 0x2434  lltdio - ok
14:14:47.0610 0x2434  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
14:14:47.0688 0x2434  lltdsvc - ok
14:14:47.0719 0x2434  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
14:14:47.0735 0x2434  LMDriver - ok
14:14:47.0766 0x2434  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
14:14:47.0782 0x2434  lmhosts - ok
14:14:47.0891 0x2434  [ 8939CBB2526CB87C476DB9ABBF243AE0, 6D566EDD2DE07A7F7B27A41BBFD05360BF2FBDD5D265D8061E15785A3EBC0C4E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:14:47.0907 0x2434  LMS - ok
14:14:47.0922 0x2434  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
14:14:47.0938 0x2434  LSI_SAS - ok
14:14:47.0969 0x2434  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
14:14:47.0985 0x2434  LSI_SAS2i - ok
14:14:48.0032 0x2434  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
14:14:48.0047 0x2434  LSI_SAS3i - ok
14:14:48.0079 0x2434  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
14:14:48.0079 0x2434  LSI_SSS - ok
14:14:48.0125 0x2434  [ 5570D03E2048AC7961BEF6FFEE3A2CA5, FD0232312D87015FA0B8062FA175A44410F8C1C9778145CCDD57BA1C23929C87 ] LSM             C:\WINDOWS\System32\lsm.dll
14:14:48.0172 0x2434  LSM - ok
14:14:48.0204 0x2434  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
14:14:48.0219 0x2434  luafv - ok
14:14:48.0250 0x2434  [ 6D4111E1852A9F0BFC07BB69F3141841, 9BFF4517F26F1E9DF4DA6633B542EAA20A698B9397D2ED73134E7AEF306FBB15 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
14:14:48.0282 0x2434  MapsBroker - ok
14:14:48.0329 0x2434  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
14:14:48.0344 0x2434  MBAMProtector - ok
14:14:48.0579 0x2434  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe
14:14:48.0672 0x2434  MBAMScheduler - ok
14:14:48.0766 0x2434  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe
14:14:48.0797 0x2434  MBAMService - ok
14:14:48.0875 0x2434  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
14:14:48.0891 0x2434  MBAMSwissArmy - ok
14:14:48.0907 0x2434  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
14:14:48.0907 0x2434  MBAMWebAccessControl - ok
14:14:48.0938 0x2434  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
14:14:48.0938 0x2434  megasas - ok
14:14:48.0985 0x2434  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
14:14:49.0016 0x2434  megasr - ok
14:14:49.0079 0x2434  [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
14:14:49.0094 0x2434  MEIx64 - ok
14:14:49.0125 0x2434  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
14:14:49.0157 0x2434  MessagingService - ok
14:14:49.0297 0x2434  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
14:14:49.0360 0x2434  mlx4_bus - ok
14:14:49.0422 0x2434  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
14:14:49.0438 0x2434  MMCSS - ok
14:14:49.0454 0x2434  [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem           C:\WINDOWS\system32\drivers\modem.sys
14:14:49.0469 0x2434  Modem - ok
14:14:49.0500 0x2434  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
14:14:49.0516 0x2434  monitor - ok
14:14:49.0532 0x2434  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
14:14:49.0563 0x2434  mouclass - ok
14:14:49.0579 0x2434  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
14:14:49.0625 0x2434  mouhid - ok
14:14:49.0657 0x2434  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
14:14:49.0657 0x2434  mountmgr - ok
14:14:49.0672 0x2434  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
14:14:49.0688 0x2434  mpsdrv - ok
14:14:49.0797 0x2434  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
14:14:49.0891 0x2434  MpsSvc - ok
14:14:49.0954 0x2434  [ 50C2389CD04C5B8632E3DC2D733EF15D, 0F83A8A5F405BC6F401B5A75D45F6D07C61C0CA692D2A77C63E742622F5BF921 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
14:14:50.0000 0x2434  MRxDAV - ok
14:14:50.0079 0x2434  [ 4D5F17C23D25B5BDF7EB35A54F483C9B, 1A0AFB4151F8D5CB164A53A7851C618F3E4C1A4FF411BC8B0B6402124C311E03 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:14:50.0157 0x2434  mrxsmb - ok
14:14:50.0188 0x2434  [ 8F58AEAE00B39AC9AD93755E777B19D8, 335E4D9E9E81609BEAFA08376EE29C35DA6A1839FAFC37399B9066F03BFFFBC1 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
14:14:50.0219 0x2434  mrxsmb10 - ok
14:14:50.0266 0x2434  [ FC501F50E6214AF38D4B22220537187A, DACF1A76F98DDCB7F385BBDE2B522A23C32C9838B9CA5CECC9550BD9443DAEED ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
14:14:50.0297 0x2434  mrxsmb20 - ok
14:14:50.0376 0x2434  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
14:14:50.0407 0x2434  MsBridge - ok
14:14:50.0485 0x2434  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
14:14:50.0547 0x2434  MSDTC - ok
14:14:50.0579 0x2434  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:14:50.0610 0x2434  Msfs - ok
14:14:50.0641 0x2434  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:14:50.0657 0x2434  msgpiowin32 - ok
14:14:50.0672 0x2434  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
14:14:50.0688 0x2434  mshidkmdf - ok
14:14:50.0719 0x2434  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
14:14:50.0766 0x2434  mshidumdf - ok
14:14:50.0782 0x2434  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
14:14:50.0782 0x2434  msisadrv - ok
14:14:50.0829 0x2434  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
14:14:50.0844 0x2434  MSiSCSI - ok
14:14:50.0844 0x2434  msiserver - ok
14:14:50.0876 0x2434  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
14:14:50.0891 0x2434  MSKSSRV - ok
14:14:50.0907 0x2434  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
14:14:50.0922 0x2434  MsLldp - ok
14:14:50.0969 0x2434  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
14:14:50.0985 0x2434  MSPCLOCK - ok
14:14:51.0000 0x2434  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
14:14:51.0032 0x2434  MSPQM - ok
14:14:51.0094 0x2434  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
14:14:51.0110 0x2434  MsRPC - ok
14:14:51.0157 0x2434  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
14:14:51.0188 0x2434  mssmbios - ok
14:14:51.0235 0x2434  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
14:14:51.0250 0x2434  MSTEE - ok
14:14:51.0282 0x2434  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
14:14:51.0297 0x2434  MTConfig - ok
14:14:51.0313 0x2434  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
14:14:51.0344 0x2434  Mup - ok
14:14:51.0391 0x2434  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
14:14:51.0407 0x2434  mvumis - ok
14:14:51.0547 0x2434  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
14:14:51.0594 0x2434  NativeWifiP - ok
14:14:51.0641 0x2434  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
14:14:51.0672 0x2434  NcaSvc - ok
14:14:51.0719 0x2434  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
14:14:51.0735 0x2434  NcbService - ok
14:14:51.0766 0x2434  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
14:14:51.0844 0x2434  NcdAutoSetup - ok
14:14:51.0891 0x2434  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
14:14:51.0938 0x2434  ndfltr - ok
14:14:52.0094 0x2434  [ 36DD2C614720EC2970CB5E870BA69D8D, 692BDA4201119E0561E17E7E1A72320DBECDE3F8E4E65FBEA1B2C1128E16508B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
14:14:52.0157 0x2434  NDIS - ok
14:14:52.0204 0x2434  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
14:14:52.0219 0x2434  NdisCap - ok
14:14:52.0235 0x2434  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
14:14:52.0266 0x2434  NdisImPlatform - ok
14:14:52.0282 0x2434  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:14:52.0297 0x2434  NdisTapi - ok
14:14:52.0376 0x2434  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
14:14:52.0422 0x2434  Ndisuio - ok
14:14:52.0438 0x2434  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
14:14:52.0454 0x2434  NdisVirtualBus - ok
14:14:52.0501 0x2434  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
14:14:52.0516 0x2434  NdisWan - ok
14:14:52.0563 0x2434  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:14:52.0610 0x2434  ndiswanlegacy - ok
14:14:52.0641 0x2434  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
14:14:52.0688 0x2434  ndproxy - ok
14:14:52.0735 0x2434  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
14:14:52.0766 0x2434  Ndu - ok
14:14:52.0829 0x2434  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
14:14:52.0875 0x2434  NetAdapterCx - ok
14:14:52.0938 0x2434  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
14:14:52.0969 0x2434  NetBIOS - ok
14:14:53.0032 0x2434  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:14:53.0063 0x2434  NetBT - ok
14:14:53.0079 0x2434  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:14:53.0094 0x2434  Netlogon - ok
14:14:53.0157 0x2434  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
14:14:53.0188 0x2434  Netman - ok
14:14:53.0251 0x2434  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
14:14:53.0313 0x2434  netprofm - ok
14:14:53.0360 0x2434  [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
14:14:53.0391 0x2434  NetSetupSvc - ok
14:14:53.0563 0x2434  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:14:53.0641 0x2434  NetTcpPortSharing - ok
14:14:53.0735 0x2434  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
14:14:53.0766 0x2434  NgcCtnrSvc - ok
14:14:53.0813 0x2434  [ 2EC2F2E4C88BA9B72D1F6B92234BCD53, 4DC98EBE5A3B34ED654017F076F457970D3FBF749DC54A6533DAABDE85A7C4FE ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
14:14:53.0860 0x2434  NgcSvc - ok
14:14:53.0954 0x2434  [ 0B5083278F195C26FE9E0140AEAEDCBE, B4D505963D5EBA14EC80E6D0BB8B862D96D1D1C3A57F4744AEBA3FF4BFB1997A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
14:14:54.0001 0x2434  NlaSvc - ok
14:14:54.0032 0x2434  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:14:54.0063 0x2434  Npfs - ok
14:14:54.0079 0x2434  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
14:14:54.0094 0x2434  npsvctrig - ok
14:14:54.0126 0x2434  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
14:14:54.0141 0x2434  nsi - ok
14:14:54.0157 0x2434  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
14:14:54.0172 0x2434  nsiproxy - ok
14:14:54.0407 0x2434  [ BE43EC0D5AD467CFC5C9770F2F8EBCC2, 6D22EB974709D3115FD4347FB835454FA41FE6DBF99A79779CF14FB49A5BDD8F ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
14:14:54.0469 0x2434  NTFS - ok
14:14:54.0501 0x2434  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:14:54.0516 0x2434  Null - ok
14:14:54.0547 0x2434  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
14:14:54.0579 0x2434  nvraid - ok
14:14:54.0594 0x2434  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
14:14:54.0610 0x2434  nvstor - ok
14:14:54.0704 0x2434  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:14:54.0735 0x2434  odserv - ok
14:14:54.0829 0x2434  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
14:14:54.0860 0x2434  OneSyncSvc - ok
14:14:54.0954 0x2434  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:14:54.0985 0x2434  ose - ok
14:14:55.0079 0x2434  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
14:14:55.0141 0x2434  p2pimsvc - ok
14:14:55.0188 0x2434  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
14:14:55.0251 0x2434  p2psvc - ok
14:14:55.0266 0x2434  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
14:14:55.0297 0x2434  Parport - ok
14:14:55.0344 0x2434  [ 64E0AA114871B2A37908E44A18F35A73, 2FB434EE48894C9B538349918B9B96FE9C6A76ADAC325EB9DA6E84D0B104D457 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
14:14:55.0360 0x2434  partmgr - ok
14:14:55.0438 0x2434  [ CE515B2C6E2EA50053A8862398646B38, C85D370E5250AFCF44796CE274B5A100C6829DC28BF1D4C6991EF61DE46FD10A ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
14:14:55.0469 0x2434  PcaSvc - ok
14:14:55.0501 0x2434  [ 55E45E0A89429AE9C62D728B9C4891C0, 729922C3488866C8D67F00E82C082F2E8E6F05180F4767AD30FC7E1FFE4946C5 ] pci             C:\WINDOWS\system32\drivers\pci.sys
14:14:55.0516 0x2434  pci - ok
14:14:55.0547 0x2434  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
14:14:55.0547 0x2434  pciide - ok
14:14:55.0594 0x2434  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
14:14:55.0610 0x2434  pcmcia - ok
14:14:55.0641 0x2434  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
14:14:55.0672 0x2434  pcw - ok
14:14:55.0704 0x2434  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
14:14:55.0735 0x2434  pdc - ok
14:14:55.0797 0x2434  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
14:14:55.0829 0x2434  PEAUTH - ok
14:14:55.0876 0x2434  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
14:14:55.0891 0x2434  percsas2i - ok
14:14:55.0938 0x2434  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
14:14:55.0954 0x2434  percsas3i - ok
14:14:56.0297 0x2434  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
14:14:56.0329 0x2434  PerfHost - ok
14:14:56.0391 0x2434  [ CFA4868B2932396D47BCC8E7350907C1, C757910212982F54CF9B2CFFCB632D58E3A07E468A2DA42CDF97BFB6A05823DE ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
14:14:56.0438 0x2434  PhoneSvc - ok
14:14:56.0454 0x2434  [ 06A31E2C90347128A1A25290568E152C, 7F0BC96C116A5C6B9796233CA975B1F6A73D554A533191F38295D60221E503C4 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
14:14:56.0469 0x2434  PimIndexMaintenanceSvc - ok
14:14:56.0594 0x2434  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
14:14:56.0704 0x2434  pla - ok
14:14:56.0735 0x2434  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
14:14:56.0766 0x2434  PlugPlay - ok
14:14:56.0813 0x2434  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
14:14:56.0844 0x2434  PNRPAutoReg - ok
14:14:56.0922 0x2434  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
14:14:56.0954 0x2434  PNRPsvc - ok
14:14:57.0001 0x2434  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
14:14:57.0016 0x2434  PolicyAgent - ok
14:14:57.0047 0x2434  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
14:14:57.0063 0x2434  Power - ok
14:14:57.0094 0x2434  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
14:14:57.0126 0x2434  PptpMiniport - ok
14:14:57.0454 0x2434  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:14:57.0735 0x2434  PrintNotify - ok
14:14:57.0766 0x2434  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
14:14:57.0782 0x2434  Processor - ok
14:14:57.0844 0x2434  [ B2DC3BA675F95343D55EC989FE303561, C53FCA036358B0B11BBE5348074FA24831CF67C9FEE31A3DC9CF88B6178CFBC8 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
14:14:57.0876 0x2434  ProfSvc - ok
14:14:57.0907 0x2434  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
14:14:57.0907 0x2434  Psched - ok
14:14:57.0985 0x2434  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
14:14:58.0016 0x2434  QWAVE - ok
14:14:58.0063 0x2434  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
14:14:58.0110 0x2434  QWAVEdrv - ok
14:14:58.0157 0x2434  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
14:14:58.0157 0x2434  RadioShim - ok
14:14:58.0188 0x2434  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:14:58.0204 0x2434  RasAcd - ok
14:14:58.0266 0x2434  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
14:14:58.0313 0x2434  RasAgileVpn - ok
14:14:58.0360 0x2434  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:14:58.0391 0x2434  RasAuto - ok
14:14:58.0438 0x2434  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
14:14:58.0469 0x2434  Rasl2tp - ok
14:14:58.0594 0x2434  [ DF0702D6A190452E1BFA52F36E58640A, 37B7B8220CDE965F1232D883CEEEDDDB309ABA0ACBE38486E69B9052D39187C4 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:14:58.0657 0x2434  RasMan - ok
14:14:58.0688 0x2434  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:14:58.0704 0x2434  RasPppoe - ok
14:14:58.0719 0x2434  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
14:14:58.0735 0x2434  RasSstp - ok
14:14:58.0797 0x2434  [ 392CD98739F4A8F188A3CB34F6AB193E, C36D1CD8EEB57DB37A0A079DFC87120F948A8E3EE09973CCF5D613566B17EA10 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:14:58.0844 0x2434  rdbss - ok
14:14:58.0860 0x2434  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
14:14:58.0860 0x2434  rdpbus - ok
14:14:58.0922 0x2434  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
14:14:58.0938 0x2434  RDPDR - ok
14:14:58.0969 0x2434  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:14:58.0985 0x2434  RdpVideoMiniport - ok
14:14:59.0001 0x2434  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
14:14:59.0016 0x2434  rdyboost - ok
14:14:59.0172 0x2434  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
14:14:59.0204 0x2434  ReFSv1 - ok
14:14:59.0251 0x2434  [ FD2B3A645798A2EFB7FB61AC42AAA611, 8A121D361A73CA19AA87B1AD33B8020A99444BF4C8904944AD5913C5083859B8 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:14:59.0329 0x2434  RemoteAccess - ok
14:14:59.0454 0x2434  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
14:14:59.0501 0x2434  RemoteRegistry - ok
14:14:59.0579 0x2434  [ 94DCF20DF6170B557AFD386E37C128BC, 70FB7C7A7D2BFA95EACEEE38B39E1DCA93DA63AE1898C4F54956B9413C60EB88 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
14:14:59.0626 0x2434  RetailDemo - ok
14:14:59.0673 0x2434  [ 068220E1B417556F4226E6A3CA0A1C24, 381DD82EF6EAEE83B5B3FA123D04A4D1EEB3407737683C22BBA787C39DCAFFE3 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
14:14:59.0751 0x2434  RmSvc - ok
14:14:59.0782 0x2434  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
14:14:59.0797 0x2434  RpcEptMapper - ok
14:14:59.0829 0x2434  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:14:59.0829 0x2434  RpcLocator - ok
14:14:59.0922 0x2434  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:14:59.0969 0x2434  RpcSs - ok
14:15:00.0001 0x2434  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
14:15:00.0032 0x2434  rspndr - ok
14:15:00.0110 0x2434  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
14:15:00.0110 0x2434  s3cap - ok
14:15:00.0141 0x2434  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:15:00.0141 0x2434  SamSs - ok
14:15:00.0188 0x2434  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
14:15:00.0219 0x2434  sbp2port - ok
14:15:00.0282 0x2434  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
14:15:00.0329 0x2434  SCardSvr - ok
14:15:00.0329 0x2434  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
14:15:00.0360 0x2434  ScDeviceEnum - ok
14:15:00.0376 0x2434  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:15:00.0391 0x2434  scfilter - ok
14:15:00.0485 0x2434  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:15:00.0547 0x2434  Schedule - ok
14:15:00.0594 0x2434  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
14:15:00.0610 0x2434  scmbus - ok
14:15:00.0641 0x2434  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
14:15:00.0657 0x2434  scmdisk0101 - ok
14:15:00.0719 0x2434  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
14:15:00.0766 0x2434  SCPolicySvc - ok
14:15:00.0813 0x2434  [ FCBB8A17B4437B2CA8CC8DA8CB1D306E, 5FA762B1B6C8A45ED6F304A45B500038537ABD3DF6328F3C8E2BD43CBDEAB835 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
14:15:00.0844 0x2434  sdbus - ok
14:15:00.0876 0x2434  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
14:15:00.0922 0x2434  SDRSVC - ok
14:15:01.0251 0x2434  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe
14:15:01.0282 0x2434  SDScannerService - ok
14:15:01.0329 0x2434  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
14:15:01.0344 0x2434  sdstor - ok
14:15:01.0532 0x2434  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:15:01.0579 0x2434  SDUpdateService - ok
14:15:01.0626 0x2434  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
14:15:01.0641 0x2434  seclogon - ok
14:15:01.0657 0x2434  [ B605A44ACA1FCFF736235A4D7AEDA548, 48D8B5BC027CFE91AF7402C463327572181D4C1B1E2942F4D05792EED070B2DC ] SENS            C:\WINDOWS\System32\sens.dll
14:15:01.0688 0x2434  SENS - ok
14:15:01.0891 0x2434  [ 1CC993A041899B48D5DF4D3F4A4425FC, 8D138B3A92C0E181C865A37AD55EE2D55CC352ED9B60BF60BE0AC610F13F8FA1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
14:15:02.0001 0x2434  SensorDataService - ok
14:15:02.0063 0x2434  [ 7BFD114F0F308CE29AEB8F16056D0658, 0CD3B3C69DCB3EAD8F8EF5C633911DD4F2C1167DC6FE28107EE38713A35A1F5C ] SensorService   C:\WINDOWS\system32\SensorService.dll
14:15:02.0094 0x2434  SensorService - ok
14:15:02.0157 0x2434  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
14:15:02.0204 0x2434  SensrSvc - ok
14:15:02.0219 0x2434  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
14:15:02.0235 0x2434  SerCx - ok
14:15:02.0282 0x2434  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
14:15:02.0329 0x2434  SerCx2 - ok
14:15:02.0360 0x2434  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
14:15:02.0376 0x2434  Serenum - ok
14:15:02.0407 0x2434  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
14:15:02.0407 0x2434  Serial - ok
14:15:02.0422 0x2434  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
14:15:02.0485 0x2434  sermouse - ok
14:15:02.0563 0x2434  [ D525D273BE5691BDACE72B07AB0D1E02, 9231BD2137E71B3D555CEBBA8811297F239FDA08BF573CA4741D03D76718B5B1 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
14:15:02.0579 0x2434  SessionEnv - ok
14:15:02.0657 0x2434  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
14:15:02.0688 0x2434  sfloppy - ok
14:15:02.0844 0x2434  [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:15:02.0907 0x2434  SharedAccess - ok
14:15:03.0079 0x2434  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:15:03.0126 0x2434  ShellHWDetection - ok
14:15:03.0251 0x2434  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
14:15:03.0298 0x2434  shpamsvc - ok
14:15:03.0329 0x2434  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
14:15:03.0360 0x2434  SiSRaid2 - ok
14:15:03.0376 0x2434  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
14:15:03.0391 0x2434  SiSRaid4 - ok
14:15:03.0516 0x2434  [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:15:03.0548 0x2434  SkypeUpdate - ok
14:15:03.0594 0x2434  [ 3EB12F95C259907F976B9FFCD26FA047, 1ADC40D8911F7C3C7376882DC0B5526F1C16089E13883734498D36C9CE4D8E76 ] smphost         C:\WINDOWS\System32\smphost.dll
14:15:03.0610 0x2434  smphost - ok
14:15:03.0735 0x2434  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
14:15:03.0798 0x2434  SmsRouter - ok
14:15:03.0829 0x2434  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
14:15:03.0844 0x2434  SNMPTRAP - ok
14:15:04.0001 0x2434  [ 3DB9C2950439B61A038BF83E697C7A14, 6BF5EA5D4A251CB982F336840A60EF4241A3FC7442E7CD4D7C82199F5BF8D4D2 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
14:15:04.0063 0x2434  spaceport - ok
14:15:04.0094 0x2434  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
14:15:04.0126 0x2434  SpbCx - ok
14:15:04.0219 0x2434  [ DA5A9752A702E86AFC10F06115A8AF4C, 1EBF973AAEE0D851934CFD99BF6FC3B33D6EF5EDE95F81450D2EA18117172FC9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
14:15:04.0251 0x2434  Spooler - ok
14:15:04.0782 0x2434  [ DB386D52ABDCF0577B6921D02EEDC8B3, 523247781F230B7273248C2AB8262E63BBE55EFD2DE0DF9A40F5FA0DA7DD2AE6 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
14:15:05.0173 0x2434  sppsvc - ok
14:15:05.0219 0x2434  [ EDCDCD95B916DB156A903AC6256F0CCF, 4158EFE298235EDE2C34CE9F3978A4F3690379F14B21F917647EEAA0A8C1DE4A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:15:05.0282 0x2434  srv - ok
14:15:05.0360 0x2434  [ DF7147DE10921DBAAE9F9EEF94590E10, 2222BA441227056DA17194648B3AF49655650F7BBA9E4A9ACEF519E392099C6D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
14:15:05.0407 0x2434  srv2 - ok
14:15:05.0423 0x2434  [ 416D224AF7481A4179F018FB1F9A5B6B, 38159D7957A8091DFC5C32DCAC4DB07FDE14BBE4E75B4E61B4FBB332E3F9259D ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
14:15:05.0438 0x2434  srvnet - ok
14:15:05.0501 0x2434  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:15:05.0548 0x2434  SSDPSRV - ok
14:15:05.0579 0x2434  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
14:15:05.0610 0x2434  SstpSvc - ok
14:15:05.0923 0x2434  [ DF762D30EF0EE10E569C507BE75EAA6B, C23BA05E778CF1A547E7D3FE2226E0E68917570C56D5E703E599CAF2FD10BD17 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
14:15:06.0141 0x2434  StateRepository - ok
14:15:06.0407 0x2434  [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:15:06.0532 0x2434  Steam Client Service - ok
14:15:06.0563 0x2434  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
14:15:06.0579 0x2434  stexstor - ok
14:15:06.0610 0x2434  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
14:15:06.0626 0x2434  StillCam - ok
14:15:06.0766 0x2434  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
14:15:06.0829 0x2434  stisvc - ok
14:15:06.0876 0x2434  [ 0FE3B9A9E40DE1029B0AC2368A3F765D, AB06795E456DB9CE4E5A91DD1C2638B4D474CE1C5DB4819D5EE17A337D74A231 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
14:15:06.0891 0x2434  storahci - ok
14:15:06.0923 0x2434  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
14:15:06.0938 0x2434  storflt - ok
14:15:06.0985 0x2434  [ B739FF1C1FAF9D0ADFBFB0FD59A5AB37, F128D872283AD1F91B56667DB885E7404D76B1CC72D6D71382C5DFA19AE433ED ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
14:15:07.0001 0x2434  stornvme - ok
14:15:07.0048 0x2434  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
14:15:07.0063 0x2434  storqosflt - ok
14:15:07.0219 0x2434  [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc         C:\WINDOWS\system32\storsvc.dll
14:15:07.0266 0x2434  StorSvc - ok
14:15:07.0298 0x2434  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
14:15:07.0298 0x2434  storufs - ok
14:15:07.0344 0x2434  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
14:15:07.0344 0x2434  storvsc - ok
14:15:07.0423 0x2434  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
14:15:07.0485 0x2434  svsvc - ok
14:15:07.0532 0x2434  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
14:15:07.0548 0x2434  swenum - ok
14:15:07.0579 0x2434  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
14:15:07.0626 0x2434  swprv - ok
14:15:07.0688 0x2434  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
14:15:07.0735 0x2434  Synth3dVsc - ok
14:15:07.0891 0x2434  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
14:15:08.0032 0x2434  SysMain - ok
14:15:08.0110 0x2434  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:15:08.0235 0x2434  SystemEventsBroker - ok
14:15:08.0313 0x2434  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:15:08.0360 0x2434  TabletInputService - ok
14:15:08.0423 0x2434  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:15:08.0454 0x2434  TapiSrv - ok
14:15:08.0751 0x2434  [ E93C3AB8B29AB4905541B5AB87963906, A9352792815C543E7129D16CCCDB7A6F9FB63C0C95A4BB22FA5709E886FFD6D4 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
14:15:08.0891 0x2434  Tcpip - ok
14:15:09.0094 0x2434  [ E93C3AB8B29AB4905541B5AB87963906, A9352792815C543E7129D16CCCDB7A6F9FB63C0C95A4BB22FA5709E886FFD6D4 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
14:15:09.0204 0x2434  Tcpip6 - ok
14:15:09.0251 0x2434  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
14:15:09.0282 0x2434  tcpipreg - ok
14:15:09.0329 0x2434  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
14:15:09.0344 0x2434  tdx - ok
14:15:09.0360 0x2434  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
14:15:09.0376 0x2434  terminpt - ok
14:15:09.0548 0x2434  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
14:15:09.0610 0x2434  TermService - ok
14:15:09.0673 0x2434  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
14:15:09.0704 0x2434  Themes - ok
14:15:09.0813 0x2434  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
14:15:09.0844 0x2434  TieringEngineService - ok
14:15:09.0907 0x2434  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
14:15:09.0938 0x2434  tiledatamodelsvc - ok
14:15:10.0001 0x2434  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
14:15:10.0063 0x2434  TimeBrokerSvc - ok
14:15:10.0095 0x2434  [ 798C8CB861EB09C5AFB77468E5449BBB, F6631E779159B99B097A59792D11713809CA493618B6A210A4BC905F16782094 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
14:15:10.0126 0x2434  TPM - ok
14:15:10.0204 0x2434  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
14:15:10.0235 0x2434  TrkWks - ok
14:15:10.0282 0x2434  [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
14:15:10.0329 0x2434  TrustedInstaller - ok
14:15:10.0376 0x2434  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
14:15:10.0407 0x2434  tsusbflt - ok
14:15:10.0423 0x2434  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:15:10.0438 0x2434  TsUsbGD - ok
14:15:10.0454 0x2434  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
14:15:10.0469 0x2434  tunnel - ok
14:15:10.0548 0x2434  [ 0F38FCE8C61CC14DE3718FAB5FFC0D3A, 527071956BDC0F2863DCDFEDD314DB5265A6AE525F810186F508E0D58A97D767 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
14:15:10.0579 0x2434  tzautoupdate - ok
14:15:10.0798 0x2434  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
14:15:10.0844 0x2434  UASPStor - ok
14:15:10.0923 0x2434  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
14:15:10.0969 0x2434  UcmCx0101 - ok
14:15:10.0985 0x2434  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
14:15:11.0016 0x2434  UcmTcpciCx0101 - ok
14:15:11.0016 0x2434  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
14:15:11.0032 0x2434  UcmUcsi - ok
14:15:11.0095 0x2434  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
14:15:11.0126 0x2434  Ucx01000 - ok
14:15:11.0173 0x2434  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
14:15:11.0204 0x2434  UdeCx - ok
14:15:11.0235 0x2434  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
14:15:11.0266 0x2434  udfs - ok
14:15:11.0313 0x2434  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
14:15:11.0360 0x2434  UEFI - ok
14:15:11.0438 0x2434  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
14:15:11.0469 0x2434  Ufx01000 - ok
14:15:11.0563 0x2434  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
14:15:11.0610 0x2434  UfxChipidea - ok
14:15:11.0641 0x2434  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
14:15:11.0673 0x2434  ufxsynopsys - ok
14:15:11.0766 0x2434  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
14:15:11.0798 0x2434  UI0Detect - ok
14:15:11.0813 0x2434  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
14:15:11.0829 0x2434  umbus - ok
14:15:11.0923 0x2434  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
14:15:12.0001 0x2434  UmPass - ok
14:15:12.0094 0x2434  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
14:15:12.0220 0x2434  UmRdpService - ok
14:15:12.0423 0x2434  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
14:15:12.0548 0x2434  UnistoreSvc - ok
14:15:12.0641 0x2434  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:15:12.0673 0x2434  upnphost - ok
14:15:12.0704 0x2434  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
14:15:12.0735 0x2434  UrsChipidea - ok
14:15:12.0766 0x2434  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
14:15:12.0782 0x2434  UrsCx01000 - ok
14:15:12.0845 0x2434  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
14:15:12.0891 0x2434  UrsSynopsys - ok
14:15:12.0907 0x2434  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
14:15:12.0923 0x2434  usbccgp - ok
14:15:12.0938 0x2434  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
14:15:12.0954 0x2434  usbcir - ok
14:15:12.0970 0x2434  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
14:15:12.0985 0x2434  usbehci - ok
14:15:13.0063 0x2434  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
14:15:13.0110 0x2434  usbhub - ok
14:15:13.0188 0x2434  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
14:15:13.0282 0x2434  USBHUB3 - ok
14:15:13.0298 0x2434  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
14:15:13.0313 0x2434  usbohci - ok
14:15:13.0329 0x2434  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
14:15:13.0345 0x2434  usbprint - ok
14:15:13.0391 0x2434  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
14:15:13.0407 0x2434  usbser - ok
14:15:13.0438 0x2434  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:15:13.0454 0x2434  USBSTOR - ok
14:15:13.0470 0x2434  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
14:15:13.0516 0x2434  usbuhci - ok
14:15:13.0563 0x2434  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
14:15:13.0610 0x2434  usbvideo - ok
14:15:13.0688 0x2434  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
14:15:13.0720 0x2434  USBXHCI - ok
14:15:13.0923 0x2434  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
14:15:14.0032 0x2434  UserDataSvc - ok
14:15:14.0204 0x2434  [ 8F6DAAFDDDA27D83ACC8C7FF1536CAF6, 5E1B67A5B388CBB3B193C238546BAD4DC5F5DF54859E16607A60681E6D38FA73 ] UserManager     C:\WINDOWS\System32\usermgr.dll
14:15:14.0251 0x2434  UserManager - ok
14:15:14.0391 0x2434  [ 0F3C4209200F3DAD2015DA3044FA8DC3, 84DC9CB21ECD79C3BFDBBDF66173F4E2D7E6CB118E0EEA4516A6661636D4CE8F ] UsoSvc          C:\WINDOWS\system32\usocore.dll
14:15:14.0423 0x2434  UsoSvc - ok
14:15:14.0470 0x2434  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
14:15:14.0501 0x2434  VaultSvc - ok
14:15:14.0516 0x2434  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
14:15:14.0516 0x2434  vdrvroot - ok
14:15:14.0673 0x2434  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
14:15:14.0829 0x2434  vds - ok
14:15:14.0891 0x2434  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
14:15:14.0923 0x2434  VerifierExt - ok
14:15:15.0016 0x2434  [ C12B4859FC255AA6B3021CF8BB14A11F, E95922351825D23ABCADD173E9256FC9AFFF28555DD1971CFF5666A2055958C5 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
14:15:15.0063 0x2434  vhdmp - ok
14:15:15.0095 0x2434  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
14:15:15.0110 0x2434  vhf - ok
14:15:15.0141 0x2434  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
14:15:15.0157 0x2434  vmbus - ok
14:15:15.0188 0x2434  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
14:15:15.0204 0x2434  VMBusHID - ok
14:15:15.0220 0x2434  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
14:15:23.0282 0x2434  WpnService - ok
14:15:23.0313 0x2434  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
14:15:23.0329 0x2434  WpnUserService - ok
14:15:23.0407 0x2434  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:15:23.0438 0x2434  ws2ifsl - ok
14:15:23.0485 0x2434  [ 519806FBCF00A0B17B8E03297DB0F551, 1911EA7168B06DBF3D36833120E4731437BF1ACC294C289B132C50280A40F548 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
14:15:23.0517 0x2434  wscsvc - ok
14:15:23.0517 0x2434  WSearch - ok
14:15:23.0829 0x2434  [ A93273F9EA274B87E76C9FE9A98E169D, E5961AC5DB93B365D04AD6C54CFD54F58CB9851398312CC63D937282265F81A7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
14:15:23.0907 0x2434  wuauserv - ok
14:15:23.0970 0x2434  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
14:15:24.0017 0x2434  WudfPf - ok
14:15:24.0095 0x2434  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
14:15:24.0142 0x2434  WUDFRd - ok
14:15:24.0204 0x2434  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
14:15:24.0251 0x2434  wudfsvc - ok
14:15:24.0517 0x2434  [ FD25CA03DE4372B6D3B7584248240D40, 91743D71A25FA0EB10C1C3DA71C534DDF2C4224BB96F081159465EED11B1C468 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
14:15:24.0642 0x2434  WwanSvc - ok
14:15:24.0782 0x2434  [ 89841EAF6C36E0B708BEAC939837AB27, 5B2A521E9C1051DA9D472CE9969E97C4F61A3D315B1C0ABDE01E43D033033268 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
14:15:24.0860 0x2434  XblAuthManager - ok
14:15:25.0048 0x2434  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
14:15:25.0157 0x2434  XblGameSave - ok
14:15:25.0251 0x2434  [ 59335CEA021FB89E07AD5DB5D17F09D0, 33FEFD5798BFA306FBEDCC8F2D0D984B6546A61B5026E921A8AC0466ADF2B698 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
14:15:25.0282 0x2434  xboxgip - ok
14:15:25.0454 0x2434  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
14:15:25.0579 0x2434  XboxNetApiSvc - ok
14:15:25.0610 0x2434  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
14:15:25.0626 0x2434  xinputhid - ok
14:15:25.0626 0x2434  ================ Scan global ===============================
14:15:25.0751 0x2434  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
14:15:25.0813 0x2434  [ 1FEF9536BA2779E2F3CB524E34BAC715, 6387C7E2FD538EFD9AC19B622AEC81F6F924576FDAB6F003AF5B6CBD33F6A379 ] C:\WINDOWS\system32\winsrv.dll
14:15:25.0970 0x2434  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
14:15:26.0188 0x2434  [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
14:15:26.0204 0x2434  [ Global ] - ok
14:15:26.0204 0x2434  ================ Scan MBR ==================================
14:15:26.0235 0x2434  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:15:27.0860 0x2434  \Device\Harddisk0\DR0 - ok
14:15:27.0860 0x2434  ================ Scan VBR ==================================
14:15:27.0876 0x2434  [ 27EE700167C42A6BB6679E80B8322BCD ] \Device\Harddisk0\DR0\Partition1
14:15:27.0938 0x2434  \Device\Harddisk0\DR0\Partition1 - ok
14:15:27.0970 0x2434  [ 6C1D38D3E40EC5BEACB07C1C09BCB2FC ] \Device\Harddisk0\DR0\Partition2
14:15:27.0970 0x2434  \Device\Harddisk0\DR0\Partition2 - ok
14:15:28.0001 0x2434  [ 6DBEA23E444B72C8001697E8C89D0D02 ] \Device\Harddisk0\DR0\Partition3
14:15:28.0001 0x2434  \Device\Harddisk0\DR0\Partition3 - ok
14:15:28.0017 0x2434  [ 3531BCB19CA07DCA39EAAE02752B5BA6 ] \Device\Harddisk0\DR0\Partition4
14:15:28.0064 0x2434  \Device\Harddisk0\DR0\Partition4 - ok
14:15:28.0095 0x2434  [ F84AE34F7C26B071E02EBCD58BD89ED3 ] \Device\Harddisk0\DR0\Partition5
14:15:28.0142 0x2434  \Device\Harddisk0\DR0\Partition5 - ok
14:15:28.0142 0x2434  ================ Scan generic autorun ======================
14:15:28.0157 0x2434  ETDCtrl - ok
14:15:29.0235 0x2434  [ 5B46668BF599A03EF524BE934AE6E3E9, 720D495FA163BA15BD24F58A29D98991EC7278C9A6B8D001EDF9B21588FA812F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:15:29.0798 0x2434  RTHDVCPL - ok
14:15:29.0860 0x2434  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
14:15:29.0860 0x2434  HP Software Update - ok
14:15:31.0329 0x2434  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:15:31.0673 0x2434  OneDriveSetup - ok
14:15:32.0579 0x2434  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:15:32.0751 0x2434  OneDriveSetup - ok
14:15:32.0970 0x2434  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\stock\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:15:33.0001 0x2434  OneDrive - ok
14:15:33.0360 0x2434  [ ADF6C78FC95716CA45A68FD3DA1C1A78, 8250D47AC8C25A3A2DB8AB2148350F7086141F91DB317D0431DA545430B843F5 ] C:\Mark\Programme\Steam\steam.exe
14:15:33.0439 0x2434  Steam - ok
14:15:33.0735 0x2434  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
14:15:33.0876 0x2434  HP Officejet 4620 series (NET) - ok
14:15:33.0923 0x2434  Skype - ok
14:15:34.0282 0x2434  [ 52EC51A901AA9F1F68C9278D1EE3CCA2, 50FF4192FB33DF1BCEA08A7BB4D606123CC7E0C89A181C2BC11F2A41FF92C2E1 ] C:\Users\stock\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:15:34.0439 0x2434  Spotify Web Helper - ok
14:15:35.0048 0x2434  [ C5D947DFEF05F5826863E401EE8743B0, B7C54DF6DB0707C6C5F126FE95E3B04F1B07EC2E12307AE89EB4144898FEEDA6 ] C:\Users\stock\AppData\Roaming\Spotify\Spotify.exe
14:15:35.0423 0x2434  Spotify - ok
14:15:35.0610 0x2434  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
14:15:35.0751 0x2434  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
14:15:36.0845 0x2434  Detect skipped due to KSN trusted
14:15:36.0845 0x2434  SpybotPostWindows10UpgradeReInstall - ok
14:15:36.0845 0x2434  Waiting for KSN requests completion. In queue: 9
14:15:37.0861 0x2434  Waiting for KSN requests completion. In queue: 9
14:15:38.0876 0x2434  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
14:15:38.0876 0x2434  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.0 ), 0x62100 ( disabled : updated )
14:15:38.0892 0x2434  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
14:15:48.0986 0x2434  ============================================================
14:15:48.0986 0x2434  Scan finished
14:15:48.0986 0x2434  ============================================================
14:15:49.0001 0x12b4  Detected object count: 0
14:15:49.0001 0x12b4  Actual detected object count: 0
         
vmgid C:\WINDOWS\System32\drivers\vmgid.sys 14:15:15.0235 0x2434 vmgid - ok 14:15:15.0298 0x2434 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll 14:15:15.0329 0x2434 vmicguestinterface - ok 14:15:15.0376 0x2434 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll 14:15:15.0391 0x2434 vmicheartbeat - ok 14:15:15.0407 0x2434 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll 14:15:15.0423 0x2434 vmickvpexchange - ok 14:15:15.0485 0x2434 [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll 14:15:15.0516 0x2434 vmicrdv - ok 14:15:15.0532 0x2434 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll 14:15:15.0563 0x2434 vmicshutdown - ok 14:15:15.0579 0x2434 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmictimesync C:\WINDOWS\System32\icsvc.dll 14:15:15.0595 0x2434 vmictimesync - ok 14:15:15.0626 0x2434 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll 14:15:15.0641 0x2434 vmicvmsession - ok 14:15:15.0688 0x2434 [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll 14:15:15.0720 0x2434 vmicvss - ok 14:15:15.0751 0x2434 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 14:15:15.0891 0x2434 volmgr - ok 14:15:15.0954 0x2434 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 14:15:15.0985 0x2434 volmgrx - ok 14:15:16.0048 0x2434 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 14:15:16.0079 0x2434 volsnap - ok 14:15:16.0141 0x2434 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys 14:15:16.0188 0x2434 volume - ok 14:15:16.0266 0x2434 [ 04BEC879AD7B3FDDD0339B19FECB0160, 8C92755DDB41AD7DDA1643D7F32FAA0FCA7E2C65C69611EB5EC1B3276EA8DBC7 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 14:15:16.0298 0x2434 vpci - ok 14:15:16.0329 0x2434 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 14:15:16.0360 0x2434 vsmraid - ok 14:15:16.0485 0x2434 [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\WINDOWS\system32\vssvc.exe 14:15:16.0610 0x2434 VSS - ok 14:15:16.0829 0x2434 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe 14:15:16.0860 0x2434 vssbrigde64 - ok 14:15:16.0891 0x2434 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 14:15:16.0907 0x2434 VSTXRAID - ok 14:15:16.0923 0x2434 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 14:15:16.0954 0x2434 vwifibus - ok 14:15:16.0985 0x2434 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys 14:15:17.0016 0x2434 vwififlt - ok 14:15:17.0048 0x2434 [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys 14:15:17.0063 0x2434 vwifimp - ok 14:15:17.0126 0x2434 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll 14:15:17.0188 0x2434 W32Time - ok 14:15:17.0204 0x2434 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 14:15:17.0220 0x2434 WacomPen - ok 14:15:17.0329 0x2434 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll 14:15:17.0485 0x2434 WalletService - ok 14:15:17.0532 0x2434 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 14:15:17.0595 0x2434 wanarp - ok 14:15:17.0595 0x2434 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 14:15:17.0626 0x2434 wanarpv6 - ok 14:15:17.0845 0x2434 [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\WINDOWS\system32\wbengine.exe 14:15:17.0970 0x2434 wbengine - ok 14:15:18.0079 0x2434 [ 6BE945D6DE02713BAD8627205CDF9F48, F6548EAF5D67DA4682D8B31E5B565606DEAAB9276B44F25F1A4203AB61B9400B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 14:15:18.0173 0x2434 WbioSrvc - ok 14:15:18.0188 0x2434 [ CD24DEEA22152524CCFE859591D12A57, C60ACF77647E5D6EDC10BBBCF974DF264145123C8EDB6506AFA9C949EBA53D7F ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys 14:15:18.0204 0x2434 wcifs - ok 14:15:18.0266 0x2434 [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 14:15:18.0298 0x2434 Wcmsvc - ok 14:15:18.0376 0x2434 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 14:15:18.0407 0x2434 wcncsvc - ok 14:15:18.0438 0x2434 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys 14:15:18.0470 0x2434 wcnfs - ok 14:15:18.0501 0x2434 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 14:15:18.0501 0x2434 WdBoot - ok 14:15:18.0579 0x2434 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys 14:15:18.0641 0x2434 WDC_SAM - ok 14:15:18.0735 0x2434 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 14:15:18.0766 0x2434 Wdf01000 - ok 14:15:18.0845 0x2434 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 14:15:18.0891 0x2434 WdFilter - ok 14:15:18.0923 0x2434 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 14:15:18.0938 0x2434 WdiServiceHost - ok 14:15:18.0938 0x2434 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 14:15:18.0954 0x2434 WdiSystemHost - ok 14:15:19.0063 0x2434 [ 373DF27CD5D5E50FFA2A90FEE0C0D994, 09E6C6C690AEE1C1A9A84BBA87A934040B2A20F677E5F5B2D24F8433B61BD81E ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys 14:15:19.0188 0x2434 wdiwifi - ok 14:15:19.0235 0x2434 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 14:15:19.0266 0x2434 WdNisDrv - ok 14:15:19.0313 0x2434 WdNisSvc - ok 14:15:19.0391 0x2434 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll 14:15:19.0438 0x2434 WebClient - ok 14:15:19.0485 0x2434 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 14:15:19.0532 0x2434 Wecsvc - ok 14:15:19.0548 0x2434 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 14:15:19.0563 0x2434 WEPHOSTSVC - ok 14:15:19.0626 0x2434 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 14:15:19.0673 0x2434 wercplsupport - ok 14:15:19.0735 0x2434 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 14:15:19.0782 0x2434 WerSvc - ok 14:15:19.0829 0x2434 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys 14:15:19.0845 0x2434 WFPLWFS - ok 14:15:19.0907 0x2434 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 14:15:19.0954 0x2434 WiaRpc - ok 14:15:20.0016 0x2434 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 14:15:20.0032 0x2434 WIMMount - ok 14:15:20.0032 0x2434 WinDefend - ok 14:15:20.0063 0x2434 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys 14:15:20.0079 0x2434 WindowsTrustedRT - ok 14:15:20.0126 0x2434 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys 14:15:20.0126 0x2434 WindowsTrustedRTProxy - ok 14:15:20.0266 0x2434 [ C9E7D91A044B77CBCB4121C06610A86C, 9FF039D67A5CE4732920EA4F1F5CFD9DE0AAADC34829A007EA697030D42D3623 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 14:15:20.0313 0x2434 WinHttpAutoProxySvc - ok 14:15:20.0376 0x2434 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys 14:15:20.0407 0x2434 WinMad - ok 14:15:20.0563 0x2434 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 14:15:20.0595 0x2434 Winmgmt - ok 14:15:20.0891 0x2434 [ F86E9029774478D276E0AAB7D169896D, EDCB96F745E1F16BDFF70B140B38412096FA29A407157183223AE6111CBB4B38 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 14:15:21.0126 0x2434 WinRM - ok 14:15:21.0220 0x2434 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS 14:15:21.0282 0x2434 WINUSB - ok 14:15:21.0313 0x2434 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys 14:15:21.0345 0x2434 WinVerbs - ok 14:15:21.0407 0x2434 [ 4D694EDF85F1BFC463B15846D4E00A9B, 4ED44C0E22D2843121E4C8A58F97B526BB7D85C0D7A0BB4B1158A970258C791E ] wisvc C:\WINDOWS\system32\flightsettings.dll 14:15:21.0517 0x2434 wisvc - ok 14:15:21.0813 0x2434 [ 0ECFEB0CABA7FEE6E14FAD5D6BF4777E, 7C8F69E1B04B5F7853D18216C91233B7DD53760281B295DA7D23024C0D4B378A ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 14:15:21.0938 0x2434 WlanSvc - ok 14:15:22.0220 0x2434 [ 7A98AF088E0B1A5EB98863B14F493716, 8B2F8D02AC0637C72859AF29C05C01D7D1C81C6A15CBE2D579F27F3254E66076 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 14:15:22.0360 0x2434 wlidsvc - ok 14:15:22.0376 0x2434 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 14:15:22.0391 0x2434 WmiAcpi - ok 14:15:22.0454 0x2434 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 14:15:22.0517 0x2434 wmiApSrv - ok 14:15:22.0548 0x2434 WMPNetworkSvc - ok 14:15:22.0595 0x2434 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys 14:15:22.0610 0x2434 Wof - ok 14:15:22.0876 0x2434 [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 14:15:23.0032 0x2434 workfolderssvc - ok 14:15:23.0079 0x2434 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 14:15:23.0095 0x2434 WPDBusEnum - ok 14:15:23.0157 0x2434 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 14:15:23.0204 0x2434 WpdUpFltr - ok 14:15:23.0251 0x2434 [ 60E2EB3E7B7F15C25E02462159F90707,


Alt 09.09.2016, 21:48   #6
M-K-D-B
/// TB-Ausbilder
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Servus,



in welchem Browser tritt das von dir beschriebene Problem auf?


Du hast bereits selber AdwCleaner und MBAM ausgeführt. Poste bitte die dazugehörigen Logdateien.
__________________
--> Werbung bei jedem Klick/ immer neue Tabs

Alt 10.09.2016, 14:19   #7
Winja
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Hallo,

hier die Logfile von MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 08.09.2016
Suchlaufzeit: 19:09
Protokolldatei: Malwarebytes Test1.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.08.07
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: stock

Suchlauftyp: Hyper-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 267135
Abgelaufene Zeit: 6 Min., 35 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Deaktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
ADWCleaner:
Code:
ATTFilter
# AdwCleaner v6.010 - Bericht erstellt am 10/09/2016 um 14:08:41
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-10.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : stock - MARKSPC
# Gestartet von : C:\Users\stock\Desktop\adwcleaner_6.010.exe
# Modus: Suchlauf
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2524 Bytes] - [07/09/2016 18:25:46]
C:\AdwCleaner\AdwCleaner[C2].txt - [1223 Bytes] - [07/09/2016 18:31:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [2572 Bytes] - [07/09/2016 18:25:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [1486 Bytes] - [07/09/2016 18:31:33]
C:\AdwCleaner\AdwCleaner[S2].txt - [1464 Bytes] - [10/09/2016 14:08:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1537 Bytes] ##########
         
Ich nutze im Moment nur Edge und dort tritt es auf...
Außerdem im eingebauten Browser von Steam...

Habe jetzt herausgefunden, dass die Seiten oft über die URL. onclicksads.net verlinkt werden...Nicht immer ,aber schon zur Hälfte...

Manche Seiten blockiert Malwarebytes auch direkt und schickt ne Warnung...

Wegen dieser Regel mit dem Installieren/Deinstallieren:
Musste gestern meine Treiber updaten und habe da auch neue AMD Programme installieren müssen

Alt 10.09.2016, 16:44   #8
M-K-D-B
/// TB-Ausbilder
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Servus,



setze bitte Edge zurück:
Edge zurücksetzen



Wie sieht es dann jetzt aus?
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 10.09.2016, 18:58   #9
Winja
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Nein,
Symptome und Probleme bleiben erhalten...

Alt 11.09.2016, 09:49   #10
M-K-D-B
/// TB-Ausbilder
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Servus,


  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und Shortcut.txt und drücke auf Untersuchen.
  • FRST erstellt nun drei Logdateien (FRST.txt, Addition.txt und Shortcut.txt).
  • Poste mir alle drei Logdateien mit deiner nächsten Antwort.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 11.09.2016, 12:27   #11
Winja
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Hallo,
hier die FRST:


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von stock (Administrator) auf MARKSPC (11-09-2016 12:14:43)
Gestartet von C:\Users\stock\Desktop
Geladene Profile: stock &  (Verfügbare Profile: stock)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Malwarebytes) C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe
(Safer-Networking Ltd.) C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
konnte nicht auf den Prozess zugreifen -> WpcMon.exe
konnte nicht auf den Prozess zugreifen -> WpcMon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes) C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
konnte nicht auf den Prozess zugreifen -> WpcMon.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-08] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [7536520 2016-09-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [SDTray] => C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Steam] => C:\Mark\Programme\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Spotify Web Helper] => C:\Users\stock\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Spotify] => C:\Users\stock\AppData\Roaming\Spotify\Spotify.exe [6930544 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Mark\Programme\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\stock\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\stock\AppData\Roaming\Spotify\Spotify.exe [6930544 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-602346101-288533717-1331706006-1002\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{dc3228ef-604e-40f1-8dab-f847f3d1ba0a}: [NameServer] 138.201.48.176,8.8.8.8
Tcpip\..\Interfaces\{dc3228ef-604e-40f1-8dab-f847f3d1ba0a}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pesonal-spage.com/sall/
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pesonal-spage.com/sall/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-07] (Oracle Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-07] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\stock\AppData\Roaming\Mozilla\Firefox\Profiles\yb2u8nal.default
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-07] (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-24]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-01-09] (Kaspersky Lab ZAO)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 MBAMScheduler; C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SDScannerService; C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0306711.inf_amd64_22668ece07e665a6\atikmdag.sys [26551952 2016-09-08] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0306711.inf_amd64_22668ece07e665a6\atikmpag.sys [511632 2016-09-08] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [88488 2016-09-08] (Advanced Micro Devices, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-01-09] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-05-24] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-05-24] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-08-25] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-01-09] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-05-24] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-11] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-11 12:14 - 2016-09-11 12:14 - 00017304 _____ C:\Users\stock\Desktop\FRST.txt
2016-09-10 14:10 - 2016-09-10 14:10 - 00001619 _____ C:\Users\stock\Desktop\AdwCleaner Test1.txt
2016-09-10 14:07 - 2016-09-10 14:07 - 03826240 _____ C:\Users\stock\Desktop\adwcleaner_6.010.exe
2016-09-10 14:04 - 2016-09-10 14:04 - 00001196 _____ C:\Users\stock\Desktop\Malwarebytes Test1.txt
2016-09-09 15:38 - 2016-09-09 15:38 - 00000000 ____D C:\Users\stock\Documents\Rockstar Games
2016-09-09 15:32 - 2016-09-09 15:32 - 00000000 __SHD C:\ProgramData\SecuROM
2016-09-09 15:31 - 2016-09-09 15:31 - 00178800 _____ (Sony DADC Austria AG.) C:\WINDOWS\SysWOW64\CmdLineExt_x64.dll
2016-09-09 15:31 - 2016-09-09 15:31 - 00000000 __RHD C:\Users\stock\AppData\Roaming\SecuROM
2016-09-09 15:31 - 2016-09-09 15:31 - 00000000 ____D C:\Users\stock\AppData\Local\Rockstar Games
2016-09-09 15:30 - 2016-09-09 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2016-09-09 15:22 - 2016-09-09 15:22 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿerStore
2016-09-09 15:21 - 2016-09-09 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-09-09 15:19 - 2016-09-09 15:20 - 00000000 ____D C:\WINDOWS\LastGood
2016-09-09 15:19 - 2016-09-09 15:19 - 00000000 ____D C:\ProgramData\ATI
2016-09-09 15:15 - 2016-09-09 15:15 - 00001296 _____ C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings.lnk
2016-09-09 15:01 - 2016-09-09 15:01 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2016-09-09 14:58 - 2016-09-09 14:58 - 00000000 ____D C:\Users\stock\AppData\Roaming\library_dir
2016-09-09 14:58 - 2016-09-09 14:58 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-09-09 14:56 - 2016-09-09 14:56 - 00000000 ____D C:\Program Files (x86)\AMD
2016-09-09 14:56 - 2016-09-08 02:45 - 00088488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2016-09-09 14:55 - 2016-09-09 14:56 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-09-09 14:48 - 2016-09-09 14:50 - 371349192 _____ (AMD Inc.) C:\Users\stock\Downloads\radeon-crimson-16.7.3-win10-64bit.exe
2016-09-09 14:47 - 2016-09-09 14:47 - 00567032 _____ C:\Users\stock\Downloads\radeon-crimson-16.7.3-win10-64bit_CB-DL-Manager.exe
2016-09-09 14:16 - 2016-09-09 14:16 - 00000000 ____D C:\Users\stock\Desktop\Kaspersky TDSSKiller
2016-09-09 14:13 - 2016-09-09 14:17 - 00330176 _____ C:\TDSSKiller.3.1.0.11_09.09.2016_14.13.10_log.txt
2016-09-09 14:13 - 2016-09-09 14:14 - 00000000 ____D C:\Users\stock\Desktop\FRST
2016-09-09 14:10 - 2016-09-09 14:13 - 00052586 _____ C:\TDSSKiller.3.1.0.11_09.09.2016_14.10.47_log.txt
2016-09-09 14:10 - 2016-09-09 14:10 - 04747704 _____ (AO Kaspersky Lab) C:\Users\stock\Desktop\tdsskiller.exe
2016-09-09 14:07 - 2016-09-09 14:09 - 00034756 _____ C:\Users\stock\Downloads\Addition.txt
2016-09-09 14:06 - 2016-09-09 14:09 - 00079043 _____ C:\Users\stock\Downloads\FRST.txt
2016-09-09 14:05 - 2016-09-11 12:14 - 00000000 ____D C:\FRST
2016-09-09 14:04 - 2016-09-09 14:04 - 02397696 _____ (Farbar) C:\Users\stock\Desktop\FRST64.exe
2016-09-08 20:20 - 2016-09-08 20:23 - 00000000 ____D C:\Users\stock\Desktop\Planet Coaster Piratenschiff
2016-09-08 19:35 - 2016-09-08 19:35 - 00000000 ____D C:\Users\stock\Desktop\Adware oder sowas
2016-09-08 02:46 - 2016-09-08 02:46 - 09374352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 07577744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-09-08 02:46 - 2016-09-08 02:46 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-09-08 02:46 - 2016-09-08 02:46 - 02231952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 01911440 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 01326224 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00990864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00990864 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00748320 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-09-08 02:46 - 2016-09-08 02:46 - 00748320 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-09-08 02:46 - 2016-09-08 02:46 - 00515208 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-09-08 02:46 - 2016-09-08 02:46 - 00475632 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00451728 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00394896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-09-08 02:46 - 2016-09-08 02:46 - 00284816 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-09-08 02:46 - 2016-09-08 02:46 - 00279176 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-09-08 02:46 - 2016-09-08 02:46 - 00267920 _____ C:\WINDOWS\system32\GameManager64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00262288 _____ C:\WINDOWS\system32\clinfo.exe
2016-09-08 02:46 - 2016-09-08 02:46 - 00260752 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00233104 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00226440 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00223376 _____ C:\WINDOWS\system32\atieah64.exe
2016-09-08 02:46 - 2016-09-08 02:46 - 00201360 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-09-08 02:46 - 2016-09-08 02:46 - 00194704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00168592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atigktxx.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00152720 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00142472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00130704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00129168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00127632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00122512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00120384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00120384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00117808 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-09-08 02:46 - 2016-09-08 02:46 - 00113872 _____ C:\WINDOWS\system32\kapp_si.sbin
2016-09-08 02:46 - 2016-09-08 02:46 - 00110736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00105616 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00103568 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00101520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00096400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00094352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00082064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00075920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00059536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00052880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00013456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-09-08 02:46 - 2016-09-08 02:46 - 00013448 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-09-08 02:45 - 2016-09-08 02:45 - 00743056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-09-08 02:45 - 2016-09-08 02:45 - 00618128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-09-08 02:45 - 2016-09-08 02:45 - 00241296 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-09-08 02:45 - 2016-09-08 02:45 - 00214160 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-09-08 02:45 - 2016-09-08 02:45 - 00156248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-09-08 02:45 - 2016-09-08 02:45 - 00152096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-09-08 02:45 - 2016-09-08 02:45 - 00135920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-09-08 02:45 - 2016-09-08 02:45 - 00135408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-09-08 02:45 - 2016-09-08 02:45 - 00017671 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2016-09-08 02:45 - 2016-09-08 02:45 - 00000144 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2016-09-08 02:45 - 2016-09-08 02:45 - 00000144 _____ C:\WINDOWS\system32\amd-vulkan64.json
2016-09-07 19:34 - 2016-09-11 12:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-07 19:34 - 2016-09-07 19:34 - 00001241 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-07 19:34 - 2016-09-07 19:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-07 19:34 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-07 19:34 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-07 19:34 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-07 19:12 - 2016-09-07 19:12 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-07 19:12 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-09-07 19:09 - 2016-09-07 19:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-09-07 19:08 - 2016-09-07 19:43 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-07 19:08 - 2016-09-07 19:08 - 00002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-09-07 19:08 - 2016-09-07 19:08 - 00002372 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-09-07 19:08 - 2016-09-07 19:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-09-07 19:08 - 2016-09-07 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-09-07 19:08 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-09-07 18:24 - 2016-09-10 14:08 - 00000000 ____D C:\AdwCleaner
2016-09-05 18:20 - 2016-09-05 18:20 - 00000000 ____D C:\Users\stock\AppData\Roaming\SPI
2016-09-01 19:54 - 2013-12-10 08:27 - 00016344 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2016-09-01 19:53 - 2013-12-10 08:27 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-09-01 19:53 - 2013-12-10 08:27 - 00100312 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2016-09-01 19:04 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 19:04 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-01 19:04 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-01 19:04 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 19:04 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-01 19:04 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-01 19:04 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 19:04 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-01 19:04 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 19:04 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 19:04 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-01 19:04 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-01 19:04 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 19:04 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-01 19:04 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-01 19:04 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-01 19:04 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-01 19:04 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 19:04 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 19:04 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-01 19:04 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-01 19:04 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-01 19:04 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-01 19:04 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-01 19:04 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-01 19:04 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-01 19:04 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-01 19:04 - 2016-08-20 07:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-01 19:04 - 2016-08-20 07:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-01 19:04 - 2016-08-20 07:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-01 19:04 - 2016-08-20 07:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-01 19:04 - 2016-08-20 07:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-01 19:04 - 2016-08-20 07:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-01 19:04 - 2016-08-20 07:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-01 19:04 - 2016-08-20 07:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-01 19:04 - 2016-08-20 07:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-01 19:04 - 2016-08-20 07:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-01 19:04 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-01 19:04 - 2016-08-20 07:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-01 19:04 - 2016-08-20 07:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-01 19:04 - 2016-08-20 07:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-01 19:04 - 2016-08-20 07:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-01 19:04 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-01 19:04 - 2016-08-20 07:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-01 19:04 - 2016-08-20 07:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-01 19:04 - 2016-08-20 07:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-01 19:04 - 2016-08-20 07:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-01 19:04 - 2016-08-20 07:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-01 19:04 - 2016-08-20 07:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-01 19:04 - 2016-08-20 07:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-01 19:04 - 2016-08-20 07:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-01 19:04 - 2016-08-20 07:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-01 19:04 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-01 19:04 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 19:04 - 2016-08-20 07:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 19:04 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 19:04 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 19:04 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 19:04 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-01 19:04 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 19:04 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 19:04 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 19:04 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 19:04 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-01 19:04 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-01 19:04 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 19:04 - 2016-08-20 07:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-01 19:04 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 19:04 - 2016-08-20 07:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-01 19:04 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-01 19:04 - 2016-08-20 07:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-01 19:04 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-01 19:04 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-01 19:04 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-01 19:04 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-01 19:04 - 2016-08-20 07:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-01 19:04 - 2016-08-20 07:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-01 19:04 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-01 19:04 - 2016-08-20 07:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-01 19:04 - 2016-08-20 07:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-01 19:04 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-01 19:04 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 19:04 - 2016-08-20 07:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-01 19:04 - 2016-08-20 07:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-01 19:04 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-01 19:04 - 2016-08-20 07:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-01 19:04 - 2016-08-20 07:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-01 19:04 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-01 19:04 - 2016-08-20 07:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-01 19:04 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 19:04 - 2016-08-20 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-01 19:04 - 2016-08-20 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-01 19:04 - 2016-08-20 07:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-01 19:04 - 2016-08-20 07:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-01 19:04 - 2016-08-20 07:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-01 19:04 - 2016-08-20 07:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-01 19:04 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-01 19:04 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-01 19:04 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-01 19:04 - 2016-08-20 06:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-01 19:04 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-01 19:04 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-01 19:04 - 2016-08-20 06:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-01 19:04 - 2016-08-20 06:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-01 19:04 - 2016-08-20 06:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-01 19:04 - 2016-08-20 06:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-01 19:04 - 2016-08-20 06:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-01 19:04 - 2016-08-20 06:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-01 19:04 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-01 19:04 - 2016-08-20 06:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-01 19:04 - 2016-08-20 06:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-01 19:04 - 2016-08-20 06:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-01 19:04 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-08-25 19:48 - 2016-08-25 19:17 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-25 19:45 - 2016-08-25 19:45 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-25 19:45 - 2016-08-25 19:45 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-25 19:45 - 2016-08-25 19:45 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-25 19:45 - 2016-08-25 19:45 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-25 19:45 - 2016-08-25 19:45 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-25 19:45 - 2016-08-25 19:45 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-25 19:45 - 2016-08-25 19:45 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-25 19:40 - 2016-08-25 19:40 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-25 19:38 - 2016-08-25 19:38 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\Program Files\MSBuild
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-25 19:38 - 2016-08-25 19:04 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-25 19:38 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-25 19:38 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-25 19:23 - 2016-08-25 19:23 - 00000000 ___RD C:\Users\stock\3D Objects
2016-08-25 19:20 - 2016-08-25 19:20 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-25 19:18 - 2016-08-25 19:18 - 00000000 ____D C:\ProgramData\USOShared
2016-08-25 19:17 - 2016-08-27 17:51 - 00000000 ____D C:\Users\stock\AppData\Local\ConnectedDevicesPlatform
2016-08-25 19:17 - 2016-08-25 19:17 - 00000656 __RSH C:\Users\stock\ntuser.pol
2016-08-25 19:17 - 2016-08-25 19:17 - 00000020 ___SH C:\Users\stock\ntuser.ini
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-08-25 19:14 - 2016-08-25 19:16 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-25 19:14 - 2016-08-25 19:16 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-25 19:10 - 2016-08-25 19:10 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-25 19:09 - 2016-09-09 15:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-25 19:09 - 2016-08-25 19:10 - 00002264 _____ C:\WINDOWS\System32\Tasks\{C70BA00D-C100-4D41-94D6-FDDE3DFCEAEC}
2016-08-25 19:02 - 2016-08-25 19:02 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2016-08-25 18:58 - 2016-08-25 19:04 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-25 18:56 - 2016-09-10 20:28 - 00000000 ____D C:\Users\stock
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Vorlagen
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Startmenü
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Netzwerkumgebung
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Lokale Einstellungen
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Eigene Dateien
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Druckumgebung
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Documents\Eigene Videos
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Documents\Eigene Musik
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Documents\Eigene Bilder
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\AppData\Local\Verlauf
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\AppData\Local\Anwendungsdaten
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Anwendungsdaten
2016-08-25 18:53 - 2016-09-11 12:06 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-25 18:53 - 2016-09-01 19:54 - 00000000 ____D C:\Program Files\Intel
2016-08-25 18:53 - 2016-08-25 19:04 - 00000000 ____D C:\Program Files\Elantech
2016-08-25 18:53 - 2016-08-25 18:53 - 01618211 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2016-08-25 18:53 - 2016-08-25 18:53 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____D C:\Program Files\Realtek
2016-08-25 18:52 - 2016-08-25 18:52 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-08-25 18:52 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-25 18:51 - 2016-09-09 15:19 - 00000000 ____D C:\Program Files\AMD
2016-08-25 18:50 - 2016-09-10 20:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-25 18:50 - 2016-08-25 18:50 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-25 18:49 - 2016-09-01 19:59 - 00343744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-23 10:01 - 2016-08-23 10:01 - 00000000 ____D C:\Users\stock\Desktop\Planet Coaster MapBackup
2016-08-23 09:41 - 2016-08-23 09:42 - 00000096 _____ C:\Users\stock\Desktop\To-Do.txt
2016-08-12 18:45 - 2016-08-12 18:45 - 00000000 ____D C:\Users\stock\AppData\Roaming\Greenshot
2016-08-12 18:45 - 2016-08-12 18:45 - 00000000 ____D C:\Users\stock\AppData\Local\Greenshot

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-11 12:06 - 2016-01-09 15:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-09-11 12:06 - 2016-01-09 14:52 - 00000000 __SHD C:\Users\stock\IntelGraphicsProfiles
2016-09-10 20:28 - 2016-01-09 16:24 - 00000000 ____D C:\Users\stock\AppData\Roaming\Skype
2016-09-10 14:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-09 15:30 - 2016-01-29 14:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2016-09-09 15:30 - 2016-01-10 17:38 - 00000000 ____D C:\Users\stock\AppData\Local\AMD
2016-09-09 15:22 - 2016-01-09 23:34 - 00000000 ____D C:\AMD
2016-09-09 15:21 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-09 15:20 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-09 15:14 - 2016-01-09 18:08 - 00000000 ____D C:\Users\stock\AppData\Roaming\.minecraft
2016-09-09 14:53 - 2016-01-09 23:35 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-09 14:20 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-09 13:54 - 2016-07-17 00:51 - 00517536 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-09 13:54 - 2016-07-17 00:51 - 00094184 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-09 13:54 - 2016-01-09 14:49 - 01505234 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-08 19:33 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-05 18:22 - 2016-01-09 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-09-05 17:30 - 2016-07-01 13:43 - 00000000 ____D C:\Users\stock\AppData\Local\Spotify
2016-09-05 17:28 - 2016-07-01 13:41 - 00000000 ____D C:\Users\stock\AppData\Roaming\Spotify
2016-09-05 17:08 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 20:02 - 2016-01-09 14:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-01 19:56 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-01 19:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-01 19:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-01 19:54 - 2016-03-28 18:32 - 00000000 ____D C:\ProgramData\Intel
2016-09-01 19:54 - 2016-03-28 18:32 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-01 18:58 - 2016-07-16 13:42 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-01 18:57 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-01 18:57 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-01 18:57 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-01 18:57 - 2016-07-16 13:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-01 18:57 - 2016-07-16 13:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-01 18:57 - 2016-07-16 13:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-30 20:06 - 2016-01-09 14:52 - 00000000 ____D C:\Users\stock\AppData\Local\Packages
2016-08-27 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-26 07:43 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-26 07:43 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-25 19:48 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-25 19:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-25 19:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-25 19:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-25 19:38 - 2016-07-16 13:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-08-25 19:38 - 2016-07-16 13:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-08-25 19:38 - 2016-07-16 13:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-08-25 19:38 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-08-25 19:22 - 2015-06-11 20:35 - 00049240 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-08-25 19:21 - 2016-01-09 14:55 - 00002387 _____ C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-25 19:21 - 2016-01-09 14:55 - 00000000 ___RD C:\Users\stock\OneDrive
2016-08-25 19:18 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-25 19:18 - 2016-01-09 14:53 - 00000000 ____D C:\Users\stock\AppData\Local\PackageStaging
2016-08-25 19:17 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-25 19:16 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-25 19:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-25 19:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-25 19:14 - 2016-01-09 14:21 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-25 19:10 - 2016-01-09 14:21 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicyUsers
2016-08-25 19:09 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-25 19:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-25 19:04 - 2016-07-16 08:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-08-25 19:04 - 2016-04-16 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-25 19:04 - 2016-03-28 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-25 19:04 - 2016-01-09 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-25 19:04 - 2016-01-09 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-08-25 19:04 - 2016-01-09 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-08-25 19:04 - 2016-01-09 14:21 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-25 19:02 - 2016-01-09 14:11 - 00000000 ____D C:\Users\Default.migrated
2016-08-25 19:00 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-25 19:00 - 2016-01-29 14:18 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2016-08-25 19:00 - 2016-01-09 17:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-25 18:59 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-25 18:59 - 2016-01-25 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-25 18:59 - 2016-01-09 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-08-25 18:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-25 18:54 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-25 18:54 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-25 18:51 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-23 09:34 - 2016-01-25 21:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-23 09:34 - 2016-01-09 16:24 - 00000000 ____D C:\ProgramData\Skype
2016-08-15 13:23 - 2016-01-09 17:47 - 00000000 ____D C:\Users\stock\AppData\Roaming\vlc

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-06-18 17:53 - 2016-06-18 17:53 - 0007601 _____ () C:\Users\stock\AppData\Local\Resmon.ResmonCfg
2016-01-09 15:26 - 2016-01-09 15:26 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-08-25 18:53 - 2016-08-25 18:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\stock\AppData\Local\Temp\adblocker4.exe
C:\Users\stock\AppData\Local\Temp\AutoRun.exe
C:\Users\stock\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\stock\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\stock\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\stock\AppData\Local\Temp\EAInstall.dll
C:\Users\stock\AppData\Local\Temp\eauninstall.exe
C:\Users\stock\AppData\Local\Temp\MusicStudio.exe
C:\Users\stock\AppData\Local\Temp\playstv_patch.exe
C:\Users\stock\AppData\Local\Temp\raptrpatch.exe
C:\Users\stock\AppData\Local\Temp\raptr_stub.exe
C:\Users\stock\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\stock\AppData\Local\Temp\ysins.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-05 17:57

==================== Ende von FRST.txt ============================
         

Alt 11.09.2016, 12:32   #12
Winja
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



die Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von stock (11-09-2016 12:16:11)
Gestartet von C:\Users\stock\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-25 17:17:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-602346101-288533717-1331706006-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-602346101-288533717-1331706006-503 - Limited - Disabled)
Gast (S-1-5-21-602346101-288533717-1331706006-501 - Limited - Disabled)
stock (S-1-5-21-602346101-288533717-1331706006-1002 - Administrator - Enabled) => C:\Users\stock

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.6 - Advanced Micro Devices, Inc.)
Ashampoo Cover Studio 1.01 (HKLM-x32\...\Ashampoo Cover Studio_is1) (Version: 1.0.1 - ashampoo GmbH & Co. KG)
Ashampoo Music Studio 5 v.5.0.7 (HKLM-x32\...\{91B33C97-5BBE-576E-893B-711D4D8298ED}_is1) (Version: 5.0.7 - Ashampoo GmbH & Co. KG)
Besiege (HKLM\...\Steam App 346010) (Version:  - Spiderling Studios)
Catalyst Control Center Next Localization BR (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0907.1109.18253 - Advanced Micro Devices, Inc.) Hidden
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
FlatOut: Ultimate Carnage (HKLM-x32\...\Steam App 12360) (Version:  - Bugbear Entertainment)
Frontier Launchpad version 1.0.3 (HKLM-x32\...\{8916D4AB-BBCB-4FBC-A203-B4C3144CF89B}_is1) (Version: 1.0.3 - Frontier Developments plc)
Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version:  - Rockstar North)
HP Officejet 4620 series - Grundlegende Software für das Gerät (HKLM\...\{B16F9E6E-1388-472C-98C3-F32D397EF85D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KeePass Password Safe 1.30 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.30 - Dominik Reichl)
LEGO® Der Herr der Ringe™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® STAR WARS™: The Force Awakens (HKLM\...\Steam App 438640) (Version:  - Traveller's Tales)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Parkitect (HKLM\...\Steam App 453090) (Version:  - Texel Raptor)
Planet Coaster Alpha (HKLM\...\Steam App 518340) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7808 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
RollerCoaster Tycoon World (HKLM\...\Steam App 282560) (Version:  - Nvizzio Creations)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB)
Spotify (HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version:  - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version:  - FireFly Studios)
Turbo Dismount (HKLM\...\Steam App 263760) (Version:  - Secret Exit Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Who's Your Daddy (HKLM\...\Steam App 427730) (Version:  - Evil Tortilla Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\stock\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-602346101-288533717-1331706006-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\stock\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {426EA321-796E-4710-AF0C-BAABF540CA54} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {6C171B18-5976-4D60-B541-1D1D11BB2C3C} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-07] (Advanced Micro Devices, Inc.)
Task: {91A85246-2555-457C-AF00-59E693280084} - System32\Tasks\{C70BA00D-C100-4D41-94D6-FDDE3DFCEAEC} => launchwinapp.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.16.0.105&amp;LastError=404
Task: {A078B1E2-C61C-4567-8C6F-50DBD4F270A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {E63B7A3A-2D1D-4D41-8C4E-4EEBC5F1890C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 21:39 - 2015-09-30 21:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-25 19:21 - 2016-08-25 19:21 - 00959168 _____ () C:\Users\stock\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-01 19:04 - 2016-08-20 06:54 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-01 19:04 - 2016-08-20 06:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-08-30 19:56 - 2016-08-30 19:56 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-30 19:56 - 2016-08-30 19:56 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-30 19:56 - 2016-08-30 19:56 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 00115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 00522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 00040448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00813056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00963584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00249344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00572416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00403968 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00183296 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2016-07-16 13:43 - 2016-07-17 00:56 - 00288256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2016-09-07 19:08 - 2014-05-13 12:04 - 00109400 _____ () C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-09-07 19:08 - 2014-05-13 12:04 - 00167768 _____ () C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-09-07 19:08 - 2014-05-13 12:04 - 00416600 _____ () C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\DEC150.bpl
2016-09-07 19:08 - 2012-08-23 10:38 - 00574840 _____ () C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\sqlite3.dll
2016-09-07 19:08 - 2012-04-03 17:06 - 00565640 _____ () C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-09-01 19:54 - 2013-12-10 08:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-01-09 14:21 - 2016-01-09 14:19 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-602346101-288533717-1331706006-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\stock\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4d0e7f78-e0a0-4636-af55-9903d7b648da}.jpg
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\stock\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4d0e7f78-e0a0-4636-af55-9903d7b648da}.jpg
DNS Servers: 138.201.48.176 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "HP Officejet 4620 series (NET)"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "HP Officejet 4620 series (NET)"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{26E1D222-FF96-425A-8E3E-4B792788946E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Planet Coaster Alpha\PlanetCoaster.exe
FirewallRules: [{5857033A-88E2-48D2-A5F3-751C4E4B1A1B}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Planet Coaster Alpha\PlanetCoaster.exe
FirewallRules: [{124A3183-5373-4FDC-B946-9022697EE095}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{7CB20BF4-CB64-464F-B415-658C77209CFA}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{E32A3583-D079-45CF-A180-F9F5ABA71CA8}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{EB7AB245-D869-4FCB-9F4C-D72DBE2B4C6B}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{E1D760B3-2946-4EB5-8824-E3B4B0922BEC}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\LEGO STAR WARS The Force Awakens\LEGOSWTFA.exe
FirewallRules: [{C8B13388-078C-4205-BB18-56386B4EA57E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\LEGO STAR WARS The Force Awakens\LEGOSWTFA.exe
FirewallRules: [{900D399C-7B4E-4C18-8406-45E5AC66C30A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Schlacht um Mittelerde II\game.dat
FirewallRules: [{8BCF9091-996B-4B42-94C4-062BC4259837}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Schlacht um Mittelerde II\game.dat
FirewallRules: [{C376C7D5-734B-4715-ADE5-668EF001D04A}] => (Allow) C:\Mark\Programme\Die Schlacht um Mittelerde 2\game.dat
FirewallRules: [{E91968F1-BB4A-4B79-864B-02882B43AB1F}] => (Allow) C:\Mark\Programme\Die Schlacht um Mittelerde 2\game.dat
FirewallRules: [{D4AE444C-0EC0-4963-891C-599612C3B82E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{58F2DB48-2A20-4653-8818-3DDDD44AB5BB}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{184B9B41-6481-4939-AB3F-620D737819AB}] => (Allow) C:\Mark\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{7F22833E-C70D-4993-AA95-95D5F3CC9D07}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{EDE7DE8C-0760-4FD6-BE1C-9616BD52D023}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{E0544AFC-F753-4BF9-888E-FF567BBB4342}] => (Allow) C:\Mark\Programme\Microsoft Office 2007\Office12\outlook.exe
FirewallRules: [{FBECCB82-34BB-48AA-A084-3EB9D0FC06F6}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{DDECFE45-6864-4F7C-A0E2-C05F820710BF}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{11017D06-9BFD-49E2-A6A4-971A9D665728}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{FFDDE0D2-B7E4-4201-A0F1-3BCA8A0CE834}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9B404727-7A5C-488D-B684-1E867A809C0D}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\FlatOut Ultimate Carnage\launcher.exe
FirewallRules: [{0CEC5434-02D8-4B52-AA09-42D887C46891}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\FlatOut Ultimate Carnage\launcher.exe
FirewallRules: [{9AC100BD-A373-48AE-9F5F-F382CF44D4D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BE3FC896-4AE7-46FC-B5A6-660A5928BB8B}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{0A7F7B5B-577D-40A1-8331-62BFF43A447D}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{4CC810DD-7F8C-4E73-9E0E-71B202639E4F}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{6A6F2824-E299-4B99-9F45-EFCD38F30D47}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{6BE0D75F-45DB-4A68-A29F-B33A7AFB7EED}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{FB070DED-DF22-4BD2-9092-D1572374BA39}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{4B42BB83-62C9-4A06-AE63-937A53E5B19F}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{026A885A-1142-49ED-9B73-BD035930D4A9}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{1768DC1B-0D41-43B3-B231-5A4B07DCCA2C}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{4419FD9E-6044-4B51-BB8E-23BCEA3FD2F2}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{F8E95C5E-2695-46E9-9B75-021689406D72}] => (Allow) C:\Mark\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{FEDE4AED-4383-4EF7-A0FB-64EF5BF896F9}] => (Allow) C:\Mark\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{5D47808F-075C-4137-9DE3-B4379B47630C}] => (Allow) C:\Mark\Programme\Steam\Steam.exe
FirewallRules: [{ECBF68FB-77AF-46BA-9DD9-846F8E6E6F7B}] => (Allow) C:\Mark\Programme\Steam\Steam.exe
FirewallRules: [{7434FFA2-1C6F-4927-816D-E9FBCAF1E478}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E513770F-049F-41F6-A1E8-4D98900E5BE4}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{CBEC0D68-8748-45B9-8F49-7C5786746AA9}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\DeviceSetup.exe
FirewallRules: [{AB9E073E-CA44-4861-894E-2DCA0C27A884}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\SendAFax.exe
FirewallRules: [{353584F4-FE38-441C-AE1F-F526A4EFAF8F}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\DigitalWizards.exe
FirewallRules: [{01480B04-5C67-4124-A4FA-178C3CD2F30F}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\FaxApplications.exe
FirewallRules: [{8A06A2E9-B165-40E9-8523-7F1526A46935}] => (Allow) C:\Program Files (x86)\Electronic Arts\Aufstieg des Hexenkönigs\game.dat
FirewallRules: [{49B9260C-14B3-4011-92C8-EE678E6ED502}] => (Allow) C:\Program Files (x86)\Electronic Arts\Aufstieg des Hexenkönigs\game.dat
FirewallRules: [{57ADE48C-A8A4-4C08-922A-7FE3D8AB2184}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{9EFB8671-7E14-491F-A8A5-2D2B9A3C115F}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{99523307-0F81-48DC-A5EB-E7141D159AC9}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{7D7E362C-524F-4BF3-BD9C-994743500E2C}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{BA894463-F12C-4335-A283-F36C8FBD4E3D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{04480422-4889-4836-B6B2-53704723B679}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{91A48402-476E-468F-9D5E-36820ECF867E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{D8673180-2896-4C3A-A175-AC6BFBEBDF1C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{177637A1-A220-4F50-9AC8-7586DFA4203A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{052AB1BA-A973-40A7-A6C0-FAB386216D33}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B0C3E4A9-94A5-4344-A724-CC65343BE445}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4D4FFF52-1E90-4CF6-84FC-4E6EDDF63B68}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F4A15DA8-322F-49D0-92E0-445279AA9D43}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4590FB87-49DD-4A62-93E6-E4BA52786D89}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

27-08-2016 18:01:05 Windows Update
01-09-2016 19:17:11 Windows Modules Installer
05-09-2016 17:06:58 Windows Update
09-09-2016 15:29:44 DirectX wurde installiert
09-09-2016 15:30:08 Microsoft Visual C++ 2005 Redistributable wird installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/11/2016 12:06:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WpcMon.exe, Version: 10.0.14393.0, Zeitstempel: 0x578998a9
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.14393.0, Zeitstempel: 0x578997b5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000006ea1e
ID des fehlerhaften Prozesses: 0x11f8
Startzeit der fehlerhaften Anwendung: 0x01d20c141d905b96
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\WpcMon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: e56ff13b-3aff-4539-9dbc-44232bdf8b6f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/10/2016 06:42:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WpcMon.exe, Version: 10.0.14393.0, Zeitstempel: 0x578998a9
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.14393.0, Zeitstempel: 0x578997b5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000006ea1e
ID des fehlerhaften Prozesses: 0x23f4
Startzeit der fehlerhaften Anwendung: 0x01d20b8242f4cb82
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\WpcMon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: 3a48b89c-ef5b-4341-b81e-2110cf21a8d0
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/10/2016 01:53:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WpcMon.exe, Version: 10.0.14393.0, Zeitstempel: 0x578998a9
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.14393.0, Zeitstempel: 0x578997b5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000006ea1e
ID des fehlerhaften Prozesses: 0x380
Startzeit der fehlerhaften Anwendung: 0x01d20b5a01b5e6e5
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\WpcMon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: 00ef8868-1619-46a2-95f8-86745ce9c7dc
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/09/2016 03:56:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GameBarPresenceWriter.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899bd6
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.103, Zeitstempel: 0x57b7e207
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f73f3
ID des fehlerhaften Prozesses: 0x11ec
Startzeit der fehlerhaften Anwendung: 0x01d20aa04f65f04d
Pfad der fehlerhaften Anwendung: C:\Windows\System32\GameBarPresenceWriter.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: db9eda02-0fd1-4261-b5c1-807ff019f76b
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/09/2016 03:44:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GTAIV.exe, Version: 1.0.7.0, Zeitstempel: 0x4bd9efbe
Name des fehlerhaften Moduls: GTAIV.exe, Version: 1.0.7.0, Zeitstempel: 0x4bd9efbe
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001a9346
ID des fehlerhaften Prozesses: 0x205c
Startzeit der fehlerhaften Anwendung: 0x01d20aa0379d97d7
Pfad der fehlerhaften Anwendung: C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\GTAIV.exe
Pfad des fehlerhaften Moduls: C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\GTAIV.exe
Berichtskennung: cf22ceab-3ddc-46a6-86ff-f7d6980c3601
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/09/2016 03:30:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/09/2016 03:29:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/09/2016 03:29:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007001f, Ein an das System angeschlossenes Gerät funktioniert nicht.
.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet

Error: (09/09/2016 03:28:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (09/09/2016 03:27:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\mark\programme\steam\steamapps\common\grand theft auto iv\gtaiv\GTAIV.exe".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (09/11/2016 12:06:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2016 06:53:43 PM) (Source: DCOM) (EventID: 10016) (User: MARKSPC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "MARKSPC\stock" (SID: S-1-5-21-602346101-288533717-1331706006-1002) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 und der APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 im Anwendungscontainer "Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe" (SID: S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2016 06:49:07 PM) (Source: DCOM) (EventID: 10016) (User: MARKSPC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "MARKSPC\stock" (SID: S-1-5-21-602346101-288533717-1331706006-1002) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 und der APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 im Anwendungscontainer "Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe" (SID: S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-4256926629-1688279915-2739229046-3928706915) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2016 06:49:06 PM) (Source: DCOM) (EventID: 10016) (User: MARKSPC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "MARKSPC\stock" (SID: S-1-5-21-602346101-288533717-1331706006-1002) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 und der APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 im Anwendungscontainer "Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe" (SID: S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2016 06:49:03 PM) (Source: DCOM) (EventID: 10016) (User: MARKSPC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "MARKSPC\stock" (SID: S-1-5-21-602346101-288533717-1331706006-1002) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 und der APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 im Anwendungscontainer "Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe" (SID: S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-2385269614-3243675-834220592-3047885450) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2016 06:49:03 PM) (Source: DCOM) (EventID: 10016) (User: MARKSPC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "MARKSPC\stock" (SID: S-1-5-21-602346101-288533717-1331706006-1002) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 und der APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 im Anwendungscontainer "Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe" (SID: S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-1206159417-1570029349-2913729690-1184509225) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2016 06:42:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2016 01:53:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/09/2016 03:58:13 PM) (Source: DCOM) (EventID: 10010) (User: MARKSPC)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/09/2016 03:56:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{3185A766-B338-11E4-A71E-12E3F512A338}
 und der APPID 
{7006698D-2974-4091-A424-85DD0B909E23}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2016-09-09 15:05:57.839
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-115528.dll that did not meet the Store signing level requirements.

  Date: 2016-09-09 15:05:57.835
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-116096.dll that did not meet the Store signing level requirements.

  Date: 2016-09-09 15:05:55.466
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-115528.dll that did not meet the Store signing level requirements.

  Date: 2016-09-09 15:05:55.423
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-116096.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8072.27 MB
Verfügbarer physikalischer RAM: 5491.11 MB
Summe virtueller Speicher: 9352.27 MB
Verfügbarer virtueller Speicher: 6484.23 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:907.73 GB) (Free:747.86 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9128D2BB)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
und der shortcut:

Code:
ATTFilter
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 31-08-2016
durchgeführt von stock (11-09-2016 12:17:09)
Gestartet von C:\Users\stock\Desktop
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)





Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\stock\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\stock\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\stock\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\stock\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\stock\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\stock ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frontier Launchpad.lnk -> C:\Mark\Programme\Planet Coaster\Frontier Launchpad\FrontierLaunchpad.exe (Frontier Developments Plc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk -> C:\Mark\Programme\KeePass Password Safe\KeePass Password Safe\KeePass.exe (Dominik Reichl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Mark\Programme\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Create System Report.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDLogReport.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\File Scan.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFiles.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Immunization.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDImmunize.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Rootkit Scan.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDRootAlyzer.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Spybot-S&D Start Center.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\System Scan.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Uninstall Spybot-S&D.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> C:\Mark\Programme\Minecraft\MinecraftLauncher.exe (Mojang)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digitales Zertifikat für VBA-Projekte.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Spracheinstellungen.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office-Diagnose.lnk -> C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE\Games for Windows - LIVE.lnk -> C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Hilfe für Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\Doc\de-DE\kis\context.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (Kaspersky Lab ZAO)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Lab im Internet.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kl.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Lizenzvertrag.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\Doc\de\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files\Java\jre1.8.0_101\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP*Update.lnk -> C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Music Studio 5\Ashampoo Music Studio 5  .lnk -> C:\Mark\Programme\Ashampoo Music Studio 5\Ashampoo Music Studio 5\MusicStudio.exe (Ashampoo GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Cover Studio\Ashampoo Cover Studio entfernen.lnk -> C:\Mark\Programme\Ashampoo Cover Studio\Ashampoo Cover Studio\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Cover Studio\Ashampoo Cover Studio.lnk -> C:\Mark\Programme\Ashampoo Cover Studio\Ashampoo Cover Studio\bin\CoverStudio.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Cover Studio\Hilfe.lnk -> C:\Mark\Programme\Ashampoo Cover Studio\Ashampoo Cover Studio\lang\CoverEditor-de-de.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Cover Studio\Liesmich.lnk -> C:\Mark\Programme\Ashampoo Cover Studio\Ashampoo Cover Studio\readme_de.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk -> C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft® Windows® Operating System)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{8ED1101F-AEE9-46DC-83DF-3D4D9893FC0B}\PlayTasks\0\Launch.lnk -> C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe (Sony DADC Austria AG)
Shortcut: C:\ProgramData\Microsoft\Internet Explorer\Quick Launch\Spybot-S&D Start Center.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Internet Explorer\Quick Launch\System Scan.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-304
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Ashampoo Cover Studio.lnk -> C:\Mark\Programme\Ashampoo Cover Studio\Ashampoo Cover Studio\bin\CoverStudio.exe ()
Shortcut: C:\Users\Public\Desktop\Ashampoo Music Studio 5.lnk -> C:\Mark\Programme\Ashampoo Music Studio 5\Ashampoo Music Studio 5\MusicStudio.exe (Ashampoo GmbH & Co. KG)
Shortcut: C:\Users\Public\Desktop\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (Kaspersky Lab ZAO)
Shortcut: C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk -> C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk -> C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Mark\Programme\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Mark\Programme\VLC Media Player\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\stock\Links\Desktop.lnk -> C:\Users\stock\Desktop ()
Shortcut: C:\Users\stock\Links\Downloads.lnk -> C:\Users\stock\Downloads ()
Shortcut: C:\Users\stock\Documents\Euro Truck Simulator 2\readme.rtf.lnk -> C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\readme.rtf ()
Shortcut: C:\Users\stock\Desktop\KeePass.lnk -> C:\Mark\Programme\KeePass Password Safe\KeePass Password Safe\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\stock\Desktop\Spotify.lnk -> C:\Users\stock\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\stock\Desktop\Microsoft Office 2007\Excel.lnk -> C:\Mark\Programme\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\Users\stock\Desktop\Microsoft Office 2007\Outlook.lnk -> C:\Mark\Programme\Microsoft Office 2007\Office12\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\Users\stock\Desktop\Microsoft Office 2007\Powerpoint.lnk -> C:\Mark\Programme\Microsoft Office 2007\Office12\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\Users\stock\Desktop\Microsoft Office 2007\Word.lnk -> C:\Mark\Programme\Microsoft Office 2007\Office12\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings.lnk -> C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\stock\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio-Manager.lnk -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RtkGUI.lnk -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\stock\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-304
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (Kaspersky Lab ZAO)
Shortcut: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security entfernen.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files\Java\jre1.8.0_101\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files\Java\jre1.8.0_101\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 4620 series\HP Officejet 4620 series.lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HP Officejet 4620 series.exe (Hewlett-Packard Co.) -> -Start UDCDevicePage
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\HP Officejet 4620 series.lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HP Officejet 4620 series.exe (Hewlett-Packard Co.) -> -Start UDCDevicePage
ShortcutWithArgument: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\stock\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\stock\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\stock\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\stock\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxp://java.com/help
InternetURL: C:\Users\stock\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\stock\Favorites\Acer\Acer.url -> URL: hxxp://www.acer.com/
InternetURL: C:\Users\stock\Favorites\Acer\eBay.url -> URL: hxxp://rover.ebay.com/rover/1/707-67567-24801-3/4
InternetURL: C:\Users\stock\Favorites\Acer\WildTangent Games.url -> URL: hxxp://rdr.wildtangent.com/default/acer/iefav.aspx

==================== Ende von Shortcut.txt =============================
         
Habe in meiner Appdata eine .exe gefunden die
sich Adblocker4 nennt und von StarkIndustry kommt....
also beim rumklickern, beim scannen kam keine meldung

Ist das irgendwas? :/

Alt 11.09.2016, 12:59   #13
M-K-D-B
/// TB-Ausbilder
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Servus,



dann schauen wir uns die Datei halt mal an.




Schritt 1
Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
  • Klicke auf Wählen Sie eine
  • Kopiere nun folgendes in die Suchleiste
    Code:
    ATTFilter
    C:\Users\stock\AppData\Roaming\adblocker4.exe
             
  • und klicke auf Öffnen.
  • Klicke auf Scannen!.
  • Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen
    Zitat:
    Diese Datei wurde bereits von VirusTotal analysiert...
    klicke auf Neu analysieren.
  • Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
  • Kopiere den Link aus deiner Adresszeile und poste ihn hier.





Schritt 2
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
GroupPolicyUsers\S-1-5-21-602346101-288533717-1331706006-1002\User: Beschränkung <======= ACHTUNG
CMD: dir /B "%ProgramFiles%"
CMD: dir /B "%ProgramFiles(x86)%"
CMD: dir /B "%ProgramData%"
CMD: dir /B "%Appdata%"
CMD: dir /B "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.








Schritt 4
Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.
  • Starte die sc-cleaner.exe mit einem Doppelclick.
  • Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
  • Eine Logdatei wird sich öffnen (sc-cleaner.txt).
  • Poste den Inhalt mit deiner nächsten Antwort.








Bitte poste mit deiner nächsten Antwort
  • den Link von VirusTotal,
  • die Logdatei des FRST-Fix,
  • die Logdatei von JRT,
  • die Logdatei von SC-Cleaner.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 11.09.2016, 19:56   #14
Winja
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Hallo,

der link von VirusTotal:

https://www.virustotal.com/de/file/c5a2488c327ad6633f0f2369afe3637a1c4e70e755c546382c3d0d1afbb2be7c/analysis/1473615322/

FrstFixLOG:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von stock (11-09-2016 19:41:31) Run:1
Gestartet von C:\Users\stock\Desktop
Geladene Profile: stock (Verfügbare Profile: stock)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
GroupPolicyUsers\S-1-5-21-602346101-288533717-1331706006-1002\User: Beschränkung <======= ACHTUNG
CMD: dir /B "%ProgramFiles%"
CMD: dir /B "%ProgramFiles(x86)%"
CMD: dir /B "%ProgramData%"
CMD: dir /B "%Appdata%"
CMD: dir /B "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-602346101-288533717-1331706006-1002\User => erfolgreich verschoben

========= dir /B "%ProgramFiles%" =========

AMD
Common Files
Elantech
HP
Intel
Internet Explorer
Java
Microsoft Office
Microsoft SQL Server Compact Edition
Microsoft Synchronization Services
MSBuild
Realtek
Reference Assemblies
Windows Defender
Windows Mail
Windows Media Player
Windows Multimedia Platform
Windows NT
Windows Photo Viewer
Windows Portable Devices
WindowsPowerShell

========= Ende von CMD: =========


========= dir /B "%ProgramFiles(x86)%" =========

AGEIA Technologies
AMD
Common Files
HP
Intel
Internet Explorer
Kaspersky Lab
Microsoft Games for Windows - LIVE
Microsoft SQL Server Compact Edition
Microsoft Synchronization Services
Microsoft Visual Studio
Microsoft Visual Studio 8
Microsoft Works
Microsoft.NET
MSBuild
NVIDIA Corporation
Raptr Inc
Reference Assemblies
Skype
Spybot - Search & Destroy 2
Windows Defender
Windows Mail
Windows Media Player
Windows Multimedia Platform
Windows NT
Windows Photo Viewer
Windows Portable Devices
WindowsPowerShell

========= Ende von CMD: =========


========= dir /B "%ProgramData%" =========

.mono
Ament.ini
Ashampoo
ATI
Comms
HP
Intel
Kaspersky Lab
Malwarebytes
Microsoft Help
Microsoft OneDrive
Oracle
Package Cache
regid.1991-06.com.microsoft
Skype
SoftwareDistribution
Spybot - Search & Destroy
stock
USOPrivate
USOShared
Western Digital

========= Ende von CMD: =========


========= dir /B "%Appdata%" =========

.minecraft
.mono
Adobe
AMD
Ashampoo Cover Studio
Atari
ATI
dvdcss
Frontier Developments
Greenshot
HpUpdate
java
KeePass
Launchpad
library_dir
Macromedia
Mozilla
OpenOffice
Skype
SPI
Spotify
Sun
vlc
Warner Bros. Interactive Entertainment

========= Ende von CMD: =========


========= dir /B "%LocalAppdata%" =========

ActiveSync
AMD
Ashampoo Music Studio 5
ATI
Bus Simulator 2012
CEF
Colossal Order
Comms
ConnectedDevicesPlatform
Diagnostics
FlatOut Ultimate Carnage
Frontier Developments
GDIPFONTCACHEV1.DAT
Google
Greenshot
HP
Microsoft
Microsoft Help
MicrosoftEdge
Mozilla
Packages
PackageStaging
Programs
Publishers
Resmon.ResmonCfg
Rockstar Games
Spotify
SquirrelTemp
Steam
Temp
TileDataLayer
TurboDismount
VirtualStore

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\S-1-5-21-602346101-288533717-1331706006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-602346101-288533717-1331706006-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37268961 B
Java, Flash, Steam htmlcache => 300429734 B
Windows/system/drivers => 13059817 B
Edge => 108424527 B
Chrome => 0 B
Firefox => 13005185 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 7680 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 65314 B
NetworkService => 16926 B
stock => 189408523 B

RecycleBin => 70267407 B
EmptyTemp: => 698 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:42:25 ====
         
JRT Log:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64 
Ran by stock (Administrator) on 11.09.2016 at 19:49:06,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\Users\stock\AppData\Roaming\spi (Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.09.2016 at 19:50:28,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

SC-cleaner LOG:

Code:
ATTFilter
Shortcut Cleaner 1.4.2 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 10 Home 
Program started at: 09/11/2016 07:53:09 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\stock\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\stock\Desktop\

Searching C:\Users\Public\Desktop\


0 bad shortcuts found.

Program finished at: 09/11/2016 07:53:10 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)
         

Alt 12.09.2016, 16:39   #15
M-K-D-B
/// TB-Ausbilder
 
Werbung bei jedem Klick/ immer neue Tabs - Standard

Werbung bei jedem Klick/ immer neue Tabs



Servus,



Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
  • Starte Zoek.exe mit einem Doppelklick. Es wird etwas dauern, bis sich das Programm öffnet.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    iedefaults;
    resetIEproxy;
    shortcutfix;
    FFdefaults;
    CHRdefaults;
    emptyclsid;
             
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist. Dies kann einige Zeit in Anspruch nehmen.
  • Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart).
  • Bitte poste mir die Logdatei von Zoek mit deiner nächsten Antwort.





wenn jetzt die Werbung noch immer kommt, dann brauche ich nochmal neue Logdateien von FRST sowie eine genauere Beschreibung inklusive Bilder (Screenshots) mit der Werbung.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Werbung bei jedem Klick/ immer neue Tabs
agent, browser, cookie, excel, explorer, file, hintergrund, hängt, internet explorer, internetseite, kaspersky, log, malwarebytes, microsoft, neue, office, problem, registry, seite, software, spybot, tab, werbung, werbung auf jeder internetseite, windows, öffnet



Ähnliche Themen: Werbung bei jedem Klick/ immer neue Tabs


  1. Bei jedem Klick öffnet sich Werbung
    Alles rund um Windows - 06.08.2016 (1)
  2. Win 10 | Chrome | Bei Klick & Start neue Tabs mit Werbung
    Log-Analyse und Auswertung - 26.07.2016 (16)
  3. Immer wieder öffnen sich neue Tabs mit Werbung, Pop-ups und Werbevideos
    Plagegeister aller Art und deren Bekämpfung - 09.04.2016 (19)
  4. Chrome öffnet immer Werbung und neue Tabs (trotz AdBlocker)
    Log-Analyse und Auswertung - 04.03.2016 (33)
  5. Browser öffnet bei jedem Klick neue Tabs und Werbung
    Plagegeister aller Art und deren Bekämpfung - 15.12.2015 (15)
  6. Es öffnen sich fast immer neue Tabs mit Werbung sei es, wenn ich webseiten öffne oder in textfelder klicke (wie hier)
    Plagegeister aller Art und deren Bekämpfung - 13.05.2015 (4)
  7. Bei fast jedem Klick geht eine neue Seite mit Werbung auf
    Log-Analyse und Auswertung - 12.02.2015 (23)
  8. Werbung und nervige Tabs die sich bei klick auf eine Seite öffnen sowie Blaue schricht im Brwoser mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 06.01.2015 (6)
  9. Internet öffnet immer neue tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 28.12.2014 (19)
  10. Es öffnen sich ungewollt immer neue Tabs & zu viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 13.12.2014 (15)
  11. Internet Explorer öffnet immer neue Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 29.08.2014 (17)
  12. Werbung und neue Tabs bei jedem Klick in Chrome
    Plagegeister aller Art und deren Bekämpfung - 02.07.2014 (5)
  13. neue Tabs mit stake7.com öffnen sich bei klick auf links
    Plagegeister aller Art und deren Bekämpfung - 30.06.2014 (11)
  14. Windows 7: Bei jedem Klick Werbung und Webseiten werden umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 02.05.2014 (9)
  15. unerwünschte Werbung und neue Tabs bei fast jedem Klick - Windows8, mozilla Firefox
    Plagegeister aller Art und deren Bekämpfung - 06.01.2014 (32)
  16. 888.com Werbung bei jedem Klick auf Mozilla
    Plagegeister aller Art und deren Bekämpfung - 14.12.2013 (16)
  17. Firefox: Fast bei jedem Klick öffnet sich ein neuer Tab mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 21.06.2013 (9)

Zum Thema Werbung bei jedem Klick/ immer neue Tabs - Hallo, ich habe seit zwei, drei Tagen das Problem, dass bei jeder Internetseite die sich öffnet, Werbung und sonstiges auch öffnet... Ich habe schon viele Threads gelesen aber irgendwie war - Werbung bei jedem Klick/ immer neue Tabs...
Archiv
Du betrachtest: Werbung bei jedem Klick/ immer neue Tabs auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.