Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 18.12.2016, 21:28   #1
FUXS
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



Hallo zusammen,

mein Nachbar bat mich um Hilfe, da sein Laptop nicht mehr ins Internet geht.
Nach ersten Überprüfungen bin ich allerdings ratlos - sicher ist: das System ist stark infiziert.

Symptome:
* Flugmodus lässt sich nicht ausschalten - bei betätigen des Schalters geht er sofort wieder auf ein!
* keine Internetverbindung möglich
* auch bei angeschlossenem LAN-Kabel wird die Verbindung nicht erkannt
* Netzwerkeinstellungen: es werden keine Adapter angezeigt!
* Gerätemanager: Netzwerkadapter Wlan und LAN sind vorhanden und aktiv
* Beim Starten von Win erscheint eine Meldung "Microsoft Security Client funktioniert nicht"

Ich wollte als Erstmaßnahme Malwarebyte starten, dies funktioniert nicht: Meldung "Unable to connect the Service"

AdwClaeaner hat rund 80 Bedrohungen gefunden - siehe Log

Anbei auch die Logdateien von FRST64

Hoffe Ihr könnt helfen
Gruß
FUXS

Code:
ATTFilter
# AdwCleaner v6.040 - Bericht erstellt am 17/12/2016 um 18:57:20
# Aktualisiert am 02/12/2016 von Malwarebytes
# Datenbank : 2016-12-02.1 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Alfred - ALFRED-NB
# Gestartet von : C:\Users\Alfred\Desktop\adwcleaner_6.040.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Alfred\AppData\Roaming\DriverFinder
[-] Ordner gelöscht: C:\Users\Alfred\AppData\Roaming\Yahoo!\Companion
[-] Ordner gelöscht: C:\Users\Alfred\AppData\Roaming\PCHealthAid
[#] Ordner mit Neustart gelöscht: C:\Users\Alfred\AppData\Roaming\driverfinder
[-] Ordner gelöscht: C:\Users\Alfred\Documents\DailyPCClean
[-] Ordner gelöscht: C:\Users\Alfred\Documents\PC Speed Maximizer
[-] Ordner gelöscht: C:\rei
[-] Ordner gelöscht: C:\Program Files (x86)\DriverFinder
[-] Ordner gelöscht: C:\Program Files (x86)\SoftUpgrade
[-] Ordner gelöscht: C:\Program Files (x86)\PC Health Aid
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\driverfinder


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\Alfred\daemonprocess.txt
[-] Datei gelöscht: C:\END
[-] Datei gelöscht: C:\claraInstaller.txt


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: SoftUpgrade
[-] Aufgabe gelöscht: PC Health Aid_DEFAULT
[-] Aufgabe gelöscht: PC Health Aid_UPDATES


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\Classes\AppXjg5yef049sawtb9n761dv5kwjwj2fmaa
[-] Schlüssel gelöscht: HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\AppXjg5yef049sawtb9n761dv5kwjwj2fmaa
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\AppXjg5yef049sawtb9n761dv5kwjwj2fmaa
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\Interstat
[-] Schlüssel gelöscht: HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\WebDiscoverBrowser
[-] Schlüssel gelöscht: HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\Yahoo\YFriendsBar
[-] Schlüssel gelöscht: HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\PC
[-] Schlüssel gelöscht: HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\AppDataLow\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Interstat
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\WebDiscoverBrowser
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Yahoo\YFriendsBar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PC
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Yahoo\Companion
[-] Schlüssel gelöscht: HKLM\SOFTWARE\PC
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Interstat
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\WebDiscoverBrowser
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Yahoo\Companion
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Yahoo\YFriendsBar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PC
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\WebDiscoverBrowser
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Nico Mak Computing\WinZip Driver Updater
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\de.softonic.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\izito.de
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.izito.de
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\de.softonic.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\izito.de
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.izito.de
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\de.softonic.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\izito.de
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.izito.de
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\de.softonic.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\izito.de
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.izito.de
[-] Wert gelöscht: HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Interstat]
[-] Wert gelöscht: HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [WebDiscoverBrowser]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext [DisableAddonLoadTimePerformanceNotifications]


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [10193 Bytes] - [17/12/2016 18:57:20]
C:\AdwCleaner\AdwCleaner[R0].txt - [44323 Bytes] - [09/03/2014 12:01:11]
C:\AdwCleaner\AdwCleaner[R1].txt - [44322 Bytes] - [09/03/2014 12:03:32]
C:\AdwCleaner\AdwCleaner[R2].txt - [20567 Bytes] - [09/03/2014 13:11:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [19403 Bytes] - [09/03/2014 13:13:05]
C:\AdwCleaner\AdwCleaner[S1].txt - [10145 Bytes] - [17/12/2016 18:53:26]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10637 Bytes] ##########
         





Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
durchgeführt von Alfred (Administrator) auf ALFRED-NB (18-12-2016 20:43:28)
Gestartet von C:\Users\Alfred\Desktop
Geladene Profile: Alfred (Verfügbare Profile: Alfred)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(1und1 Mail und Media GmbH) C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck_Broker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Users\Alfred\AppData\Local\Google\Update\GoogleUpdate.exe
(Google, Inc) C:\Users\Alfred\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
(1&1 Mail & Media GmbH) C:\Users\Alfred\AppData\Local\GMX Application {sync-000021}\gmx_mediacenter.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Global surveys) C:\Users\Alfred\AppData\Roaming\NetCtl\netctl.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\Alfred\AppData\Roaming\Telekom\MagentaCloud\MagentaCloud.App.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [2786768 2016-11-29] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck_Broker.exe [2316008 2016-10-26] (1und1 Mail und Media GmbH)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\Run: [Google Update] => C:\Users\Alfred\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-10-19] (Google Inc.)
HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\Run: [Google Photos Backup] => C:\Users\Alfred\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc)
HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\Run: [GMX Application {sync-000021}] => C:\Users\Alfred\AppData\Local\GMX Application {sync-000021}\gmx_mediacenter.exe [792064 2016-04-21] (1&1 Mail & Media GmbH)
HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\Run: [NetCtl] => C:\Users\Alfred\AppData\Roaming\NetCtl\netctl.exe [2758080 2016-11-25] (Global surveys)
HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\MountPoints2: {b56928a4-9c60-11e3-861c-dc0ea1a9cd9f} - "G:\EMP_UDSe.exe" /autorun
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon1] -> {70fd746c-367b-3030-8aa3-9170bba946b5} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon2] -> {975d4594-41a0-3903-a44e-ce7109705240} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon3] -> {4e36001f-6b82-3b12-8348-64d682964de9} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  MagentaOverlayIcon4] -> {47418e6f-8c1d-3223-bef9-2ba1bc655f28} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20161025184508353.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20161025184508353.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20161025184508353.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20161025184508353.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20161025184508353.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20161025184508353.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20161025184508353.dll [2016-04-21] (1&1 Mail & Media GmbH)
ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20161025184508353.dll [2016-04-21] (1&1 Mail & Media GmbH)
Startup: C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagentaCLOUD.lnk [2016-09-11]
ShortcutTarget: MagentaCLOUD.lnk -> C:\Users\Alfred\AppData\Roaming\Telekom\MagentaCloud\MagentaCloud.App.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8ec8a0d3-881a-4648-a48f-9bd12989eb31}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d48094c8-ad87-4773-b23f-830cf9694cfd}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-225683833-3388206037-1146919545-1000 -> DefaultScope {F5140687-F34F-4277-ABD9-7C8CDC4C059D} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-225683833-3388206037-1146919545-1000 -> {0A1B1580-6247-4435-B27D-1EC7C9175B73} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-225683833-3388206037-1146919545-1000 -> {10E10415-A717-4A4F-AFEC-BD223EE631A2} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-225683833-3388206037-1146919545-1000 -> {D3236A44-438A-4C37-946A-EDCD2294DBEE} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-225683833-3388206037-1146919545-1000 -> {F5140687-F34F-4277-ABD9-7C8CDC4C059D} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: GMX MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2016-10-26] (1und1 Mail und Media GmbH)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-09-13] (Microsoft Corporation)
BHO-x32: GMX MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll [2016-10-26] (1und1 Mail und Media GmbH)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
Toolbar: HKLM - GMX MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2016-10-26] (1und1 Mail und Media GmbH)
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2016-10-26] (1und1 Mail und Media GmbH)
Handler-x32: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll [2016-10-26] (1und1 Mail und Media GmbH)

Edge: 
======
Edge Extension: (Mausbewegungen) -> MouseGestures_MicrosoftMouseGestures_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.MouseGestures_0.6.16274.0_neutral__8wekyb3d8bbwe [2016-11-01]

FireFox:
========
FF DefaultProfile: 66a05x1x.default
FF DefaultProfile: bhn29bmq.default
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\t-online.de\Browser7\Profiles\66a05x1x.default [2016-12-09]
FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\bhn29bmq.default [2016-10-19]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-225683833-3388206037-1146919545-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Alfred\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-225683833-3388206037-1146919545-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Alfred\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-09-13] (Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default [2016-12-09]
CHR Extension: (Google Präsentationen) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-14]
CHR Extension: (Google Docs) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-14]
CHR Extension: (Google Drive) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-14]
CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-14]
CHR Extension: (Google Tabellen) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-14]
CHR Extension: (Google Docs Offline) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-12-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-14]
CHR Extension: (Google Mail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-09]
CHR HKU\S-1-5-21-225683833-3388206037-1146919545-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
S4 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 a016bus; C:\WINDOWS\System32\drivers\a016bus.sys [109096 2008-01-18] (MCCI Corporation)
S3 a016mgmt; C:\WINDOWS\System32\drivers\a016mgmt.sys [130600 2008-01-18] (MCCI Corporation)
S3 a016obex; C:\WINDOWS\System32\drivers\a016obex.sys [125480 2008-01-18] (MCCI Corporation)
R0 cm_km_w; C:\WINDOWS\System32\drivers\cm_km_w.sys [247016 2015-07-09] (Kaspersky Lab UK Ltd)
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Silicon Laboratories)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 s0016bus; C:\WINDOWS\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\System32\drivers\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\WINDOWS\System32\drivers\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\WINDOWS\System32\drivers\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\drivers\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\drivers\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\drivers\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 s1018bus; C:\WINDOWS\System32\drivers\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\WINDOWS\System32\drivers\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\drivers\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\WINDOWS\System32\drivers\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 s1029bus; C:\WINDOWS\System32\drivers\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\WINDOWS\System32\drivers\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\WINDOWS\System32\drivers\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\WINDOWS\System32\drivers\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S3 s1039bus; C:\WINDOWS\System32\drivers\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\WINDOWS\System32\drivers\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\WINDOWS\System32\drivers\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\WINDOWS\System32\drivers\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 s916bus; C:\WINDOWS\System32\drivers\s916bus.sys [108072 2007-11-02] (MCCI Corporation)
S3 s916mgmt; C:\WINDOWS\System32\drivers\s916mgmt.sys [130088 2007-11-02] (MCCI Corporation)
S3 s916obex; C:\WINDOWS\System32\drivers\s916obex.sys [124968 2007-11-02] (MCCI Corporation)
S3 se3ebus; C:\WINDOWS\System32\drivers\se3ebus.sys [107784 2007-04-10] (MCCI Corporation)
S3 se3emgmt; C:\WINDOWS\System32\drivers\se3emgmt.sys [126216 2007-04-10] (MCCI Corporation)
S3 se3eobex; C:\WINDOWS\System32\drivers\se3eobex.sys [123144 2007-04-10] (MCCI Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\Alfred\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-18 20:43 - 2016-12-18 20:44 - 00019474 _____ C:\Users\Alfred\Desktop\FRST.txt
2016-12-18 20:43 - 2016-12-18 20:43 - 00000000 ____D C:\FRST
2016-12-18 20:42 - 2016-12-18 20:40 - 02420224 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe
2016-12-18 20:18 - 2016-12-18 20:18 - 00000000 ____D C:\ProgramData\Avira
2016-12-18 20:18 - 2016-12-18 20:18 - 00000000 ____D C:\Program Files (x86)\Avira
2016-12-17 19:02 - 2016-12-17 19:02 - 00010800 _____ C:\Users\Alfred\Desktop\AdwCleaner[C0].txt
2016-12-17 18:51 - 2016-12-15 15:06 - 03968464 _____ C:\Users\Alfred\Desktop\adwcleaner_6.040.exe
2016-12-17 18:50 - 2016-12-17 18:50 - 00001872 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-17 18:50 - 2016-12-17 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-17 18:50 - 2016-11-29 06:27 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2016-12-17 18:49 - 2016-12-17 18:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-17 18:49 - 2016-12-17 18:49 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-16 18:03 - 2016-12-16 18:03 - 00003646 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-12-16 16:09 - 2016-12-16 16:09 - 00000000 ___HD C:\$SysReset
2016-12-13 22:10 - 2016-12-13 22:10 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-12-13 22:10 - 2016-12-13 22:10 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-12-12 17:09 - 2016-12-14 16:02 - 00000000 __SHD C:\Users\Alfred\wc
2016-12-10 19:15 - 2016-12-10 19:15 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-09 19:17 - 2016-12-09 19:32 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2016-12-09 16:57 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-09 16:57 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-09 16:57 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-09 16:57 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-09 16:57 - 2016-11-11 11:01 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-09 16:57 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-09 16:57 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-09 16:57 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-09 16:57 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-09 16:57 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-09 16:57 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-09 16:57 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-09 16:57 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-09 16:57 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-09 16:57 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-09 16:57 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-09 16:57 - 2016-11-11 10:17 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-09 16:57 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-09 16:57 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-09 16:57 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-09 16:57 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-09 16:57 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-09 16:57 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-09 16:57 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-09 16:57 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-09 16:57 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-09 16:57 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-09 16:57 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-09 16:57 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-09 16:57 - 2016-11-11 08:42 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-09 16:57 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-09 16:57 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-09 16:57 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-09 16:57 - 2016-11-11 08:19 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-09 16:57 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-09 16:57 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-09 16:57 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-09 16:57 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-09 16:57 - 2016-11-11 08:15 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-09 16:57 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-09 16:57 - 2016-11-11 08:11 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-09 16:57 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-09 16:57 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-09 16:57 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-09 16:57 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-09 16:57 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-09 16:57 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-09 16:56 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-09 16:56 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-09 16:56 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-09 16:56 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-09 16:56 - 2016-11-11 11:09 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-09 16:56 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-09 16:56 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-09 16:56 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-09 16:56 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-09 16:56 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-09 16:56 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-09 16:56 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-09 16:56 - 2016-11-11 10:56 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-09 16:56 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-09 16:56 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-09 16:56 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-09 16:56 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-09 16:56 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-09 16:56 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-09 16:56 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-09 16:56 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-09 16:56 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-09 16:56 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 16:56 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-09 16:56 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-09 16:56 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-09 16:56 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-09 16:56 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-09 16:56 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-09 16:56 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-09 16:56 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-09 16:56 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-09 16:56 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 16:56 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-09 16:56 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-09 16:56 - 2016-11-11 10:18 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-09 16:56 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-09 16:56 - 2016-11-11 10:17 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-09 16:56 - 2016-11-11 10:17 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-09 16:56 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-09 16:56 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-09 16:56 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-09 16:56 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-09 16:56 - 2016-11-11 10:08 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-09 16:56 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-09 16:56 - 2016-11-11 10:07 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-09 16:56 - 2016-11-11 10:06 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-09 16:56 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-09 16:56 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-09 16:56 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-09 16:56 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-09 16:56 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-09 16:56 - 2016-11-11 10:04 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-09 16:56 - 2016-11-11 10:03 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-09 16:56 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-09 16:56 - 2016-11-11 10:01 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-09 16:56 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-09 16:56 - 2016-11-11 08:56 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-09 16:56 - 2016-11-11 08:47 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-09 16:56 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-09 16:56 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-09 16:56 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-09 16:56 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-09 16:56 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-09 16:56 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-09 16:56 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-09 16:56 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-09 16:56 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-09 16:56 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-09 16:56 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-09 16:56 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-09 16:56 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-09 16:56 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-09 16:56 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-09 16:56 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-09 16:56 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-09 16:56 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-09 16:56 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-09 16:56 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-09 16:56 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-09 16:56 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-09 16:56 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-09 16:56 - 2016-11-11 08:04 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-09 16:56 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-09 16:55 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-09 16:55 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-09 16:55 - 2016-11-11 11:13 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-09 16:55 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-09 16:55 - 2016-11-11 11:10 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-09 16:55 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-09 16:55 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-09 16:55 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-09 16:55 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-09 16:55 - 2016-11-11 10:59 - 02913136 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-09 16:55 - 2016-11-11 10:59 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-09 16:55 - 2016-11-11 10:57 - 08170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-09 16:55 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-09 16:55 - 2016-11-11 10:57 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-09 16:55 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-09 16:55 - 2016-11-11 10:56 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-09 16:55 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-09 16:55 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-09 16:55 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-09 16:55 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-09 16:55 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-09 16:55 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-09 16:55 - 2016-11-11 10:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-09 16:55 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-09 16:55 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-09 16:55 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-09 16:55 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-09 16:55 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-09 16:55 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-09 16:55 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-09 16:55 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-09 16:55 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-09 16:55 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-09 16:55 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-09 16:55 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-09 16:55 - 2016-11-11 10:18 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-09 16:55 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-09 16:55 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-09 16:55 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-09 16:55 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-09 16:55 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-09 16:55 - 2016-11-11 10:14 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-09 16:55 - 2016-11-11 10:14 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-09 16:55 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-09 16:55 - 2016-11-11 10:10 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-09 16:55 - 2016-11-11 10:09 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-09 16:55 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-09 16:55 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-09 16:55 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-09 16:55 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-09 16:55 - 2016-11-11 10:05 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-09 16:55 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-09 16:55 - 2016-11-11 10:04 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-09 16:55 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-09 16:55 - 2016-11-11 10:03 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-09 16:55 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-09 16:55 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-09 16:55 - 2016-11-11 10:03 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-09 16:55 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-09 16:55 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-09 16:55 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-09 16:55 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-09 16:55 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-09 16:55 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-09 16:55 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-09 16:55 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-09 16:55 - 2016-11-11 08:45 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-09 16:55 - 2016-11-11 08:45 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-09 16:55 - 2016-11-11 08:42 - 06668032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-09 16:55 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-09 16:55 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-09 16:55 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-09 16:55 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-09 16:55 - 2016-11-11 08:26 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-09 16:55 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-09 16:55 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-09 16:55 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-09 16:55 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 16:55 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-09 16:55 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-09 16:55 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-09 16:55 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-09 16:55 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-09 16:55 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-09 16:55 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-09 16:55 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-09 16:55 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-09 16:55 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-09 16:55 - 2016-11-11 08:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-09 16:55 - 2016-11-11 08:10 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-09 16:55 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-09 16:55 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-09 16:55 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-09 16:55 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-09 16:55 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-09 16:55 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-09 16:55 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-09 16:55 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-09 16:55 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-09 16:55 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-09 16:55 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-09 16:55 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-09 16:55 - 2016-11-11 08:01 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-09 16:55 - 2016-11-11 07:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-09 16:54 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-09 16:54 - 2016-11-11 11:01 - 02189152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-09 16:54 - 2016-11-11 11:01 - 01738048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-09 16:54 - 2016-11-11 11:01 - 00658264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-09 16:54 - 2016-11-11 11:01 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-09 16:54 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-09 16:54 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-09 16:54 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-09 16:54 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-09 16:54 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-09 16:54 - 2016-11-11 10:31 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-09 16:54 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-09 16:54 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-09 16:54 - 2016-11-11 10:24 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-09 16:54 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-09 16:54 - 2016-11-11 10:23 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-09 16:54 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-09 16:54 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-09 16:54 - 2016-11-11 10:20 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-09 16:54 - 2016-11-11 10:20 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-09 16:54 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-09 16:54 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-09 16:54 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-09 16:54 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-09 16:54 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-09 16:54 - 2016-11-11 10:18 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-09 16:54 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-09 16:54 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-09 16:54 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-09 16:54 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-09 16:54 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-09 16:54 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-09 16:54 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-09 16:54 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-09 16:54 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-09 16:54 - 2016-11-11 10:11 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-09 16:54 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-09 16:54 - 2016-11-11 10:10 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-09 16:54 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-09 16:54 - 2016-11-11 10:08 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-09 16:54 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-09 16:54 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-09 16:54 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-09 16:54 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-09 16:54 - 2016-11-11 10:04 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-09 16:54 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-09 16:54 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-09 16:54 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-09 16:54 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-09 16:54 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-09 16:54 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-09 16:54 - 2016-11-11 10:03 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-09 16:54 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-09 16:54 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-09 16:54 - 2016-11-11 10:02 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-09 16:54 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-09 16:54 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-09 16:54 - 2016-11-11 08:47 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-09 16:54 - 2016-11-11 08:42 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-09 16:54 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-09 16:54 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-09 16:54 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-09 16:54 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-09 16:54 - 2016-11-11 08:20 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-09 16:54 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-09 16:54 - 2016-11-11 08:16 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-09 16:54 - 2016-11-11 08:16 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-09 16:54 - 2016-11-11 08:14 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-09 16:54 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-09 16:54 - 2016-11-11 08:09 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-09 16:54 - 2016-11-11 08:06 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-09 16:54 - 2016-11-11 08:06 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-09 16:54 - 2016-11-11 08:05 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-09 16:54 - 2016-11-11 08:04 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-09 16:54 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-09 16:54 - 2016-11-11 08:03 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-09 16:53 - 2016-11-11 10:51 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-09 16:53 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-09 16:53 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-09 16:53 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-09 16:53 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-09 16:53 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-09 16:53 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-09 16:53 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-09 16:53 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-09 16:53 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-09 16:53 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-09 16:53 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-09 16:53 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-09 16:53 - 2016-11-11 10:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-09 16:53 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-09 16:53 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-09 16:53 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-09 16:53 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-09 16:53 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-09 16:53 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-09 16:53 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-09 16:53 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-09 16:53 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-09 16:53 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-09 16:53 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-09 16:53 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-09 16:53 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-09 16:53 - 2016-11-11 08:20 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-09 16:53 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-09 16:53 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-09 16:53 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-09 16:53 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-09 16:53 - 2016-11-11 08:17 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-09 16:53 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-02 22:50 - 2016-12-02 22:50 - 00002514 _____ C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GMX Suche.lnk
2016-12-02 22:50 - 2016-12-02 22:50 - 00000000 ____D C:\Users\Alfred\AppData\Local\1&1 Mail & Media GmbH
2016-12-02 22:49 - 2016-12-02 22:49 - 00000000 ____D C:\ProgramData\UUdb
2016-12-02 22:49 - 2016-12-02 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMX MailCheck
2016-12-02 22:49 - 2016-12-02 22:49 - 00000000 ____D C:\Program Files\GMX MailCheck
2016-12-02 22:49 - 2016-12-02 22:49 - 00000000 ____D C:\Program Files (x86)\GMX MailCheck
2016-12-02 22:48 - 2016-12-02 22:49 - 01140120 _____ (1&1 Mail & Media GmbH) C:\Users\Alfred\Downloads\GMX_Toolbar_IE_Setup (10).exe
2016-12-02 22:43 - 2016-12-02 22:43 - 00000789 _____ C:\Users\Alfred\Downloads\magentacloud (1).zip
2016-12-02 17:05 - 2016-12-15 16:40 - 00000000 ____D C:\Program Files (x86)\t-online.de
2016-12-02 17:05 - 2016-12-02 17:12 - 00000000 ____D C:\Users\Alfred\AppData\Local\t-online.de
2016-12-02 17:05 - 2016-12-02 17:06 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\t-online.de
2016-12-02 17:04 - 2016-12-02 17:04 - 00288320 _____ (Ströer Digital Publishing GmbH) C:\Users\Alfred\Downloads\TB7-win32-install-03.exe
2016-11-30 22:57 - 2016-12-12 19:07 - 50688938 _____ C:\Users\Alfred\Downloads\magentacloud-Naila.zip
2016-11-28 13:54 - 2016-11-28 13:54 - 00000000 ____D C:\Users\Alfred\AppData\Local\CEF
2016-11-27 22:57 - 2016-10-12 12:09 - 00704512 _____ (Deutsche Telekom AG) C:\WINDOWS\system32\Sync-PlusUninstall.exe
2016-11-27 22:56 - 2016-11-27 22:56 - 10683208 _____ (Deutsche Telekom AG) C:\Users\Alfred\Downloads\Sync-Plus.exe
2016-11-26 22:48 - 2016-11-26 22:49 - 12210800 _____ (SimpleStar) C:\Users\Alfred\Downloads\SimpleDriverUpdaterSetup_ppc.exe
2016-11-26 22:42 - 2016-11-26 22:42 - 01065376 _____ (Google Inc.) C:\Users\Alfred\Downloads\googledrivesync (4).exe
2016-11-26 18:33 - 2016-12-13 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-26 18:32 - 2016-11-26 18:32 - 01065376 _____ (Google Inc.) C:\Users\Alfred\Downloads\googledrivesync (3).exe
2016-11-25 18:21 - 2016-11-25 18:21 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\NetCtl
2016-11-25 18:21 - 2016-11-25 18:21 - 00000000 ____D C:\Users\Alfred\AppData\Local\CrashRpt
2016-11-19 18:44 - 2016-11-19 18:44 - 00270060 _____ C:\Users\Alfred\Downloads\Plätzchen.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-18 20:20 - 2016-10-07 20:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-18 20:18 - 2016-09-11 20:53 - 00000000 ____D C:\Users\Alfred\MagentaCLOUD
2016-12-17 19:13 - 2016-10-07 20:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-17 19:11 - 2016-07-16 07:04 - 01572864 _____ C:\WINDOWS\system32\config\BBI
2016-12-17 18:57 - 2016-10-07 20:27 - 00000000 ____D C:\Users\Alfred
2016-12-17 18:57 - 2014-03-09 12:01 - 00000000 ____D C:\AdwCleaner
2016-12-17 18:56 - 2016-10-11 18:11 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Yahoo!
2016-12-17 18:36 - 2016-10-11 18:11 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-12-17 15:43 - 2016-09-13 16:20 - 00000000 ____D C:\Users\Alfred\AppData\Local\ElevatedDiagnostics
2016-12-15 20:09 - 2016-09-11 12:57 - 00000000 ____D C:\Users\Alfred\AppData\Roaming\Telekom
2016-12-15 19:30 - 2016-09-14 15:12 - 00000000 ____D C:\Users\Alfred\Documents\Outlook-Dateien
2016-12-15 16:44 - 2016-10-19 17:20 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-15 16:43 - 2016-10-19 17:20 - 00000000 ____D C:\ProgramData\Avg
2016-12-15 16:43 - 2016-10-19 17:19 - 00000000 ____D C:\Users\Alfred\AppData\Local\AvgSetupLog
2016-12-15 16:41 - 2016-11-06 16:45 - 00000000 ____D C:\Users\Alfred\AppData\Local\Avanquest
2016-12-15 16:41 - 2016-10-06 19:07 - 00000000 ____D C:\ProgramData\NCH Software
2016-12-15 16:41 - 2016-10-06 19:06 - 00000000 ____D C:\Program Files (x86)\NCH Software
2016-12-15 16:34 - 2016-09-11 12:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-14 22:19 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-14 19:21 - 2016-10-27 18:24 - 00000000 ____D C:\Users\Alfred\AppData\Local\InPixio
2016-12-14 16:46 - 2014-03-06 19:48 - 00000000 ___RD C:\Users\Alfred\OneDrive
2016-12-14 16:05 - 2016-10-07 20:18 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-14 10:28 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-14 09:50 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 09:48 - 2016-11-01 12:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 09:43 - 2016-11-01 12:27 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-14 09:38 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-14 08:53 - 2016-09-09 08:46 - 00000000 ___RD C:\Users\Alfred\Google Drive
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-10 19:15 - 2016-09-11 12:01 - 00002386 _____ C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-10 10:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-09 21:44 - 2016-09-14 18:09 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-09 19:14 - 2016-09-11 10:56 - 02623174 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-09 19:14 - 2016-07-16 23:51 - 01126936 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-09 19:14 - 2016-07-16 23:51 - 00264168 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-09 19:10 - 2015-09-10 06:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-09 19:06 - 2016-10-07 20:18 - 00572176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-09 19:02 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-09 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-09 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-09 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-09 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-09 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-09 19:02 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-09 19:02 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-09 19:02 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-09 19:02 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-09 16:24 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-08 16:24 - 2016-10-07 18:31 - 00000000 ____D C:\Windows10Upgrade
2016-12-02 22:49 - 2016-10-07 20:41 - 00003958 _____ C:\WINDOWS\System32\Tasks\Registration 1und1 Task
2016-12-02 22:49 - 2016-10-06 15:44 - 00000000 ____D C:\Program Files (x86)\1und1Softwareaktualisierung
2016-12-02 09:51 - 2016-10-19 21:03 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-225683833-3388206037-1146919545-1000UA.job
2016-12-02 09:51 - 2016-10-19 21:03 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-225683833-3388206037-1146919545-1000Core.job
2016-12-02 09:51 - 2016-09-14 18:08 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-02 09:51 - 2016-09-14 18:08 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-28 19:25 - 2016-10-24 22:14 - 00002214 _____ C:\Users\Alfred\Desktop\AudioRecorder - CHIP Installer.lnk
2016-11-27 12:57 - 2016-10-19 21:03 - 00003818 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-225683833-3388206037-1146919545-1000UA
2016-11-27 12:57 - 2016-10-19 21:03 - 00003550 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-225683833-3388206037-1146919545-1000Core
2016-11-27 12:57 - 2016-10-07 20:41 - 00003642 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-27 12:57 - 2016-10-07 20:41 - 00003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-26 18:33 - 2016-09-14 18:08 - 00000000 ____D C:\Users\Alfred\AppData\Local\Google
2016-11-26 18:33 - 2016-09-14 18:08 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-26 09:58 - 2016-09-11 11:58 - 00000000 ____D C:\Users\Alfred\AppData\Local\Packages

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-20 15:17 - 2016-10-20 18:17 - 0005120 _____ () C:\Users\Alfred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Alfred\setupSNK.exe


Einige Dateien in TEMP:
====================
C:\Users\Alfred\AppData\Local\Temp\libeay32.dll
C:\Users\Alfred\AppData\Local\Temp\msvcr120.dll
C:\Users\Alfred\AppData\Local\Temp\sqlite3.dll
C:\Users\Alfred\AppData\Local\Temp\Windows10Upgrade.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-08 09:09

==================== Ende von FRST.txt ============================
         



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-12-2016
durchgeführt von Alfred (18-12-2016 20:46:22)
Gestartet von C:\Users\Alfred\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-07 19:49:22)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-225683833-3388206037-1146919545-500 - Administrator - Disabled)
Alfred (S-1-5-21-225683833-3388206037-1146919545-1000 - Administrator - Enabled) => C:\Users\Alfred
DefaultAccount (S-1-5-21-225683833-3388206037-1146919545-503 - Limited - Disabled)
Gast (S-1-5-21-225683833-3388206037-1146919545-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-225683833-3388206037-1146919545-1013 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)


==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
GMX MailCheck für Windows (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.6.10.0 - 1&1 Mail & Media GmbH)
GMX MediaCenter 1.32.1.0 (HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\GMX Application {sync-000021}) (Version: 1.32.1.0 - 1&1 Mail & Media GmbH)
GMX Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.3.0 - 1&1 Mail & Media GmbH)
GMX Suche (HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\1&1 Mail & Media GmbH Search) (Version: 0.8.0.0 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
iCloud (HKLM\...\{29AAC3D3-23FC-496D-8266-0E3833686758}) (Version: 6.0.2.10 - Apple Inc.)
MagentaCLOUD Software (HKLM-x32\...\{D14275B4-2DBB-4F22-BDE4-1D94297DD16A}) (Version: 5.0.0.0 - Deutsche Telekom AG)
MAGIX 3D Maker (embeded) (HKLM-x32\...\MAGIX 3D Maker D) (Version: 6.0.0.7 - MAGIX AG)
MAGIX Foto Manager 16 Deluxe (HKLM-x32\...\MX.{5C06468B-7AB8-4E73-8794-AA6806EB930C}) (Version: 12.0.0.20 - MAGIX Software GmbH)
MAGIX Foto Manager 16 Deluxe (Version: 12.0.0.20 - MAGIX Software GmbH) Hidden
MAGIX Foto Manager 8 6.0.1.457 (D) (HKLM-x32\...\MAGIX Foto Manager 8 D) (Version: 6.0.1.457 - MAGIX AG)
MAGIX Fotobuch 3.6 (HKLM-x32\...\MAGIX Fotobuch) (Version: 3.6 - MAGIX AG)
MAGIX Fotos auf CD & DVD 8 8.0.1.11 (D) (HKLM-x32\...\MAGIX Fotos auf CD & DVD 8 D) (Version: 8.0.1.11 - MAGIX AG)
MAGIX Online Druck Service 3.4.3.0 (D) (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Photostory Deluxe (HKLM\...\MX.{F96AB910-6C9C-4D28-9030-52EF6C13D5C0}) (Version: 16.1.1.31 - MAGIX Software GmbH)
MAGIX Photostory Deluxe (Version: 16.1.1.31 - MAGIX Software GmbH) Hidden
MAGIX Screenshare 4.3.6.1987 (D) (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Slideshow Maker 2 (HKLM-x32\...\MX.{7AD52089-1158-42B0-BD44-475578594E43}) (Version: 2.0.1.9 - MAGIX Software GmbH)
MAGIX Slideshow Maker 2 (Version: 2.0.1.9 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{5CC9B805-3E92-433F-8323-5529D934CE3D}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
Malwarebytes Version 3.0.4.1269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.4.1269 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-225683833-3388206037-1146919545-1000\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mufin MusicFinder Base 1.5.3.255 (D) (HKLM-x32\...\Mufin MusicFinder Base D) (Version: 1.5.3.255 - MAGIX AG)
myphotobook print service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.6.4.1062 - myphotobook GmbH)
myphotobook print service (x32 Version: 1.6.4 - myphotobook GmbH) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.79 - NCH Software)
Photostory Deluxe Update (Version: 16.1.1.33 - MAGIX Software GmbH) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{FD1F398D-BD56-43E6-8E58-707857AC9A8C}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3127934) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{561D6567-A41D-407F-957C-39EEA3AB2D73}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3127934) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{561D6567-A41D-407F-957C-39EEA3AB2D73}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3127934) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{561D6567-A41D-407F-957C-39EEA3AB2D73}) (Version:  - Microsoft)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
         

Alt 18.12.2016, 21:29   #2
FUXS
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



Fortsetzung:
Code:
ATTFilter
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-225683833-3388206037-1146919545-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Alfred\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-225683833-3388206037-1146919545-1000_Classes\CLSID\{9B7F8E54-2CD5-43A9-A106-79A12EB4EBA3}\InprocServer32 -> C:\Users\Alfred\AppData\Local\1&1 Mail & Media GmbH\GMX Suche\Application\GMX_Suche_Proxy.dll (1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-225683833-3388206037-1146919545-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Alfred\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1067AAB3-D58E-4157-BE30-AE5D259ACEEA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-14] (Google Inc.)
Task: {15890059-9E3B-4306-9880-094357C92272} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {26FE3BA1-DCFE-4999-BD31-3F612D8EC730} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {3765F11E-4374-4D72-9417-0EAF98F736D4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {5CD8CF45-CB35-4704-A63A-F5B5DD36BCC1} - System32\Tasks\PC Health Aid => C:\Program Files (x86)\PC Health Aid\PCHealthAid.exe
Task: {738C2273-D56F-45D1-A0F4-15A2B419352E} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2015-01-12] (1&1 Mail & Media GmbH)
Task: {746EA110-641B-407C-A51C-F8BD9CAB866F} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Alfred\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {8C239C30-43A4-4547-A4FC-7E9065CF7896} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {91C195CD-3DB2-48FE-A8DB-27623CF2B4F7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-14] (Google Inc.)
Task: {A4955F0D-69DA-42A6-96B5-E34C30B70814} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-225683833-3388206037-1146919545-1000UA => C:\Users\Alfred\AppData\Local\Google\Update\GoogleUpdate.exe [2016-10-19] (Google Inc.)
Task: {A4AB6FE5-9C51-4895-B539-58E18A654E73} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {E2A7CE85-7608-492B-913A-C9E6A6654DCB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-225683833-3388206037-1146919545-1000Core => C:\Users\Alfred\AppData\Local\Google\Update\GoogleUpdate.exe [2016-10-19] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-225683833-3388206037-1146919545-1000Core.job => C:\Users\Alfred\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-225683833-3388206037-1146919545-1000UA.job => C:\Users\Alfred\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-09 16:55 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-09 16:55 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-09 16:55 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-10 19:14 - 2016-12-10 19:14 - 01678560 _____ () C:\Users\Alfred\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-11-01 11:58 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-09 16:53 - 2016-11-11 10:23 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 17:33 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 17:33 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 17:32 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 17:33 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 17:33 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 17:33 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-05-31 15:35 - 2016-05-31 15:35 - 03576008 _____ () C:\Users\Alfred\AppData\Roaming\Telekom\MagentaCloud\MagentaCloud.App.exe
2016-12-14 09:35 - 2016-12-14 09:37 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 09:35 - 2016-12-14 09:37 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 09:35 - 2016-12-14 09:37 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 09:35 - 2016-12-14 09:37 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-12-10 19:14 - 2016-12-10 19:14 - 01244376 _____ () C:\Users\Alfred\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-04-08 23:35 - 2016-04-08 23:35 - 03481600 _____ () C:\Users\Alfred\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-05-31 15:34 - 2016-05-31 15:34 - 00327352 _____ () C:\Users\Alfred\AppData\Roaming\Telekom\MagentaCloud\CefSharp.dll
2016-05-31 15:35 - 2016-05-31 15:35 - 24985264 _____ () C:\Users\Alfred\AppData\Roaming\Telekom\MagentaCloud\libcef.dll
2016-05-31 15:34 - 2016-05-31 15:34 - 00206536 _____ () C:\Users\Alfred\AppData\Roaming\Telekom\MagentaCloud\CefSharp.WinForms.dll
2016-12-18 20:17 - 2016-12-18 20:17 - 00098816 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32api.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00110080 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\pywintypes27.dll
2016-12-18 20:16 - 2016-12-18 20:16 - 00364544 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\pythoncom27.dll
2016-12-18 20:17 - 2016-12-18 20:17 - 00320512 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32com.shell.shell.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00914432 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\_hashlib.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 01176576 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\wx._core_.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00806400 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\wx._gdi_.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00816128 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\wx._windows_.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 01067008 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\wx._controls_.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00733184 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\wx._misc_.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00682496 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\pysqlite2._sqlite.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00088064 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\_ctypes.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00686080 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\unicodedata.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00119808 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32file.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00108544 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32security.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00007168 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\hashobjs_ext.pyd
2016-12-18 20:16 - 2016-12-18 20:17 - 00017920 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\thumbnails_ext.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00088064 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\usb_ext.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00012800 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\common.time34.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00018432 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32event.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00167936 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32gui.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00046080 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\_socket.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 01303552 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\_ssl.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00128512 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\_elementtree.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00127488 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\pyexpat.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00038912 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32inet.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00036864 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\_psutil_windows.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00524248 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\windows._lib_cacheinvalidation.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00011264 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32crypt.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00123392 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\wx._wizard.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00077312 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\wx._html2.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00027648 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\_multiprocessing.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00020480 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\_yappi.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00035840 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32process.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00078848 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\wx._animate.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00024064 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32pipe.pyd
2016-12-18 20:16 - 2016-12-18 20:16 - 00010240 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\select.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00025600 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32pdh.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00017408 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32profile.pyd
2016-12-18 20:17 - 2016-12-18 20:17 - 00022528 ____R () C:\Users\Alfred\AppData\Local\Temp\_MEI51722\win32ts.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-09-11 11:17 - 2016-09-11 11:14 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-225683833-3388206037-1146919545-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alfred\Desktop\2016-04-29 11.31.57.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.
bfe => Firewall Dienst läuft nicht.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: AJRouter => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AppReadiness => 3
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: Audiosrv => 2
MSCONFIG\Services: avgsvc => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Browser => 3
MSCONFIG\Services: BthHFSrv => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CDPSvc => 2
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: DcpSvc => 3
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: DeviceAssociationService => 3
MSCONFIG\Services: DeviceInstall => 3
MSCONFIG\Services: DevQueryBroker => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: diagnosticshub.standardcollector.service => 3
MSCONFIG\Services: DiagTrack => 2
MSCONFIG\Services: DmEnrollmentSvc => 3
MSCONFIG\Services: dmwappushservice => 3
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: DoSvc => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: DsmSvc => 3
MSCONFIG\Services: DsSvc => 3
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: EFS => 3
MSCONFIG\Services: EMP_UDSA => 2
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: EventLog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: fhsvc => 2
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: FrameServer => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: hidserv => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: HvHost => 3
MSCONFIG\Services: icssvc => 3
MSCONFIG\Services: IKEEXT => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: irmon => 3
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: LicenseManager => 3
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 3
MSCONFIG\Services: MapsBroker => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: NcaSvc => 3
MSCONFIG\Services: NcbService => 3
MSCONFIG\Services: NcdAutoSetup => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 3
MSCONFIG\Services: NetSetupSvc => 3
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PerfHost => 3
MSCONFIG\Services: PhoneSvc => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PlugPlay => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 3
MSCONFIG\Services: Power => 2
MSCONFIG\Services: PrintNotify => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RetailDemo => 3
MSCONFIG\Services: RmSvc => 3
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: ScDeviceEnum => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 3
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SensorDataService => 3
MSCONFIG\Services: SensorService => 3
MSCONFIG\Services: SensrSvc => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: smphost => 3
MSCONFIG\Services: SmsRouter => 3
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: StorSvc => 3
MSCONFIG\Services: svsvc => 3
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TermService => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: TieringEngineService => 3
MSCONFIG\Services: tonlinedeBrowser7Maintenance => 3
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UPnPService => 3
MSCONFIG\Services: UsoSvc => 3
MSCONFIG\Services: VaultSvc => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: vmicguestinterface => 3
MSCONFIG\Services: vmicheartbeat => 3
MSCONFIG\Services: vmickvpexchange => 3
MSCONFIG\Services: vmicrdv => 3
MSCONFIG\Services: vmicshutdown => 3
MSCONFIG\Services: vmictimesync => 3
MSCONFIG\Services: vmicvmsession => 3
MSCONFIG\Services: vmicvss => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WalletService => 3
MSCONFIG\Services: wbengine => 3
MSCONFIG\Services: WbioSrvc => 2
MSCONFIG\Services: Wcmsvc => 2
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 3
MSCONFIG\Services: WebClient => 3
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: WEPHOSTSVC => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WiaRpc => 3
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: wisvc => 3
MSCONFIG\Services: WlanSvc => 2
MSCONFIG\Services: wlidsvc => 3
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: workfolderssvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\Services: WpnService => 2
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 3
MSCONFIG\Services: wudfsvc => 3
MSCONFIG\Services: WwanSvc => 3
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxNetApiSvc => 3
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "StartCCC"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{FF6E12CB-E8BC-43D4-A2B7-FA7F5160F0D9}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E2261DA0-97D9-41D0-B6EA-D153AA7E3F27}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E123B289-6ABD-4AFA-9FD7-AE95EDEA1655}] => C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4E773664-0C76-4910-B1B6-4607E1437493}] => C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7E4D16B2-C5D9-4719-AE4A-66F9A84C3635}] => C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{9FDA7A3F-4757-40C3-B73D-BA2F96082B87}] => C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{C67B5973-D5AC-41EB-A864-6C8561CFC68C}] => C:\Program Files (x86)\simplitec\simplitec\simpliclean\PowerSuite.exe
FirewallRules: [{5A2CF0F3-CEC1-4957-89F0-8B1C571D2493}] => C:\Program Files (x86)\simplitec\simplitec\simpliclean\PowerSuite.exe
FirewallRules: [{481D1A35-7636-4852-833D-8FEACE2B7E96}] => C:\Program Files (x86)\simplitec\simplitec\simpliclean\ServiceProvider.exe
FirewallRules: [{B2AEA9FA-4C28-4283-8C3C-1710F6B5ED6C}] => C:\Program Files (x86)\simplitec\simplitec\simpliclean\ServiceProvider.exe
FirewallRules: [{23F6A5AB-784B-41A3-8974-759B5FB13C7D}] => C:\Program Files\MAGIX\Photostory Deluxe\2017\Fotos_dlx.exe
FirewallRules: [{8EF24C2C-F97C-4D22-B02E-6A1015124419}] => C:\Program Files (x86)\simplitec\simplitec\simpliclean\ServiceProvider.exe
FirewallRules: [{7407B7BF-3A6B-44F0-90D2-7522AD68E2A2}] => C:\Program Files (x86)\simplitec\simplitec\simpliclean\ServiceProvider.exe
FirewallRules: [TCP Query User{96CA6ADD-EF3B-4E25-9933-7D816AA15233}C:\program files (x86)\simplitec\simplitec\simpliclean\serviceprovider.exe] => C:\program files (x86)\simplitec\simplitec\simpliclean\serviceprovider.exe
FirewallRules: [UDP Query User{C041541B-A9B9-4790-A9CD-37445BB0C64E}C:\program files (x86)\simplitec\simplitec\simpliclean\serviceprovider.exe] => C:\program files (x86)\simplitec\simplitec\simpliclean\serviceprovider.exe
FirewallRules: [{A9E5CFD4-BD91-4031-8394-6124BBD804DE}] => C:\Program Files\Telekom\Sync-Plus\Sync-Plus.exe
FirewallRules: [{3DFE12F4-D564-4B9A-AB4D-4871DCE72379}] => C:\Program Files (x86)\t-online.de\Browser 7\Browser7.exe
FirewallRules: [{99ED4D67-D118-4274-95B3-AB0C43544CE4}] => C:\Program Files (x86)\t-online.de\Browser 7\Browser7.exe
FirewallRules: [{4AC5607B-9AA4-4181-8E39-88C8CA7A9850}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

Wiederherstellungspunkte konnten nicht aufgelistet werden
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlerhafte Geräte im Gerätemanager =============

Konnte Geräte nicht auflisten. Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/15/2016 04:35:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Alfred-NB)
Description: Bei der Aktivierung der App „62632UNETA.492836F161CC8_rmspfwnbz040j!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/15/2016 04:20:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Alfred-NB)
Description: Bei der Aktivierung der App „62632UNETA.492836F161CC8_rmspfwnbz040j!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/15/2016 04:01:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Alfred-NB)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147417848. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/15/2016 04:01:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Alfred-NB)
Description: Bei der Aktivierung der App „62632UNETA.492836F161CC8_rmspfwnbz040j!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/15/2016 01:45:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Alfred-NB)
Description: Bei der Aktivierung der App „62632UNETA.492836F161CC8_rmspfwnbz040j!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/15/2016 01:30:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Alfred-NB)
Description: Bei der Aktivierung der App „62632UNETA.492836F161CC8_rmspfwnbz040j!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/15/2016 01:15:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Alfred-NB)
Description: Bei der Aktivierung der App „62632UNETA.492836F161CC8_rmspfwnbz040j!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/15/2016 01:00:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Alfred-NB)
Description: Bei der Aktivierung der App „62632UNETA.492836F161CC8_rmspfwnbz040j!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/15/2016 12:45:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Alfred-NB)
Description: Bei der Aktivierung der App „62632UNETA.492836F161CC8_rmspfwnbz040j!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/15/2016 12:30:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Alfred-NB)
Description: Bei der Aktivierung der App „62632UNETA.492836F161CC8_rmspfwnbz040j!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (12/14/2016 08:49:05 PM) (Source: DCOM) (EventID: 10005) (User: Alfred-NB)
Description: Fehler "1068" in DCOM, als der Dienst "netprofm" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (12/14/2016 08:49:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/14/2016 08:48:05 PM) (Source: DCOM) (EventID: 10005) (User: Alfred-NB)
Description: Fehler "1068" in DCOM, als der Dienst "netprofm" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (12/14/2016 08:48:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/14/2016 08:47:05 PM) (Source: DCOM) (EventID: 10005) (User: Alfred-NB)
Description: Fehler "1068" in DCOM, als der Dienst "netprofm" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (12/14/2016 08:47:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/14/2016 08:47:05 PM) (Source: DCOM) (EventID: 10005) (User: Alfred-NB)
Description: Fehler "1068" in DCOM, als der Dienst "netprofm" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (12/14/2016 08:47:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (12/14/2016 08:46:05 PM) (Source: DCOM) (EventID: 10005) (User: Alfred-NB)
Description: Fehler "1068" in DCOM, als der Dienst "netprofm" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (12/14/2016 08:46:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


CodeIntegrity:
===================================
  Date: 2016-12-12 11:34:38.595
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-10 09:01:27.872
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-12-02 12:32:33.262
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-26 22:49:56.876
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-26 22:49:56.874
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-14 21:58:57.645
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-11 08:18:58.051
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-10 08:46:38.916
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-08 17:46:04.368
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-07 17:56:44.277
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 5995.86 MB
Verfügbarer physikalischer RAM: 4441.81 MB
Summe virtueller Speicher: 6955.86 MB
Verfügbarer virtueller Speicher: 5536.66 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:229.66 GB) (Free:17.66 GB) NTFS
Drive d: (ALFRED) (Fixed) (Total:217 GB) (Free:112.17 GB) NTFS
Drive g: (FW-AUTO) (Removable) (Total:3.74 GB) (Free:3.62 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6685D4C2)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=229.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=217 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 7.6 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0B)

==================== Ende von Addition.txt ============================
         
__________________


Alt 20.12.2016, 12:25   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
__________________

Alt 20.12.2016, 12:57   #4
FUXS
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



Hallo Cosinus,

hab da noch eine Frage bevor ich beginne....

Der Download der Software mit anderem PC ist kein Problem,
aber...
wie soll/kann ich die Datenbank von Malwarebytes Anti-Rootkit nach dem Starten aktualisieren, wenn ich mit dem PC nicht ins I-Net komme?

Gruß
FUXS

Alt 20.12.2016, 13:08   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



Probier doch erstmal aus, ob MBAR sich die aktuelle DB runterladen kann.
Wenn nicht startest du MBAR auf einem anderen Rechner mit Internetverbindung, updates da die Signaturen und beendest das Programm wieder. Dann einfach den MBAR-Ordner auf nen Stick kopieren und auf den Rechner ohne Verbindung ins Internet übertragen - MBAR ist nämlich ein portables Programm.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.12.2016, 17:10   #6
FUXS
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



hier die gewünschten Log-Dateien:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.12.20.06
  rootkit: v2016.11.20.01

Windows 8 x64 NTFS
Internet Explorer 11.447.14393.0
Alfred :: ALFRED-NB [administrator]

20.12.2016 15:20:27
mbar-log-2016-12-20 (15-20-27).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 334395
Time elapsed: 49 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Alfred\Downloads\setup-photoscape.exe (Adware.DownloadGuide) -> Delete on reboot. [7e18aa3f1a80e3536fe2b10380811de3]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         


Code:
ATTFilter
16:46:36.0016 0x132c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
16:46:44.0072 0x132c  ============================================================
16:46:44.0072 0x132c  Current date / time: 2016/12/20 16:46:44.0072
16:46:44.0072 0x132c  SystemInfo:
16:46:44.0072 0x132c  
16:46:44.0072 0x132c  OS Version: 10.0.14393 ServicePack: 0.0
16:46:44.0072 0x132c  Product type: Workstation
16:46:44.0072 0x132c  ComputerName: ALFRED-NB
16:46:44.0072 0x132c  UserName: Alfred
16:46:44.0072 0x132c  Windows directory: C:\WINDOWS
16:46:44.0072 0x132c  System windows directory: C:\WINDOWS
16:46:44.0072 0x132c  Running under WOW64
16:46:44.0072 0x132c  Processor architecture: Intel x64
16:46:44.0072 0x132c  Number of processors: 4
16:46:44.0072 0x132c  Page size: 0x1000
16:46:44.0072 0x132c  Boot type: Normal boot
16:46:44.0072 0x132c  CodeIntegrityOptions = 0x00000001
16:46:44.0072 0x132c  ============================================================
16:46:44.0792 0x132c  KLMD registered as C:\WINDOWS\system32\drivers\33571053.sys
16:46:44.0792 0x132c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.479, osProperties = 0x19
16:46:45.0936 0x132c  System UUID: {F6D2EE72-4558-1447-F8BD-0528B3DA97ED}
16:46:46.0832 0x132c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:46:47.0690 0x132c  ============================================================
16:46:47.0690 0x132c  \Device\Harddisk0\DR0:
16:46:47.0690 0x132c  MBR partitions:
16:46:47.0690 0x132c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
16:46:47.0690 0x132c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x1CB53000
16:46:47.0708 0x132c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1F186000, BlocksNum 0x1B1FF800
16:46:47.0708 0x132c  ============================================================
16:46:47.0743 0x132c  C: <-> \Device\Harddisk0\DR0\Partition2
16:46:47.0793 0x132c  D: <-> \Device\Harddisk0\DR0\Partition3
16:46:47.0793 0x132c  ============================================================
16:46:47.0793 0x132c  Initialize success
16:46:47.0793 0x132c  ============================================================
16:48:48.0336 0x1234  ============================================================
16:48:48.0336 0x1234  Scan started
16:48:48.0336 0x1234  Mode: Manual; SigCheck; TDLFS; 
16:48:48.0336 0x1234  ============================================================
16:48:48.0336 0x1234  KSN ping started
16:48:48.0352 0x1234  KSN ping finished: false
16:48:49.0738 0x1234  ================ Scan system memory ========================
16:48:49.0738 0x1234  System memory - ok
16:48:49.0738 0x1234  ================ Scan services =============================
16:48:49.0987 0x1234  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
16:48:50.0138 0x1234  1394ohci - ok
16:48:50.0153 0x1234  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
16:48:50.0191 0x1234  3ware - ok
16:48:50.0222 0x1234  [ 25E6C904B273F97A5E6E2D16E859A70D, F1E82E58274F429163E23C33C37AF41699E3A8A2C01DD20549E8900C7B8CC953 ] a016bus         C:\WINDOWS\System32\drivers\a016bus.sys
16:48:50.0254 0x1234  a016bus - ok
16:48:50.0286 0x1234  [ 1971B457B64377FA6243FC69B837C214, E75AFCDC7183B7E7DBEA3CBE146CF0CD962F9C93411339599BC0E796CEFA2DF3 ] a016mgmt        C:\WINDOWS\System32\drivers\a016mgmt.sys
16:48:50.0291 0x1234  a016mgmt - ok
16:48:50.0307 0x1234  [ 6042FC874CCB746173B80D73DF293FD6, 4111F9F39FFEBF99F8CA0AB11546A57B629F5AB476323F2E96B69FC4C1338FD6 ] a016obex        C:\WINDOWS\System32\drivers\a016obex.sys
16:48:50.0322 0x1234  a016obex - ok
16:48:50.0407 0x1234  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
16:48:50.0438 0x1234  ACPI - ok
16:48:50.0454 0x1234  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
16:48:50.0522 0x1234  AcpiDev - ok
16:48:50.0522 0x1234  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
16:48:50.0554 0x1234  acpiex - ok
16:48:50.0591 0x1234  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
16:48:50.0654 0x1234  acpipagr - ok
16:48:50.0691 0x1234  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
16:48:50.0789 0x1234  AcpiPmi - ok
16:48:50.0839 0x1234  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
16:48:50.0870 0x1234  acpitime - ok
16:48:50.0923 0x1234  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:48:50.0985 0x1234  ADP80XX - ok
16:48:51.0055 0x1234  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
16:48:51.0091 0x1234  AFD - ok
16:48:51.0140 0x1234  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:48:51.0239 0x1234  ahcache - ok
16:48:51.0292 0x1234  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
16:48:51.0370 0x1234  AJRouter - ok
16:48:51.0408 0x1234  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
16:48:51.0491 0x1234  ALG - ok
16:48:51.0508 0x1234  [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
16:48:51.0539 0x1234  AMD External Events Utility - ok
16:48:51.0593 0x1234  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
16:48:51.0671 0x1234  AmdK8 - ok
16:48:51.0689 0x1234  amdkmdag - ok
16:48:51.0724 0x1234  [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
16:48:51.0755 0x1234  amdkmdap - ok
16:48:51.0792 0x1234  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
16:48:51.0839 0x1234  AmdPPM - ok
16:48:51.0870 0x1234  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
16:48:51.0893 0x1234  amdsata - ok
16:48:51.0909 0x1234  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
16:48:51.0924 0x1234  amdsbs - ok
16:48:51.0940 0x1234  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
16:48:51.0956 0x1234  amdxata - ok
16:48:52.0009 0x1234  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
16:48:52.0024 0x1234  AppID - ok
16:48:52.0071 0x1234  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
16:48:52.0140 0x1234  AppIDSvc - ok
16:48:52.0193 0x1234  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
16:48:52.0294 0x1234  Appinfo - ok
16:48:52.0309 0x1234  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
16:48:52.0425 0x1234  applockerfltr - ok
16:48:52.0493 0x1234  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
16:48:52.0593 0x1234  AppReadiness - ok
16:48:52.0725 0x1234  [ 6F34FD381EB64ED66A1A34C7F18F1CE2, 530D7913B4E361A6E15ACE09EB2AE7B9B92940C18F7E45776ECB9685719C780D ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
16:48:52.0909 0x1234  AppXSvc - ok
16:48:52.0940 0x1234  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
16:48:52.0956 0x1234  arcsas - ok
16:48:52.0972 0x1234  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
16:48:53.0056 0x1234  AsyncMac - ok
16:48:53.0109 0x1234  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
16:48:53.0125 0x1234  atapi - ok
16:48:53.0294 0x1234  [ D03E551165C72F2A4BBDDC566EAA819E, 8047E2D20724B464B481F06C3AC1FA5734E97F7EC0D86EFEECD76480C84B3959 ] athr            C:\WINDOWS\System32\drivers\athwnx.sys
16:48:53.0617 0x1234  athr - ok
16:48:53.0686 0x1234  [ 59F44051BCD479E70446506B7E4E78BB, CB58E55196EC702DC85916F963A3C16D429C141391F9AA7F415BD63E7328C4C6 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:48:53.0786 0x1234  AudioEndpointBuilder - ok
16:48:53.0833 0x1234  [ 1C986DC8F4FDA1B040AC1176FB24467F, DEDA2FF4D0369348C2A74D29FB08AC86219BBCFDF44C59339BC39A25AE0727EB ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
16:48:53.0917 0x1234  Audiosrv - ok
16:48:53.0955 0x1234  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
16:48:53.0986 0x1234  AxInstSV - ok
16:48:54.0050 0x1234  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
16:48:54.0071 0x1234  b06bdrv - ok
16:48:54.0086 0x1234  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:48:54.0171 0x1234  BasicDisplay - ok
16:48:54.0186 0x1234  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
16:48:54.0217 0x1234  BasicRender - ok
16:48:54.0255 0x1234  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
16:48:54.0286 0x1234  bcmfn - ok
16:48:54.0317 0x1234  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
16:48:54.0333 0x1234  bcmfn2 - ok
16:48:54.0386 0x1234  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
16:48:54.0486 0x1234  BDESVC - ok
16:48:54.0533 0x1234  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:48:54.0633 0x1234  Beep - ok
16:48:54.0702 0x1234  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
16:48:54.0817 0x1234  BFE - ok
16:48:54.0902 0x1234  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
16:48:55.0155 0x1234  BITS - ok
16:48:55.0187 0x1234  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
16:48:55.0287 0x1234  bowser - ok
16:48:55.0356 0x1234  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:48:55.0472 0x1234  BrokerInfrastructure - ok
16:48:55.0519 0x1234  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
16:48:55.0588 0x1234  Browser - ok
16:48:55.0635 0x1234  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:48:55.0688 0x1234  BthAvrcpTg - ok
16:48:55.0719 0x1234  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
16:48:55.0757 0x1234  BthHFEnum - ok
16:48:55.0773 0x1234  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
16:48:55.0789 0x1234  bthhfhid - ok
16:48:55.0835 0x1234  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
16:48:55.0889 0x1234  BthHFSrv - ok
16:48:55.0920 0x1234  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
16:48:55.0957 0x1234  BTHMODEM - ok
16:48:55.0989 0x1234  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
16:48:56.0057 0x1234  bthserv - ok
16:48:56.0104 0x1234  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
16:48:56.0173 0x1234  buttonconverter - ok
16:48:56.0236 0x1234  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
16:48:56.0405 0x1234  CapImg - ok
16:48:56.0436 0x1234  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:48:56.0520 0x1234  cdfs - ok
16:48:56.0573 0x1234  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
16:48:56.0658 0x1234  CDPSvc - ok
16:48:56.0690 0x1234  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
16:48:56.0737 0x1234  CDPUserSvc - ok
16:48:56.0821 0x1234  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
16:48:56.0859 0x1234  cdrom - ok
16:48:56.0890 0x1234  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
16:48:56.0937 0x1234  CertPropSvc - ok
16:48:56.0974 0x1234  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
16:48:57.0005 0x1234  cht4iscsi - ok
16:48:57.0090 0x1234  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
16:48:57.0174 0x1234  cht4vbd - ok
16:48:57.0221 0x1234  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
16:48:57.0259 0x1234  circlass - ok
16:48:57.0306 0x1234  [ 39591D8510CEC3BA6ED4330EE689B791, E827DEA20AB338308D6E4EEFEF551088088B77CD10BF08C8BE568090E04172E2 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
16:48:57.0337 0x1234  CLFS - ok
16:48:57.0391 0x1234  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
16:48:57.0438 0x1234  ClipSVC - ok
16:48:57.0475 0x1234  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
16:48:57.0560 0x1234  clreg - ok
16:48:57.0576 0x1234  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
16:48:57.0623 0x1234  CmBatt - ok
16:48:57.0659 0x1234  [ 429B31D047CFAD3CA5DD38120A2CE455, 5CC1459CBBBF2E6788635D4C277B116D90AE01DBE7AD561EB41A668F64801E80 ] cm_km_w         C:\WINDOWS\system32\drivers\cm_km_w.sys
16:48:57.0706 0x1234  cm_km_w - ok
16:48:57.0760 0x1234  [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
16:48:57.0791 0x1234  CNG - ok
16:48:57.0838 0x1234  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
16:48:57.0938 0x1234  cnghwassist - ok
16:48:58.0056 0x1234  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
16:48:58.0107 0x1234  CompositeBus - ok
16:48:58.0107 0x1234  COMSysApp - ok
16:48:58.0160 0x1234  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
16:48:58.0175 0x1234  condrv - ok
16:48:58.0260 0x1234  [ 99F910BE9520B7AED8ED670F1E268CBD, 486920B98DC9B1D6C653141B05F5B26D4BF2C45454B6DEC92EF3419B0A2DF2B1 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
16:48:58.0307 0x1234  CoreMessagingRegistrar - ok
16:48:58.0407 0x1234  [ B18D590BC5220FDB4A747BC16D78ABC7, D46F8B43BAC22E55DE9AFC19CF371B1C4E8D3707163598B2F9884BB31D730C09 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:48:58.0676 0x1234  cphs - ok
16:48:58.0776 0x1234  cpuz138 - ok
16:48:58.0807 0x1234  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
16:48:58.0876 0x1234  CryptSvc - ok
16:48:58.0907 0x1234  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\WINDOWS\system32\drivers\dam.sys
16:48:58.0923 0x1234  dam - ok
16:48:58.0992 0x1234  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:48:59.0061 0x1234  DcomLaunch - ok
16:48:59.0092 0x1234  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
16:48:59.0139 0x1234  DcpSvc - ok
16:48:59.0192 0x1234  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
16:48:59.0261 0x1234  defragsvc - ok
16:48:59.0308 0x1234  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:48:59.0408 0x1234  DeviceAssociationService - ok
16:48:59.0462 0x1234  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
16:48:59.0509 0x1234  DeviceInstall - ok
16:48:59.0524 0x1234  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
16:48:59.0609 0x1234  DevQueryBroker - ok
16:48:59.0640 0x1234  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
16:48:59.0778 0x1234  Dfsc - ok
16:48:59.0840 0x1234  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
16:48:59.0978 0x1234  Dhcp - ok
16:49:00.0063 0x1234  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
16:49:00.0157 0x1234  diagnosticshub.standardcollector.service - ok
16:49:00.0263 0x1234  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
16:49:00.0457 0x1234  DiagTrack - ok
16:49:00.0495 0x1234  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
16:49:00.0511 0x1234  disk - ok
16:49:00.0595 0x1234  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
16:49:00.0695 0x1234  DmEnrollmentSvc - ok
16:49:00.0780 0x1234  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
16:49:00.0864 0x1234  dmvsc - ok
16:49:00.0911 0x1234  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
16:49:01.0011 0x1234  dmwappushservice - ok
16:49:01.0079 0x1234  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:49:01.0165 0x1234  Dnscache - ok
16:49:01.0227 0x1234  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:49:01.0342 0x1234  dot3svc - ok
16:49:01.0363 0x1234  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
16:49:01.0442 0x1234  DPS - ok
16:49:01.0461 0x1234  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
16:49:01.0464 0x1234  drmkaud - ok
16:49:01.0511 0x1234  [ 50AAD2A07BD8B90A8CFB4F6D7A4D165A, 2F29D81D4EDEE3AC9A9EFC6E6F7669E01F1438EC8CE27E844BED7435834218B7 ] DSI_SiUSBXp_3_1 C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys
16:49:01.0595 0x1234  DSI_SiUSBXp_3_1 - ok
16:49:01.0642 0x1234  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
16:49:01.0727 0x1234  DsmSvc - ok
16:49:01.0780 0x1234  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
16:49:01.0811 0x1234  DsSvc - ok
16:49:01.0996 0x1234  [ D218D4D333A959F1003D5A57A4B6F34E, F25DD186F97AE5C09DFC13C10B19E590EC6FFCB6BE19C54B25C7FC5FF24A56AE ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:49:02.0127 0x1234  DXGKrnl - ok
16:49:02.0164 0x1234  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
16:49:02.0211 0x1234  EapHost - ok
16:49:02.0364 0x1234  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
16:49:02.0543 0x1234  ebdrv - ok
16:49:02.0596 0x1234  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
16:49:02.0611 0x1234  EFS - ok
16:49:02.0643 0x1234  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
16:49:02.0665 0x1234  EhStorClass - ok
16:49:02.0697 0x1234  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:49:02.0712 0x1234  EhStorTcgDrv - ok
16:49:02.0765 0x1234  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
16:49:02.0796 0x1234  embeddedmode - ok
16:49:02.0843 0x1234  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
16:49:02.0897 0x1234  EntAppSvc - ok
16:49:02.0912 0x1234  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
16:49:02.0996 0x1234  ErrDev - ok
16:49:03.0043 0x1234  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
16:49:03.0066 0x1234  ETD - ok
16:49:03.0128 0x1234  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
16:49:03.0213 0x1234  EventSystem - ok
16:49:03.0282 0x1234  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
16:49:03.0328 0x1234  exfat - ok
16:49:03.0366 0x1234  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
16:49:03.0397 0x1234  fastfat - ok
16:49:03.0444 0x1234  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
16:49:03.0561 0x1234  Fax - ok
16:49:03.0598 0x1234  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
16:49:03.0629 0x1234  fdc - ok
16:49:03.0667 0x1234  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
16:49:03.0729 0x1234  fdPHost - ok
16:49:03.0745 0x1234  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
16:49:03.0767 0x1234  FDResPub - ok
16:49:03.0767 0x1234  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
16:49:03.0867 0x1234  fhsvc - ok
16:49:03.0914 0x1234  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
16:49:03.0998 0x1234  FileCrypt - ok
16:49:04.0014 0x1234  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
16:49:04.0029 0x1234  FileInfo - ok
16:49:04.0045 0x1234  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
16:49:04.0083 0x1234  Filetrace - ok
16:49:04.0245 0x1234  [ 167D24A045499EBEF438F231976158DF, 237F1495BA79D9082D6B383FE9AC5C6154A6F76F181000401F5790236EB57301 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
16:49:04.0415 0x1234  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
16:49:04.0484 0x1234  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
16:49:04.0484 0x1234  Force sending object to P2P due to detect: FirebirdServerMAGIXInstance
16:49:04.0500 0x1234  Object send P2P result: false
16:49:04.0547 0x1234  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
16:49:04.0568 0x1234  flpydisk - ok
16:49:04.0615 0x1234  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:49:04.0630 0x1234  FltMgr - ok
16:49:04.0746 0x1234  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\WINDOWS\system32\FntCache.dll
16:49:04.0915 0x1234  FontCache - ok
16:49:05.0099 0x1234  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:49:05.0099 0x1234  FontCache3.0.0.0 - ok
16:49:05.0168 0x1234  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
16:49:05.0299 0x1234  FrameServer - ok
16:49:05.0315 0x1234  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
16:49:05.0331 0x1234  FsDepends - ok
16:49:05.0346 0x1234  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:49:05.0369 0x1234  Fs_Rec - ok
16:49:05.0416 0x1234  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:49:05.0447 0x1234  fvevol - ok
16:49:05.0500 0x1234  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
16:49:05.0568 0x1234  gencounter - ok
16:49:05.0616 0x1234  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
16:49:05.0684 0x1234  genericusbfn - ok
16:49:05.0731 0x1234  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:49:05.0747 0x1234  GPIOClx0101 - ok
16:49:05.0831 0x1234  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
16:49:05.0969 0x1234  gpsvc - ok
16:49:06.0001 0x1234  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
16:49:06.0069 0x1234  GpuEnergyDrv - ok
16:49:06.0116 0x1234  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:49:06.0132 0x1234  gupdate - ok
16:49:06.0148 0x1234  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:49:06.0148 0x1234  gupdatem - ok
16:49:06.0185 0x1234  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:49:06.0301 0x1234  gusvc - ok
16:49:06.0317 0x1234  [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
16:49:06.0401 0x1234  HdAudAddService - ok
16:49:06.0448 0x1234  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
16:49:06.0485 0x1234  HDAudBus - ok
16:49:06.0516 0x1234  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
16:49:06.0532 0x1234  HidBatt - ok
16:49:06.0532 0x1234  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
16:49:06.0585 0x1234  HidBth - ok
16:49:06.0616 0x1234  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
16:49:06.0648 0x1234  hidi2c - ok
16:49:06.0669 0x1234  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
16:49:06.0701 0x1234  hidinterrupt - ok
16:49:06.0732 0x1234  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
16:49:06.0770 0x1234  HidIr - ok
16:49:06.0785 0x1234  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
16:49:06.0916 0x1234  hidserv - ok
16:49:06.0968 0x1234  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
16:49:07.0101 0x1234  HidUsb - ok
16:49:07.0132 0x1234  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:49:07.0232 0x1234  HomeGroupListener - ok
16:49:07.0301 0x1234  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:49:07.0385 0x1234  HomeGroupProvider - ok
16:49:07.0432 0x1234  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
16:49:07.0447 0x1234  HpSAMD - ok
16:49:07.0516 0x1234  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
16:49:07.0569 0x1234  HTTP - ok
16:49:07.0616 0x1234  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
16:49:07.0700 0x1234  HvHost - ok
16:49:07.0747 0x1234  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
16:49:07.0747 0x1234  hvservice - ok
16:49:07.0800 0x1234  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
16:49:07.0816 0x1234  hwpolicy - ok
16:49:07.0831 0x1234  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
16:49:07.0867 0x1234  hyperkbd - ok
16:49:07.0916 0x1234  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
16:49:08.0016 0x1234  i8042prt - ok
16:49:08.0032 0x1234  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
16:49:08.0116 0x1234  iagpio - ok
16:49:08.0132 0x1234  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
16:49:08.0170 0x1234  iai2c - ok
16:49:08.0265 0x1234  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
16:49:08.0317 0x1234  iaLPSS2i_GPIO2 - ok
16:49:08.0348 0x1234  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
16:49:08.0367 0x1234  iaLPSS2i_I2C - ok
16:49:08.0370 0x1234  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:49:08.0386 0x1234  iaLPSSi_GPIO - ok
16:49:08.0402 0x1234  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:49:08.0433 0x1234  iaLPSSi_I2C - ok
16:49:08.0486 0x1234  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
16:49:08.0517 0x1234  iaStorAV - ok
16:49:08.0548 0x1234  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
16:49:08.0571 0x1234  iaStorV - ok
16:49:08.0634 0x1234  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
16:49:08.0671 0x1234  ibbus - ok
16:49:08.0718 0x1234  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
16:49:08.0803 0x1234  icssvc - ok
16:49:09.0003 0x1234  [ 79AE3CC82CA1563A4B392207997ACE7C, A1E4A1DA95CA2FA197EF5975657822F0F813F6C33DA38E1FA5A840194034D071 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:49:09.0351 0x1234  igfx - ok
16:49:09.0419 0x1234  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
16:49:09.0504 0x1234  IKEEXT - ok
16:49:09.0520 0x1234  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
16:49:09.0604 0x1234  IndirectKmd - ok
16:49:09.0636 0x1234  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:49:09.0720 0x1234  IntcDAud - ok
16:49:09.0772 0x1234  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
16:49:09.0774 0x1234  intelide - ok
16:49:09.0821 0x1234  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
16:49:09.0836 0x1234  intelpep - ok
16:49:09.0852 0x1234  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
16:49:09.0889 0x1234  intelppm - ok
16:49:09.0920 0x1234  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
16:49:09.0936 0x1234  iorate - ok
16:49:09.0952 0x1234  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:49:10.0037 0x1234  IpFilterDriver - ok
16:49:10.0106 0x1234  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
16:49:10.0221 0x1234  iphlpsvc - ok
16:49:10.0237 0x1234  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:49:10.0252 0x1234  IPMIDRV - ok
16:49:10.0274 0x1234  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
16:49:10.0321 0x1234  IPNAT - ok
16:49:10.0352 0x1234  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
16:49:10.0390 0x1234  irda - ok
16:49:10.0406 0x1234  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
16:49:10.0421 0x1234  IRENUM - ok
16:49:10.0453 0x1234  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
16:49:10.0490 0x1234  irmon - ok
16:49:10.0537 0x1234  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
16:49:10.0553 0x1234  isapnp - ok
16:49:10.0573 0x1234  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
16:49:10.0590 0x1234  iScsiPrt - ok
16:49:10.0606 0x1234  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
16:49:10.0621 0x1234  kbdclass - ok
16:49:10.0669 0x1234  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
16:49:10.0737 0x1234  kbdhid - ok
16:49:10.0772 0x1234  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
16:49:10.0806 0x1234  kdnic - ok
16:49:10.0822 0x1234  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
16:49:10.0838 0x1234  KeyIso - ok
16:49:10.0853 0x1234  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
16:49:10.0875 0x1234  KSecDD - ok
16:49:10.0922 0x1234  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:49:10.0938 0x1234  KSecPkg - ok
16:49:10.0975 0x1234  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
16:49:11.0022 0x1234  ksthunk - ok
16:49:11.0075 0x1234  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
16:49:11.0171 0x1234  KtmRm - ok
16:49:11.0176 0x1234  [ 4E444F41E69BBE2E0BAE34D5DFCB5732, ACAEFB839CF7A3113D026B9A715994C3DFF8797D73B991253959EF606C4FBC00 ] L1C             C:\WINDOWS\System32\drivers\L1C63x64.sys
16:49:11.0207 0x1234  L1C - ok
16:49:11.0254 0x1234  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
16:49:11.0307 0x1234  LanmanServer - ok
16:49:11.0339 0x1234  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:49:11.0454 0x1234  LanmanWorkstation - ok
16:49:11.0492 0x1234  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
16:49:11.0554 0x1234  lfsvc - ok
16:49:11.0573 0x1234  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
16:49:11.0639 0x1234  LicenseManager - ok
16:49:11.0675 0x1234  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
16:49:11.0723 0x1234  lltdio - ok
16:49:11.0776 0x1234  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
16:49:11.0823 0x1234  lltdsvc - ok
16:49:11.0854 0x1234  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
16:49:11.0892 0x1234  lmhosts - ok
16:49:11.0976 0x1234  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
16:49:11.0992 0x1234  LSI_SAS - ok
16:49:12.0007 0x1234  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
16:49:12.0023 0x1234  LSI_SAS2i - ok
16:49:12.0038 0x1234  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
16:49:12.0054 0x1234  LSI_SAS3i - ok
16:49:12.0073 0x1234  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
16:49:12.0076 0x1234  LSI_SSS - ok
16:49:12.0139 0x1234  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\WINDOWS\System32\lsm.dll
16:49:12.0255 0x1234  LSM - ok
16:49:12.0292 0x1234  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
16:49:12.0323 0x1234  luafv - ok
16:49:12.0354 0x1234  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\WINDOWS\System32\moshost.dll
16:49:12.0439 0x1234  MapsBroker - ok
16:49:13.0040 0x1234  [ 28E521A6ABA9DE062A3719452816F495, B312A37DA052229DFB19353170CD5828582F8AC6426E857CA7C8ACA0DD91C160 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
16:49:13.0425 0x1234  MBAMService - ok
16:49:13.0478 0x1234  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
16:49:13.0493 0x1234  megasas - ok
16:49:13.0540 0x1234  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
16:49:13.0556 0x1234  megasas2i - ok
16:49:13.0578 0x1234  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
16:49:13.0609 0x1234  megasr - ok
16:49:13.0641 0x1234  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
16:49:13.0694 0x1234  MEIx64 - ok
16:49:13.0725 0x1234  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
16:49:13.0741 0x1234  MessagingService - ok
16:49:13.0825 0x1234  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
16:49:13.0856 0x1234  mlx4_bus - ok
16:49:13.0909 0x1234  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
16:49:13.0994 0x1234  MMCSS - ok
16:49:14.0025 0x1234  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\WINDOWS\system32\drivers\modem.sys
16:49:14.0109 0x1234  Modem - ok
16:49:14.0156 0x1234  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
16:49:14.0178 0x1234  monitor - ok
16:49:14.0209 0x1234  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
16:49:14.0225 0x1234  mouclass - ok
16:49:14.0276 0x1234  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
16:49:14.0341 0x1234  mouhid - ok
16:49:14.0375 0x1234  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
16:49:14.0378 0x1234  mountmgr - ok
16:49:14.0394 0x1234  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
16:49:14.0479 0x1234  mpsdrv - ok
16:49:14.0557 0x1234  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
16:49:14.0626 0x1234  MpsSvc - ok
16:49:14.0710 0x1234  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
16:49:14.0810 0x1234  MRxDAV - ok
16:49:14.0879 0x1234  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:49:14.0911 0x1234  mrxsmb - ok
16:49:14.0958 0x1234  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:49:15.0057 0x1234  mrxsmb10 - ok
16:49:15.0079 0x1234  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:49:15.0095 0x1234  mrxsmb20 - ok
16:49:15.0142 0x1234  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
16:49:15.0158 0x1234  MsBridge - ok
16:49:15.0211 0x1234  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:49:15.0258 0x1234  MSDTC - ok
16:49:15.0279 0x1234  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:49:15.0342 0x1234  Msfs - ok
16:49:15.0358 0x1234  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:49:15.0395 0x1234  msgpiowin32 - ok
16:49:15.0411 0x1234  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:49:15.0496 0x1234  mshidkmdf - ok
16:49:15.0511 0x1234  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
16:49:15.0558 0x1234  mshidumdf - ok
16:49:15.0596 0x1234  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
16:49:15.0611 0x1234  msisadrv - ok
16:49:15.0658 0x1234  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
16:49:15.0759 0x1234  MSiSCSI - ok
16:49:15.0759 0x1234  msiserver - ok
16:49:15.0780 0x1234  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
16:49:15.0811 0x1234  MSKSSRV - ok
16:49:15.0878 0x1234  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
16:49:15.0943 0x1234  MsLldp - ok
16:49:15.0980 0x1234  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
16:49:16.0027 0x1234  MSPCLOCK - ok
16:49:16.0043 0x1234  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
16:49:16.0058 0x1234  MSPQM - ok
16:49:16.0096 0x1234  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
16:49:16.0111 0x1234  MsRPC - ok
16:49:16.0158 0x1234  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
16:49:16.0158 0x1234  mssmbios - ok
16:49:16.0180 0x1234  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
16:49:16.0211 0x1234  MSTEE - ok
16:49:16.0242 0x1234  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
16:49:16.0281 0x1234  MTConfig - ok
16:49:16.0296 0x1234  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
16:49:16.0312 0x1234  Mup - ok
16:49:16.0328 0x1234  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
16:49:16.0343 0x1234  mvumis - ok
16:49:16.0412 0x1234  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:49:16.0559 0x1234  NativeWifiP - ok
16:49:16.0596 0x1234  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
16:49:16.0696 0x1234  NcaSvc - ok
16:49:16.0712 0x1234  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
16:49:16.0796 0x1234  NcbService - ok
16:49:16.0812 0x1234  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
16:49:16.0927 0x1234  NcdAutoSetup - ok
16:49:16.0943 0x1234  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
16:49:16.0959 0x1234  ndfltr - ok
16:49:17.0043 0x1234  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
16:49:17.0096 0x1234  NDIS - ok
16:49:17.0112 0x1234  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
16:49:17.0181 0x1234  NdisCap - ok
16:49:17.0197 0x1234  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
16:49:17.0244 0x1234  NdisImPlatform - ok
16:49:17.0280 0x1234  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:49:17.0296 0x1234  NdisTapi - ok
16:49:17.0312 0x1234  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
16:49:17.0377 0x1234  Ndisuio - ok
16:49:17.0381 0x1234  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:49:17.0428 0x1234  NdisVirtualBus - ok
16:49:17.0459 0x1234  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
16:49:17.0528 0x1234  NdisWan - ok
16:49:17.0543 0x1234  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:49:17.0559 0x1234  ndiswanlegacy - ok
16:49:17.0581 0x1234  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
16:49:17.0628 0x1234  ndproxy - ok
16:49:17.0659 0x1234  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
16:49:17.0696 0x1234  Ndu - ok
16:49:17.0728 0x1234  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
16:49:17.0796 0x1234  NetAdapterCx - ok
16:49:17.0812 0x1234  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
16:49:17.0828 0x1234  NetBIOS - ok
16:49:17.0843 0x1234  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:49:17.0912 0x1234  NetBT - ok
16:49:17.0928 0x1234  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:49:17.0943 0x1234  Netlogon - ok
16:49:17.0996 0x1234  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
16:49:18.0043 0x1234  Netman - ok
16:49:18.0081 0x1234  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
16:49:18.0181 0x1234  netprofm - ok
16:49:18.0228 0x1234  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
16:49:18.0359 0x1234  NetSetupSvc - ok
16:49:18.0428 0x1234  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:49:18.0496 0x1234  NetTcpPortSharing - ok
16:49:18.0543 0x1234  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
16:49:18.0612 0x1234  NgcCtnrSvc - ok
16:49:18.0682 0x1234  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
16:49:18.0812 0x1234  NgcSvc - ok
16:49:18.0859 0x1234  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
16:49:18.0944 0x1234  NlaSvc - ok
16:49:18.0981 0x1234  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:49:19.0028 0x1234  Npfs - ok
16:49:19.0043 0x1234  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
16:49:19.0128 0x1234  npsvctrig - ok
16:49:19.0159 0x1234  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
16:49:19.0228 0x1234  nsi - ok
16:49:19.0277 0x1234  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
16:49:19.0313 0x1234  nsiproxy - ok
16:49:19.0413 0x1234  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
16:49:19.0498 0x1234  NTFS - ok
16:49:19.0545 0x1234  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:49:19.0582 0x1234  Null - ok
16:49:19.0613 0x1234  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\WINDOWS\System32\drivers\nusb3hub.sys
16:49:19.0698 0x1234  nusb3hub - ok
16:49:19.0729 0x1234  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\WINDOWS\System32\drivers\nusb3xhc.sys
16:49:19.0782 0x1234  nusb3xhc - ok
16:49:19.0813 0x1234  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
16:49:19.0829 0x1234  nvraid - ok
16:49:19.0877 0x1234  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
16:49:19.0883 0x1234  nvstor - ok
16:49:19.0945 0x1234  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
16:49:20.0014 0x1234  OneSyncSvc - ok
16:49:20.0114 0x1234  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:49:20.0129 0x1234  ose - ok
16:49:20.0183 0x1234  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
16:49:20.0261 0x1234  p2pimsvc - ok
         

Alt 20.12.2016, 17:11   #7
FUXS
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



Fortsetzung:

Code:
ATTFilter
16:49:20.0330 0x1234  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
16:49:20.0361 0x1234  p2psvc - ok
16:49:20.0382 0x1234  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
16:49:20.0461 0x1234  Parport - ok
16:49:20.0498 0x1234  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
16:49:20.0514 0x1234  partmgr - ok
16:49:20.0582 0x1234  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
16:49:20.0614 0x1234  PcaSvc - ok
16:49:20.0680 0x1234  [ E2DD2E5BDCCD225670831B439826065B, 0153F1CE26D402C03CFC155F428EBA04D6EA8E19A28AF629B1CE347363B7697C ] pci             C:\WINDOWS\system32\drivers\pci.sys
16:49:20.0698 0x1234  pci - ok
16:49:20.0745 0x1234  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
16:49:20.0761 0x1234  pciide - ok
16:49:20.0782 0x1234  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
16:49:20.0798 0x1234  pcmcia - ok
16:49:20.0798 0x1234  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
16:49:20.0814 0x1234  pcw - ok
16:49:20.0861 0x1234  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
16:49:20.0882 0x1234  pdc - ok
16:49:20.0946 0x1234  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
16:49:20.0999 0x1234  PEAUTH - ok
16:49:21.0046 0x1234  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
16:49:21.0046 0x1234  percsas2i - ok
16:49:21.0079 0x1234  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
16:49:21.0084 0x1234  percsas3i - ok
16:49:21.0215 0x1234  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
16:49:21.0361 0x1234  PerfHost - ok
16:49:21.0446 0x1234  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
16:49:21.0515 0x1234  PhoneSvc - ok
16:49:21.0562 0x1234  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
16:49:21.0646 0x1234  PimIndexMaintenanceSvc - ok
16:49:21.0746 0x1234  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
16:49:21.0883 0x1234  pla - ok
16:49:21.0916 0x1234  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
16:49:21.0947 0x1234  PlugPlay - ok
16:49:22.0000 0x1234  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
16:49:22.0031 0x1234  PNRPAutoReg - ok
16:49:22.0062 0x1234  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
16:49:22.0085 0x1234  PNRPsvc - ok
16:49:22.0132 0x1234  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
16:49:22.0185 0x1234  PolicyAgent - ok
16:49:22.0216 0x1234  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
16:49:22.0247 0x1234  Power - ok
16:49:22.0300 0x1234  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
16:49:22.0332 0x1234  PptpMiniport - ok
16:49:22.0501 0x1234  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:49:22.0785 0x1234  PrintNotify - ok
16:49:22.0847 0x1234  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
16:49:22.0863 0x1234  Processor - ok
16:49:22.0917 0x1234  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
16:49:23.0017 0x1234  ProfSvc - ok
16:49:23.0032 0x1234  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
16:49:23.0048 0x1234  Psched - ok
16:49:23.0101 0x1234  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
16:49:23.0201 0x1234  QWAVE - ok
16:49:23.0248 0x1234  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
16:49:23.0286 0x1234  QWAVEdrv - ok
16:49:23.0317 0x1234  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:49:23.0348 0x1234  RasAcd - ok
16:49:23.0385 0x1234  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
16:49:23.0463 0x1234  RasAgileVpn - ok
16:49:23.0501 0x1234  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:49:23.0548 0x1234  RasAuto - ok
16:49:23.0563 0x1234  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
16:49:23.0617 0x1234  Rasl2tp - ok
16:49:23.0664 0x1234  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:49:23.0764 0x1234  RasMan - ok
16:49:23.0801 0x1234  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:49:23.0816 0x1234  RasPppoe - ok
16:49:23.0832 0x1234  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
16:49:23.0882 0x1234  RasSstp - ok
16:49:23.0917 0x1234  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:49:23.0948 0x1234  rdbss - ok
16:49:24.0001 0x1234  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
16:49:24.0064 0x1234  rdpbus - ok
16:49:24.0081 0x1234  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
16:49:24.0118 0x1234  RDPDR - ok
16:49:24.0149 0x1234  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:49:24.0165 0x1234  RdpVideoMiniport - ok
16:49:24.0187 0x1234  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
16:49:24.0202 0x1234  rdyboost - ok
16:49:24.0265 0x1234  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
16:49:24.0318 0x1234  ReFSv1 - ok
16:49:24.0381 0x1234  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:49:24.0465 0x1234  RemoteAccess - ok
16:49:24.0518 0x1234  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:49:24.0534 0x1234  RemoteRegistry - ok
16:49:24.0618 0x1234  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
16:49:24.0750 0x1234  RetailDemo - ok
16:49:24.0787 0x1234  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
16:49:24.0818 0x1234  RmSvc - ok
16:49:24.0865 0x1234  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
16:49:24.0884 0x1234  RpcEptMapper - ok
16:49:24.0918 0x1234  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:49:24.0934 0x1234  RpcLocator - ok
16:49:24.0987 0x1234  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
16:49:25.0050 0x1234  RpcSs - ok
16:49:25.0087 0x1234  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
16:49:25.0103 0x1234  rspndr - ok
16:49:25.0150 0x1234  [ EA268BCE30691C2DD24F02E617FD2EB5, DD95E7C1C60C773953CE9DB77D8441508CE4A21820AAEDE455A3A6C373278DA4 ] s0016bus        C:\WINDOWS\System32\drivers\s0016bus.sys
16:49:25.0165 0x1234  s0016bus - ok
16:49:25.0187 0x1234  [ CC267F04C54C5EC5B7BD658D7628469F, 66F2283C8CE15BEED0B933EA82158C91FC77B1BF9FEF057D0E291922D07A8E53 ] s0016mgmt       C:\WINDOWS\System32\drivers\s0016mgmt.sys
16:49:25.0187 0x1234  s0016mgmt - ok
16:49:25.0234 0x1234  [ CA394DCC38579C7AD82E83EE64D798A0, A56DB0C67EF6CF1A95BB8E7FBFFBC7926D3E3A0511DD4389D2002312E72703A9 ] s0016obex       C:\WINDOWS\System32\drivers\s0016obex.sys
16:49:25.0250 0x1234  s0016obex - ok
16:49:25.0265 0x1234  [ EB267CCEA84E6E8598D92F73332AC67B, 3C7F0FDD825D2C50B13E78FB742B09A5E636820C6F47778F1C5E6900B3C9B905 ] s0016unic       C:\WINDOWS\System32\drivers\s0016unic.sys
16:49:25.0288 0x1234  s0016unic - ok
16:49:25.0304 0x1234  [ 032F537623A7B2FB81AAA184C30B70C3, C9E0569322A173D62D357CEA7BFECB0CF9D5817E3AE4B46955760BF98F5D16B3 ] s0017bus        C:\WINDOWS\System32\drivers\s0017bus.sys
16:49:25.0319 0x1234  s0017bus - ok
16:49:25.0335 0x1234  [ F0F0747B3FA50272DE6B1BF575FA4700, FCB9007C630A0FD23CA0A8286BA9E498F6B36F1090F717B4A713286EEC4346C0 ] s0017mgmt       C:\WINDOWS\System32\drivers\s0017mgmt.sys
16:49:25.0351 0x1234  s0017mgmt - ok
16:49:25.0366 0x1234  [ 3FEADBC7F09B8B596CBFB82F12ABA87F, FBA6209893FF7C07823AB6F89FF7E36CF116C9FE202868DB4289233AF85E659A ] s0017obex       C:\WINDOWS\System32\drivers\s0017obex.sys
16:49:25.0403 0x1234  s0017obex - ok
16:49:25.0419 0x1234  [ 2B63BEA31D939888B2A8F3F14D89B5C1, 0C1333885DB315A63C1FAA53ED2160695F97C1B336B8DA986A48B97F39A46954 ] s0017unic       C:\WINDOWS\System32\drivers\s0017unic.sys
16:49:25.0435 0x1234  s0017unic - ok
16:49:25.0450 0x1234  [ 301FBA4594FB5C0A469299A65106B4AA, 53683D49420B4647DBA63B1A6328511620DF615EAE6F42221A16AD3D3B77EE19 ] s1018bus        C:\WINDOWS\System32\drivers\s1018bus.sys
16:49:25.0450 0x1234  s1018bus - ok
16:49:25.0483 0x1234  [ 065FF5E62D2D18A6D93FD925546CD549, 18D38DA96C618B96BE715E2E3F17C15E80468879DB68E3AAB333E0CBB3822070 ] s1018mgmt       C:\WINDOWS\System32\drivers\s1018mgmt.sys
16:49:25.0489 0x1234  s1018mgmt - ok
16:49:25.0504 0x1234  [ 13F220C65B444AC9BDA49DACFC3230BB, 996B46949AEE14D1D43D9D68759CA0EBA7C43B83363E2F2C674A9A0A249C7881 ] s1018obex       C:\WINDOWS\System32\drivers\s1018obex.sys
16:49:25.0504 0x1234  s1018obex - ok
16:49:25.0520 0x1234  [ CE7D8BCE80211D8A35F6BD7A87791860, 93A5DEB41B5AA3F706EB5F601BB3CFF45B51310BBB3D0320A91B4A2CF9560B6D ] s1018unic       C:\WINDOWS\System32\drivers\s1018unic.sys
16:49:25.0535 0x1234  s1018unic - ok
16:49:25.0588 0x1234  [ 68F717BC57B0FE12011EB9517C97F78D, C1492E889C5C3DEA1CB89F591A840D383ADA23AE46B496A1C01A23538113245E ] s1029bus        C:\WINDOWS\System32\drivers\s1029bus.sys
16:49:25.0588 0x1234  s1029bus - ok
16:49:25.0619 0x1234  [ E0FD4F4F42B76E910CC4295C97AA30BA, 3561478D9BD5E4BC66E150A82127964BF7E6C4A0862685CEBEC6AA097C878689 ] s1029mgmt       C:\WINDOWS\System32\drivers\s1029mgmt.sys
16:49:25.0650 0x1234  s1029mgmt - ok
16:49:25.0682 0x1234  [ 128ED45223FAB846E8436A2F2BAEBB55, CE5A2F05B6D5598100113AD688A8E0A7D041424F68106B3BFFD31C27E5D6811A ] s1029obex       C:\WINDOWS\System32\drivers\s1029obex.sys
16:49:25.0689 0x1234  s1029obex - ok
16:49:25.0704 0x1234  [ 400FC5591586A1DFECF7A0CFAA6B0D68, E9E99BD39CFAFCB8103E4CCA62A35BBE81B5982FD5575F64F5F189C57EB6A65B ] s1029unic       C:\WINDOWS\System32\drivers\s1029unic.sys
16:49:25.0720 0x1234  s1029unic - ok
16:49:25.0736 0x1234  [ 0031DD0C5D4446DA0A3E02617DC6D642, C2FFF7D2D6C7D0257F97C5194BFA1DF8F6D124E9D371A9C909C37DEDE6593DB2 ] s1039bus        C:\WINDOWS\System32\drivers\s1039bus.sys
16:49:25.0751 0x1234  s1039bus - ok
16:49:25.0785 0x1234  [ BCC3F31F1FE1E78A5BA2CD6A0E44BA64, 1E6A2EA0349C31644992A67F8BF73105EB341E58D91156FEA6EEB10FF0DBD96D ] s1039mgmt       C:\WINDOWS\System32\drivers\s1039mgmt.sys
16:49:25.0789 0x1234  s1039mgmt - ok
16:49:25.0820 0x1234  [ BD2DA968C5DCEF51BA8014FBAC7A0B6A, 72F4085AE5411E3540D3EB670CF52F52C3CBEB02B76E3FE0938D0E97E816E8FD ] s1039obex       C:\WINDOWS\System32\drivers\s1039obex.sys
16:49:25.0820 0x1234  s1039obex - ok
16:49:25.0836 0x1234  [ 96B4051B65C1974258A8A33A03C0B082, 66C56434CD21DF0A62F2B4FC4E1A467DAD3BECAFF8F5E296069F9657B1B96FC3 ] s1039unic       C:\WINDOWS\System32\drivers\s1039unic.sys
16:49:25.0851 0x1234  s1039unic - ok
16:49:25.0888 0x1234  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
16:49:25.0904 0x1234  s3cap - ok
16:49:25.0951 0x1234  [ 83926D62EE621CCD4992E6E76948A7D9, 78D27A63EC31DA73A19BE2C15605C50B38B9D766D1B70C9A4280E83893D7F383 ] s916bus         C:\WINDOWS\System32\drivers\s916bus.sys
16:49:25.0966 0x1234  s916bus - ok
16:49:25.0989 0x1234  [ 90081721F8F4FF10526D514E34EC4A5B, A969EC76602374D1647B71B3C533483713DA6B2CADB9F671848ECF93DF2899F5 ] s916mgmt        C:\WINDOWS\System32\drivers\s916mgmt.sys
16:49:25.0989 0x1234  s916mgmt - ok
16:49:26.0004 0x1234  [ 3876FCA216E19F1383EFE48F439F6F87, AFDBB1AC4ABB474945440B49B68D4DC818B3D1FF3E642E76534FFEEA487A77AF ] s916obex        C:\WINDOWS\System32\drivers\s916obex.sys
16:49:26.0020 0x1234  s916obex - ok
16:49:26.0036 0x1234  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
16:49:26.0051 0x1234  SamSs - ok
16:49:26.0088 0x1234  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
16:49:26.0104 0x1234  sbp2port - ok
16:49:26.0166 0x1234  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
16:49:26.0220 0x1234  SCardSvr - ok
16:49:26.0251 0x1234  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
16:49:26.0288 0x1234  ScDeviceEnum - ok
16:49:26.0320 0x1234  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:49:26.0351 0x1234  scfilter - ok
16:49:26.0404 0x1234  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:49:26.0467 0x1234  Schedule - ok
16:49:26.0488 0x1234  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
16:49:26.0504 0x1234  scmbus - ok
16:49:26.0535 0x1234  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
16:49:26.0589 0x1234  scmdisk0101 - ok
16:49:26.0620 0x1234  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
16:49:26.0635 0x1234  SCPolicySvc - ok
16:49:26.0704 0x1234  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
16:49:26.0720 0x1234  sdbus - ok
16:49:26.0767 0x1234  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
16:49:26.0836 0x1234  SDRSVC - ok
16:49:26.0889 0x1234  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
16:49:26.0905 0x1234  sdstor - ok
16:49:26.0952 0x1234  [ 70372343528BD799D609A347F25EBDF2, 5D480B99088ED972A6A2DAF7B55A65C7AD680E9333198D15859276D2682DC5A5 ] se3ebus         C:\WINDOWS\System32\drivers\se3ebus.sys
16:49:26.0967 0x1234  se3ebus - ok
16:49:26.0989 0x1234  [ 37BCAC9E77AA0E58B1456A250DC9D9DD, 0BE0E14FBA3D1767B77F3FC1647C908780E7F35A3F54A60645E1AF85372518E4 ] se3emgmt        C:\WINDOWS\System32\drivers\se3emgmt.sys
16:49:27.0005 0x1234  se3emgmt - ok
16:49:27.0052 0x1234  [ 5DB076E3594FC259309C38ECD0D4764D, 308EB12E1D1E346FA86C58729AFA8E19FC5713CD641FF9AB6688DC81B1329687 ] se3eobex        C:\WINDOWS\System32\drivers\se3eobex.sys
16:49:27.0067 0x1234  se3eobex - ok
16:49:27.0105 0x1234  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
16:49:27.0167 0x1234  seclogon - ok
16:49:27.0205 0x1234  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
16:49:27.0289 0x1234  SENS - ok
16:49:27.0389 0x1234  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
16:49:27.0468 0x1234  SensorDataService - ok
16:49:27.0537 0x1234  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
16:49:27.0637 0x1234  SensorService - ok
16:49:27.0690 0x1234  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
16:49:27.0752 0x1234  SensrSvc - ok
16:49:27.0789 0x1234  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
16:49:27.0790 0x1234  SerCx - ok
16:49:27.0821 0x1234  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
16:49:27.0837 0x1234  SerCx2 - ok
16:49:27.0868 0x1234  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
16:49:27.0905 0x1234  Serenum - ok
16:49:27.0937 0x1234  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
16:49:27.0952 0x1234  Serial - ok
16:49:27.0968 0x1234  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
16:49:28.0005 0x1234  sermouse - ok
16:49:28.0052 0x1234  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
16:49:28.0121 0x1234  SessionEnv - ok
16:49:28.0152 0x1234  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
16:49:28.0168 0x1234  sfloppy - ok
16:49:28.0221 0x1234  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:49:28.0306 0x1234  SharedAccess - ok
16:49:28.0390 0x1234  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:49:28.0469 0x1234  ShellHWDetection - ok
16:49:28.0490 0x1234  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
16:49:28.0588 0x1234  shpamsvc - ok
16:49:28.0606 0x1234  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:49:28.0606 0x1234  SiSRaid2 - ok
16:49:28.0653 0x1234  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
16:49:28.0669 0x1234  SiSRaid4 - ok
16:49:28.0722 0x1234  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
16:49:28.0838 0x1234  smphost - ok
16:49:28.0906 0x1234  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
16:49:28.0991 0x1234  SmsRouter - ok
16:49:29.0038 0x1234  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
16:49:29.0069 0x1234  SNMPTRAP - ok
16:49:29.0122 0x1234  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
16:49:29.0154 0x1234  spaceport - ok
16:49:29.0207 0x1234  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
16:49:29.0223 0x1234  SpbCx - ok
16:49:29.0289 0x1234  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\WINDOWS\System32\spoolsv.exe
16:49:29.0407 0x1234  Spooler - ok
16:49:29.0639 0x1234  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
16:49:29.0914 0x1234  sppsvc - ok
16:49:30.0010 0x1234  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:49:30.0094 0x1234  srv - ok
16:49:30.0163 0x1234  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
16:49:30.0294 0x1234  srv2 - ok
16:49:30.0347 0x1234  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:49:30.0410 0x1234  srvnet - ok
16:49:30.0494 0x1234  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:49:30.0563 0x1234  SSDPSRV - ok
16:49:30.0627 0x1234  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
16:49:30.0648 0x1234  SstpSvc - ok
16:49:30.0832 0x1234  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
16:49:31.0148 0x1234  StateRepository - ok
16:49:31.0195 0x1234  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
16:49:31.0210 0x1234  stexstor - ok
16:49:31.0279 0x1234  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
16:49:31.0395 0x1234  stisvc - ok
16:49:31.0432 0x1234  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
16:49:31.0448 0x1234  storahci - ok
16:49:31.0495 0x1234  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
16:49:31.0495 0x1234  storflt - ok
16:49:31.0530 0x1234  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
16:49:31.0533 0x1234  stornvme - ok
16:49:31.0579 0x1234  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
16:49:31.0664 0x1234  storqosflt - ok
16:49:31.0711 0x1234  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
16:49:31.0831 0x1234  StorSvc - ok
16:49:31.0865 0x1234  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
16:49:31.0880 0x1234  storufs - ok
16:49:31.0896 0x1234  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
16:49:31.0912 0x1234  storvsc - ok
16:49:31.0949 0x1234  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
16:49:31.0980 0x1234  svsvc - ok
16:49:31.0996 0x1234  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
16:49:32.0011 0x1234  swenum - ok
16:49:32.0033 0x1234  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
16:49:32.0080 0x1234  swprv - ok
16:49:32.0131 0x1234  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
16:49:32.0195 0x1234  Synth3dVsc - ok
16:49:32.0280 0x1234  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
16:49:32.0334 0x1234  SysMain - ok
16:49:32.0396 0x1234  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:49:32.0449 0x1234  SystemEventsBroker - ok
16:49:32.0480 0x1234  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:49:32.0534 0x1234  TabletInputService - ok
16:49:32.0549 0x1234  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:49:32.0612 0x1234  TapiSrv - ok
16:49:32.0712 0x1234  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
16:49:32.0813 0x1234  Tcpip - ok
16:49:32.0881 0x1234  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
16:49:32.0966 0x1234  Tcpip6 - ok
16:49:33.0066 0x1234  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
16:49:33.0151 0x1234  tcpipreg - ok
16:49:33.0198 0x1234  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
16:49:33.0213 0x1234  tdx - ok
16:49:33.0266 0x1234  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
16:49:33.0313 0x1234  terminpt - ok
16:49:33.0398 0x1234  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
16:49:33.0514 0x1234  TermService - ok
16:49:33.0551 0x1234  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
16:49:33.0582 0x1234  Themes - ok
16:49:33.0651 0x1234  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
16:49:33.0698 0x1234  TieringEngineService - ok
16:49:33.0751 0x1234  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
16:49:33.0866 0x1234  tiledatamodelsvc - ok
16:49:33.0898 0x1234  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
16:49:33.0935 0x1234  TimeBrokerSvc - ok
16:49:33.0967 0x1234  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
16:49:33.0999 0x1234  TPM - ok
16:49:34.0014 0x1234  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
16:49:34.0052 0x1234  TrkWks - ok
16:49:34.0098 0x1234  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:49:34.0198 0x1234  TrustedInstaller - ok
16:49:34.0235 0x1234  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
16:49:34.0299 0x1234  tsusbflt - ok
16:49:34.0314 0x1234  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:49:34.0352 0x1234  TsUsbGD - ok
16:49:34.0367 0x1234  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
16:49:34.0467 0x1234  tunnel - ok
16:49:34.0514 0x1234  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
16:49:34.0599 0x1234  tzautoupdate - ok
16:49:34.0631 0x1234  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
16:49:34.0637 0x1234  UASPStor - ok
16:49:34.0684 0x1234  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
16:49:34.0768 0x1234  UcmCx0101 - ok
16:49:34.0783 0x1234  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
16:49:34.0834 0x1234  UcmTcpciCx0101 - ok
16:49:34.0853 0x1234  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
16:49:34.0868 0x1234  UcmUcsi - ok
16:49:34.0915 0x1234  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
16:49:34.0937 0x1234  Ucx01000 - ok
16:49:34.0969 0x1234  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
16:49:35.0038 0x1234  UdeCx - ok
16:49:35.0069 0x1234  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
16:49:35.0116 0x1234  udfs - ok
16:49:35.0137 0x1234  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
16:49:35.0184 0x1234  UEFI - ok
16:49:35.0216 0x1234  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
16:49:35.0237 0x1234  Ufx01000 - ok
16:49:35.0253 0x1234  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
16:49:35.0269 0x1234  UfxChipidea - ok
16:49:35.0285 0x1234  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
16:49:35.0300 0x1234  ufxsynopsys - ok
16:49:35.0353 0x1234  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
16:49:35.0400 0x1234  UI0Detect - ok
16:49:35.0434 0x1234  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
16:49:35.0438 0x1234  umbus - ok
16:49:35.0469 0x1234  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
16:49:35.0469 0x1234  UmPass - ok
16:49:35.0532 0x1234  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
16:49:35.0569 0x1234  UmRdpService - ok
16:49:35.0638 0x1234  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
16:49:35.0754 0x1234  UnistoreSvc - ok
16:49:35.0816 0x1234  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:49:35.0870 0x1234  upnphost - ok
16:49:36.0039 0x1234  [ 7CE0FE34FD8FB7F52D1E503B0C1E4FA9, B54B558136FF621A4C63945CF982780CD9C61F3CB15143D73B550E6D0C14A246 ] UPnPService     C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
16:49:36.0170 0x1234  UPnPService - detected UnsignedFile.Multi.Generic ( 1 )
16:49:36.0170 0x1234  UPnPService ( UnsignedFile.Multi.Generic ) - warning
16:49:36.0170 0x1234  Force sending object to P2P due to detect: UPnPService
16:49:36.0170 0x1234  Object send P2P result: false
16:49:36.0202 0x1234  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
16:49:36.0217 0x1234  UrsChipidea - ok
16:49:36.0239 0x1234  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
16:49:36.0255 0x1234  UrsCx01000 - ok
16:49:36.0270 0x1234  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
16:49:36.0286 0x1234  UrsSynopsys - ok
16:49:36.0302 0x1234  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
16:49:36.0317 0x1234  usbccgp - ok
16:49:36.0339 0x1234  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
16:49:36.0355 0x1234  usbcir - ok
16:49:36.0401 0x1234  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
16:49:36.0417 0x1234  usbehci - ok
16:49:36.0439 0x1234  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
16:49:36.0486 0x1234  usbhub - ok
16:49:36.0517 0x1234  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
16:49:36.0555 0x1234  USBHUB3 - ok
16:49:36.0602 0x1234  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
16:49:36.0640 0x1234  usbohci - ok
16:49:36.0656 0x1234  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
16:49:36.0702 0x1234  usbprint - ok
16:49:36.0740 0x1234  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:49:36.0771 0x1234  usbscan - ok
16:49:36.0803 0x1234  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
16:49:36.0837 0x1234  usbser - ok
16:49:36.0856 0x1234  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:49:36.0872 0x1234  USBSTOR - ok
16:49:36.0903 0x1234  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
16:49:36.0919 0x1234  usbuhci - ok
16:49:36.0971 0x1234  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
16:49:37.0141 0x1234  usbvideo - ok
16:49:37.0188 0x1234  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:49:37.0203 0x1234  USBXHCI - ok
16:49:37.0303 0x1234  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
16:49:37.0403 0x1234  UserDataSvc - ok
16:49:37.0472 0x1234  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
16:49:37.0587 0x1234  UserManager - ok
16:49:37.0641 0x1234  [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
16:49:37.0772 0x1234  UsoSvc - ok
16:49:37.0788 0x1234  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
16:49:37.0804 0x1234  VaultSvc - ok
16:49:37.0819 0x1234  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
16:49:37.0842 0x1234  vdrvroot - ok
16:49:37.0904 0x1234  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
16:49:37.0942 0x1234  vds - ok
16:49:37.0973 0x1234  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
16:49:37.0989 0x1234  VerifierExt - ok
16:49:38.0058 0x1234  [ 46ADD0CD4473AAEF1C68266A803F704D, D521E46891253884CF8285E864FAE63F2E8E0974AD8D2EB4D910E8A35350844F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
16:49:38.0105 0x1234  vhdmp - ok
16:49:38.0142 0x1234  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
16:49:38.0173 0x1234  vhf - ok
16:49:38.0189 0x1234  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
16:49:38.0205 0x1234  vmbus - ok
16:49:38.0220 0x1234  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
16:49:38.0242 0x1234  VMBusHID - ok
16:49:38.0242 0x1234  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
16:49:38.0274 0x1234  vmgid - ok
16:49:38.0321 0x1234  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
16:49:38.0405 0x1234  vmicguestinterface - ok
16:49:38.0421 0x1234  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
16:49:38.0443 0x1234  vmicheartbeat - ok
16:49:38.0459 0x1234  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
16:49:38.0474 0x1234  vmickvpexchange - ok
16:49:38.0505 0x1234  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
16:49:38.0574 0x1234  vmicrdv - ok
16:49:38.0590 0x1234  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
16:49:38.0621 0x1234  vmicshutdown - ok
16:49:38.0621 0x1234  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
16:49:38.0659 0x1234  vmictimesync - ok
16:49:38.0659 0x1234  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
16:49:38.0690 0x1234  vmicvmsession - ok
16:49:38.0706 0x1234  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
16:49:38.0722 0x1234  vmicvss - ok
16:49:38.0759 0x1234  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
16:49:38.0775 0x1234  volmgr - ok
16:49:38.0806 0x1234  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
16:49:38.0838 0x1234  volmgrx - ok
16:49:38.0859 0x1234  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
16:49:38.0875 0x1234  volsnap - ok
16:49:38.0891 0x1234  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
16:49:38.0906 0x1234  volume - ok
16:49:38.0944 0x1234  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
16:49:38.0959 0x1234  vpci - ok
16:49:38.0991 0x1234  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
16:49:39.0006 0x1234  vsmraid - ok
16:49:39.0091 0x1234  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
16:49:39.0191 0x1234  VSS - ok
16:49:39.0244 0x1234  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
16:49:39.0260 0x1234  VSTXRAID - ok
16:49:39.0307 0x1234  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
16:49:39.0360 0x1234  vwifibus - ok
16:49:39.0375 0x1234  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
16:49:39.0407 0x1234  vwififlt - ok
16:49:39.0439 0x1234  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
16:49:39.0444 0x1234  vwifimp - ok
16:49:39.0507 0x1234  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
16:49:39.0607 0x1234  W32Time - ok
16:49:39.0660 0x1234  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
16:49:39.0691 0x1234  WacomPen - ok
16:49:39.0722 0x1234  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
16:49:39.0807 0x1234  WalletService - ok
16:49:39.0823 0x1234  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:49:39.0876 0x1234  wanarp - ok
16:49:39.0876 0x1234  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:49:39.0907 0x1234  wanarpv6 - ok
16:49:39.0976 0x1234  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
16:49:40.0123 0x1234  wbengine - ok
16:49:40.0191 0x1234  [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
16:49:40.0307 0x1234  WbioSrvc - ok
16:49:40.0360 0x1234  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
16:49:40.0375 0x1234  wcifs - ok
16:49:40.0460 0x1234  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
16:49:40.0506 0x1234  Wcmsvc - ok
16:49:40.0545 0x1234  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
16:49:40.0660 0x1234  wcncsvc - ok
16:49:40.0707 0x1234  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
16:49:40.0741 0x1234  wcnfs - ok
16:49:40.0761 0x1234  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
16:49:40.0761 0x1234  WdBoot - ok
16:49:40.0845 0x1234  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
16:49:40.0877 0x1234  Wdf01000 - ok
16:49:40.0908 0x1234  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
16:49:40.0923 0x1234  WdFilter - ok
16:49:40.0961 0x1234  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
16:49:41.0008 0x1234  WdiServiceHost - ok
16:49:41.0008 0x1234  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
16:49:41.0023 0x1234  WdiSystemHost - ok
16:49:41.0077 0x1234  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
16:49:41.0193 0x1234  wdiwifi - ok
16:49:41.0224 0x1234  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:49:41.0247 0x1234  WdNisDrv - ok
16:49:41.0293 0x1234  WdNisSvc - ok
16:49:41.0346 0x1234  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:49:41.0362 0x1234  WebClient - ok
16:49:41.0393 0x1234  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
16:49:41.0493 0x1234  Wecsvc - ok
16:49:41.0509 0x1234  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
16:49:41.0547 0x1234  WEPHOSTSVC - ok
16:49:41.0563 0x1234  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
16:49:41.0647 0x1234  wercplsupport - ok
16:49:41.0663 0x1234  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
16:49:41.0725 0x1234  WerSvc - ok
16:49:41.0747 0x1234  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
16:49:41.0762 0x1234  WFPLWFS - ok
16:49:41.0778 0x1234  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
16:49:41.0825 0x1234  WiaRpc - ok
16:49:41.0862 0x1234  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
16:49:41.0878 0x1234  WIMMount - ok
16:49:41.0878 0x1234  WinDefend - ok
16:49:41.0894 0x1234  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
16:49:41.0909 0x1234  WindowsTrustedRT - ok
16:49:41.0962 0x1234  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
16:49:41.0962 0x1234  WindowsTrustedRTProxy - ok
16:49:42.0009 0x1234  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:49:42.0079 0x1234  WinHttpAutoProxySvc - ok
16:49:42.0110 0x1234  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
16:49:42.0125 0x1234  WinMad - ok
16:49:42.0210 0x1234  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:49:42.0279 0x1234  Winmgmt - ok
16:49:42.0410 0x1234  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
16:49:42.0610 0x1234  WinRM - ok
16:49:42.0646 0x1234  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
16:49:42.0648 0x1234  WINUSB - ok
16:49:42.0711 0x1234  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
16:49:42.0726 0x1234  WinVerbs - ok
16:49:42.0795 0x1234  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
16:49:42.0945 0x1234  wisvc - ok
16:49:43.0049 0x1234  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
16:49:43.0196 0x1234  WlanSvc - ok
16:49:43.0296 0x1234  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
16:49:43.0465 0x1234  wlidsvc - ok
16:49:43.0496 0x1234  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
16:49:43.0496 0x1234  WmiAcpi - ok
16:49:43.0549 0x1234  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:49:43.0596 0x1234  wmiApSrv - ok
16:49:43.0627 0x1234  WMPNetworkSvc - ok
16:49:43.0680 0x1234  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
16:49:43.0712 0x1234  Wof - ok
16:49:43.0811 0x1234  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
16:49:43.0949 0x1234  workfolderssvc - ok
16:49:43.0996 0x1234  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
16:49:44.0080 0x1234  WPDBusEnum - ok
16:49:44.0127 0x1234  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:49:44.0143 0x1234  WpdUpFltr - ok
16:49:44.0165 0x1234  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
16:49:44.0227 0x1234  WpnService - ok
16:49:44.0249 0x1234  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
16:49:44.0280 0x1234  WpnUserService - ok
16:49:44.0311 0x1234  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:49:44.0380 0x1234  ws2ifsl - ok
16:49:44.0444 0x1234  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
16:49:44.0528 0x1234  wscsvc - ok
16:49:44.0528 0x1234  WSearch - ok
16:49:44.0650 0x1234  [ 5163F5BABAE1FF8CCC0AFD60B6EDD20A, E4F3FC2D7E9995DD34D6DD392D33B51649077985ECA0BF2AF0552D72DC3DF08E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
16:49:44.0829 0x1234  wuauserv - ok
16:49:44.0882 0x1234  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
16:49:44.0898 0x1234  WudfPf - ok
16:49:44.0913 0x1234  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
16:49:44.0950 0x1234  WUDFRd - ok
16:49:44.0982 0x1234  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
16:49:45.0029 0x1234  wudfsvc - ok
16:49:45.0029 0x1234  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:49:45.0051 0x1234  WUDFWpdFs - ok
16:49:45.0067 0x1234  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:49:45.0083 0x1234  WUDFWpdMtp - ok
16:49:45.0167 0x1234  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
16:49:45.0298 0x1234  WwanSvc - ok
16:49:45.0383 0x1234  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
16:49:45.0452 0x1234  XblAuthManager - ok
16:49:45.0550 0x1234  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
16:49:45.0683 0x1234  XblGameSave - ok
16:49:45.0747 0x1234  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
16:49:45.0831 0x1234  xboxgip - ok
16:49:45.0899 0x1234  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
16:49:45.0969 0x1234  XboxNetApiSvc - ok
16:49:46.0000 0x1234  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
16:49:46.0031 0x1234  xinputhid - ok
16:49:46.0031 0x1234  ================ Scan global ===============================
16:49:46.0100 0x1234  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
16:49:46.0153 0x1234  [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\WINDOWS\system32\winsrv.dll
16:49:46.0200 0x1234  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
16:49:46.0269 0x1234  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
16:49:46.0284 0x1234  [ Global ] - ok
16:49:46.0284 0x1234  ================ Scan MBR ==================================
16:49:46.0284 0x1234  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:49:46.0600 0x1234  \Device\Harddisk0\DR0 - ok
16:49:46.0600 0x1234  ================ Scan VBR ==================================
16:49:46.0600 0x1234  [ D44701F34A966DCA30E8F5AB9ACD1D81 ] \Device\Harddisk0\DR0\Partition1
16:49:46.0600 0x1234  \Device\Harddisk0\DR0\Partition1 - ok
16:49:46.0600 0x1234  [ B0A70D4C967CE6D737D1B24513E192A4 ] \Device\Harddisk0\DR0\Partition2
16:49:46.0600 0x1234  \Device\Harddisk0\DR0\Partition2 - ok
16:49:46.0632 0x1234  [ CBADC9AF93BC44480729E985FB31AC54 ] \Device\Harddisk0\DR0\Partition3
16:49:46.0632 0x1234  \Device\Harddisk0\DR0\Partition3 - ok
16:49:46.0632 0x1234  ================ Scan generic autorun ======================
16:49:46.0669 0x1234  ETDCtrl - ok
16:49:46.0700 0x1234  [ 0C3154D0620F974AD5C4E8D87626C8CF, 4E6B751F9C0D5D4833A12166BC5142E0A7402E98D00F570926ED9CA0936A8007 ] C:\WINDOWS\system32\igfxtray.exe
16:49:46.0716 0x1234  IgfxTray - ok
16:49:46.0754 0x1234  [ E4AA3D28753EF9DB333FE40079993B09, ECC60BAA7D21EF97CDA17F45277FBFE52B2169155DDB157E34A7AE2EC1BEC185 ] C:\WINDOWS\system32\hkcmd.exe
16:49:46.0769 0x1234  HotKeysCmds - ok
16:49:46.0801 0x1234  [ CF40080765D6F66FA93318C0DB6C7D1F, 015EE5BE439DAC6D3F7C7471EEF554C11F28947492E3F7AA14BB72622C327DCD ] C:\WINDOWS\system32\igfxpers.exe
16:49:46.0832 0x1234  Persistence - ok
16:49:46.0832 0x1234  WindowsDefender - ok
16:49:47.0101 0x1234  [ 0D907B3A3F181AECC90DF5F7E3FFD5D4, 38689C39183F7E77EAADE529DBCA712613CB544B7DBBDADD8AC25FD465820692 ] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
16:49:47.0302 0x1234  Malwarebytes TrayApp - ok
16:49:47.0386 0x1234  [ 4C6AAABB264526A9C845A39AEBB79B69, B27F869E8B44CC5F1F9ADCA53AA848C16D706587ED9C7F995AE59BF9B0426523 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
16:49:47.0417 0x1234  StartCCC - ok
16:49:47.0555 0x1234  [ 3E392414421F7A81B37BADF21B2C27C1, F38F7DF0C507A0056A2739D855B9330FD81146FE6599AAA6C723EFA5821A838E ] C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck_Broker.exe
16:49:47.0633 0x1234  MailCheck IE Broker - ok
16:49:48.0061 0x1234  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:49:48.0465 0x1234  OneDriveSetup - ok
16:49:48.0803 0x1234  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:49:49.0046 0x1234  OneDriveSetup - ok
16:49:49.0204 0x1234  [ 44348495F9D6ED21F4EFB3FF80677D99, 05B76248764B2BF7F9229626D7EFAFF96B724D38A82969EBE376CBE879E30450 ] C:\Users\Alfred\AppData\Local\Microsoft\OneDrive\OneDrive.exe
16:49:49.0266 0x1234  OneDrive - ok
16:49:49.0335 0x1234  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] C:\Users\Alfred\AppData\Local\Google\Update\GoogleUpdate.exe
16:49:49.0351 0x1234  Google Update - ok
16:49:49.0536 0x1234  [ 52CFF3274565013440E221A1DAB75847, C42E176046647438EE3C3574195D02B101A4C32ED8B292043E223540281AD0AE ] C:\Users\Alfred\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
16:49:49.0705 0x1234  Google Photos Backup - ok
16:49:49.0752 0x1234  [ 79C29DB890E9A65F5B19F60A7359E527, 327BCC1B051D7FFBCE6BA9F2C214FB5A4BDBE72CAB00F8179F5279612487884D ] C:\Users\Alfred\AppData\Local\GMX Application {sync-000021}\gmx_mediacenter.exe
16:49:49.0821 0x1234  GMX Application {sync-000021} - detected UnsignedFile.Multi.Generic ( 1 )
16:49:49.0821 0x1234  GMX Application {sync-000021} ( UnsignedFile.Multi.Generic ) - warning
16:49:49.0921 0x1234  [ 91121D27CAD2674B8FDB248D83EDFF19, 2C4E24AD1C868D80FBA7B07DC562FF8F4C627AFA1B4181E2F851FA09B8A7753A ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
16:49:49.0936 0x1234  iCloudServices - ok
16:49:50.0068 0x1234  [ E1B8765F50A98798089247208DFF12C5, 4A8189F896BE2355AE154ABC7A2DA0BAA2638D088B368505FB998C3B320E5272 ] C:\Users\Alfred\AppData\Roaming\NetCtl\netctl.exe
16:49:50.0206 0x1234  NetCtl - ok
16:49:50.0322 0x1234  GoogleDriveSync - ok
16:49:50.0468 0x1234  Win FW state via NFP2: disabled ( not trusted )
16:49:50.0468 0x1234  ============================================================
16:49:50.0468 0x1234  Scan finished
16:49:50.0468 0x1234  ============================================================
16:49:50.0487 0x0e54  Detected object count: 3
16:49:50.0487 0x0e54  Actual detected object count: 3
16:57:22.0440 0x0e54  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:22.0440 0x0e54  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:57:22.0440 0x0e54  UPnPService ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:22.0440 0x0e54  UPnPService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:57:22.0440 0x0e54  GMX Application {sync-000021} ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:22.0440 0x0e54  GMX Application {sync-000021} ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:57:37.0385 0x1320  Deinitialize success
         

Alt 20.12.2016, 20:39   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



Da ist nix!
tdsskiller hatte nur Fehlalarme, der Fund in den Downloads ist nur ein mit Adware gespicktes Setup. Malware ist nicht die Ursache für deine Probleme mit dem Flugzeugmodus und dem Netzwerkadapter. Du wirst im Windows-Subforum hier weiter machen müssen (neuen Thread aufmachen)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.12.2016, 23:02   #9
FUXS
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



OK

Vielen vielen Dank für Deine Hilfe und ein schönes Weihnachtsfest

wünscht Dir
FUXS

Alt 20.12.2016, 23:53   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



Lass trotzdem nochmal adwCleaner und JRT drüber:

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.12.2016, 10:42   #11
FUXS
 
Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Standard

Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter



Hallo Cosinus,

AdwCleaner meldet: keine Schadsoftware gefunden.

Log JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64 
Ran by Alfred (Limited) on 21.12.2016 at 10:36:22,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3 

Successfully deleted: C:\Users\Alfred\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\Alfred\AppData\Roaming\wyupdate au (Folder) 
Successfully deleted: C:\Users\Alfred\Documents\optimizer pro (Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.12.2016 at 10:38:12,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Antwort

Themen zu Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter
adobe, defender, desktop, explorer, google, helper, home, internet, internet explorer, kaspersky, kein internet, mozilla, neustart, prozesse, registry, scan, security, software, starten, svchost.exe, system, temp, windows, wlan, wmi



Ähnliche Themen: Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter


  1. Nach Trojanerbefall kein Internet mehr Win10
    Plagegeister aller Art und deren Bekämpfung - 14.10.2016 (1)
  2. WIN10 Pro Version 1607 Fehlermeldung beim Ausschalten
    Alles rund um Windows - 26.09.2016 (2)
  3. Win10-Anniversary: Firefox highjacker ffgogogo lässt sich nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 25.08.2016 (17)
  4. Win 10 - Kein Sound u. Internet, Sicherheitscenter lässt sich nicht aktivieren
    Log-Analyse und Auswertung - 22.08.2016 (6)
  5. WIN10: Yahoo Toolbar lässt sich im Chrome nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 17.12.2015 (13)
  6. WIN10 DNS Keeper lässt sich nicht entfernen/Verdacht auf andere Malware
    Log-Analyse und Auswertung - 07.09.2015 (4)
  7. KEIN WLAN! Broadcom Netzwerkadapter (QDS-BRCM1051) funktioniert nicht trotz Treiber etc.
    Netzwerk und Hardware - 25.07.2015 (1)
  8. PC lässt sich nicht mehr ausschalten - TR/Dropper.Gen ist im System
    Log-Analyse und Auswertung - 22.05.2015 (2)
  9. Nach Instalation von Iminet,kein Netzwerk mehr (kein internet mehr) Goggle Chrome und IE lassen sich nicht öffnen(weißer Bildschirm)
    Plagegeister aller Art und deren Bekämpfung - 27.12.2014 (1)
  10. csrss.exe, atiedxx.exe, winlogon.exe, ePowerEvent.exe - Dateipfad lässt sich nicht öffnen & kein Benutzer & keine Beschreibung
    Log-Analyse und Auswertung - 19.05.2014 (7)
  11. Avira lässt sich nicht installieren und kein Download funktioniert!
    Plagegeister aller Art und deren Bekämpfung - 17.03.2014 (16)
  12. ad hd2 plus werbung lässt sich nicht ausschalten
    Log-Analyse und Auswertung - 04.01.2014 (3)
  13. Keine Browser lassen sich öffnen, kein Zugang zum Internet
    Log-Analyse und Auswertung - 08.10.2012 (1)
  14. Win XP erhält keine IP-Adresse und Firewall lässt sich nicht einschalten - Kein Internetzugiff
    Plagegeister aller Art und deren Bekämpfung - 25.10.2011 (3)
  15. .exe dateien starten nicht mehr, laptop lässt sich nicht ausschalten
    Plagegeister aller Art und deren Bekämpfung - 14.04.2011 (1)
  16. Internet Explorer öffnet sich automatisch und lässt sich nicht mehr schließen
    Log-Analyse und Auswertung - 27.08.2010 (2)
  17. Welche Firewall lässt sich ausschalten?
    Antiviren-, Firewall- und andere Schutzprogramme - 15.02.2008 (40)

Zum Thema Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter - Hallo zusammen, mein Nachbar bat mich um Hilfe, da sein Laptop nicht mehr ins Internet geht. Nach ersten Überprüfungen bin ich allerdings ratlos - sicher ist: das System ist stark - Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter...
Archiv
Du betrachtest: Win10: Flugmodus lässt sich nicht ausschalten - kein Internet - keine Netzwerkadapter auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.