| |
| |||||||
Log-Analyse und Auswertung: Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsiveWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
29.12.2016, 13:06
| #1 |
 |  Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Hallo, hatte für meinen Sohn Kodu, Scratch & rigs of rods installiert. PC wurde dadurch total langsam. Habe die Programme soweit ich weiss wieder deinstalliert. PC ist trotzdem total langsam und wird irre heiß. Ich gehe davon aus, dass ich etwas eingefangen habe. Danke für die Hilfe schon im Voraus. VG MG Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von AnneLaptop (Administrator) auf AGLAPTOP (29-12-2016 12:58:05)
Gestartet von C:\Users\Anne\Desktop
Geladene Profile: AnneLaptop (Verfügbare Profile: AnneLaptop)
Platform: Windows 10 Home Version 1607 (X64) Sprache: German (Germany)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Pokki) C:\Users\Anne\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Pokki) C:\Users\Anne\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Pokki) C:\Users\Anne\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(Pokki) C:\Users\Anne\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(TODO: <Company name>) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
(Pokki) C:\Users\Anne\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe.bak
() C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\Install\{22707F77-97B4-44B9-8C3E-C20117E9DB9E}\55.0.2883.87_54.0.2840.99_chrome_updater.exe
(Google Inc.) C:\Windows\Temp\CR_D816E.tmp\setup.exe
(Google Inc.) C:\Windows\Temp\CR_D816E.tmp\setup.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
konnte nicht auf den Prozess zugreifen -> OfficeC2RClient.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13763800 2014-10-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-12-11] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
Startup: C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-04-19]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{1758a128-aa93-4c08-ac07-c733f4720894}: [DhcpNameServer] 192.16.128.24
Tcpip\..\Interfaces\{74e4ee42-c356-4378-84c6-7fd13b55da9b}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={F9D265E9-8E15-4DC7-8AD2-1C5792612009}&mid=4036e4cf7dee47cda1d8f123cc415ebb-d85d70e61221f16ec9c6e529c74499bdd0ead3cb&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116av&pr=fr&d=2016-01-31 14:13:14&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F9D265E9-8E15-4DC7-8AD2-1C5792612009}&mid=4036e4cf7dee47cda1d8f123cc415ebb-d85d70e61221f16ec9c6e529c74499bdd0ead3cb&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-01-31 14:13:14&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001 -> {07EDB4C9-D231-4751-BE35-DB3F3B6A9163} URL =
SearchScopes: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001 -> {33E4435F-EF55-4992-9CF7-393F6E057B88} URL = hxxp://www.search.ask.com/web?tpid=AVGSP2-SG&o=APN11810&pf=V7&p2=^BU0^aaa293^BZ^DE&gct=&itbv=12.33.2.2034&apn_uid=F8F4D518-75CD-4D4D-8379-7667C8740B25&apn_ptnrs=^BU0&apn_dtid=^aaa293^BZ^DE&apn_dbr=iexplore.exe_6_11.0.9600.17416&doi=2015-08-26&trgb=IE&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F9D265E9-8E15-4DC7-8AD2-1C5792612009}&mid=4036e4cf7dee47cda1d8f123cc415ebb-d85d70e61221f16ec9c6e529c74499bdd0ead3cb&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-01-31 14:13:14&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-12-11] (AVG)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-12-11] (AVG)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 5uytzf2e.default
FF ProfilePath: C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\5uytzf2e.default [2016-12-11]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\5uytzf2e.default -> Web Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\5uytzf2e.default -> Web Search
FF Homepage: Mozilla\Firefox\Profiles\5uytzf2e.default -> hxxps://homepage-web.com/?s=acer&m=start
FF Extension: (AVG Web TuneUp) - C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\5uytzf2e.default\Extensions\avg@toolbar.xpi [2016-12-11]
FF SearchPlugin: C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\5uytzf2e.default\searchplugins\avg-secure-search.xml [2016-12-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-13] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default [2016-12-29]
CHR Extension: (Google Präsentationen) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-06]
CHR Extension: (Google Docs) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-06]
CHR Extension: (Google Drive) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-06]
CHR Extension: (YouTube) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-06]
CHR Extension: (Google Tabellen) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-06]
CHR Extension: (Google Mail) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-06]
CHR Extension: (Chrome Media Router) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-06]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5337696 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-11-02] (AVG Technologies CZ, s.r.o.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-17] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-21] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
R2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2016-12-11] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-12-11] ()
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [312576 2016-10-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [267520 2016-10-19] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-21] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [56520 2015-06-08] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-29 12:58 - 2016-12-29 12:58 - 00021713 _____ C:\Users\Anne\Desktop\FRST.txt
2016-12-29 12:57 - 2016-12-29 12:58 - 00000000 ____D C:\FRST
2016-12-29 12:55 - 2016-12-29 12:57 - 02420736 _____ (Farbar) C:\Users\Anne\Desktop\FRST64.exe
2016-12-29 12:31 - 2016-12-29 12:31 - 00000000 ___HD C:\OneDriveTemp
2016-12-13 21:55 - 2016-12-13 21:55 - 00000000 ____D C:\Users\Anne\AppData\LocalLow\Adobe
2016-12-13 21:55 - 2016-12-13 21:55 - 00000000 ____D C:\Users\Anne\AppData\Local\CEF
2016-12-13 21:51 - 2016-12-13 21:57 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-12-13 21:50 - 2016-12-13 21:58 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-12-13 21:50 - 2016-12-13 21:50 - 00002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-12-13 21:42 - 2016-12-13 21:42 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-11 17:53 - 2016-12-11 17:53 - 00807168 _____ C:\Users\Anne\Downloads\BLES01976--150703173624.zip
2016-12-11 17:53 - 2016-12-11 17:53 - 00000000 ____D C:\Users\Anne\Downloads\BLES01976--150703173624
2016-12-11 17:00 - 2016-12-11 17:00 - 00604928 _____ (Reimage) C:\Users\Anne\Downloads\ReimageRepair.exe
2016-12-11 15:49 - 2016-12-11 15:49 - 00000000 ____D C:\Users\Anne\AppData\Local\CrashRpt
2016-12-11 15:49 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-12-11 15:49 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-12-11 15:49 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-12-11 15:49 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-12-11 15:49 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-12-11 15:49 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-12-11 15:49 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-12-11 15:49 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-12-11 15:49 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-12-11 15:47 - 2016-12-11 15:49 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-12-11 15:47 - 2016-12-11 15:47 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-12-11 15:44 - 2016-12-11 15:44 - 00000000 ____D C:\Users\Anne\Documents\Rigs of Rods 0.4
2016-12-11 15:40 - 2016-12-11 15:41 - 113871715 _____ (Rigs of Rods community ) C:\Users\Anne\Downloads\Rigs-of-Rods-0.4.7.0.exe
2016-12-05 17:35 - 2016-12-05 17:35 - 00000000 ____D C:\Users\Anne\Desktop\Anne Grieger
2016-12-05 17:32 - 2016-12-05 17:32 - 00000000 ____D C:\Users\Anne\Documents\SavedGames
2016-12-05 17:32 - 2016-12-05 17:32 - 00000000 ____D C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Research
2016-12-05 17:32 - 2016-12-05 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Research
2016-12-05 17:30 - 2016-12-05 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-12-05 17:29 - 2016-12-05 17:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Research
2016-12-05 17:26 - 2016-12-05 17:29 - 260230240 _____ (Microsoft Research ) C:\Users\Anne\Desktop\Kodu.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-29 12:56 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-29 12:56 - 2015-08-26 10:23 - 00000000 ____D C:\ProgramData\MFAData
2016-12-29 12:54 - 2016-11-15 14:58 - 00000943 _____ C:\Users\Public\Desktop\AVG.lnk
2016-12-29 12:54 - 2016-11-15 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-12-29 12:52 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-29 12:52 - 2015-01-23 01:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-29 12:46 - 2016-11-16 16:01 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2016-12-29 12:45 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-29 12:36 - 2015-04-19 15:20 - 00000000 ____D C:\Users\Anne\AppData\Local\SweetLabs App Platform
2016-12-29 12:34 - 2016-07-16 23:51 - 00725006 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-29 12:34 - 2016-07-16 23:51 - 00212372 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-29 12:34 - 2016-05-18 14:50 - 01755216 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-29 12:33 - 2016-11-16 16:01 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-29 12:33 - 2016-11-16 16:01 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-29 12:32 - 2015-04-19 15:22 - 00000000 ____D C:\Users\Anne\AppData\Local\clear.fi
2016-12-29 12:31 - 2015-04-19 15:29 - 00000000 ___RD C:\Users\Anne\OneDrive
2016-12-29 12:30 - 2016-11-16 16:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-29 12:30 - 2016-11-16 15:33 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-29 12:30 - 2016-11-16 15:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-29 12:27 - 2016-07-16 07:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-12-29 12:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-18 10:36 - 2016-11-16 15:36 - 00000000 ____D C:\Users\Anne
2016-12-17 09:35 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-17 09:11 - 2016-01-31 17:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-17 09:06 - 2016-01-31 17:32 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-13 21:56 - 2016-11-13 14:16 - 00000000 ____D C:\ProgramData\Adobe
2016-12-13 21:55 - 2016-11-13 14:15 - 00000000 ____D C:\Users\Anne\AppData\Local\Adobe
2016-12-13 21:55 - 2015-04-19 15:22 - 00000000 ____D C:\Users\Anne\AppData\Roaming\Adobe
2016-12-13 21:50 - 2016-11-13 14:16 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-13 21:42 - 2016-05-18 15:19 - 00002406 _____ C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 16:29 - 2016-01-31 14:13 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-12-11 16:27 - 2016-01-31 14:12 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-12-11 15:46 - 2014-10-27 18:11 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-05 17:33 - 2016-11-13 14:44 - 00000000 ____D C:\Users\Anne\Desktop\Raphael Scratch Projects
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-11-16 15:33 - 2016-11-16 15:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Anne\AppData\Local\Temp\octEA52.tmp.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-11-16 15:26
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von AnneLaptop (29-12-2016 12:59:43)
Gestartet von C:\Users\Anne\Desktop
Windows 10 Home Version 1607 (X64) (2016-11-16 15:05:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1839081263-2836892948-3433631102-500 - Administrator - Disabled)
AnneLaptop (S-1-5-21-1839081263-2836892948-3433631102-1001 - Administrator - Enabled) => C:\Users\Anne
DefaultAccount (S-1-5-21-1839081263-2836892948-3433631102-503 - Limited - Disabled)
Gast (S-1-5-21-1839081263-2836892948-3433631102-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1839081263-2836892948-3433631102-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
About.com (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\Pokki_7e295b7db76e9c37b73d0c1d46ee6b5d6f9aa130) (Version: 1.0.0.47860 - Pokki)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3018 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2011.1 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.13.2000.0 - Acer Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG (Version: 16.131.7924 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4739 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
BBC (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\Pokki_5110578d77115a3445841a4c038159b71769d31b) (Version: 1.0.0.46314 - Pokki)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dictionary.com (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\Pokki_c065405c79b9d1146e6af462bb5852798a42fc58) (Version: 1.0.0.50585 - Pokki)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Host App Service (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\SweetLabs_AP) (Version: 0.269.8.114 - Pokki)
IMDb (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\Pokki_9d153b1b6b60a262593fab6bbf51fa799be45a00) (Version: 1.0.0.45285 - Pokki)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{49D1966E-A747-4DFA-89EF-DCCB37F94CD8}) (Version: 17.1.1434.02 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{e63d3cb3-0b4d-44ca-aba0-ba433f2f37fd}) (Version: 17.13.0 - Intel Corporation)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MyTube (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\Pokki_5f035c7800c6aec3cae32a677ce891aacd12bb28) (Version: 3.1 - Pokki)
Numerics Calculator Pokki (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\Pokki_15521a10f8daaba5ae582ce1aa3c73688cb827b1) (Version: 8 - Pokki)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Pokki Start Menu (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.114 - Pokki)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 451 - Massachusetts Institute of Technology)
Scratch 2 Offline Editor (x32 Version: 255 - Massachusetts Institute of Technology) Hidden
TED (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\Pokki_a63ce8df0c799d94fbfcbcbed7b3c8c60ca0b9a2) (Version: 1.0.1.45670 - Pokki)
TripAdvisor (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\Pokki_d9d7806db9755a47e64ab5915405c2eab7faa374) (Version: 1.0.1.55658 - Pokki)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wikihow (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\Pokki_104d581f872200c24bd6b706111358bb4c3c2239) (Version: 1.0.0.50198 - Pokki)
Wikipedia (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\Pokki_f577d7f89306ac5a88efc146df3b215623ec0956) (Version: 1.0.0.42915 - Pokki)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00E22843-F440-4622-B23C-B4BBDE05BB4D} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Anne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {028C2937-649D-4CA3-86CE-429066FA8063} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {0A7A1C8F-C8AE-49C0-B5D9-CC4FB532D935} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-04] (Microsoft Corporation)
Task: {110FC0C5-0A56-4078-B3D0-F916B52AA2A6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {11ECCC5F-1A68-43E8-97FF-8F34872843CA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {137DDE85-542F-4BD1-B74F-F3E25907E483} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {1B394064-EDEE-4B73-9D07-3C18C09D64A2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {246B044E-0B8A-48C9-86A6-2F592EBF8074} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {26935F68-487D-459C-A549-60559CC1944C} - System32\Tasks\SweetLabs App Platform => C:\Users\Anne\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-11-16] (Pokki)
Task: {2B80F761-30C3-44B0-B5A0-245D7178E183} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {43AD76D0-5484-4105-BB9A-A8D8FB12B2ED} - System32\Tasks\InfoCollect => C:\Program Files (x86)\Acer\Acer Portal\InfoCollect.exe [2015-11-19] (Acer)
Task: {43F549DA-1DD0-45BA-B583-EFA34CC6C0FC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {469E51AA-D7F3-4AA8-AF47-81D2D0517DAD} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-11-19] (Acer)
Task: {5488FB48-0061-42D4-A464-1ACEDE630CAA} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {59B2B028-BB29-4110-859B-DB43103D7F11} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-30] ()
Task: {5C9FF567-A852-44A5-BC33-6FE2EC5E703F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {5E762633-E7FB-472E-BE35-F83CED1A973D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {6237BB71-D19D-452E-B906-2E0558DA49DE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-13] (Adobe Systems Incorporated)
Task: {63A7C4E8-5B73-4FA7-BB4E-0FF5D219E0B9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {6E78E7BE-6AC5-46AE-ABFE-51A68F071FE8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {70DBAC1A-7FBD-4294-9FD5-3228BDF9EA78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {71471F0C-BA8E-4C6B-A39F-AA0CB81F2E7E} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
Task: {72019F20-CC4D-4FE3-AEF2-A2E324BAAECD} - System32\Tasks\{4494EC17-9BBC-4AD2-B16F-26ACFE0A5773} => pcalua.exe -a C:\ProgramData\OEM\temp\a5ad0b17-f34d-49be-a157-c8b3d52acd13\AcerPortalSetup.exe -d "C:\Program Files (x86)\Acer\Acer Portal" -c /s <==== ACHTUNG
Task: {73B97A80-9099-48EE-A5CE-31B673B9B9A4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {74377150-BFE4-4F56-8221-3B96BA6C8DF8} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {7A66759D-ADE1-4510-9063-E3100BCA1B0D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-11-17] (Acer Incorporated)
Task: {88F3FCF3-58AC-4428-86CB-159BBDC7FEDB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {8FD269AA-8277-4AD1-83FA-E5268264D856} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {902D77BE-1F52-4058-AE0B-D5CD708A7236} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {B5B31CDA-5298-41E7-A592-B8AE4C329944} - System32\Tasks\{34913262-BDE8-4758-8C9E-840F9EA4E41E} => pcalua.exe -a "C:\Program Files (x86)\Acer\Acer Portal\uninstall.exe"
Task: {B6B406DC-49A2-4636-8CE1-AD067B7BC56A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-06] (Google Inc.)
Task: {B6C621B9-272C-42CB-945C-4C595ED49BCE} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {BB243FA4-55FC-4709-8EA0-1CA86CADBFDA} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-30] ()
Task: {C34D729E-FB77-45CD-87F2-C3F0E5B01B76} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {CAFCD0AA-F892-4621-8364-E945A1001D80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-06] (Google Inc.)
Task: {D1DC6EC1-43BA-4197-9141-FD471649936A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {D8C9B480-1FD2-4F42-BC91-4C25BBFF5BAE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E66D4269-0592-458A-A679-1D727102C79C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {F2C9E051-4F45-4A70-99B6-C7E4BC3D2450} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {F33405FB-2D3B-48A2-99D3-A7B87F319230} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Public\Desktop\Dropbox.lnk -> C:\Program Files\Dropbox\StartURL.exe () -> hxxps://www.dropbox.com/partners/acer2014/download
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-11-16 14:49 - 2016-11-16 14:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-31 14:12 - 2016-12-11 16:26 - 00980552 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2014-10-27 18:06 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-10-05 18:17 - 2016-10-05 18:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-16 14:49 - 2016-11-16 14:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-13 21:42 - 2016-12-13 21:42 - 01678560 _____ () C:\Users\Anne\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-04-19 11:38 - 2016-12-04 04:04 - 08924872 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2015-09-30 19:39 - 2015-09-30 19:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-11-16 14:49 - 2016-11-16 14:49 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-11 16:27 - 2016-12-11 16:26 - 02180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-12-17 09:13 - 2016-12-17 09:28 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-17 09:13 - 2016-12-17 09:28 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-17 09:13 - 2016-12-17 09:28 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-17 09:13 - 2016-12-17 09:28 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2014-08-30 03:00 - 2014-08-30 03:00 - 00100608 _____ () C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
2016-11-15 17:54 - 2016-11-08 22:03 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-15 17:54 - 2016-11-08 22:03 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-11-16 14:50 - 2016-11-16 14:50 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-12-13 21:41 - 2016-12-13 21:41 - 01244376 _____ () C:\Users\Anne\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2014-10-21 15:37 - 2014-10-21 15:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-11-16 15:39 - 2016-11-16 15:39 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-11-17 11:11 - 2015-11-17 11:11 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-07-01 09:57 - 2014-07-01 09:57 - 00279296 ____N () C:\Program Files (x86)\Acer\AcerCloud Docs\libcurl.dll
2015-11-19 14:39 - 2015-11-19 14:39 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-11-19 14:39 - 2015-11-19 14:39 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 00569856 _____ () C:\Users\Anne\AppData\Local\SweetLabs App Platform\Engine\ppGoogleNaClPluginChrome.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 01400846 _____ () C:\Users\Anne\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 00151054 _____ () C:\Users\Anne\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
2016-11-16 00:02 - 2016-11-16 00:02 - 00222734 _____ () C:\Users\Anne\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll
2016-12-29 12:46 - 2016-12-29 12:45 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{4C3498F4-386D-4921-8D4A-F7CDC3FBB9C5}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D97E2620-0DBC-4817-90B3-1CF18493873C}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{C9107278-4336-48FD-970E-44708F724E45}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{B2A37AE5-61AB-4DDA-8958-E971DED4703D}] => C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7B79927F-F60A-490A-8B7A-373A0EE6493D}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{01E15757-400F-48A6-9D38-8645E6B2042E}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{E699741F-34A4-45A0-A37E-0CAF96C9B120}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{533B9DC7-2812-472B-B74B-97870A7FA5B9}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{93347716-71F8-4CC9-8440-34F58AE05EDA}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{ADD74B5E-B319-4394-9DE1-6C366408B062}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{01E08E2A-9776-4473-AACD-48620F3B6AE6}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{681577C1-BE3E-4B27-A2E8-AE376615B787}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7EB3E4F2-08C9-459C-8A59-D08BA5ABC74A}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3C4A121E-50F2-44BC-95F6-2897CC2150A0}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{660DE9D3-7C1C-4C44-BDD2-AE9367866F17}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2B479518-33A7-4FD6-A708-59B91BF8792F}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E316A69F-47F8-468E-98D1-7D7AC96511A5}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3B953A27-E884-4D58-9C59-8C377A53EF1D}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7BBAE596-4D02-444E-BE16-3ECBC8291459}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B45ADDFB-E4A0-4BA1-95F8-77E9728F5F65}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{99C06558-A0DF-4B9D-80D7-2FDA1AC176FE}] => C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{74C31E87-FD7B-491F-B13E-BD507CD16115}] => C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{2A528C42-DE23-41B4-92F6-BEF1766C17C5}] => C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{BA055238-7352-4CC4-88EC-634E364D74D2}] => C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{3D97F8C4-4691-49A8-B390-F9EAEBC37553}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{344C8331-10FA-4E7F-9D65-1F4BCBD6D088}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{48C008F2-041E-4570-A53C-0E28B633443D}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{CC1F22C5-FEB6-46AF-B66B-5B0642274A89}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{58EA0EBB-79A2-4C67-816B-4E0B11041376}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{3B94F50F-678F-41A2-90EC-78F834C11902}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{9B3A4EB6-0DBB-4956-85E1-E1DCE87215DA}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{F6B76085-4604-41D3-AFD5-599F2E1EA66D}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{65966C48-FFA7-47EC-BD73-E475E492D7E8}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{14C3617A-97CF-4286-896F-B4DE4BEC8057}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{CE8C6810-B268-42A5-A88F-668A4F56131C}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{A9EB151D-E949-40A1-8B69-C5E1762B2C94}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{868507E2-CE9E-4BF9-8D30-DEF76AC97917}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{673756CF-61A9-4367-9EDE-8F22C6F11209}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6B4E483F-ECB7-4CDC-9062-C51019284CB8}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{34BAA0A4-06A1-4655-9671-31BED4B4DFB4}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F2147896-9AFA-48F0-86DF-03AF4AC62DD9}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8FDDEE53-9917-4F1C-9198-3E435AD38393}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5A3BA80C-4680-4012-865F-3DE7BAA18349}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D96632DD-F783-4720-B468-A5796823832B}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3B180330-828F-4A65-84CA-EEBF8E302661}] => C:\Users\Anne\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{73869D9D-003E-4472-A25B-016F7D3197C6}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3BB470E8-BA72-46F1-AE82-9CFD409F22B8}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{8FD57815-4A83-4AE7-A01F-FDC23B9824A4}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1567F311-82DB-4E45-8BDF-FA1575E6F5D3}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D49CF21B-33B0-4B61-A92B-B61907C0C4B1}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CC25019E-AE07-400A-BFDF-8B044776D36E}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8A94D668-1553-4055-918E-0D874A1B1BAA}] => C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{6EBD15E6-B86A-4D66-9DE8-7437E19E61FF}] => C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{EDB9E4B4-AB42-48B6-BCD5-A77698B075BC}] => C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B04C5641-7850-4CBA-9075-35D78387B300}] => C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{FFFF07A8-DF26-498A-944F-B0E6F712069B}] => C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{856355A3-D21F-4DBB-BD72-A87278F6E6AD}] => C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{8C01B0E8-7C49-47B6-84D0-1F45F4AEF93C}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A5F83F76-F170-4357-81AF-723836635707}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{92BDE973-A0C8-4541-A823-1EEE48C3AD4A}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3DB289B4-0BB6-4430-AD71-AD1061EB38E5}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5C2D322C-D3AC-41A4-ADCB-66062624EEC6}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{CFC46021-5E44-4A72-997A-EDA156A9CA6A}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
==================== Wiederherstellungspunkte =========================
16-11-2016 21:31:43 Windows Update
23-11-2016 16:05:26 Windows Modules Installer
26-11-2016 18:57:19 Installed iTunes
13-12-2016 21:51:48 Windows Update
17-12-2016 09:04:13 Windows Update
29-12-2016 12:38:03 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/29/2016 12:58:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeC2RClient.exe, version: 16.0.7571.1326, time stamp: 0x58164c84
Faulting module name: mso40uiwin32client.dll, version: 16.0.7571.7063, time stamp: 0x58436bba
Exception code: 0xc0000005
Fault offset: 0x0000000000858c20
Faulting process ID: 0x1f00
Faulting application start time: 0x01d261c91bd4e507
Faulting application path: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Faulting module path: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mso40uiwin32client.dll
Report ID: 505ed9c0-e70a-465b-8ea6-d7b7fd2311e6
Faulting package full name:
Faulting package-relative application ID:
Error: (12/29/2016 12:49:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\WINDOWS\Temp\AvgSetup\72799824-c3c6-47cf-a1c8-b11e5ec2f834\install\fmw\avgrdsttestx.exe".
Dependent Assembly AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (12/29/2016 12:48:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\WINDOWS\Temp\AvgSetup\72799824-c3c6-47cf-a1c8-b11e5ec2f834\install\fmw\avgrdsttesta.exe".
Dependent Assembly AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (12/29/2016 12:38:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/29/2016 12:34:02 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: AGLaptop)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe1018
Error: (12/29/2016 12:30:43 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (12/29/2016 12:30:43 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (12/29/2016 12:30:43 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (12/29/2016 12:25:15 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (12/17/2016 09:04:32 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (12/29/2016 12:41:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Kumulatives Update für Windows 10 Version 1607 für x64-basierte Systeme (KB3206632).
Error: (12/29/2016 12:31:00 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.
Error: (12/29/2016 12:30:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: The Anwendungsspezifisch permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT-AUTORITÄT\Lokaler Dienst SID (S-1-5-19) from address LocalHost (unter Verwendung von LRPC) running in the application container Nicht verfügbar SID (Nicht verfügbar). This security permission can be modified using the Component Services administrative tool.
Error: (12/29/2016 12:30:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: The Anwendungsspezifisch permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT-AUTORITÄT\Lokaler Dienst SID (S-1-5-19) from address LocalHost (unter Verwendung von LRPC) running in the application container Nicht verfügbar SID (Nicht verfügbar). This security permission can be modified using the Component Services administrative tool.
Error: (12/29/2016 12:30:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: The Anwendungsspezifisch permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT-AUTORITÄT\SYSTEM SID (S-1-5-18) from address LocalHost (unter Verwendung von LRPC) running in the application container Nicht verfügbar SID (Nicht verfügbar). This security permission can be modified using the Component Services administrative tool.
Error: (12/29/2016 12:30:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.
Error: (12/29/2016 12:30:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:36:32 on 18.12.2016 was unexpected.
Error: (12/18/2016 09:59:01 AM) (Source: DCOM) (EventID: 10016) (User: AGLaptop)
Description: The Computerstandard permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user AGLaptop\AnneLaptop SID (S-1-5-21-1839081263-2836892948-3433631102-1001) from address LocalHost (unter Verwendung von LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
Error: (12/18/2016 09:58:36 AM) (Source: DCOM) (EventID: 10016) (User: AGLaptop)
Description: The Computerstandard permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user AGLaptop\AnneLaptop SID (S-1-5-21-1839081263-2836892948-3433631102-1001) from address LocalHost (unter Verwendung von LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
Error: (12/18/2016 09:58:08 AM) (Source: DCOM) (EventID: 10016) (User: AGLaptop)
Description: The Computerstandard permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user AGLaptop\AnneLaptop SID (S-1-5-21-1839081263-2836892948-3433631102-1001) from address LocalHost (unter Verwendung von LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2016-12-29 12:59:32.933
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 12:59:32.930
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 12:59:24.576
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 12:59:24.574
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 12:56:19.673
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 12:56:19.394
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 12:56:19.311
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 12:56:13.759
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 12:56:13.534
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 12:56:13.407
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4158U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 4019.27 MB
Verfügbarer physikalischer RAM: 1683.89 MB
Summe virtueller Speicher: 8883.27 MB
Verfügbarer virtueller Speicher: 6201.7 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:448.56 GB) (Free:374.32 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F2B3EBFB)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
29.12.2016, 13:50
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive+++ WICHTIGER HINWEIS +++ Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache. Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung! Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben. Gelesen und verstanden? Bitte AVG deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => http://www.trojaner-board.de/171261-...zer-daten.html und Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, Avast oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Gib Bescheid wenn AVG weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ |
|
29.12.2016, 14:34
| #3 |
| | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive ok. AVG ist deinstalliert. Danke für den Hinweis.
__________________und danke, dass du dir die zeit nimmst! |
|
29.12.2016, 14:38
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.12.2016, 15:23
| #5 |
| | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Ergebnis Schritt 1: Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 10.0.9200 Windows 10 x64
Account is Administrative
Internet Explorer version: 11.447.14393.0
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 4214513664, free: 2080051200
Downloaded database version: v2016.12.29.05
Downloaded database version: v2016.11.20.01
Downloaded database version: v2016.12.16.01
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
12/29/2016 14:50:51
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\HalExtIntcLpioDma.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\Drivers\NTFS.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\System32\drivers\rt640x64.sys
\SystemRoot\System32\drivers\Netwbw02.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\iaLPSSi_I2C.sys
\SystemRoot\system32\drivers\SpbCx.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\LMDriver.sys
\SystemRoot\System32\drivers\RadioShim.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\drivers\hidi2c.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\MTConfig.sys
\SystemRoot\system32\DRIVERS\SynRMIHID.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\system32\DRIVERS\ibtusb.sys
\SystemRoot\system32\DRIVERS\BTHUSB.sys
\SystemRoot\system32\DRIVERS\bthport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\System32\drivers\bthpan.sys
\SystemRoot\system32\drivers\BthA2DP.sys
\SystemRoot\system32\drivers\btampm.sys
\SystemRoot\System32\drivers\BthAvrcpTg.sys
\SystemRoot\System32\drivers\bthhfenum.sys
\SystemRoot\system32\DRIVERS\BthHfAud.sys
\SystemRoot\System32\drivers\BthHFHid.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\wcnfs.sys
\SystemRoot\System32\drivers\registry.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\drivers\vwifimp.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\System32\drivers\tunnel.sys
\SystemRoot\system32\Drivers\WdNisDrv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2016.12.29.05
rootkit: v2016.11.20.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffff990aa984f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffff990aa984fae0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff990aa984f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffff990aa962d040, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffff990aa962f060, DeviceName: \Device\00000034\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: F2B3EBFB
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 369116700
GPT Header CurrentLba = 1 BackupLba 976773167
GPT Header FirstUsableLba 34 LastUsableLba 976773134
GPT Header Guid d36b5d89-837c-48ca-a927-fbd245418fa
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 369116700
Backup GPT header CurrentLba = 976773167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 976773134
Backup GPT header Guid d36b5d89-837c-48ca-a927-fbd245418fa
Backup GPT header Contains 128 partition entries starting at LBA 976773135
Backup GPT header Partition entry size = 128
Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 77360449-28c8-43f6-9b21-1bd2b84fa237
FirstLBA 2048 Last LBA 1230847
Attributes 1
Partition Name Basic data partition
Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID 7c338779-6765-41bd-828f-f55a8f5cfc2
FirstLBA 1230848 Last LBA 1845247
Attributes 0
Partition Name EFI system partition
GPT Partition 1 is bootable
Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID aba7a3a3-6ed4-45d9-aef0-89932dceb4bb
FirstLBA 1845248 Last LBA 2107391
Attributes 0
Partition Name Microsoft reserved partition
Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 1ac05ff0-7047-4266-b9f8-3ee7a5ee75ba
FirstLBA 2107392 Last LBA 942800895
Attributes 0
Partition Name Basic data partition
Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID ce3e12b2-8674-42d8-8073-10b7e283a42
FirstLBA 942800896 Last LBA 976773119
Attributes 1
Partition Name Basic data partition
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
File "C:\Windows\System32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3E79424A7F4C335E310D25F9720B50BF352815D9.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3E79424A7F4C335E310D25F9720B50BF352815D9.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3E79424A7F4C335E310D25F9720B50BF352815D9.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3E79424A7F4C335E310D25F9720B50BF352815D9.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3E79424A7F4C335E310D25F9720B50BF352815D9.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3E79424A7F4C335E310D25F9720B50BF352815D9.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3E79424A7F4C335E310D25F9720B50BF352815D9.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3E79424A7F4C335E310D25F9720B50BF352815D9.bin.7C" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-3E79424A7F4C335E310D25F9720B50BF352815D9.bin.83" is compressed (flags = 1)
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
|
|
29.12.2016, 19:29
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Anleitung bitte richtig lesen. 1. du hast das falsche Log von MBAR gepostet 2. Logs müssen immer gepostet werden egal ob Fund oder kein Fund - und auch keine Nacherzählungen schreiben
__________________ --> Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive |
|
29.12.2016, 19:59
| #7 |
| | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Schritt 1: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.12.29.05
rootkit: v2016.11.20.01
Windows 10 x64 NTFS
Internet Explorer 11.447.14393.0
AnneLaptop :: AGLAPTOP [administrator]
29/12/2016 14:51:05
mbar-log-2016-12-29 (14-51-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 327464
Time elapsed: 23 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
I Code:
ATTFilter 19:53:27.0179 0x1a7c TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
19:53:27.0179 0x1a7c UEFI system
19:53:29.0930 0x1a7c ============================================================
19:53:29.0930 0x1a7c Current date / time: 2016/12/29 19:53:29.0930
19:53:29.0930 0x1a7c SystemInfo:
19:53:29.0930 0x1a7c
19:53:29.0930 0x1a7c OS Version: 10.0.14393 ServicePack: 0.0
19:53:29.0930 0x1a7c Product type: Workstation
19:53:29.0930 0x1a7c ComputerName: AGLAPTOP
19:53:29.0930 0x1a7c UserName: AnneLaptop
19:53:29.0930 0x1a7c Windows directory: C:\WINDOWS
19:53:29.0930 0x1a7c System windows directory: C:\WINDOWS
19:53:29.0930 0x1a7c Running under WOW64
19:53:29.0930 0x1a7c Processor architecture: Intel x64
19:53:29.0930 0x1a7c Number of processors: 4
19:53:29.0930 0x1a7c Page size: 0x1000
19:53:29.0930 0x1a7c Boot type: Normal boot
19:53:29.0930 0x1a7c CodeIntegrityOptions = 0x00000001
19:53:29.0930 0x1a7c ============================================================
19:53:30.0227 0x1a7c KLMD registered as C:\WINDOWS\system32\drivers\86290472.sys
19:53:30.0227 0x1a7c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.447, osProperties = 0x19
19:53:31.0992 0x1a7c System UUID: {377FE349-659E-13D9-83AE-4AAD7BB45D39}
19:53:32.0805 0x1a7c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:53:32.0805 0x1a7c ============================================================
19:53:32.0805 0x1a7c \Device\Harddisk0\DR0:
19:53:32.0805 0x1a7c GPT partitions:
19:53:32.0805 0x1a7c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {77360449-28C8-43F6-9B21-1BD2B84FA237}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
19:53:32.0805 0x1a7c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {7C338779-6765-41BD-828F-0F55A8F5CFC2}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
19:53:32.0805 0x1a7c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {ABA7A3A3-6ED4-45D9-AEF0-89932DCEB4BB}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
19:53:32.0805 0x1a7c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1AC05FF0-7047-4266-B9F8-3EE7A5EE75BA}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x3811D800
19:53:32.0805 0x1a7c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CE3E12B2-8674-42D8-8073-100B7E283A42}, Name: Basic data partition, StartLBA 0x38320000, BlocksNum 0x2066000
19:53:32.0805 0x1a7c MBR partitions:
19:53:32.0805 0x1a7c ============================================================
19:53:32.0805 0x1a7c C: <-> \Device\Harddisk0\DR0\Partition4
19:53:32.0805 0x1a7c ============================================================
19:53:32.0805 0x1a7c Initialize success
19:53:32.0805 0x1a7c ============================================================
19:53:45.0927 0x11b8 ============================================================
19:53:45.0927 0x11b8 Scan started
19:53:45.0927 0x11b8 Mode: Manual; SigCheck; TDLFS;
19:53:45.0927 0x11b8 ============================================================
19:53:45.0927 0x11b8 KSN ping started
19:53:46.0162 0x11b8 KSN ping finished: true
19:53:48.0031 0x11b8 ================ Scan system memory ========================
19:53:48.0031 0x11b8 System memory - ok
19:53:48.0031 0x11b8 ================ Scan services =============================
19:53:48.0422 0x11b8 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:53:48.0609 0x11b8 1394ohci - ok
19:53:48.0656 0x11b8 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:53:48.0672 0x11b8 3ware - ok
19:53:48.0719 0x11b8 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:53:48.0765 0x11b8 ACPI - ok
19:53:48.0765 0x11b8 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
19:53:48.0828 0x11b8 AcpiDev - ok
19:53:48.0828 0x11b8 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:53:48.0844 0x11b8 acpiex - ok
19:53:48.0890 0x11b8 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:53:48.0969 0x11b8 acpipagr - ok
19:53:49.0000 0x11b8 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:53:49.0047 0x11b8 AcpiPmi - ok
19:53:49.0047 0x11b8 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:53:49.0062 0x11b8 acpitime - ok
19:53:49.0094 0x11b8 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:53:49.0109 0x11b8 AdobeARMservice - ok
19:53:49.0609 0x11b8 [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:53:49.0625 0x11b8 AdobeFlashPlayerUpdateSvc - ok
19:53:49.0859 0x11b8 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:53:49.0925 0x11b8 ADP80XX - ok
19:53:49.0972 0x11b8 [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:53:50.0003 0x11b8 AFD - ok
19:53:50.0035 0x11b8 [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:53:50.0082 0x11b8 ahcache - ok
19:53:50.0129 0x11b8 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
19:53:50.0160 0x11b8 AJRouter - ok
19:53:50.0191 0x11b8 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
19:53:50.0253 0x11b8 ALG - ok
19:53:50.0285 0x11b8 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:53:50.0347 0x11b8 AmdK8 - ok
19:53:50.0363 0x11b8 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:53:50.0379 0x11b8 AmdPPM - ok
19:53:50.0394 0x11b8 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:53:50.0410 0x11b8 amdsata - ok
19:53:50.0441 0x11b8 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:53:50.0457 0x11b8 amdsbs - ok
19:53:50.0472 0x11b8 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:53:50.0488 0x11b8 amdxata - ok
19:53:50.0519 0x11b8 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:53:50.0550 0x11b8 AppID - ok
19:53:50.0550 0x11b8 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:53:50.0613 0x11b8 AppIDSvc - ok
19:53:50.0629 0x11b8 [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:53:50.0644 0x11b8 Appinfo - ok
19:53:50.0675 0x11b8 [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:53:50.0691 0x11b8 Apple Mobile Device Service - ok
19:53:50.0691 0x11b8 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
19:53:50.0722 0x11b8 applockerfltr - ok
19:53:50.0769 0x11b8 [ 21DC11DA29484AE026E536F2EA7E79E5, 6E17B679494CB293DE13DFA18F79A9DFAFEEBAAE41943F95B5E1AE0720A5CA26 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:53:50.0835 0x11b8 AppReadiness - ok
19:53:50.0942 0x11b8 [ F9F4CFCB3845EABF81A654001C80854C, 2CB7BED0A838585903056E41D46C2604B5EECA3B6C673497A22BFFCAE7986C5F ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:53:51.0129 0x11b8 AppXSvc - ok
19:53:51.0161 0x11b8 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:53:51.0192 0x11b8 arcsas - ok
19:53:51.0207 0x11b8 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
19:53:51.0254 0x11b8 AsyncMac - ok
19:53:51.0270 0x11b8 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:53:51.0286 0x11b8 atapi - ok
19:53:51.0317 0x11b8 [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:53:51.0348 0x11b8 AudioEndpointBuilder - ok
19:53:51.0379 0x11b8 [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:53:51.0426 0x11b8 Audiosrv - ok
19:53:51.0473 0x11b8 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:53:51.0504 0x11b8 AxInstSV - ok
19:53:51.0551 0x11b8 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:53:51.0567 0x11b8 b06bdrv - ok
19:53:51.0582 0x11b8 [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:53:51.0645 0x11b8 BasicDisplay - ok
19:53:51.0645 0x11b8 [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
19:53:51.0676 0x11b8 BasicRender - ok
19:53:51.0707 0x11b8 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
19:53:51.0754 0x11b8 bcmfn - ok
19:53:51.0754 0x11b8 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:53:51.0786 0x11b8 bcmfn2 - ok
19:53:51.0801 0x11b8 [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:53:51.0848 0x11b8 BDESVC - ok
19:53:51.0895 0x11b8 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:53:51.0957 0x11b8 Beep - ok
19:53:51.0973 0x11b8 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
19:53:52.0036 0x11b8 BFE - ok
19:53:52.0098 0x11b8 [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\WINDOWS\System32\qmgr.dll
19:53:52.0254 0x11b8 BITS - ok
19:53:52.0270 0x11b8 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:53:52.0286 0x11b8 Bonjour Service - ok
19:53:52.0301 0x11b8 [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:53:52.0348 0x11b8 bowser - ok
19:53:52.0426 0x11b8 [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:53:52.0504 0x11b8 BrokerInfrastructure - ok
19:53:52.0536 0x11b8 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll
19:53:52.0567 0x11b8 Browser - ok
19:53:52.0614 0x11b8 [ A70E09FD082BFA67BE085D41C8B6A85F, 1711163E7BE0DE83701A0293BF5D4D37AAD124D88F6FFA3FCC6CF0F3A7D3B78D ] BthA2DP C:\WINDOWS\system32\drivers\BthA2DP.sys
19:53:52.0676 0x11b8 BthA2DP - ok
19:53:52.0692 0x11b8 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:53:52.0739 0x11b8 BthAvrcpTg - ok
19:53:52.0770 0x11b8 [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
19:53:52.0833 0x11b8 BthEnum - ok
19:53:52.0864 0x11b8 [ 20C63A9CC92CEA8D284C6EA36FED68DC, DA7669CCCA6838269297DD45EDB48149898B3E14648B5DB3B93AF82A3279B411 ] BthHFAud C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
19:53:52.0895 0x11b8 BthHFAud - ok
19:53:52.0911 0x11b8 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:53:52.0926 0x11b8 BthHFEnum - ok
19:53:52.0942 0x11b8 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
19:53:52.0958 0x11b8 bthhfhid - ok
19:53:52.0989 0x11b8 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
19:53:53.0020 0x11b8 BthHFSrv - ok
19:53:53.0067 0x11b8 [ 0AB691736D4D4029444AF62DE59CFD37, C1C22EFBF67331B87AB261BBF9813009257437BA02F728EC2DFA1A49ECC5FABF ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
19:53:53.0114 0x11b8 BthLEEnum - ok
19:53:53.0129 0x11b8 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:53:53.0161 0x11b8 BTHMODEM - ok
19:53:53.0176 0x11b8 [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
19:53:53.0223 0x11b8 BthPan - ok
19:53:53.0239 0x11b8 [ E6D5762958A839B119C041256149AAD6, 8FB489F6771C392347E333935E00024309A19F1D3143F365A039A9D2DE0A639C ] BTHPORT C:\WINDOWS\system32\DRIVERS\BTHport.sys
19:53:53.0317 0x11b8 BTHPORT - ok
19:53:53.0348 0x11b8 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\WINDOWS\system32\bthserv.dll
19:53:53.0395 0x11b8 bthserv - ok
19:53:53.0411 0x11b8 [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
19:53:53.0458 0x11b8 BTHUSB - ok
19:53:53.0473 0x11b8 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:53:53.0505 0x11b8 buttonconverter - ok
19:53:53.0520 0x11b8 [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
19:53:53.0567 0x11b8 CapImg - ok
19:53:53.0692 0x11b8 [ 74C44321239B991FE8A3FE4D5648B515, F8819C889DB32E0B6917FC85B1095EC84D774AD45932736384D9F24BDCDE1A95 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
19:53:53.0848 0x11b8 CCDMonitorService - ok
19:53:53.0911 0x11b8 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:53:53.0989 0x11b8 cdfs - ok
19:53:54.0051 0x11b8 [ B737F6FB33A6F79BCBC293A5B32C1C4E, B2EAF621052A4CBEE78208ECF1AC9286BD1EB431019372254E442319308112F8 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
19:53:54.0114 0x11b8 CDPSvc - ok
19:53:54.0129 0x11b8 [ 2531EF3423A9FE1692005A41907E3BE3, 4E7D3E216937305B73CBCC5031F513CEC38F4FEFE3F2291DED5F37641221CCA0 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
19:53:54.0161 0x11b8 CDPUserSvc - ok
19:53:54.0208 0x11b8 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:53:54.0239 0x11b8 cdrom - ok
19:53:54.0254 0x11b8 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:53:54.0286 0x11b8 CertPropSvc - ok
19:53:54.0301 0x11b8 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
19:53:54.0333 0x11b8 cht4iscsi - ok
19:53:54.0426 0x11b8 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
19:53:54.0520 0x11b8 cht4vbd - ok
19:53:54.0551 0x11b8 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:53:54.0583 0x11b8 circlass - ok
19:53:54.0614 0x11b8 [ 39591D8510CEC3BA6ED4330EE689B791, E827DEA20AB338308D6E4EEFEF551088088B77CD10BF08C8BE568090E04172E2 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:53:54.0645 0x11b8 CLFS - ok
19:53:54.0770 0x11b8 [ 069565979759A32A7E7FFF1541906B3F, E840AA394EB60120F8E6C4E7880A7F061070CAC5CC9AB1F74F88F65A6572BE08 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
19:53:54.0911 0x11b8 ClickToRunSvc - ok
19:53:54.0942 0x11b8 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
19:53:55.0005 0x11b8 ClipSVC - ok
19:53:55.0020 0x11b8 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
19:53:55.0067 0x11b8 clreg - ok
19:53:55.0098 0x11b8 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:53:55.0130 0x11b8 CmBatt - ok
19:53:55.0161 0x11b8 [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:53:55.0192 0x11b8 CNG - ok
19:53:55.0223 0x11b8 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:53:55.0223 0x11b8 cnghwassist - ok
19:53:55.0286 0x11b8 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
19:53:55.0317 0x11b8 CompositeBus - ok
19:53:55.0317 0x11b8 COMSysApp - ok
19:53:55.0333 0x11b8 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:53:55.0333 0x11b8 condrv - ok
19:53:55.0395 0x11b8 [ 03DCC01047713690E312B013C60881AE, B98174222DDFDA2A31BAC4795D99FA07D1D03107ABDB27BF5069FAFBBF00D278 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:53:55.0426 0x11b8 CoreMessagingRegistrar - ok
19:53:55.0554 0x11b8 [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:53:55.0825 0x11b8 cphs - ok
19:53:55.0848 0x11b8 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:53:55.0868 0x11b8 CryptSvc - ok
19:53:55.0886 0x11b8 [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam C:\WINDOWS\system32\drivers\dam.sys
19:53:55.0922 0x11b8 dam - ok
19:53:55.0952 0x11b8 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:53:56.0066 0x11b8 DcomLaunch - ok
19:53:56.0077 0x11b8 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
19:53:56.0106 0x11b8 DcpSvc - ok
19:53:56.0124 0x11b8 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:53:56.0168 0x11b8 defragsvc - ok
19:53:56.0205 0x11b8 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:53:56.0248 0x11b8 DeviceAssociationService - ok
19:53:56.0255 0x11b8 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:53:56.0293 0x11b8 DeviceInstall - ok
19:53:56.0316 0x11b8 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
19:53:56.0369 0x11b8 DevQueryBroker - ok
19:53:56.0377 0x11b8 [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:53:56.0438 0x11b8 Dfsc - ok
19:53:56.0477 0x11b8 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
II Code:
ATTFilter 19:53:56.0520 0x11b8 Dhcp - ok
19:53:56.0596 0x11b8 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:53:56.0643 0x11b8 diagnosticshub.standardcollector.service - ok
19:53:56.0752 0x11b8 [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:53:56.0908 0x11b8 DiagTrack - ok
19:53:56.0940 0x11b8 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
19:53:56.0955 0x11b8 disk - ok
19:53:56.0987 0x11b8 [ 44A5CAF4E736BCD4360015BB3B841179, 8CD74620C3E163FF998CA8C09A999FED5C9EFDC88D07493192A57032D18CA973 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:53:57.0143 0x11b8 DmEnrollmentSvc - ok
19:53:57.0159 0x11b8 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:53:57.0205 0x11b8 dmvsc - ok
19:53:57.0205 0x11b8 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:53:57.0252 0x11b8 dmwappushservice - ok
19:53:57.0284 0x11b8 [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:53:57.0346 0x11b8 Dnscache - ok
19:53:57.0393 0x11b8 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:53:57.0440 0x11b8 dot3svc - ok
19:53:57.0455 0x11b8 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
19:53:57.0534 0x11b8 DPS - ok
19:53:57.0534 0x11b8 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
19:53:57.0549 0x11b8 drmkaud - ok
19:53:57.0565 0x11b8 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:53:57.0627 0x11b8 DsmSvc - ok
19:53:57.0627 0x11b8 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
19:53:57.0659 0x11b8 DsSvc - ok
19:53:57.0752 0x11b8 [ 125C83C44EEE61E2ED5893F23AEF0FC9, D6599AFFA1A554124AEF6862C69027F9FF9B343362091439866641A1CFB0E76A ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:53:57.0924 0x11b8 DXGKrnl - ok
19:53:57.0924 0x11b8 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:53:57.0987 0x11b8 EapHost - ok
19:53:58.0096 0x11b8 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:53:58.0284 0x11b8 ebdrv - ok
19:53:58.0299 0x11b8 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe
19:53:58.0315 0x11b8 EFS - ok
19:53:58.0330 0x11b8 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:53:58.0346 0x11b8 EhStorClass - ok
19:53:58.0377 0x11b8 [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:53:58.0409 0x11b8 EhStorTcgDrv - ok
19:53:58.0424 0x11b8 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
19:53:58.0455 0x11b8 embeddedmode - ok
19:53:58.0502 0x11b8 [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:53:58.0534 0x11b8 EntAppSvc - ok
19:53:58.0643 0x11b8 [ 6066FDFF6E02A0F1F2584EBC9D4A1E63, 2CD1405C4664FBE2EB120EB9F56FCDC629F334AD6BA609A9B442FE594CB6A247 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
19:53:58.0752 0x11b8 ePowerSvc - ok
19:53:58.0768 0x11b8 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:53:58.0799 0x11b8 ErrDev - ok
19:53:58.0862 0x11b8 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
19:53:58.0893 0x11b8 EventSystem - ok
19:53:58.0909 0x11b8 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:53:58.0946 0x11b8 exfat - ok
19:53:58.0962 0x11b8 [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:53:58.0993 0x11b8 fastfat - ok
19:53:59.0040 0x11b8 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe
19:53:59.0134 0x11b8 Fax - ok
19:53:59.0165 0x11b8 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:53:59.0212 0x11b8 fdc - ok
19:53:59.0212 0x11b8 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:53:59.0243 0x11b8 fdPHost - ok
19:53:59.0258 0x11b8 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:53:59.0290 0x11b8 FDResPub - ok
19:53:59.0290 0x11b8 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:53:59.0337 0x11b8 fhsvc - ok
19:53:59.0368 0x11b8 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
19:53:59.0430 0x11b8 FileCrypt - ok
19:53:59.0446 0x11b8 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:53:59.0462 0x11b8 FileInfo - ok
19:53:59.0477 0x11b8 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:53:59.0540 0x11b8 Filetrace - ok
19:53:59.0555 0x11b8 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:53:59.0571 0x11b8 flpydisk - ok
19:53:59.0587 0x11b8 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:53:59.0602 0x11b8 FltMgr - ok
19:53:59.0915 0x11b8 [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache C:\WINDOWS\system32\FntCache.dll
19:54:00.0024 0x11b8 FontCache - ok
19:54:00.0071 0x11b8 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:54:00.0071 0x11b8 FontCache3.0.0.0 - ok
19:54:00.0180 0x11b8 [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
19:54:00.0274 0x11b8 FrameServer - ok
19:54:00.0290 0x11b8 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:54:00.0290 0x11b8 FsDepends - ok
19:54:00.0305 0x11b8 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:54:00.0321 0x11b8 Fs_Rec - ok
19:54:00.0384 0x11b8 [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:54:00.0415 0x11b8 fvevol - ok
19:54:00.0430 0x11b8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:54:00.0446 0x11b8 GEARAspiWDM - ok
19:54:00.0493 0x11b8 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:54:00.0587 0x11b8 gencounter - ok
19:54:00.0602 0x11b8 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
19:54:00.0639 0x11b8 genericusbfn - ok
19:54:00.0655 0x11b8 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:54:00.0671 0x11b8 GPIOClx0101 - ok
19:54:00.0749 0x11b8 [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:54:00.0811 0x11b8 gpsvc - ok
19:54:00.0827 0x11b8 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:54:00.0889 0x11b8 GpuEnergyDrv - ok
19:54:00.0889 0x11b8 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:54:00.0905 0x11b8 gupdate - ok
19:54:00.0921 0x11b8 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:54:00.0921 0x11b8 gupdatem - ok
19:54:00.0952 0x11b8 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:54:01.0046 0x11b8 HDAudBus - ok
19:54:01.0046 0x11b8 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:54:01.0061 0x11b8 HidBatt - ok
19:54:01.0092 0x11b8 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:54:01.0155 0x11b8 HidBth - ok
19:54:01.0155 0x11b8 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:54:01.0186 0x11b8 hidi2c - ok
19:54:01.0186 0x11b8 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:54:01.0202 0x11b8 hidinterrupt - ok
19:54:01.0233 0x11b8 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:54:01.0249 0x11b8 HidIr - ok
19:54:01.0280 0x11b8 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
19:54:01.0327 0x11b8 hidserv - ok
19:54:01.0343 0x11b8 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:54:01.0389 0x11b8 HidUsb - ok
19:54:01.0405 0x11b8 [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:54:01.0483 0x11b8 HomeGroupListener - ok
19:54:01.0530 0x11b8 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:54:01.0608 0x11b8 HomeGroupProvider - ok
19:54:01.0608 0x11b8 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:54:01.0624 0x11b8 HpSAMD - ok
19:54:01.0702 0x11b8 [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:54:01.0796 0x11b8 HTTP - ok
19:54:01.0796 0x11b8 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
19:54:01.0889 0x11b8 HvHost - ok
19:54:01.0921 0x11b8 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
19:54:01.0952 0x11b8 hvservice - ok
19:54:01.0968 0x11b8 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:54:01.0983 0x11b8 hwpolicy - ok
19:54:01.0999 0x11b8 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:54:02.0014 0x11b8 hyperkbd - ok
19:54:02.0046 0x11b8 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:54:02.0108 0x11b8 i8042prt - ok
19:54:02.0124 0x11b8 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
19:54:02.0187 0x11b8 iagpio - ok
19:54:02.0203 0x11b8 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
19:54:02.0234 0x11b8 iai2c - ok
19:54:02.0234 0x11b8 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
19:54:02.0250 0x11b8 iaLPSS2i_GPIO2 - ok
19:54:02.0272 0x11b8 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:54:02.0303 0x11b8 iaLPSS2i_I2C - ok
19:54:02.0334 0x11b8 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:54:02.0350 0x11b8 iaLPSSi_GPIO - ok
19:54:02.0350 0x11b8 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:54:02.0381 0x11b8 iaLPSSi_I2C - ok
19:54:02.0412 0x11b8 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
19:54:02.0459 0x11b8 iaStorAV - ok
19:54:02.0475 0x11b8 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:54:02.0506 0x11b8 iaStorV - ok
19:54:02.0537 0x11b8 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
19:54:02.0569 0x11b8 ibbus - ok
19:54:02.0569 0x11b8 ibtsiva - ok
19:54:02.0600 0x11b8 [ 606148419C4F99C3102E1EF5E3AFC72A, 63DB5D2ABFB3A0F048B87FCF4B32C4B862F396DDBD3AC5E52951648C99BEC3DD ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
19:54:02.0615 0x11b8 ibtusb - ok
19:54:02.0615 0x11b8 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
19:54:02.0678 0x11b8 icssvc - ok
19:54:02.0883 0x11b8 [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:54:03.0290 0x11b8 igfx - ok
19:54:03.0368 0x11b8 [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
19:54:03.0399 0x11b8 igfxCUIService2.0.0.0 - ok
19:54:03.0462 0x11b8 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:54:03.0524 0x11b8 IKEEXT - ok
19:54:03.0540 0x11b8 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
19:54:03.0602 0x11b8 IndirectKmd - ok
19:54:03.0618 0x11b8 [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
19:54:03.0649 0x11b8 intaud_WaveExtensible - ok
19:54:03.0805 0x11b8 [ 0ED561B13EFE36080760981616107D15, 2FB78BC7825E29A9E216061EC9E4196612B86C6ED5ADB48AA3EBBB8C0E2CCCFF ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:54:03.0977 0x11b8 IntcAzAudAddService - ok
19:54:03.0993 0x11b8 [ 0D92782AEAFEC340F7F637E91C7E367D, 2E2654D017FF567CF8ED4D0BA20209894792C8BDDF50C3396961F2B850E17E36 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:54:04.0024 0x11b8 IntcDAud - ok
19:54:04.0055 0x11b8 [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:54:05.0477 0x11b8 Intel(R) Capability Licensing Service TCP IP Interface - ok
19:54:05.0509 0x11b8 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:54:05.0524 0x11b8 intelide - ok
19:54:05.0555 0x11b8 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:54:05.0571 0x11b8 intelpep - ok
19:54:05.0571 0x11b8 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:54:05.0602 0x11b8 intelppm - ok
19:54:05.0618 0x11b8 [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
19:54:05.0634 0x11b8 iorate - ok
19:54:05.0649 0x11b8 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:54:05.0696 0x11b8 IpFilterDriver - ok
19:54:05.0743 0x11b8 [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:54:05.0868 0x11b8 iphlpsvc - ok
19:54:05.0884 0x11b8 [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:54:05.0899 0x11b8 IPMIDRV - ok
19:54:05.0915 0x11b8 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:54:05.0962 0x11b8 IPNAT - ok
19:54:05.0993 0x11b8 [ C37FAF1F0CE458D124A326FC8A7FF08D, 0147897CDF6DC2AB7113672D2B62CB258303FB0482B084C23C2E7EFCDE0065B4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
|
|
29.12.2016, 20:00
| #8 |
| | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Schritt 2: III Code:
ATTFilter 19:54:06.0024 0x11b8 iPod Service - ok
19:54:06.0040 0x11b8 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
19:54:06.0071 0x11b8 irda - ok
19:54:06.0087 0x11b8 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
19:54:06.0102 0x11b8 IRENUM - ok
19:54:06.0102 0x11b8 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
19:54:06.0134 0x11b8 irmon - ok
19:54:06.0149 0x11b8 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:54:06.0165 0x11b8 isapnp - ok
19:54:06.0180 0x11b8 [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:54:06.0196 0x11b8 iScsiPrt - ok
19:54:06.0243 0x11b8 [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:54:06.0290 0x11b8 jhi_service - ok
19:54:06.0305 0x11b8 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:54:06.0321 0x11b8 kbdclass - ok
19:54:06.0352 0x11b8 [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:54:06.0415 0x11b8 kbdhid - ok
19:54:06.0415 0x11b8 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
19:54:06.0446 0x11b8 kdnic - ok
19:54:06.0446 0x11b8 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe
19:54:06.0462 0x11b8 KeyIso - ok
19:54:06.0477 0x11b8 [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:54:06.0493 0x11b8 KSecDD - ok
19:54:06.0509 0x11b8 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:54:06.0524 0x11b8 KSecPkg - ok
19:54:06.0524 0x11b8 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:54:06.0571 0x11b8 ksthunk - ok
19:54:06.0602 0x11b8 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:54:06.0665 0x11b8 KtmRm - ok
19:54:06.0681 0x11b8 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:54:06.0727 0x11b8 LanmanServer - ok
19:54:06.0727 0x11b8 [ B581907FD94F1FF148BF695331F67612, 05D1FFA456557A291566D788B8DE2485552E361EC3C0F63EA1A710BE940A5398 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:54:06.0806 0x11b8 LanmanWorkstation - ok
19:54:06.0821 0x11b8 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
19:54:06.0884 0x11b8 lfsvc - ok
19:54:06.0884 0x11b8 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
19:54:06.0946 0x11b8 LicenseManager - ok
19:54:06.0962 0x11b8 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
19:54:07.0024 0x11b8 lltdio - ok
19:54:07.0040 0x11b8 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:54:07.0071 0x11b8 lltdsvc - ok
19:54:07.0087 0x11b8 [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver C:\WINDOWS\System32\drivers\LMDriver.sys
19:54:07.0087 0x11b8 LMDriver - ok
19:54:07.0102 0x11b8 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:54:07.0118 0x11b8 lmhosts - ok
19:54:07.0149 0x11b8 [ ED5C8B920F2ACF11A26586B2FA66BF3D, D6F014F0CCAB7EDA38A8CC58F439D2A8CD89195AE84F82E25475CE11CB3883C9 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:54:07.0227 0x11b8 LMS - ok
19:54:07.0243 0x11b8 [ 4C5177C5EA6A66C6CFAA49737C023ED1, 3FA54E51A7B8EF438A93E96B3067139B911D3128B6048C135CA39B8E7200D5F5 ] LMSvc C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
19:54:07.0259 0x11b8 LMSvc - ok
19:54:07.0290 0x11b8 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:54:07.0306 0x11b8 LSI_SAS - ok
19:54:07.0339 0x11b8 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:54:07.0355 0x11b8 LSI_SAS2i - ok
19:54:07.0370 0x11b8 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:54:07.0386 0x11b8 LSI_SAS3i - ok
19:54:07.0402 0x11b8 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:54:07.0417 0x11b8 LSI_SSS - ok
19:54:07.0449 0x11b8 [ 06276381A0797FD417E7068C1210FA06, 204144E9792216F952CED869ECB6B26FB466BF730B8A73FA4799B1EBC1A630AB ] LSM C:\WINDOWS\System32\lsm.dll
19:54:07.0574 0x11b8 LSM - ok
19:54:07.0589 0x11b8 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:54:07.0636 0x11b8 luafv - ok
19:54:07.0636 0x11b8 [ ED5B42D75F3DEE93040B3930DA9F3009, E919DA20E46FE1C81CB76090B799DD858DD4771DB0EBDE4545DB4681A0AFFE8E ] MapsBroker C:\WINDOWS\System32\moshost.dll
19:54:07.0683 0x11b8 MapsBroker - ok
19:54:07.0699 0x11b8 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:54:07.0714 0x11b8 megasas - ok
19:54:07.0746 0x11b8 [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
19:54:07.0761 0x11b8 megasas2i - ok
19:54:07.0792 0x11b8 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:54:07.0824 0x11b8 megasr - ok
19:54:07.0839 0x11b8 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
19:54:07.0870 0x11b8 MEIx64 - ok
19:54:07.0886 0x11b8 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:54:07.0917 0x11b8 MessagingService - ok
19:54:08.0027 0x11b8 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:54:08.0058 0x11b8 mlx4_bus - ok
19:54:08.0074 0x11b8 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
19:54:08.0152 0x11b8 MMCSS - ok
19:54:08.0167 0x11b8 [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:54:08.0199 0x11b8 Modem - ok
19:54:08.0199 0x11b8 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:54:08.0230 0x11b8 monitor - ok
19:54:08.0246 0x11b8 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:54:08.0261 0x11b8 mouclass - ok
19:54:08.0261 0x11b8 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:54:08.0324 0x11b8 mouhid - ok
19:54:08.0324 0x11b8 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:54:08.0339 0x11b8 mountmgr - ok
19:54:08.0339 0x11b8 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:54:08.0386 0x11b8 mpsdrv - ok
19:54:08.0433 0x11b8 [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
19:54:08.0527 0x11b8 MpsSvc - ok
19:54:08.0558 0x11b8 [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:54:08.0621 0x11b8 MRxDAV - ok
19:54:08.0652 0x11b8 [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:54:08.0683 0x11b8 mrxsmb - ok
19:54:08.0699 0x11b8 [ 200E4A385F5F370D8866BAE25B0D9D32, 114AD45000A0C74EAE26C3075BBFEF80B9386C69D58CE4436CAFCF13613EAEFA ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:54:08.0746 0x11b8 mrxsmb10 - ok
19:54:08.0746 0x11b8 [ F7C22604CD8AFB9AF1C1E3CE39A5A09F, 3F7B39336F8A72525C667D45C9300CA6D017BDE17A6E23EF794BA59D2F3C78F3 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:54:08.0777 0x11b8 mrxsmb20 - ok
19:54:08.0792 0x11b8 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
19:54:08.0855 0x11b8 MsBridge - ok
19:54:08.0886 0x11b8 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:54:08.0933 0x11b8 MSDTC - ok
19:54:08.0949 0x11b8 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:54:08.0996 0x11b8 Msfs - ok
19:54:09.0011 0x11b8 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:54:09.0011 0x11b8 msgpiowin32 - ok
19:54:09.0027 0x11b8 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:54:09.0074 0x11b8 mshidkmdf - ok
19:54:09.0074 0x11b8 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:54:09.0121 0x11b8 mshidumdf - ok
19:54:09.0121 0x11b8 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:54:09.0136 0x11b8 msisadrv - ok
19:54:09.0152 0x11b8 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:54:09.0183 0x11b8 MSiSCSI - ok
19:54:09.0199 0x11b8 msiserver - ok
19:54:09.0199 0x11b8 [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
19:54:09.0230 0x11b8 MSKSSRV - ok
19:54:09.0230 0x11b8 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
19:54:09.0277 0x11b8 MsLldp - ok
19:54:09.0292 0x11b8 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
19:54:09.0339 0x11b8 MSPCLOCK - ok
19:54:09.0371 0x11b8 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
19:54:09.0402 0x11b8 MSPQM - ok
19:54:09.0417 0x11b8 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:54:09.0433 0x11b8 MsRPC - ok
19:54:09.0449 0x11b8 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:54:09.0449 0x11b8 mssmbios - ok
19:54:09.0464 0x11b8 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
19:54:09.0496 0x11b8 MSTEE - ok
19:54:09.0496 0x11b8 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:54:09.0527 0x11b8 MTConfig - ok
19:54:09.0543 0x11b8 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:54:09.0558 0x11b8 Mup - ok
19:54:09.0574 0x11b8 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:54:09.0589 0x11b8 mvumis - ok
19:54:09.0621 0x11b8 [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:54:09.0668 0x11b8 NativeWifiP - ok
19:54:09.0683 0x11b8 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:54:09.0730 0x11b8 NcaSvc - ok
19:54:09.0746 0x11b8 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:54:09.0793 0x11b8 NcbService - ok
19:54:09.0808 0x11b8 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:54:09.0839 0x11b8 NcdAutoSetup - ok
19:54:09.0855 0x11b8 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
19:54:09.0871 0x11b8 ndfltr - ok
19:54:09.0918 0x11b8 [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:54:09.0964 0x11b8 NDIS - ok
19:54:09.0996 0x11b8 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
19:54:10.0027 0x11b8 NdisCap - ok
19:54:10.0043 0x11b8 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:54:10.0089 0x11b8 NdisImPlatform - ok
19:54:10.0136 0x11b8 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:54:10.0168 0x11b8 NdisTapi - ok
19:54:10.0183 0x11b8 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
19:54:10.0230 0x11b8 Ndisuio - ok
19:54:10.0230 0x11b8 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:54:10.0261 0x11b8 NdisVirtualBus - ok
19:54:10.0293 0x11b8 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
19:54:10.0324 0x11b8 NdisWan - ok
19:54:10.0324 0x11b8 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:54:10.0355 0x11b8 ndiswanlegacy - ok
19:54:10.0371 0x11b8 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:54:10.0418 0x11b8 ndproxy - ok
19:54:10.0433 0x11b8 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:54:10.0480 0x11b8 Ndu - ok
19:54:10.0496 0x11b8 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
19:54:10.0558 0x11b8 NetAdapterCx - ok
19:54:10.0574 0x11b8 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
19:54:10.0605 0x11b8 NetBIOS - ok
19:54:10.0636 0x11b8 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:54:10.0730 0x11b8 NetBT - ok
19:54:10.0730 0x11b8 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:54:10.0746 0x11b8 Netlogon - ok
19:54:10.0777 0x11b8 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
19:54:10.0808 0x11b8 Netman - ok
19:54:10.0840 0x11b8 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:54:10.0949 0x11b8 netprofm - ok
19:54:10.0965 0x11b8 [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
19:54:11.0043 0x11b8 NetSetupSvc - ok
19:54:11.0093 0x11b8 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:54:11.0108 0x11b8 NetTcpPortSharing - ok
19:54:11.0202 0x11b8 [ 1F91B1E5FD41BDC3DF8AFFB81C8AA277, B8CB13863C1F0C589C008E191A393DF241F3067DD7CADE02B3B7D36B28BBA2ED ] NETwNb64 C:\WINDOWS\System32\drivers\Netwbw02.sys
19:54:11.0421 0x11b8 NETwNb64 - ok
19:54:11.0452 0x11b8 [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
19:54:11.0577 0x11b8 NgcCtnrSvc - ok
19:54:11.0640 0x11b8 [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
19:54:11.0718 0x11b8 NgcSvc - ok
19:54:11.0749 0x11b8 [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:54:11.0890 0x11b8 NlaSvc - ok
19:54:11.0905 0x11b8 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:54:11.0952 0x11b8 Npfs - ok
19:54:11.0952 0x11b8 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:54:11.0984 0x11b8 npsvctrig - ok
19:54:12.0015 0x11b8 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
19:54:12.0062 0x11b8 nsi - ok
19:54:12.0062 0x11b8 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:54:12.0093 0x11b8 nsiproxy - ok
19:54:12.0187 0x11b8 [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
19:54:12.0327 0x11b8 NTFS - ok
19:54:12.0327 0x11b8 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:54:12.0405 0x11b8 Null - ok
19:54:12.0452 0x11b8 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:54:12.0484 0x11b8 nvraid - ok
19:54:12.0499 0x11b8 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:54:12.0515 0x11b8 nvstor - ok
19:54:12.0562 0x11b8 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
19:54:12.0609 0x11b8 OneSyncSvc - ok
19:54:12.0640 0x11b8 [ 55AFF77D3DACE7ADCE146E70F4691979, 365E71EC1C01FFE715D37B652427ECE45E1960A13E4D11C3B2214ED11A3B6349 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:54:12.0655 0x11b8 ose - ok
19:54:12.0687 0x11b8 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:54:12.0749 0x11b8 p2pimsvc - ok
19:54:12.0780 0x11b8 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:54:12.0812 0x11b8 p2psvc - ok
19:54:12.0827 0x11b8 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:54:12.0874 0x11b8 Parport - ok
19:54:12.0874 0x11b8 [ 9DB326B54C03EF2892E7551D8B354036, 64CD77E8A4425E80CFB61DEE33C1A677A4044C6FC0614D74B20BDDD7C5D5334D ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:54:12.0890 0x11b8 partmgr - ok
19:54:12.0937 0x11b8 [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:54:13.0013 0x11b8 PcaSvc - ok
19:54:13.0044 0x11b8 [ 101CC1FD8D48ED1EF71F0840158D0E6D, A944D70DE230E3FBD8B371EF3BED1FCD12AAFD56945A8F5C44994AF13283FCCD ] pci C:\WINDOWS\system32\drivers\pci.sys
19:54:13.0075 0x11b8 pci - ok
19:54:13.0091 0x11b8 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:54:13.0107 0x11b8 pciide - ok
19:54:13.0122 0x11b8 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:54:13.0138 0x11b8 pcmcia - ok
19:54:13.0154 0x11b8 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:54:13.0169 0x11b8 pcw - ok
19:54:13.0185 0x11b8 [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:54:13.0200 0x11b8 pdc - ok
19:54:13.0252 0x11b8 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:54:13.0314 0x11b8 PEAUTH - ok
19:54:13.0330 0x11b8 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
19:54:13.0346 0x11b8 percsas2i - ok
19:54:13.0361 0x11b8 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
19:54:13.0377 0x11b8 percsas3i - ok
19:54:13.0502 0x11b8 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:54:13.0580 0x11b8 PerfHost - ok
19:54:13.0658 0x11b8 [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
19:54:13.0768 0x11b8 PhoneSvc - ok
19:54:13.0830 0x11b8 [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:54:13.0908 0x11b8 PimIndexMaintenanceSvc - ok
19:54:13.0997 0x11b8 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
19:54:14.0106 0x11b8 pla - ok
19:54:14.0122 0x11b8 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:54:14.0137 0x11b8 PlugPlay - ok
19:54:14.0153 0x11b8 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:54:14.0184 0x11b8 PNRPAutoReg - ok
19:54:14.0231 0x11b8 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:54:14.0278 0x11b8 PNRPsvc - ok
19:54:14.0327 0x11b8 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:54:14.0378 0x11b8 PolicyAgent - ok
19:54:14.0380 0x11b8 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
19:54:14.0411 0x11b8 Power - ok
19:54:14.0442 0x11b8 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
19:54:14.0474 0x11b8 PptpMiniport - ok
19:54:14.0617 0x11b8 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:54:14.0979 0x11b8 PrintNotify - ok
19:54:15.0025 0x11b8 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:54:15.0070 0x11b8 Processor - ok
19:54:15.0115 0x11b8 [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:54:15.0241 0x11b8 ProfSvc - ok
19:54:15.0260 0x11b8 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
19:54:15.0277 0x11b8 Psched - ok
19:54:15.0314 0x11b8 [ 992DBEEC25BC2535B03B564367A3B652, 68CA8A8C4B03A06BB71E5DBB3883B3605C4AA64322665BFACC410206362A7AD9 ] QASvc C:\Program Files\Acer\Acer Quick Access\QASvc.exe
19:54:15.0329 0x11b8 QASvc - ok
19:54:15.0376 0x11b8 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:54:15.0423 0x11b8 QWAVE - ok
19:54:15.0454 0x11b8 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:54:15.0501 0x11b8 QWAVEdrv - ok
19:54:15.0517 0x11b8 [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim C:\WINDOWS\System32\drivers\RadioShim.sys
19:54:15.0517 0x11b8 RadioShim - ok
19:54:15.0548 0x11b8 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:54:15.0579 0x11b8 RasAcd - ok
19:54:15.0595 0x11b8 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
19:54:15.0657 0x11b8 RasAgileVpn - ok
19:54:15.0673 0x11b8 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:54:15.0736 0x11b8 RasAuto - ok
19:54:15.0751 0x11b8 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
19:54:15.0798 0x11b8 Rasl2tp - ok
19:54:15.0845 0x11b8 [ 3C0A10FFC3CB95D249CA64D62BC912EF, 8A75398EF3FF4BBE822031B3D1C63BFC75ABE11AB35BC0451DFF3B1D56477D97 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:54:15.0954 0x11b8 RasMan - ok
19:54:15.0977 0x11b8 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:54:16.0014 0x11b8 RasPppoe - ok
19:54:16.0030 0x11b8 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
19:54:16.0061 0x11b8 RasSstp - ok
19:54:16.0077 0x11b8 [ EDAF0E161BE98CCC4FC9671481600745, 50DB73C341086E346F6EF57E40A7C3A8F6279E5EBB53A67F9B71B7877EB75734 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:54:16.0117 0x11b8 rdbss - ok
19:54:16.0135 0x11b8 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:54:16.0197 0x11b8 rdpbus - ok
19:54:16.0213 0x11b8 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:54:16.0229 0x11b8 RDPDR - ok
19:54:16.0275 0x11b8 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:54:16.0307 0x11b8 RdpVideoMiniport - ok
19:54:16.0379 0x11b8 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:54:16.0412 0x11b8 rdyboost - ok
19:54:16.0467 0x11b8 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
19:54:16.0513 0x11b8 ReFSv1 - ok
19:54:16.0560 0x11b8 [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:54:16.0628 0x11b8 RemoteAccess - ok
19:54:16.0630 0x11b8 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:54:16.0666 0x11b8 RemoteRegistry - ok
19:54:16.0682 0x11b8 [ FA62C4E1D753B489832DD0A7033665EE, BB0B59ABC79CEFA949632179239D711944C29E93EBCE60E629DE75AF2C3268B2 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
19:54:16.0775 0x11b8 RetailDemo - ok
19:54:16.0807 0x11b8 [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
19:54:16.0869 0x11b8 RFCOMM - ok
19:54:16.0900 0x11b8 [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:54:16.0916 0x11b8 RichVideo - ok
19:54:16.0932 0x11b8 [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll
19:54:16.0963 0x11b8 RmSvc - ok
19:54:16.0994 0x11b8 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:54:17.0010 0x11b8 RpcEptMapper - ok
19:54:17.0072 0x11b8 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
19:54:17.0088 0x11b8 RpcLocator - ok
19:54:17.0135 0x11b8 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:54:17.0197 0x11b8 RpcSs - ok
19:54:17.0213 0x11b8 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
19:54:17.0260 0x11b8 rspndr - ok
19:54:17.0260 0x11b8 [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
19:54:17.0291 0x11b8 RSUSBVSTOR - ok
19:54:17.0307 0x11b8 [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
19:54:17.0369 0x11b8 rt640x64 - ok
19:54:17.0400 0x11b8 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:54:17.0432 0x11b8 s3cap - ok
19:54:17.0432 0x11b8 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe
19:54:17.0447 0x11b8 SamSs - ok
19:54:17.0463 0x11b8 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:54:17.0478 0x11b8 sbp2port - ok
19:54:17.0494 0x11b8 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:54:17.0525 0x11b8 SCardSvr - ok
19:54:17.0557 0x11b8 [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:54:17.0588 0x11b8 ScDeviceEnum - ok
19:54:17.0603 0x11b8 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:54:17.0635 0x11b8 scfilter - ok
19:54:17.0650 0x11b8 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:54:17.0713 0x11b8 Schedule - ok
19:54:17.0728 0x11b8 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
19:54:17.0744 0x11b8 scmbus - ok
19:54:17.0775 0x11b8 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
19:54:17.0807 0x11b8 scmdisk0101 - ok
19:54:17.0822 0x11b8 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:54:17.0838 0x11b8 SCPolicySvc - ok
19:54:17.0869 0x11b8 [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:54:17.0916 0x11b8 sdbus - ok
19:54:17.0916 0x11b8 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
19:54:17.0963 0x11b8 SDRSVC - ok
19:54:17.0978 0x11b8 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:54:17.0994 0x11b8 sdstor - ok
19:54:18.0010 0x11b8 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
19:54:18.0072 0x11b8 seclogon - ok
19:54:18.0104 0x11b8 [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll
19:54:18.0135 0x11b8 SENS - ok
19:54:18.0197 0x11b8 [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:54:18.0353 0x11b8 SensorDataService - ok
19:54:18.0400 0x11b8 [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll
19:54:18.0463 0x11b8 SensorService - ok
19:54:18.0478 0x11b8 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:54:18.0525 0x11b8 SensrSvc - ok
19:54:18.0541 0x11b8 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:54:18.0557 0x11b8 SerCx - ok
19:54:18.0604 0x11b8 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:54:18.0619 0x11b8 SerCx2 - ok
19:54:18.0651 0x11b8 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:54:18.0682 0x11b8 Serenum - ok
19:54:18.0697 0x11b8 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:54:18.0713 0x11b8 Serial - ok
19:54:18.0729 0x11b8 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:54:18.0775 0x11b8 sermouse - ok
19:54:18.0791 0x11b8 [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:54:18.0900 0x11b8 SessionEnv - ok
19:54:18.0932 0x11b8 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:54:18.0947 0x11b8 sfloppy - ok
19:54:19.0010 0x11b8 [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:54:19.0135 0x11b8 SharedAccess - ok
19:54:19.0229 0x11b8 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:54:19.0291 0x11b8 ShellHWDetection - ok
19:54:19.0307 0x11b8 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
19:54:19.0385 0x11b8 shpamsvc - ok
19:54:19.0401 0x11b8 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:54:19.0432 0x11b8 SiSRaid2 - ok
19:54:19.0447 0x11b8 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:54:19.0463 0x11b8 SiSRaid4 - ok
19:54:19.0494 0x11b8 [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll
19:54:19.0541 0x11b8 smphost - ok
19:54:19.0557 0x11b8 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
19:54:19.0619 0x11b8 SmsRouter - ok
19:54:19.0651 0x11b8 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:54:19.0666 0x11b8 SNMPTRAP - ok
19:54:19.0697 0x11b8 [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:54:19.0729 0x11b8 spaceport - ok
19:54:19.0744 0x11b8 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:54:19.0760 0x11b8 SpbCx - ok
19:54:19.0791 0x11b8 [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:54:19.0885 0x11b8 Spooler - ok
19:54:20.0088 0x11b8 [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:54:20.0338 0x11b8 sppsvc - ok
19:54:20.0400 0x11b8 [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:54:20.0463 0x11b8 srv - ok
19:54:20.0494 0x11b8 [ 1312896CAE6AF0D4557DB7B37283C116, 9E3701DBBF0F45368A217549A7DFDA2543C4AB3AC9CCF65A73E1FE27CC4A278E ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:54:20.0557 0x11b8 srv2 - ok
19:54:20.0572 0x11b8 [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:54:20.0619 0x11b8 srvnet - ok
19:54:20.0635 0x11b8 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:54:20.0713 0x11b8 SSDPSRV - ok
19:54:20.0760 0x11b8 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:54:20.0791 0x11b8 SstpSvc - ok
19:54:20.0963 0x11b8 [ FD881B87C853EB2F0B8B7B5CC71D6FE3, 780038C203C9277C366794302D90BC0AE75568863F1FB7044197BA20D798E4BA ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:54:21.0213 0x11b8 StateRepository - ok
19:54:21.0244 0x11b8 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:54:21.0260 0x11b8 stexstor - ok
19:54:21.0291 0x11b8 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:54:21.0354 0x11b8 stisvc - ok
19:54:21.0369 0x11b8 [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:54:21.0385 0x11b8 storahci - ok
19:54:21.0416 0x11b8 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:54:21.0416 0x11b8 storflt - ok
19:54:21.0432 0x11b8 [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:54:21.0479 0x11b8 stornvme - ok
19:54:21.0494 0x11b8 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
19:54:21.0573 0x11b8 storqosflt - ok
19:54:21.0604 0x11b8 [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:54:21.0698 0x11b8 StorSvc - ok
19:54:21.0713 0x11b8 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
19:54:21.0729 0x11b8 storufs - ok
19:54:21.0744 0x11b8 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:54:21.0760 0x11b8 storvsc - ok
19:54:21.0760 0x11b8 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
19:54:21.0791 0x11b8 svsvc - ok
19:54:21.0807 0x11b8 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
19:54:21.0823 0x11b8 swenum - ok
19:54:21.0838 0x11b8 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
19:54:21.0901 0x11b8 swprv - ok
19:54:21.0916 0x11b8 [ D67D9089A8A65FD4CC00E303D10D35BB, 9B5D8D57CB90959CDA118F90A4370114497A7F0CB102ABEF6D763C033DDFAEE9 ] SynRMIHID C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys
19:54:21.0932 0x11b8 SynRMIHID - ok
19:54:21.0979 0x11b8 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:54:22.0026 0x11b8 Synth3dVsc - ok
19:54:22.0119 0x11b8 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
19:54:22.0213 0x11b8 SysMain - ok
19:54:22.0260 0x11b8 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:54:22.0323 0x11b8 SystemEventsBroker - ok
19:54:22.0385 0x11b8 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:54:22.0416 0x11b8 TabletInputService - ok
19:54:22.0432 0x11b8 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:54:22.0502 0x11b8 TapiSrv - ok
19:54:22.0640 0x11b8 [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:54:22.0747 0x11b8 Tcpip - ok
19:54:22.0813 0x11b8 [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
19:54:22.0922 0x11b8 Tcpip6 - ok
19:54:22.0938 0x11b8 [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:54:22.0985 0x11b8 tcpipreg - ok
19:54:23.0016 0x11b8 [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:54:23.0032 0x11b8 tdx - ok
19:54:23.0079 0x11b8 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:54:23.0094 0x11b8 terminpt - ok
19:54:23.0141 0x11b8 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
19:54:23.0250 0x11b8 TermService - ok
19:54:23.0266 0x11b8 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
19:54:23.0313 0x11b8 Themes - ok
19:54:23.0344 0x11b8 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:54:23.0391 0x11b8 TieringEngineService - ok
19:54:23.0454 0x11b8 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:54:23.0547 0x11b8 tiledatamodelsvc - ok
19:54:23.0563 0x11b8 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
19:54:23.0594 0x11b8 TimeBrokerSvc - ok
19:54:23.0625 0x11b8 [ 3D04046C468AD2868A093925B5E2AA0A, 44696259BEF49AC200DEE146DE0E4375B0CD09F9356CCFA22BD7AD8B53E48658 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
19:54:23.0672 0x11b8 TPM - ok
19:54:23.0688 0x11b8 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:54:23.0719 0x11b8 TrkWks - ok
19:54:23.0797 0x11b8 [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:54:23.0844 0x11b8 TrustedInstaller - ok
19:54:23.0860 0x11b8 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:54:23.0907 0x11b8 tsusbflt - ok
19:54:23.0922 0x11b8 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:54:23.0954 0x11b8 TsUsbGD - ok
19:54:23.0969 0x11b8 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
19:54:24.0047 0x11b8 tunnel - ok
19:54:24.0094 0x11b8 [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
19:54:24.0188 0x11b8 tzautoupdate - ok
19:54:24.0219 0x11b8 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:54:24.0329 0x11b8 UASPStor - ok
19:54:24.0391 0x11b8 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
19:54:24.0485 0x11b8 UcmCx0101 - ok
19:54:24.0516 0x11b8 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
19:54:24.0547 0x11b8 UcmTcpciCx0101 - ok
19:54:24.0579 0x11b8 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:54:24.0626 0x11b8 UcmUcsi - ok
19:54:24.0641 0x11b8 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
19:54:24.0672 0x11b8 Ucx01000 - ok
19:54:24.0704 0x11b8 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
19:54:24.0782 0x11b8 UdeCx - ok
19:54:24.0844 0x11b8 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:54:24.0922 0x11b8 udfs - ok
19:54:24.0938 0x11b8 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
19:54:24.0954 0x11b8 UEFI - ok
19:54:24.0985 0x11b8 [ EB7E8BF35D31BC9F111E282C2F263854, 8969BCC5072499A2ACFEFF583BC7849BA25629EB0CBB708D581FC8D58388E772 ] UEIPSvc C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
19:54:25.0000 0x11b8 UEIPSvc - ok
19:54:25.0016 0x11b8 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
19:54:25.0047 0x11b8 Ufx01000 - ok
19:54:25.0079 0x11b8 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:54:25.0094 0x11b8 UfxChipidea - ok
19:54:25.0110 0x11b8 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:54:25.0125 0x11b8 ufxsynopsys - ok
19:54:25.0157 0x11b8 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
19:54:25.0188 0x11b8 UI0Detect - ok
19:54:25.0204 0x11b8 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
19:54:25.0282 0x11b8 umbus - ok
19:54:25.0360 0x11b8 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:54:25.0438 0x11b8 UmPass - ok
19:54:25.0485 0x11b8 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:54:25.0563 0x11b8 UmRdpService - ok
19:54:25.0626 0x11b8 [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
19:54:25.0719 0x11b8 UnistoreSvc - ok
19:54:25.0751 0x11b8 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:54:25.0798 0x11b8 upnphost - ok
19:54:25.0829 0x11b8 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
19:54:25.0844 0x11b8 UrsChipidea - ok
19:54:25.0860 0x11b8 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
19:54:25.0876 0x11b8 UrsCx01000 - ok
19:54:25.0891 0x11b8 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
19:54:25.0907 0x11b8 UrsSynopsys - ok
19:54:25.0907 0x11b8 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:54:25.0923 0x11b8 usbccgp - ok
19:54:25.0938 0x11b8 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:54:25.0969 0x11b8 usbcir - ok
19:54:25.0985 0x11b8 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:54:26.0016 0x11b8 usbehci - ok
19:54:26.0032 0x11b8 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:54:26.0063 0x11b8 usbhub - ok
19:54:26.0079 0x11b8 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:54:26.0126 0x11b8 USBHUB3 - ok
19:54:26.0188 0x11b8 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:54:26.0266 0x11b8 usbohci - ok
19:54:26.0282 0x11b8 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:54:26.0298 0x11b8 usbprint - ok
19:54:26.0313 0x11b8 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
19:54:26.0344 0x11b8 usbser - ok
19:54:26.0360 0x11b8 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:54:26.0391 0x11b8 USBSTOR - ok
19:54:26.0407 0x11b8 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:54:26.0423 0x11b8 usbuhci - ok
19:54:26.0454 0x11b8 [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
19:54:26.0579 0x11b8 usbvideo - ok
19:54:26.0610 0x11b8 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:54:26.0641 0x11b8 USBXHCI - ok
19:54:26.0704 0x11b8 [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
19:54:26.0801 0x11b8 UserDataSvc - ok
19:54:26.0844 0x11b8 [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager C:\WINDOWS\System32\usermgr.dll
19:54:26.0953 0x11b8 UserManager - ok
19:54:27.0000 0x11b8 [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc C:\WINDOWS\system32\usocore.dll
19:54:27.0063 0x11b8 UsoSvc - ok
19:54:27.0078 0x11b8 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:54:27.0094 0x11b8 VaultSvc - ok
19:54:27.0110 0x11b8 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:54:27.0125 0x11b8 vdrvroot - ok
19:54:27.0172 0x11b8 [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds C:\WINDOWS\System32\vds.exe
19:54:27.0219 0x11b8 vds - ok
19:54:27.0235 0x11b8 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:54:27.0250 0x11b8 VerifierExt - ok
19:54:27.0313 0x11b8 [ 46ADD0CD4473AAEF1C68266A803F704D, D521E46891253884CF8285E864FAE63F2E8E0974AD8D2EB4D910E8A35350844F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:54:27.0375 0x11b8 vhdmp - ok
19:54:27.0407 0x11b8 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
19:54:27.0422 0x11b8 vhf - ok
19:54:27.0453 0x11b8 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:54:27.0469 0x11b8 vmbus - ok
19:54:27.0516 0x11b8 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:54:27.0564 0x11b8 VMBusHID - ok
19:54:27.0596 0x11b8 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
19:54:27.0623 0x11b8 vmgid - ok
19:54:27.0667 0x11b8 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
19:54:27.0701 0x11b8 vmicguestinterface - ok
19:54:27.0722 0x11b8 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
19:54:27.0750 0x11b8 vmicheartbeat - ok
19:54:27.0761 0x11b8 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
19:54:27.0788 0x11b8 vmickvpexchange - ok
19:54:27.0822 0x11b8 [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
19:54:27.0862 0x11b8 vmicrdv - ok
19:54:27.0878 0x11b8 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
19:54:27.0909 0x11b8 vmicshutdown - ok
19:54:27.0925 0x11b8 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
19:54:27.0940 0x11b8 vmictimesync - ok
19:54:27.0956 0x11b8 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
19:54:27.0987 0x11b8 vmicvmsession - ok
19:54:27.0987 0x11b8 [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
19:54:28.0018 0x11b8 vmicvss - ok
19:54:28.0034 0x11b8 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:54:28.0050 0x11b8 volmgr - ok
19:54:28.0112 0x11b8 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:54:28.0169 0x11b8 volmgrx - ok
19:54:28.0185 0x11b8 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:54:28.0210 0x11b8 volsnap - ok
19:54:28.0217 0x11b8 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
19:54:28.0231 0x11b8 volume - ok
19:54:28.0268 0x11b8 [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:54:28.0300 0x11b8 vpci - ok
19:54:28.0319 0x11b8 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:54:28.0337 0x11b8 vsmraid - ok
19:54:28.0392 0x11b8 [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\WINDOWS\system32\vssvc.exe
19:54:28.0482 0x11b8 VSS - ok
19:54:28.0510 0x11b8 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:54:28.0530 0x11b8 VSTXRAID - ok
19:54:28.0546 0x11b8 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:54:28.0577 0x11b8 vwifibus - ok
19:54:28.0592 0x11b8 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
19:54:28.0624 0x11b8 vwififlt - ok
19:54:28.0624 0x11b8 [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
19:54:28.0639 0x11b8 vwifimp - ok
19:54:28.0686 0x11b8 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
19:54:28.0783 0x11b8 W32Time - ok
19:54:28.0795 0x11b8 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:54:28.0813 0x11b8 WacomPen - ok
19:54:28.0860 0x11b8 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
19:54:28.0922 0x11b8 WalletService - ok
19:54:28.0922 0x11b8 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:54:28.0969 0x11b8 wanarp - ok
19:54:28.0969 0x11b8 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:54:29.0000 0x11b8 wanarpv6 - ok
19:54:29.0047 0x11b8 [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\WINDOWS\system32\wbengine.exe
19:54:29.0172 0x11b8 wbengine - ok
19:54:29.0303 0x11b8 [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:54:29.0396 0x11b8 WbioSrvc - ok
19:54:29.0412 0x11b8 [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
19:54:29.0459 0x11b8 wcifs - ok
19:54:29.0506 0x11b8 [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:54:29.0568 0x11b8 Wcmsvc - ok
19:54:29.0599 0x11b8 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:54:29.0662 0x11b8 wcncsvc - ok
19:54:29.0693 0x11b8 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
19:54:29.0724 0x11b8 wcnfs - ok
19:54:29.0724 0x11b8 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
19:54:29.0757 0x11b8 WdBoot - ok
19:54:29.0772 0x11b8 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:54:29.0823 0x11b8 Wdf01000 - ok
19:54:29.0842 0x11b8 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
19:54:29.0864 0x11b8 WdFilter - ok
19:54:29.0872 0x11b8 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:54:29.0912 0x11b8 WdiServiceHost - ok
19:54:29.0912 0x11b8 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:54:29.0943 0x11b8 WdiSystemHost - ok
19:54:29.0990 0x11b8 [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:54:30.0084 0x11b8 wdiwifi - ok
19:54:30.0099 0x11b8 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:54:30.0115 0x11b8 WdNisDrv - ok
19:54:30.0131 0x11b8 WdNisSvc - ok
19:54:30.0162 0x11b8 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:54:30.0209 0x11b8 WebClient - ok
19:54:30.0227 0x11b8 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:54:30.0273 0x11b8 Wecsvc - ok
19:54:30.0273 0x11b8 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:54:30.0304 0x11b8 WEPHOSTSVC - ok
19:54:30.0304 0x11b8 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:54:30.0367 0x11b8 wercplsupport - ok
19:54:30.0382 0x11b8 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:54:30.0460 0x11b8 WerSvc - ok
19:54:30.0476 0x11b8 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
19:54:30.0492 0x11b8 WFPLWFS - ok
19:54:30.0507 0x11b8 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:54:30.0538 0x11b8 WiaRpc - ok
19:54:30.0554 0x11b8 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:54:30.0554 0x11b8 WIMMount - ok
19:54:30.0570 0x11b8 WinDefend - ok
19:54:30.0601 0x11b8 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:54:30.0617 0x11b8 WindowsTrustedRT - ok
19:54:30.0679 0x11b8 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:54:30.0710 0x11b8 WindowsTrustedRTProxy - ok
19:54:30.0742 0x11b8 [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:54:30.0820 0x11b8 WinHttpAutoProxySvc - ok
19:54:30.0835 0x11b8 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
19:54:30.0851 0x11b8 WinMad - ok
19:54:30.0929 0x11b8 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:54:31.0007 0x11b8 Winmgmt - ok
19:54:31.0148 0x11b8 [ A26570B4A21AD6F4D597148D3C22274E, 594BD3B9B9B4027E5A7025CAB715378FB565FC5E00A0315A2EC3A6EFBC9CC72E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:54:31.0460 0x11b8 WinRM - ok
19:54:31.0476 0x11b8 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
19:54:31.0507 0x11b8 WINUSB - ok
19:54:31.0554 0x11b8 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
19:54:31.0601 0x11b8 WinVerbs - ok
19:54:31.0632 0x11b8 [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc C:\WINDOWS\system32\flightsettings.dll
19:54:31.0695 0x11b8 wisvc - ok
19:54:31.0804 0x11b8 [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:54:31.0929 0x11b8 WlanSvc - ok
19:54:32.0023 0x11b8 [ 8CBA7957D7F7B48C0D396E40AA2FBCDA, 15B0B46B0C6B90350948BA4780C0AADC16FD1754F56D14F5F5C23560190EFAFF ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:54:32.0148 0x11b8 wlidsvc - ok
19:54:32.0169 0x11b8 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:54:32.0184 0x11b8 WmiAcpi - ok
19:54:32.0216 0x11b8 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:54:32.0247 0x11b8 wmiApSrv - ok
19:54:32.0278 0x11b8 WMPNetworkSvc - ok
19:54:32.0278 0x11b8 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:54:32.0294 0x11b8 Wof - ok
19:54:32.0372 0x11b8 [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:54:32.0497 0x11b8 workfolderssvc - ok
19:54:32.0513 0x11b8 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:54:32.0559 0x11b8 WPDBusEnum - ok
19:54:32.0575 0x11b8 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:54:32.0591 0x11b8 WpdUpFltr - ok
19:54:32.0669 0x11b8 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
19:54:32.0731 0x11b8 WpnService - ok
19:54:32.0731 0x11b8 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
19:54:32.0763 0x11b8 WpnUserService - ok
19:54:32.0778 0x11b8 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:54:32.0841 0x11b8 ws2ifsl - ok
19:54:32.0872 0x11b8 [ FF190115CBA067F58C981F0A9F43ABDF, C90353C748C02DB38B561C250682E12C82985A6F7ED7D497AF5DE10EC243FCBA ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:54:32.0919 0x11b8 wscsvc - ok
19:54:32.0934 0x11b8 WSearch - ok
19:54:32.0997 0x11b8 [ 6BA66FE47BFAF223AEE6C98F28EB4D8E, 3B380329594DAD5BB50301F5A8A912BF6121788F395133C70C893879F68450FB ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:54:33.0153 0x11b8 wuauserv - ok
19:54:33.0169 0x11b8 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:54:33.0200 0x11b8 WudfPf - ok
19:54:33.0231 0x11b8 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
19:54:33.0341 0x11b8 WUDFRd - ok
19:54:33.0388 0x11b8 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
19:54:33.0450 0x11b8 wudfsvc - ok
19:54:33.0466 0x11b8 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:54:33.0497 0x11b8 WUDFWpdFs - ok
19:54:33.0497 0x11b8 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:54:33.0528 0x11b8 WUDFWpdMtp - ok
19:54:33.0606 0x11b8 [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:54:33.0700 0x11b8 WwanSvc - ok
19:54:33.0763 0x11b8 [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
19:54:33.0919 0x11b8 XblAuthManager - ok
19:54:33.0997 0x11b8 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
19:54:34.0091 0x11b8 XblGameSave - ok
19:54:34.0138 0x11b8 [ C1E85B4FB08B4CCF16841B165910148B, AB33A6630BFC0E230BA464F721DD4ABB7DF79DF2D81C9C7366CC0BA2251F09F3 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
19:54:34.0200 0x11b8 xboxgip - ok
19:54:34.0263 0x11b8 [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
19:54:34.0325 0x11b8 XboxNetApiSvc - ok
19:54:34.0356 0x11b8 [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
19:54:34.0419 0x11b8 xinputhid - ok
19:54:34.0419 0x11b8 ================ Scan global ===============================
19:54:34.0435 0x11b8 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
19:54:34.0450 0x11b8 [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\WINDOWS\system32\winsrv.dll
19:54:34.0481 0x11b8 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
19:54:34.0528 0x11b8 [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
19:54:34.0544 0x11b8 [ Global ] - ok
19:54:34.0544 0x11b8 ================ Scan MBR ==================================
19:54:34.0544 0x11b8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:54:35.0513 0x11b8 \Device\Harddisk0\DR0 - ok
19:54:35.0513 0x11b8 ================ Scan VBR ==================================
19:54:35.0528 0x11b8 [ C38AA0FB94F371BA1286F6E3860571E5 ] \Device\Harddisk0\DR0\Partition1
19:54:35.0528 0x11b8 \Device\Harddisk0\DR0\Partition1 - ok
19:54:35.0544 0x11b8 [ 3B559EFED92DEA78598C84AC6D753776 ] \Device\Harddisk0\DR0\Partition2
19:54:35.0544 0x11b8 \Device\Harddisk0\DR0\Partition2 - ok
19:54:35.0560 0x11b8 [ B196306974608FB7F1D6880DE6030E0F ] \Device\Harddisk0\DR0\Partition3
19:54:35.0560 0x11b8 \Device\Harddisk0\DR0\Partition3 - ok
19:54:35.0575 0x11b8 [ E6BABF6FCF554B6E66B8B73568C13999 ] \Device\Harddisk0\DR0\Partition4
19:54:35.0575 0x11b8 \Device\Harddisk0\DR0\Partition4 - ok
19:54:35.0575 0x11b8 [ CF81F91CBF70B2458A0B0CA048CA25D0 ] \Device\Harddisk0\DR0\Partition5
19:54:35.0575 0x11b8 \Device\Harddisk0\DR0\Partition5 - ok
19:54:35.0575 0x11b8 ================ Scan generic autorun ======================
19:54:36.0013 0x11b8 [ 007F20806D104508F64645ADF1827A19, 7C43B237645DBA8F2D6F5903E4CCB724A34297669D6B540147BE06D0E0E481C7 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:54:36.0503 0x11b8 RtHDVCpl - ok
19:54:36.0644 0x11b8 [ EC7059FE43C74A6281ECC08253B6D5DB, AE14E00733C0AC394457BFCD4A5ECD884286038BE2C7AAE34E3D32F3F992F29F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
19:54:36.0722 0x11b8 RtHDVBg_Dolby - ok
19:54:36.0722 0x11b8 [ D91AB5CCE502F95726AC1E035C867BC6, A27B2AAB26C844454A0CEA97F861623C518A837B9DF41778AC7F4E9184E6BC8C ] C:\Program Files\iTunes\iTunesHelper.exe
19:54:36.0737 0x11b8 iTunesHelper - ok
19:54:36.0737 0x11b8 WindowsDefender - ok
19:54:37.0179 0x11b8 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:54:37.0488 0x11b8 OneDriveSetup - ok
19:54:37.0753 0x11b8 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:54:37.0988 0x11b8 OneDriveSetup - ok
19:54:38.0128 0x11b8 [ 44348495F9D6ED21F4EFB3FF80677D99, 05B76248764B2BF7F9229626D7EFAFF96B724D38A82969EBE376CBE879E30450 ] C:\Users\Anne\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:54:38.0175 0x11b8 OneDrive - ok
19:54:38.0175 0x11b8 Waiting for KSN requests completion. In queue: 217
19:54:39.0225 0x11b8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
19:54:39.0272 0x11b8 Win FW state via NFP2: enabled ( trusted )
19:54:39.0475 0x11b8 ============================================================
19:54:39.0475 0x11b8 Scan finished
19:54:39.0475 0x11b8 ============================================================
19:54:39.0491 0x23b8 Detected object count: 0
19:54:39.0491 0x23b8 Actual detected object count: 0
|
|
29.12.2016, 20:01
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.12.2016, 20:53
| #10 |
| | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Schritt 1: I Code:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 29/12/2016 um 20:16:56
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-29.1 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : AnneLaptop - AGLAPTOP
# Gestartet von : C:\Users\Anne\Downloads\AdwCleaner_6.041 (1).exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[#] Ordner mit Neustart gelöscht: C:\Users\Anne\AppData\Local\SweetLabs App Platform
[-] Ordner gelöscht: C:\Program Files\Booking.com
[-] Ordner gelöscht: C:\ProgramData\apn
[-] Ordner gelöscht: C:\ProgramData\AVG Security Toolbar
[-] Ordner gelöscht: C:\ProgramData\pokki
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Pokki
[-] Ordner gelöscht: C:\Users\Default User\AppData\Local\Pokki
[#] Ordner mit Neustart gelöscht: C:\Users\Default\AppData\Local\Pokki
[-] Ordner gelöscht: C:\Users\Public\Pokki
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Anne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
[-] Datei gelöscht: C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[-] Datei gelöscht: C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: SweetLabs App Platform
[-] Aufgabe gelöscht: Software Update Application
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_104d581f872200c24bd6b706111358bb4c3c2239
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_15521a10f8daaba5ae582ce1aa3c73688cb827b1
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_5110578d77115a3445841a4c038159b71769d31b
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_5f035c7800c6aec3cae32a677ce891aacd12bb28
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_7e295b7db76e9c37b73d0c1d46ee6b5d6f9aa130
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_9d153b1b6b60a262593fab6bbf51fa799be45a00
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_a63ce8df0c799d94fbfcbcbed7b3c8c60ca0b9a2
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_c065405c79b9d1146e6af462bb5852798a42fc58
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_d9d7806db9755a47e64ab5915405c2eab7faa374
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_f577d7f89306ac5a88efc146df3b215623ec0956
[-] Schlüssel gelöscht: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\pokki
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Software\SweetLabs App Platform
[-] Schlüssel gelöscht: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[-] Schlüssel gelöscht: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SweetLabs App Platform
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SweetLabs App Platform
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\AVG Secure Search
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel gelöscht: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33E4435F-EF55-4992-9CF7-393F6E057B88}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33E4435F-EF55-4992-9CF7-393F6E057B88}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33E4435F-EF55-4992-9CF7-393F6E057B88}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
[-] Schlüssel gelöscht: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\Directory\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\Drive\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\lnkfile\shell\pokki
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [10498 Bytes] - [29/12/2016 20:16:56]
C:\AdwCleaner\AdwCleaner[S0].txt - [10319 Bytes] - [29/12/2016 20:12:38]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10646 Bytes] ##########
II Code:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 29/12/2016 um 20:40:33
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-29.1 [Lokal]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : AnneLaptop - AGLAPTOP
# Gestartet von : C:\Users\Anne\Desktop\AdwCleaner_6.041 (1).exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Anne\AppData\Local\SweetLabs App Platform
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [10857 Bytes] - [29/12/2016 20:16:56]
C:\AdwCleaner\AdwCleaner[C2].txt - [1081 Bytes] - [29/12/2016 20:40:33]
C:\AdwCleaner\AdwCleaner[S0].txt - [10319 Bytes] - [29/12/2016 20:12:38]
C:\AdwCleaner\AdwCleaner[S1].txt - [1526 Bytes] - [29/12/2016 20:37:14]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1301 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64
Ran by AnneLaptop (Administrator) on 29/12/2016 at 20:49:27.77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\Users\Anne\AppData\Local\crashrpt (Folder)
Deleted the following from C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\5uytzf2e.default\prefs.js
user_pref(browser.search.defaultenginename, Web Search);
user_pref(browser.search.selectedEngine, Web Search);
user_pref(browser.startup.homepage, hxxps://homepage-web.com/?s=acer&m=start);
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{07EDB4C9-D231-4751-BE35-DB3F3B6A9163} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29/12/2016 at 20:52:17.72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
29.12.2016, 20:56
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.12.2016, 21:01
| #12 |
| | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsiveCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von AnneLaptop (Administrator) auf AGLAPTOP (29-12-2016 20:59:16)
Gestartet von C:\Users\Anne\Desktop
Geladene Profile: AnneLaptop (Verfügbare Profile: AnneLaptop)
Platform: Windows 10 Home Version 1607 (X64) Sprache: German (Germany)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13763800 2014-10-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
Startup: C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2016-04-19]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{1758a128-aa93-4c08-ac07-c733f4720894}: [DhcpNameServer] 192.16.128.24
Tcpip\..\Interfaces\{74e4ee42-c356-4378-84c6-7fd13b55da9b}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 5uytzf2e.default
FF ProfilePath: C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\5uytzf2e.default [2016-12-29]
FF Extension: (Kein Name) - C:\Users\Anne\AppData\Roaming\Mozilla\Firefox\Profiles\5uytzf2e.default\extensions\avg@toolbar.xpi [nicht gefunden]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default [2016-12-29]
CHR Extension: (Google Präsentationen) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-06]
CHR Extension: (Google Docs) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-06]
CHR Extension: (Google Drive) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-06]
CHR Extension: (YouTube) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-06]
CHR Extension: (Google Tabellen) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-06]
CHR Extension: (Google Mail) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-06]
CHR Extension: (Chrome Media Router) - C:\Users\Anne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-17] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-21] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-10-17] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-21] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [56520 2015-06-08] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-29 20:52 - 2016-12-29 20:52 - 00001058 _____ C:\Users\Anne\Desktop\JRT.txt
2016-12-29 20:48 - 2016-12-29 20:49 - 01663040 _____ (Malwarebytes) C:\Users\Anne\Desktop\JRT.exe
2016-12-29 20:43 - 2016-12-29 20:43 - 00001370 _____ C:\Users\Anne\Desktop\adwarecleaner 20161229 2043.txt
2016-12-29 20:35 - 2016-12-29 20:35 - 00010697 _____ C:\Users\Anne\Desktop\adwarecleaner 20161229 2035.txt
2016-12-29 20:11 - 2016-12-29 20:40 - 00000000 ____D C:\AdwCleaner
2016-12-29 20:10 - 2016-12-29 20:11 - 03977168 _____ C:\Users\Anne\Desktop\AdwCleaner_6.041 (1).exe
2016-12-29 20:03 - 2016-12-29 20:03 - 03977168 _____ C:\Users\Anne\Downloads\AdwCleaner_6.041.exe
2016-12-29 19:53 - 2016-12-29 20:06 - 00254418 _____ C:\TDSSKiller.3.1.0.12_29.12.2016_19.53.27_log.txt
2016-12-29 16:43 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-29 16:43 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-29 16:42 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-29 16:42 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-29 16:42 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-29 16:42 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-29 16:42 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-29 16:42 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-29 16:42 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-29 16:42 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-29 16:42 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-29 16:42 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-29 16:42 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-29 16:42 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-29 16:42 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-29 16:42 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-29 16:42 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-29 16:42 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-29 16:42 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-29 16:42 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-29 16:42 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-29 16:42 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-29 16:42 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-29 16:42 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-29 16:42 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-29 16:42 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-29 16:42 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-29 16:42 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-29 16:42 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-29 16:42 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-29 16:42 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-29 16:42 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-29 16:42 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-29 16:42 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-29 16:42 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-29 16:42 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-29 16:42 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-29 16:42 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-29 16:42 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-29 16:42 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-29 16:42 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-29 16:34 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-29 16:34 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-29 16:34 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-29 16:34 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-29 16:34 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-29 16:34 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-29 16:34 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-29 16:34 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-29 16:34 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-29 16:34 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-29 16:34 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-29 16:34 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-29 16:34 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-29 16:34 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-29 16:34 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-29 16:34 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-29 16:34 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-29 16:33 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-29 16:33 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-29 16:33 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-29 16:33 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-29 16:33 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-29 16:33 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-29 16:33 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-29 16:33 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-29 16:33 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-29 16:33 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-29 16:33 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-29 16:33 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-29 16:33 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-29 16:33 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-29 16:33 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-29 16:33 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-29 16:33 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-29 16:33 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-29 16:33 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-29 16:33 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-29 16:33 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-29 16:33 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-29 16:33 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-29 16:33 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-29 16:33 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-29 16:33 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-29 16:32 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-29 16:32 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-29 16:32 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-29 16:32 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-29 16:32 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-29 16:32 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-29 16:32 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-29 16:32 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-29 16:32 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-29 16:32 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-29 16:32 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-29 16:32 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-29 16:32 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-29 16:32 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-29 16:32 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-29 16:32 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-29 16:32 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-29 16:32 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-29 16:32 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-29 16:32 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-29 16:32 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-29 16:32 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-29 16:32 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-29 16:32 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-29 16:32 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-29 16:32 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-29 16:32 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-29 16:32 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-29 16:32 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-29 16:08 - 2016-12-29 16:08 - 00804546 _____ C:\Users\Anne\Downloads\20161220140903913.pdf
2016-12-29 15:18 - 2016-12-29 16:06 - 00502144 _____ C:\TDSSKiller.3.1.0.12_29.12.2016_15.18.19_log.txt
2016-12-29 15:17 - 2016-12-29 15:18 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Anne\Desktop\tdsskiller.exe
2016-12-29 14:50 - 2016-12-29 15:15 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-29 14:50 - 2016-12-29 14:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-29 14:49 - 2016-12-29 15:15 - 00000000 ____D C:\Users\Anne\Desktop\mbar
2016-12-29 14:49 - 2016-12-29 14:49 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-12-29 14:47 - 2016-12-29 14:49 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Anne\Desktop\mbar-1.09.3.1001.exe
2016-12-29 14:34 - 2016-12-29 14:22 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-12-29 14:31 - 2016-12-29 20:31 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B0633AD8-98D5-4A91-9915-C91642BE9592}
2016-12-29 14:20 - 2016-12-29 14:28 - 00000000 ____D C:\Users\Anne\AppData\Local\AvgSetupLog
2016-12-29 12:59 - 2016-12-29 13:01 - 00045430 _____ C:\Users\Anne\Desktop\Addition.txt
2016-12-29 12:58 - 2016-12-29 20:59 - 00013400 _____ C:\Users\Anne\Desktop\FRST.txt
2016-12-29 12:57 - 2016-12-29 20:59 - 00000000 ____D C:\FRST
2016-12-29 12:55 - 2016-12-29 12:57 - 02420736 _____ (Farbar) C:\Users\Anne\Desktop\FRST64.exe
2016-12-29 12:31 - 2016-12-29 12:31 - 00000000 ___HD C:\OneDriveTemp
2016-12-13 21:55 - 2016-12-13 21:55 - 00000000 ____D C:\Users\Anne\AppData\LocalLow\Adobe
2016-12-13 21:55 - 2016-12-13 21:55 - 00000000 ____D C:\Users\Anne\AppData\Local\CEF
2016-12-13 21:51 - 2016-12-13 21:57 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-12-13 21:50 - 2016-12-13 21:58 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-12-13 21:50 - 2016-12-13 21:50 - 00002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-12-13 21:42 - 2016-12-13 21:42 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-11 17:53 - 2016-12-11 17:53 - 00807168 _____ C:\Users\Anne\Downloads\BLES01976--150703173624.zip
2016-12-11 17:53 - 2016-12-11 17:53 - 00000000 ____D C:\Users\Anne\Downloads\BLES01976--150703173624
2016-12-11 17:00 - 2016-12-11 17:00 - 00604928 _____ (Reimage) C:\Users\Anne\Downloads\ReimageRepair.exe
2016-12-11 16:35 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-11 16:35 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-11 16:35 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-11 16:35 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-11 16:35 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-11 16:35 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-11 16:35 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-11 16:35 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-11 16:35 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-11 16:35 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-11 16:35 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-11 16:35 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-11 16:35 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-11 16:35 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-11 16:35 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-11 16:35 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-11 16:35 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-11 16:35 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-11 16:35 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-11 16:35 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-11 16:35 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-11 16:35 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-11 16:35 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-11 16:35 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-11 16:35 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-11 16:35 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-11 16:35 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-11 16:35 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-11 16:35 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-11 16:35 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-11 16:35 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-11 16:35 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-11 16:35 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-11 16:35 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-11 16:35 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-11 16:35 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-11 16:35 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-11 16:35 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-11 16:35 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-11 16:35 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-11 16:35 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-11 16:35 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-11 16:35 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-11 16:35 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-11 16:35 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-11 16:35 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-11 16:35 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-11 16:35 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-11 16:35 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-11 16:35 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-11 16:35 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-11 16:35 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-11 16:35 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-11 16:35 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-11 16:35 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-11 16:35 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-11 16:35 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-11 16:35 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-11 16:35 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-11 16:35 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-11 16:35 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-11 16:35 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-11 16:34 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-11 16:34 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-11 16:34 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-11 16:34 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-11 16:34 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-11 16:34 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-11 16:34 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-11 16:34 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-11 16:34 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-11 16:34 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-11 16:34 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-11 16:34 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-11 16:34 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-11 16:34 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-11 16:34 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-11 16:34 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-11 16:34 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-11 16:34 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-11 16:34 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-11 16:34 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-11 16:34 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-11 16:34 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-11 16:34 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-11 16:34 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-11 16:34 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-11 16:34 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-11 16:34 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-11 16:34 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-11 16:34 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-11 16:34 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-11 16:34 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-11 16:34 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-11 16:34 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-11 16:34 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-11 16:34 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-11 16:34 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-11 16:34 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-11 16:34 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-11 16:34 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-11 16:34 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-11 16:34 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-11 16:34 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-11 16:34 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-11 16:34 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-11 16:34 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-11 16:34 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-11 16:34 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-11 16:34 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-11 16:34 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-11 16:34 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-11 16:34 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-11 16:34 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-11 16:34 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-11 16:34 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-11 16:34 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-11 16:34 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-11 16:34 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-11 16:34 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-11 16:34 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-11 16:34 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-11 16:34 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-11 16:34 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-11 16:34 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-11 16:34 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-11 16:34 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-11 16:34 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-11 16:34 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-11 16:34 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-11 16:34 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-11 16:34 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-11 16:34 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-11 16:34 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-11 16:34 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-11 16:34 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-11 16:34 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-11 16:34 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-11 16:34 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-11 16:34 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-11 16:34 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-11 16:34 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-11 16:34 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-11 16:34 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-11 16:34 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-11 16:34 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-11 16:34 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-11 16:34 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-11 16:34 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-11 16:34 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-11 16:34 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-11 16:34 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-11 16:34 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-11 16:34 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-11 16:34 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-11 16:34 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-11 16:34 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-11 16:34 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-11 16:34 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-11 16:34 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-11 16:34 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-11 16:34 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-11 16:34 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-11 16:34 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-11 16:34 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-11 16:34 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-11 16:34 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-11 16:34 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-11 16:34 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-11 16:34 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-11 16:34 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-11 16:34 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-11 16:34 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-11 16:34 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-11 16:34 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-11 16:34 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-11 16:34 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-11 16:33 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-11 16:33 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-11 16:33 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-11 16:33 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-11 16:33 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-11 16:33 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-11 16:33 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-11 16:33 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-11 16:33 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-11 16:33 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-11 16:33 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-11 16:33 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-11 16:33 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-11 16:33 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-11 16:33 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-11 16:33 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-11 16:33 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-11 16:33 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-11 16:33 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-11 16:33 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-11 16:33 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-11 16:33 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-11 16:33 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-11 16:33 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-11 16:33 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-11 16:33 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-11 16:33 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-11 16:33 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-11 16:33 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-11 16:33 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-11 16:33 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-11 16:33 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-11 16:33 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-11 16:33 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-11 16:33 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-11 16:33 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-11 16:33 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-11 16:33 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-11 16:33 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-11 16:33 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-11 16:33 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-11 16:33 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-11 16:33 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-11 16:33 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-11 16:33 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-11 16:33 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-11 16:33 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-11 16:33 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-11 16:33 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-11 16:32 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-11 16:32 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-11 16:32 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-11 16:32 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-11 16:32 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-11 16:32 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-11 16:32 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-11 16:32 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-11 16:32 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-11 16:32 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-11 16:32 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-11 16:32 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-11 16:32 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-11 16:32 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-11 16:32 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-11 16:32 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-11 16:32 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-11 16:32 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-11 16:32 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-11 16:32 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-11 16:32 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-11 16:32 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-11 16:32 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-11 16:32 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-11 16:32 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-11 16:32 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-11 16:32 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-11 16:32 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-11 16:32 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-11 16:32 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-11 16:32 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-11 16:32 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-11 16:32 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-11 16:32 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-11 16:32 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-11 16:32 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-11 16:32 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-11 16:32 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-11 16:32 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-11 16:32 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-11 16:32 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-11 16:32 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-11 16:32 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-11 15:49 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-12-11 15:49 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-12-11 15:49 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-12-11 15:49 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-12-11 15:49 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-12-11 15:49 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-12-11 15:49 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-12-11 15:49 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-12-11 15:49 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-12-11 15:49 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-12-11 15:47 - 2016-12-11 15:49 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-12-11 15:47 - 2016-12-11 15:47 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-12-11 15:44 - 2016-12-11 15:44 - 00000000 ____D C:\Users\Anne\Documents\Rigs of Rods 0.4
2016-12-11 15:40 - 2016-12-11 15:41 - 113871715 _____ (Rigs of Rods community ) C:\Users\Anne\Downloads\Rigs-of-Rods-0.4.7.0.exe
2016-12-05 17:35 - 2016-12-05 17:35 - 00000000 ____D C:\Users\Anne\Desktop\Anne Grieger
2016-12-05 17:32 - 2016-12-05 17:32 - 00000000 ____D C:\Users\Anne\Documents\SavedGames
2016-12-05 17:32 - 2016-12-05 17:32 - 00000000 ____D C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Research
2016-12-05 17:32 - 2016-12-05 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Research
2016-12-05 17:30 - 2016-12-05 17:30 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-12-05 17:29 - 2016-12-05 17:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Research
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-29 20:50 - 2015-04-19 15:29 - 00000000 ___RD C:\Users\Anne\OneDrive
2016-12-29 20:44 - 2015-04-19 15:22 - 00000000 ____D C:\Users\Anne\AppData\Local\clear.fi
2016-12-29 20:42 - 2016-11-16 15:36 - 00000000 ____D C:\Users\Anne
2016-12-29 20:42 - 2016-11-16 15:33 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-29 20:41 - 2016-11-16 16:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-29 20:40 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-29 20:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-29 20:30 - 2016-02-13 18:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-29 20:27 - 2016-07-16 23:51 - 00810622 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-29 20:27 - 2016-07-16 23:51 - 00248396 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-29 20:27 - 2016-05-18 14:50 - 01827952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-29 20:23 - 2016-11-16 15:27 - 00416936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-29 20:20 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-29 20:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-29 20:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-29 20:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-29 20:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-29 20:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-29 20:20 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-29 20:20 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-29 20:20 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-29 20:20 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-29 20:20 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-29 19:50 - 2016-11-16 15:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-29 19:04 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-29 15:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-29 14:51 - 2016-01-24 14:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-29 14:29 - 2016-11-15 14:57 - 00000000 ____D C:\ProgramData\Avg
2016-12-29 14:29 - 2015-08-26 10:26 - 00000000 ____D C:\Program Files (x86)\AVG
2016-12-29 14:25 - 2015-08-31 14:04 - 00000000 ____D C:\Users\Anne\AppData\Local\Avg
2016-12-29 14:25 - 2015-08-26 10:23 - 00000000 ____D C:\ProgramData\MFAData
2016-12-29 14:21 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-12-29 14:21 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-29 13:22 - 2016-11-16 15:22 - 00000000 ____D C:\Windows.old
2016-12-29 13:12 - 2016-11-06 19:59 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-29 13:12 - 2016-11-06 19:59 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-29 13:09 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-29 12:56 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-29 12:52 - 2015-01-23 01:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-29 12:33 - 2016-11-16 16:01 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-29 12:33 - 2016-11-16 16:01 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-29 12:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-17 09:11 - 2016-01-31 17:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-17 09:06 - 2016-01-31 17:32 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-13 21:56 - 2016-11-13 14:16 - 00000000 ____D C:\ProgramData\Adobe
2016-12-13 21:55 - 2016-11-13 14:15 - 00000000 ____D C:\Users\Anne\AppData\Local\Adobe
2016-12-13 21:55 - 2015-04-19 15:22 - 00000000 ____D C:\Users\Anne\AppData\Roaming\Adobe
2016-12-13 21:50 - 2016-11-13 14:16 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-13 21:42 - 2016-05-18 15:19 - 00002406 _____ C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 15:46 - 2014-10-27 18:11 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-05 17:33 - 2016-11-13 14:44 - 00000000 ____D C:\Users\Anne\Desktop\Raphael Scratch Projects
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-11-16 15:33 - 2016-11-16 15:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Anne\AppData\Local\Temp\libeay32.dll
C:\Users\Anne\AppData\Local\Temp\msvcr120.dll
C:\Users\Anne\AppData\Local\Temp\octEA52.tmp.exe
C:\Users\Anne\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-29 13:18
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von AnneLaptop (29-12-2016 21:00:04)
Gestartet von C:\Users\Anne\Desktop
Windows 10 Home Version 1607 (X64) (2016-11-16 15:05:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1839081263-2836892948-3433631102-500 - Administrator - Disabled)
AnneLaptop (S-1-5-21-1839081263-2836892948-3433631102-1001 - Administrator - Enabled) => C:\Users\Anne
DefaultAccount (S-1-5-21-1839081263-2836892948-3433631102-503 - Limited - Disabled)
Gast (S-1-5-21-1839081263-2836892948-3433631102-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1839081263-2836892948-3433631102-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3018 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2011.1 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.13.2000.0 - Acer Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{49D1966E-A747-4DFA-89EF-DCCB37F94CD8}) (Version: 17.1.1434.02 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{e63d3cb3-0b4d-44ca-aba0-ba433f2f37fd}) (Version: 17.13.0 - Intel Corporation)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 451 - Massachusetts Institute of Technology)
Scratch 2 Offline Editor (x32 Version: 255 - Massachusetts Institute of Technology) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00E22843-F440-4622-B23C-B4BBDE05BB4D} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Anne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {028C2937-649D-4CA3-86CE-429066FA8063} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {0A7A1C8F-C8AE-49C0-B5D9-CC4FB532D935} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-04] (Microsoft Corporation)
Task: {110FC0C5-0A56-4078-B3D0-F916B52AA2A6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {11ECCC5F-1A68-43E8-97FF-8F34872843CA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {137DDE85-542F-4BD1-B74F-F3E25907E483} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {1B394064-EDEE-4B73-9D07-3C18C09D64A2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {246B044E-0B8A-48C9-86A6-2F592EBF8074} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-10-17] (Acer Incorporate)
Task: {2B80F761-30C3-44B0-B5A0-245D7178E183} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {43AD76D0-5484-4105-BB9A-A8D8FB12B2ED} - System32\Tasks\InfoCollect => C:\Program Files (x86)\Acer\Acer Portal\InfoCollect.exe [2015-11-19] (Acer)
Task: {43F549DA-1DD0-45BA-B583-EFA34CC6C0FC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {469E51AA-D7F3-4AA8-AF47-81D2D0517DAD} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-11-19] (Acer)
Task: {5488FB48-0061-42D4-A464-1ACEDE630CAA} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {59B2B028-BB29-4110-859B-DB43103D7F11} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-30] ()
Task: {5C9FF567-A852-44A5-BC33-6FE2EC5E703F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {5E762633-E7FB-472E-BE35-F83CED1A973D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {6237BB71-D19D-452E-B906-2E0558DA49DE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-13] (Adobe Systems Incorporated)
Task: {63A7C4E8-5B73-4FA7-BB4E-0FF5D219E0B9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {6E78E7BE-6AC5-46AE-ABFE-51A68F071FE8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {70DBAC1A-7FBD-4294-9FD5-3228BDF9EA78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {71471F0C-BA8E-4C6B-A39F-AA0CB81F2E7E} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)
Task: {72019F20-CC4D-4FE3-AEF2-A2E324BAAECD} - System32\Tasks\{4494EC17-9BBC-4AD2-B16F-26ACFE0A5773} => pcalua.exe -a C:\ProgramData\OEM\temp\a5ad0b17-f34d-49be-a157-c8b3d52acd13\AcerPortalSetup.exe -d "C:\Program Files (x86)\Acer\Acer Portal" -c /s <==== ACHTUNG
Task: {73B97A80-9099-48EE-A5CE-31B673B9B9A4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {7A66759D-ADE1-4510-9063-E3100BCA1B0D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-11-17] (Acer Incorporated)
Task: {88F3FCF3-58AC-4428-86CB-159BBDC7FEDB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {8FD269AA-8277-4AD1-83FA-E5268264D856} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {902D77BE-1F52-4058-AE0B-D5CD708A7236} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {B5B31CDA-5298-41E7-A592-B8AE4C329944} - System32\Tasks\{34913262-BDE8-4758-8C9E-840F9EA4E41E} => pcalua.exe -a "C:\Program Files (x86)\Acer\Acer Portal\uninstall.exe"
Task: {B6B406DC-49A2-4636-8CE1-AD067B7BC56A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-06] (Google Inc.)
Task: {BB243FA4-55FC-4709-8EA0-1CA86CADBFDA} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-30] ()
Task: {C34D729E-FB77-45CD-87F2-C3F0E5B01B76} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {CAFCD0AA-F892-4621-8364-E945A1001D80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-06] (Google Inc.)
Task: {D1DC6EC1-43BA-4197-9141-FD471649936A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {D8C9B480-1FD2-4F42-BC91-4C25BBFF5BAE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E66D4269-0592-458A-A679-1D727102C79C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {F2C9E051-4F45-4A70-99B6-C7E4BC3D2450} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {F33405FB-2D3B-48A2-99D3-A7B87F319230} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Public\Desktop\Dropbox.lnk -> C:\Program Files\Dropbox\StartURL.exe () -> hxxps://www.dropbox.com/partners/acer2014/download
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-29 16:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-10-27 18:06 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-10-05 18:17 - 2016-10-05 18:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-29 16:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-13 21:42 - 2016-12-13 21:42 - 01678560 _____ () C:\Users\Anne\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-04-19 11:38 - 2016-12-04 04:04 - 08924872 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-12-17 09:13 - 2016-12-17 09:28 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-17 09:13 - 2016-12-17 09:28 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-17 09:13 - 2016-12-17 09:28 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-17 09:13 - 2016-12-17 09:28 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-16 14:49 - 2016-11-16 14:49 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-29 16:34 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-16 15:06 - 2016-11-16 15:06 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-29 13:12 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-29 13:12 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2014-10-21 15:37 - 2014-10-21 15:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKU\S-1-5-21-1839081263-2836892948-3433631102-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{D97E2620-0DBC-4817-90B3-1CF18493873C}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{C9107278-4336-48FD-970E-44708F724E45}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{B2A37AE5-61AB-4DDA-8958-E971DED4703D}] => C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7B79927F-F60A-490A-8B7A-373A0EE6493D}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{01E15757-400F-48A6-9D38-8645E6B2042E}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{E699741F-34A4-45A0-A37E-0CAF96C9B120}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{533B9DC7-2812-472B-B74B-97870A7FA5B9}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{93347716-71F8-4CC9-8440-34F58AE05EDA}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{ADD74B5E-B319-4394-9DE1-6C366408B062}] => C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{01E08E2A-9776-4473-AACD-48620F3B6AE6}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{681577C1-BE3E-4B27-A2E8-AE376615B787}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7EB3E4F2-08C9-459C-8A59-D08BA5ABC74A}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3C4A121E-50F2-44BC-95F6-2897CC2150A0}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{660DE9D3-7C1C-4C44-BDD2-AE9367866F17}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2B479518-33A7-4FD6-A708-59B91BF8792F}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E316A69F-47F8-468E-98D1-7D7AC96511A5}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3B953A27-E884-4D58-9C59-8C377A53EF1D}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7BBAE596-4D02-444E-BE16-3ECBC8291459}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B45ADDFB-E4A0-4BA1-95F8-77E9728F5F65}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{99C06558-A0DF-4B9D-80D7-2FDA1AC176FE}] => C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{74C31E87-FD7B-491F-B13E-BD507CD16115}] => C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{2A528C42-DE23-41B4-92F6-BEF1766C17C5}] => C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{BA055238-7352-4CC4-88EC-634E364D74D2}] => C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{3D97F8C4-4691-49A8-B390-F9EAEBC37553}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{344C8331-10FA-4E7F-9D65-1F4BCBD6D088}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{48C008F2-041E-4570-A53C-0E28B633443D}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{CC1F22C5-FEB6-46AF-B66B-5B0642274A89}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{58EA0EBB-79A2-4C67-816B-4E0B11041376}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{3B94F50F-678F-41A2-90EC-78F834C11902}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{9B3A4EB6-0DBB-4956-85E1-E1DCE87215DA}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{F6B76085-4604-41D3-AFD5-599F2E1EA66D}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{65966C48-FFA7-47EC-BD73-E475E492D7E8}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{14C3617A-97CF-4286-896F-B4DE4BEC8057}] => C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{CE8C6810-B268-42A5-A88F-668A4F56131C}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{A9EB151D-E949-40A1-8B69-C5E1762B2C94}] => C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{868507E2-CE9E-4BF9-8D30-DEF76AC97917}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{673756CF-61A9-4367-9EDE-8F22C6F11209}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6B4E483F-ECB7-4CDC-9062-C51019284CB8}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{34BAA0A4-06A1-4655-9671-31BED4B4DFB4}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F2147896-9AFA-48F0-86DF-03AF4AC62DD9}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8FDDEE53-9917-4F1C-9198-3E435AD38393}] => C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5A3BA80C-4680-4012-865F-3DE7BAA18349}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D96632DD-F783-4720-B468-A5796823832B}] => C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3B180330-828F-4A65-84CA-EEBF8E302661}] => C:\Users\Anne\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{73869D9D-003E-4472-A25B-016F7D3197C6}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3BB470E8-BA72-46F1-AE82-9CFD409F22B8}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{8FD57815-4A83-4AE7-A01F-FDC23B9824A4}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1567F311-82DB-4E45-8BDF-FA1575E6F5D3}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D49CF21B-33B0-4B61-A92B-B61907C0C4B1}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CC25019E-AE07-400A-BFDF-8B044776D36E}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8A94D668-1553-4055-918E-0D874A1B1BAA}] => C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{6EBD15E6-B86A-4D66-9DE8-7437E19E61FF}] => C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{EDB9E4B4-AB42-48B6-BCD5-A77698B075BC}] => C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B04C5641-7850-4CBA-9075-35D78387B300}] => C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{FFFF07A8-DF26-498A-944F-B0E6F712069B}] => C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{856355A3-D21F-4DBB-BD72-A87278F6E6AD}] => C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{8C01B0E8-7C49-47B6-84D0-1F45F4AEF93C}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A5F83F76-F170-4357-81AF-723836635707}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{92BDE973-A0C8-4541-A823-1EEE48C3AD4A}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3DB289B4-0BB6-4430-AD71-AD1061EB38E5}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5C2D322C-D3AC-41A4-ADCB-66062624EEC6}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{CFC46021-5E44-4A72-997A-EDA156A9CA6A}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{6A15EBCB-C9F8-4535-ACBE-AAFF8E352BA5}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
29-12-2016 20:49:28 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/29/2016 08:49:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/29/2016 12:58:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: OfficeC2RClient.exe, version: 16.0.7571.1326, time stamp: 0x58164c84
Faulting module name: mso40uiwin32client.dll, version: 16.0.7571.7063, time stamp: 0x58436bba
Exception code: 0xc0000005
Fault offset: 0x0000000000858c20
Faulting process ID: 0x1f00
Faulting application start time: 0x01d261c91bd4e507
Faulting application path: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Faulting module path: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\mso40uiwin32client.dll
Report ID: 505ed9c0-e70a-465b-8ea6-d7b7fd2311e6
Faulting package full name:
Faulting package-relative application ID:
Error: (12/29/2016 12:49:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\WINDOWS\Temp\AvgSetup\72799824-c3c6-47cf-a1c8-b11e5ec2f834\install\fmw\avgrdsttestx.exe".
Dependent Assembly AVG.VC140.CRT,processorArchitecture="x86",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (12/29/2016 12:48:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\WINDOWS\Temp\AvgSetup\72799824-c3c6-47cf-a1c8-b11e5ec2f834\install\fmw\avgrdsttesta.exe".
Dependent Assembly AVG.VC140.CRT,processorArchitecture="amd64",publicKeyToken="f92d94485545da78",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (12/29/2016 12:38:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/29/2016 12:34:02 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: AGLaptop)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe1018
Error: (12/29/2016 12:30:43 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (12/29/2016 12:30:43 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (12/29/2016 12:30:43 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (12/29/2016 12:25:15 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Enumerating user sessions to generate filter pools failed.
Details:
(HRESULT : 0x80040210) (0x80040210)
Systemfehler:
=============
Error: (12/29/2016 08:42:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: The Anwendungsspezifisch permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT-AUTORITÄT\Lokaler Dienst SID (S-1-5-19) from address LocalHost (unter Verwendung von LRPC) running in the application container Nicht verfügbar SID (Nicht verfügbar). This security permission can be modified using the Component Services administrative tool.
Error: (12/29/2016 08:42:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: The Anwendungsspezifisch permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT-AUTORITÄT\Lokaler Dienst SID (S-1-5-19) from address LocalHost (unter Verwendung von LRPC) running in the application container Nicht verfügbar SID (Nicht verfügbar). This security permission can be modified using the Component Services administrative tool.
Error: (12/29/2016 08:38:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The User Experience Improvement Program service terminated unexpectedly. It has done this 1 time(s).
Error: (12/29/2016 08:38:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/29/2016 08:38:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ePower Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/29/2016 08:38:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Quick Access Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/29/2016 08:38:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation-Schriftartcache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Neustart des Diensts.
Error: (12/29/2016 08:38:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Neustart des Diensts.
Error: (12/29/2016 08:38:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/29/2016 08:38:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly. It has done this 1 time(s).
CodeIntegrity:
===================================
Date: 2016-12-29 20:40:10.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 20:40:10.274
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 20:15:07.502
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 20:15:07.499
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 20:14:06.961
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 20:14:06.958
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 20:13:38.420
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 20:13:38.417
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 20:13:37.590
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-29 20:13:37.584
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4158U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 4019.27 MB
Verfügbarer physikalischer RAM: 2369.62 MB
Summe virtueller Speicher: 8883.27 MB
Verfügbarer virtueller Speicher: 7316.4 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:448.56 GB) (Free:405.75 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F2B3EBFB)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
29.12.2016, 21:04
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.12.2016, 23:11
| #14 |
| | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Schritt 1: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.12.29.06
rootkit: v2016.11.20.01
Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
AnneLaptop :: AGLAPTOP [administrator]
29/12/2016 21:07:16
mbar-log-2016-12-29 (21-07-16).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 321670
Time elapsed: 12 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e97228bc1720734380347e88939e2c02
# end=init
# utc_time=2016-12-29 08:23:59
# local_time=2016-12-29 09:23:59 (+0100, W. Europe Standard Time)
# country="United Kingdom"
# osver=6.2.9200 NT
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 31896
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e97228bc1720734380347e88939e2c02
# end=updated
# utc_time=2016-12-29 08:41:04
# local_time=2016-12-29 09:41:04 (+0100, W. Europe Standard Time)
# country="United Kingdom"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=e97228bc1720734380347e88939e2c02
# engine=31896
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-29 09:59:28
# local_time=2016-12-29 10:59:28 (+0100, W. Europe Standard Time)
# country="United Kingdom"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 27080 14379384 0 0
# scanned=317422
# found=0
# cleaned=0
# scan_time=4702
Code:
ATTFilter Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 23.0.0.207
Google Chrome (55.0.2883.87)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
|
|
30.12.2016, 00:22
| #15 | ||||||||||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive Dann wären wir durch!  Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Abschließend müssen wir noch ein paar Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen - sofern benötigt, wenn nicht benötigt natürlich sinnigerweise deinstallieren oder Alternativen verwenden (und diese aktuell halten).
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und/oder mit dem ESET Online Scanner scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden. Alternativen zu NoScript (wenn um das das Verhindern von Usertracking und Werbung auf Webseiten) geht wären da Ghostery oder uBlock. Ghostery ist eine sehr bekannte Erweiterung, die aber auch in Kritik geraten ist, vgl. dazu bitte diesen Thread => Ghostery schleift Werbung durch Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Windows 10 Home: nach Installation von Kodu, Scratch und co PC fast nicht responsive |
| antivirus, avg, bonjour, calculator, cid, cpu, defender, failed, flash player, google, home, homepage, iexplore.exe, install.exe, installation, launch, mozilla, office 365, prozesse, realtek, registry, scan, secure search, security, services.exe, software, svchost.exe, temp, usb, windows, windowsapps |
Linear-Darstellung
