Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 10.04.2017, 23:48   #1
Manicka
 
Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab - Standard

Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab



Hallo,
ich brauche bitte dringend Hilfe. Ich habe mir Anfang des Jahres (ca. Mitte Februar) vermutlich einen Schädling eingefangen. Der Firefox war betroffen und spuckte nur noch Werbeseiten aus. Arbeiten war nicht möglich und die Startseite änderte sich immer wieder auf trotux.
Avira und ADWCleaner hatten das Problem meiner Meinung nach beseitigt. Aber seither ist die Laptop Performance zeitweise mieserabel. Immer wieder sind die Speicher zu 100% ausgelastet und das ganze System hängt minutenlang. Immer wieder bricht dabei die WLAN Verbindung ab, verbindet sich neu, bricht wieder ab, teilweise im Minutentakt.
Das Schlimmste ist allerdings, das plötzlich mein Desktop leer war. Zurücksetzen des Explorers über Taskmanager brachte ein paar Programme zurück, aber meine persönlichen Ordner mit Bildern und Dokumenten waren weg und auch mit Recovery Tool nicht mal teilweise auffindbar/wiederherstellbar. Ich glaube ich habe ungebetene Gäste, denn es taucht ständig neue Software auf, Dateien und ganze Ordner werden im Explorer versteckt und mit Verknüpfungen versehen, der Zugriff wird mir verweigert. Sieht so aus als hätte ich plötzlich Festplattenpartitionen wo vorher keine waren. Die Ereignisanzeige erzählt was von wilden Benutzerwechseln, ausgelöst durch Dateien wie explorer.exe.
Ich würde ja einfach alles platt machen und von vorne anfangen aber ich habe die vage Hoffnung meine verlorenen Dateien noch wiederzufinden. Ich hab den Administrator aktiviert und so viele Ordnerberechtigungen wie möglich zurück geholt, aber ich werde ständig blockiert und die Ordnerstruktur ist inzwischen sowieso auch ohne mein Zutun nur ein einziges Durcheinander. Hilfe, bitte, bevor ich alles kaputt mache oder meinen schönen Lenovo in nem Wutanfall ausm 5. Stock schmeiße.

Farbar habe ich gerade laufen lassen:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Manja (Administrator) auf LENOVO-PC (10-04-2017 22:55:10)
Gestartet von C:\Users\Manja\Desktop
Geladene Profile: Manja (Verfügbare Profile: Manja & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\Vidalia Relay Bundle\Tor\tor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Users\Manja\AppData\Local\Apps\2.0\H1XBY3NA.MTY\ORDNQXPM.YZE\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9309936 2015-08-30] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [393208 2016-10-07] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-03-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-03-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Everything] => C:\Users\Administrator\Desktop\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [tsnp2std] => C:\WINDOWS\tsnp2std.exe [258048 2007-01-05] (SONIX)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [63432 2017-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\Run: [Vidalia] => C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe [6239727 2013-01-26] ()
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\MountPoints2: {152510a8-0b88-11e7-8381-4a5ab6dfb585} - "F:\AutoRun.exe" 
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKLM\...\Providers\uccs53rf: C:\Program Files (x86)\Grotersp Mapper\local64spl.dll [310784 2017-02-07] ()
ShellExecuteHooks: Kein Name - {B7F52870-EABC-11E6-A3B1-64006A5CFC23} - C:\Users\Manja\AppData\Roaming\Valrythujaent\Faoing.dll [145408 2017-02-07] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-02] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2015-10-11]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe (ArcSoft, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a859d951-1702-4c70-843c-1f03b6a5db08}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> DefaultScope {F89CBD86-A9F4-11E4-826F-485AB6DFB586} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {0BB5F216-46AD-4421-8307-71AD5A980D61} URL = 
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {F89CBD86-A9F4-11E4-826F-485AB6DFB586} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {FF9451C6-C472-4F44-98C3-0A2D6DCACFBE} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 [2017-04-10]
FF Homepage: Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 -> hxxps://www.ixquick.com/do/mypage.pl?prf=71655fbbbc8e4b165b2a6245f3e01481
FF NetworkProxy: Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 -> type", 0
FF Extension: (Easy Screenshot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\easyscreenshot@mozillaonline.com.xpi [2017-03-05]
FF Extension: (Ghostery) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\firefox@ghostery.com.xpi [2017-03-05]
FF Extension: (HTTPS Everywhere) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\https-everywhere-eff@eff.org.xpi [2017-04-09]
FF Extension: (ProxTube) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\ich@maltegoetz.de.xpi [2017-03-05]
FF Extension: (YouTube mp3) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\info@youtube-mp3.org.xpi [2017-03-05]
FF Extension: (FireShot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2017-03-05]
FF Extension: (FlashGot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-03-05]
FF Extension: (Youtube to MP3 Converter) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{37115292-022c-4500-a5da-95738388073a}.xpi [2017-03-06]
FF Extension: (NoScript) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-18]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-03-05]
FF Extension: (Video DownloadHelper) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-03-05]
FF Extension: (Adblock Plus) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-05]
FF Extension: (DownThemAll!) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-03-05]
FF Extension: (Site Deployment Checker) - C:\Program Files\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-22] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-05] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-05] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-13] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-08-17] (Nitro PDF)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2024608735-1276328420-4132175576-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-07]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487432 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487432 2017-03-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519136 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349096 2017-01-19] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365048 2016-10-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-02-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-02-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-02-15] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\WINDOWS\System32\drivers\avmeject.sys [14120 2014-11-21] (AVM Berlin)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-02-15] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [48584 2017-02-15] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
S3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11245816 2015-07-31] (Broadcom Corp)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11245816 2015-07-31] (Broadcom Corp)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 fwlanusb5_nv2; C:\WINDOWS\system32\DRIVERS\fwlanusb5_nv2.sys [1322824 2014-11-21] (AVM GmbH)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059440 2015-08-30] (Realtek Semiconductor Corp.)
U5 sbnetsys; C:\Windows\System32\Drivers\sbnetsys.sys [44648 2015-04-17] (NT Kernel Resources)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 smsbda; C:\WINDOWS\system32\drivers\smsbda.sys [89224 2014-04-27] (Siano)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
         
Teil 2 folgt....

Geändert von Manicka (10.04.2017 um 23:53 Uhr)

Alt 11.04.2017, 07:55   #2
Manicka
 
Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab - Standard

Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab



Code:
ATTFilter
==================== Ein Monat: Erstellte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2017-04-10 22:52 - 2017-04-10 22:53 - 00045181 _____ C:\Users\Manja\Desktop\Addition.txt
2017-04-10 22:51 - 2017-04-10 22:55 - 00024599 _____ C:\Users\Manja\Desktop\FRST.txt
2017-04-10 22:46 - 2017-04-10 22:55 - 00000000 ____D C:\FRST
2017-04-10 22:36 - 2017-04-10 22:39 - 02424832 _____ (Farbar) C:\Users\Manja\Desktop\FRST64.exe
2017-04-10 22:01 - 2017-04-10 22:01 - 00000000 ___HD C:\OneDriveTemp
2017-04-10 21:53 - 2017-04-10 21:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-09 22:03 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2017-04-09 22:03 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2017-04-09 20:25 - 2017-04-09 20:38 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2017-04-09 20:25 - 2017-04-09 20:30 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2017-04-09 20:25 - 2017-04-09 20:25 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2017-04-09 19:51 - 2017-04-09 19:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\NetworkTiles
2017-04-07 22:48 - 2017-04-07 22:48 - 00000064 _____ C:\Users\Administrator\Desktop\Liste.txt
2017-04-07 21:09 - 2017-04-07 21:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IrfanView
2017-04-07 19:23 - 2017-04-07 19:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Nitro
2017-04-07 19:23 - 2017-04-07 19:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\FileOpen
2017-04-07 11:22 - 2017-04-07 01:08 - 00380928 _____ C:\Users\Administrator\Desktop\gmer-2.2.19882.exe
2017-04-07 07:12 - 2017-04-07 07:12 - 00000000 _____ C:\WINDOWS\EEventManager.INI
2017-04-07 07:10 - 2017-04-07 07:10 - 00000126 _____ C:\Users\Administrator\Desktop\suchen.txt
2017-04-07 07:07 - 2017-04-07 07:07 - 00000000 ____D C:\Users\Manja\Desktop\Ordner
2017-04-07 07:04 - 2017-04-09 22:14 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Everything
2017-04-07 07:04 - 2017-04-07 07:04 - 00000000 ____D C:\Users\Administrator\Desktop\Everything
2017-04-07 07:04 - 2017-04-07 07:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2017-04-07 04:47 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-04-07 04:47 - 2017-04-07 04:47 - 00004130 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9DEBC851-7D2C-4B48-9E0E-F39BF352DD8A}
2017-04-07 04:22 - 2017-04-07 04:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2017-04-07 04:21 - 2017-04-07 04:21 - 00002458 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ___RD C:\Users\Administrator\OneDrive
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Epson
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ArcSoft
2017-04-07 04:20 - 2017-04-07 04:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2017-04-07 04:19 - 2017-04-09 22:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-04-07 04:19 - 2017-04-09 21:19 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2017-04-07 04:19 - 2017-04-07 08:58 - 00000000 ____D C:\Users\Administrator
2017-04-07 04:19 - 2017-04-07 08:56 - 00000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2017-04-07 04:19 - 2017-04-07 04:19 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI
2017-04-07 04:19 - 2013-02-04 08:18 - 00000189 _____ C:\Users\Administrator\Desktop\Lenovo Telephony Start Now.url
2017-04-07 01:43 - 2017-04-07 01:43 - 00000000 ____D C:\ProgramData\ATI
2017-04-06 07:01 - 2017-04-07 01:08 - 00380928 _____ C:\Users\Manja\Desktop\gmer-2.2.19882.exe
2017-04-03 21:12 - 2017-04-03 21:12 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2017-04-03 19:42 - 2017-04-03 19:49 - 286261248 _____ C:\Users\Manja\Downloads\gparted-live-0.28.1-1-amd64.iso
2017-04-03 19:42 - 2017-04-03 19:42 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-04-03 19:37 - 2017-04-03 19:39 - 01496584 _____ C:\Users\Manja\Downloads\GParted Live 64 Bit ISO Image - CHIP-Installer.exe
2017-03-31 05:15 - 2017-04-03 21:14 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Everything
2017-03-31 05:15 - 2017-03-31 05:15 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2017-03-31 05:15 - 2017-03-31 05:15 - 00000000 ____D C:\Program Files\Everything
2017-03-31 05:13 - 2017-03-31 05:13 - 00000000 ____D C:\Users\Manja\Documents\Everything_1.3.4.686
2017-03-27 00:37 - 2017-03-27 00:38 - 00412748 _____ C:\WINDOWS\Minidump\032717-28515-01.dmp
2017-03-25 21:04 - 2017-03-25 21:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-03-25 20:45 - 2017-03-27 00:37 - 594119935 _____ C:\WINDOWS\MEMORY.DMP
2017-03-25 20:45 - 2017-03-27 00:37 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-25 20:45 - 2017-03-25 20:47 - 00413052 _____ C:\WINDOWS\Minidump\032517-31109-01.dmp
2017-03-25 07:51 - 2017-04-06 03:30 - 00000437 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-03-25 07:32 - 2017-03-25 07:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2017-03-25 05:22 - 2017-03-25 05:23 - 00000000 ____D C:\Users\Manja\AppData\Local\Deployment
2017-03-25 05:19 - 2017-03-25 05:21 - 00611400 _____ () C:\Users\Manja\Downloads\LSBsetup(1).exe
2017-03-22 21:14 - 2017-03-16 07:17 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-22 21:14 - 2017-03-16 07:17 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-22 21:14 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-22 21:14 - 2017-03-16 06:46 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-22 21:14 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-22 21:14 - 2017-03-16 06:19 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-22 21:14 - 2017-03-16 06:05 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-22 21:14 - 2017-03-16 06:03 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-22 21:05 - 2017-03-22 21:05 - 00000000 ____D C:\Users\Manja\Documents\Epson
2017-03-16 04:10 - 2017-03-10 07:17 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-16 04:10 - 2017-03-10 07:17 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-16 03:33 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-16 03:33 - 2017-03-04 09:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-16 03:33 - 2017-03-04 09:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-16 03:33 - 2017-03-04 09:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-16 03:33 - 2017-03-04 09:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-16 03:33 - 2017-03-04 09:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-16 03:33 - 2017-03-04 09:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-16 03:33 - 2017-03-04 09:09 - 00412184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsMiraDisp.dll
2017-03-16 03:33 - 2017-03-04 09:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-16 03:33 - 2017-03-04 09:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-16 03:33 - 2017-03-04 09:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-16 03:33 - 2017-03-04 09:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-16 03:33 - 2017-03-04 08:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-16 03:33 - 2017-03-04 08:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-16 03:33 - 2017-03-04 08:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-16 03:33 - 2017-03-04 08:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-16 03:33 - 2017-03-04 08:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-16 03:33 - 2017-03-04 08:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-16 03:33 - 2017-03-04 08:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-16 03:33 - 2017-03-04 08:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-16 03:33 - 2017-03-04 08:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-16 03:33 - 2017-03-04 08:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-16 03:33 - 2017-03-04 08:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-16 03:33 - 2017-03-04 08:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-16 03:33 - 2017-03-04 08:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-16 03:33 - 2017-03-04 08:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-16 03:33 - 2017-03-04 08:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-16 03:33 - 2017-03-04 08:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-16 03:33 - 2017-03-04 08:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-16 03:33 - 2017-03-04 08:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-16 03:33 - 2017-03-04 08:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-16 03:33 - 2017-03-04 08:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-16 03:33 - 2017-03-04 08:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-16 03:33 - 2017-03-04 08:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-16 03:33 - 2017-03-04 08:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-16 03:33 - 2017-03-04 08:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-16 03:33 - 2017-03-04 08:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-16 03:33 - 2017-03-04 08:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-16 03:33 - 2017-03-04 08:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-16 03:33 - 2017-03-04 08:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-16 03:33 - 2017-03-04 08:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-16 03:33 - 2017-03-04 08:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-16 03:33 - 2017-03-04 08:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-16 03:33 - 2017-03-04 08:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-16 03:33 - 2017-03-04 08:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-16 03:33 - 2017-03-04 08:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-16 03:33 - 2017-03-04 08:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-16 03:33 - 2017-03-04 08:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-16 03:33 - 2017-03-04 08:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-16 03:33 - 2017-03-04 08:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-16 03:33 - 2017-03-04 08:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-16 03:33 - 2017-03-04 08:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-16 03:33 - 2017-03-04 08:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-16 03:33 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-16 03:33 - 2017-03-04 08:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-16 03:33 - 2017-03-04 08:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-16 03:33 - 2017-03-04 08:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-16 03:33 - 2017-03-04 08:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-16 03:33 - 2017-03-04 08:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-16 03:33 - 2017-03-04 08:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-16 03:33 - 2017-03-04 08:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-16 03:33 - 2017-03-04 08:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-16 03:33 - 2017-03-04 08:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-16 03:33 - 2017-03-04 08:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-16 03:33 - 2017-03-04 08:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-16 03:33 - 2017-03-04 08:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-16 03:33 - 2017-03-04 08:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-16 03:33 - 2017-03-04 08:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-16 03:33 - 2017-03-04 08:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-16 03:33 - 2017-03-04 08:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-16 03:33 - 2017-03-04 08:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-16 03:33 - 2017-03-04 08:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-16 03:33 - 2017-03-04 08:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-16 03:33 - 2017-03-04 08:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-16 03:33 - 2017-03-04 08:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-16 03:33 - 2017-03-04 08:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-16 03:33 - 2017-03-04 08:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-16 03:33 - 2017-03-04 08:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-16 03:33 - 2017-03-04 08:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-16 03:33 - 2017-03-04 08:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-16 03:33 - 2017-03-04 08:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-16 03:33 - 2017-03-04 08:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-16 03:33 - 2017-03-04 08:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-16 03:33 - 2017-03-04 08:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-16 03:33 - 2017-03-04 08:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-16 03:33 - 2017-03-04 08:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-16 03:33 - 2017-03-04 08:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-16 03:33 - 2017-03-04 08:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-16 03:33 - 2017-03-04 08:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-16 03:33 - 2017-03-04 08:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-16 03:33 - 2017-03-04 08:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-16 03:33 - 2017-03-04 08:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-16 03:33 - 2017-03-04 08:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-16 03:33 - 2017-03-04 08:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-16 03:33 - 2017-03-04 08:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-16 03:33 - 2017-03-04 08:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-16 03:33 - 2017-03-04 08:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-16 03:33 - 2017-03-04 08:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-16 03:33 - 2017-03-04 08:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-16 03:33 - 2017-03-04 08:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-16 03:33 - 2017-03-04 08:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-16 03:33 - 2017-03-04 08:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-16 03:33 - 2017-03-04 07:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-16 03:33 - 2017-03-04 07:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-16 03:33 - 2017-03-04 07:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-16 03:33 - 2017-03-04 07:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-16 03:33 - 2017-03-04 07:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-16 03:33 - 2017-03-04 07:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-16 03:32 - 2017-03-04 09:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-16 03:32 - 2017-03-04 09:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-16 03:32 - 2017-03-04 09:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-16 03:32 - 2017-03-04 09:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-16 03:32 - 2017-03-04 09:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-16 03:32 - 2017-03-04 09:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-16 03:32 - 2017-03-04 09:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-16 03:32 - 2017-03-04 09:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-16 03:32 - 2017-03-04 09:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-16 03:32 - 2017-03-04 09:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-16 03:32 - 2017-03-04 09:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-16 03:32 - 2017-03-04 09:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-16 03:32 - 2017-03-04 09:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-16 03:32 - 2017-03-04 09:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-16 03:32 - 2017-03-04 09:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-16 03:32 - 2017-03-04 09:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-16 03:32 - 2017-03-04 09:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-16 03:32 - 2017-03-04 09:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-16 03:32 - 2017-03-04 09:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-16 03:32 - 2017-03-04 09:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-16 03:32 - 2017-03-04 09:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-16 03:32 - 2017-03-04 09:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-16 03:32 - 2017-03-04 09:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-16 03:32 - 2017-03-04 09:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-16 03:32 - 2017-03-04 09:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-16 03:32 - 2017-03-04 09:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-16 03:32 - 2017-03-04 09:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-16 03:32 - 2017-03-04 09:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-16 03:32 - 2017-03-04 09:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-16 03:32 - 2017-03-04 09:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-16 03:32 - 2017-03-04 09:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-16 03:32 - 2017-03-04 09:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-16 03:32 - 2017-03-04 09:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-16 03:32 - 2017-03-04 09:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-16 03:32 - 2017-03-04 09:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-16 03:32 - 2017-03-04 09:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-16 03:32 - 2017-03-04 09:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-16 03:32 - 2017-03-04 09:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-16 03:32 - 2017-03-04 09:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-16 03:32 - 2017-03-04 09:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-16 03:32 - 2017-03-04 09:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-16 03:32 - 2017-03-04 09:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-16 03:32 - 2017-03-04 09:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-16 03:32 - 2017-03-04 09:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-16 03:32 - 2017-03-04 09:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-16 03:32 - 2017-03-04 09:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-16 03:32 - 2017-03-04 09:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-16 03:32 - 2017-03-04 09:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-16 03:32 - 2017-03-04 09:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-16 03:32 - 2017-03-04 09:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-16 03:32 - 2017-03-04 09:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-16 03:32 - 2017-03-04 09:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-16 03:32 - 2017-03-04 09:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-16 03:32 - 2017-03-04 09:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-16 03:32 - 2017-03-04 09:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-16 03:32 - 2017-03-04 09:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
         
Code:
ATTFilter
2017-03-16 03:32 - 2017-03-04 09:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-16 03:32 - 2017-03-04 09:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-16 03:32 - 2017-03-04 09:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-16 03:32 - 2017-03-04 09:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-16 03:32 - 2017-03-04 09:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-16 03:32 - 2017-03-04 09:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-16 03:32 - 2017-03-04 09:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-16 03:32 - 2017-03-04 09:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-16 03:32 - 2017-03-04 09:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-16 03:32 - 2017-03-04 09:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-16 03:32 - 2017-03-04 08:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-16 03:32 - 2017-03-04 08:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-16 03:32 - 2017-03-04 08:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-16 03:32 - 2017-03-04 08:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-16 03:32 - 2017-03-04 08:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-16 03:32 - 2017-03-04 08:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-16 03:32 - 2017-03-04 08:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-16 03:32 - 2017-03-04 08:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-16 03:32 - 2017-03-04 08:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-16 03:32 - 2017-03-04 08:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-16 03:32 - 2017-03-04 08:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-16 03:32 - 2017-03-04 08:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-16 03:32 - 2017-03-04 08:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-16 03:32 - 2017-03-04 08:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-16 03:32 - 2017-03-04 08:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-16 03:32 - 2017-03-04 08:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-16 03:32 - 2017-03-04 08:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-16 03:32 - 2017-03-04 08:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-16 03:32 - 2017-03-04 08:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-16 03:32 - 2017-03-04 08:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-16 03:32 - 2017-03-04 08:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-16 03:32 - 2017-03-04 08:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-16 03:32 - 2017-03-04 08:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-16 03:32 - 2017-03-04 08:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-16 03:32 - 2017-03-04 08:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-16 03:32 - 2017-03-04 08:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-16 03:32 - 2017-03-04 08:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-16 03:32 - 2017-03-04 08:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-16 03:32 - 2017-03-04 08:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-16 03:32 - 2017-03-04 08:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-16 03:32 - 2017-03-04 08:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-16 03:32 - 2017-03-04 08:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-16 03:32 - 2017-03-04 08:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-16 03:32 - 2017-03-04 08:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-16 03:32 - 2017-03-04 08:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-16 03:32 - 2017-03-04 08:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-16 03:32 - 2017-03-04 08:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-16 03:32 - 2017-03-04 08:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-16 03:32 - 2017-03-04 08:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-16 03:32 - 2017-03-04 08:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-16 03:32 - 2017-03-04 08:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-16 03:32 - 2017-03-04 08:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-16 03:32 - 2017-03-04 08:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-16 03:32 - 2017-03-04 08:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-16 03:32 - 2017-03-04 08:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-16 03:32 - 2017-03-04 08:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-16 03:32 - 2017-03-04 08:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-16 03:32 - 2017-03-04 08:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-16 03:32 - 2017-03-04 08:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-16 03:32 - 2017-03-04 08:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-16 03:32 - 2017-03-04 08:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-16 03:32 - 2017-03-04 08:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-16 03:32 - 2017-03-04 08:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-16 03:32 - 2017-03-04 08:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-16 03:32 - 2017-03-04 08:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-16 03:32 - 2017-03-04 08:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-16 03:32 - 2017-03-04 08:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-16 03:32 - 2017-03-04 08:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-16 03:32 - 2017-03-04 08:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-16 03:32 - 2017-03-04 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-16 03:32 - 2017-03-04 08:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-16 03:32 - 2017-03-04 08:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-16 03:32 - 2017-03-04 08:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-16 03:32 - 2017-03-04 08:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-16 03:32 - 2017-03-04 08:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-16 03:32 - 2017-03-04 08:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-16 03:32 - 2017-03-04 08:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-16 03:32 - 2017-03-04 08:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-16 03:32 - 2017-03-04 08:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-16 03:32 - 2017-03-04 08:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-16 03:32 - 2017-03-04 08:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-16 03:32 - 2017-03-04 08:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-16 03:32 - 2017-03-04 08:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-16 03:32 - 2017-03-04 08:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-16 03:32 - 2017-03-04 08:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-16 03:32 - 2017-03-04 08:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-16 03:32 - 2017-03-04 08:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-16 03:32 - 2017-03-04 08:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-16 03:32 - 2017-03-04 08:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-16 03:32 - 2017-03-04 08:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-16 03:32 - 2017-03-04 08:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-16 03:32 - 2017-03-04 08:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-16 03:32 - 2017-03-04 08:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-16 03:32 - 2017-03-04 07:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-16 03:32 - 2017-02-22 04:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-16 03:32 - 2016-07-16 04:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-16 03:32 - 2016-07-16 04:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-16 03:32 - 2016-07-16 04:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-16 03:31 - 2016-05-29 20:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-16 02:48 - 2017-04-06 04:42 - 00007600 _____ C:\Users\Manja\AppData\Local\Resmon.ResmonCfg
 
==================== Ein Monat: Geänderte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2017-04-10 22:51 - 2016-11-25 13:06 - 00000000 ____D C:\Users\Manja\AppData\LocalLow\Mozilla
2017-04-10 22:50 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Manja\AppData\Roaming\tor
2017-04-10 22:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-10 22:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-10 22:09 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-10 22:01 - 2016-02-24 11:37 - 00000000 ___RD C:\Users\Manja\OneDrive
2017-04-10 21:58 - 2017-02-28 04:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-10 21:53 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Manja\AppData\Local\Vidalia
2017-04-10 21:53 - 2016-02-24 11:28 - 00000000 __SHD C:\Users\Manja\IntelGraphicsProfiles
2017-04-09 21:17 - 2017-02-28 05:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-09 21:17 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-07 19:23 - 2014-06-03 11:42 - 00000000 ____D C:\ProgramData\tmp
2017-04-07 15:13 - 2017-02-28 05:22 - 02471578 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-07 15:13 - 2016-07-17 00:51 - 01043428 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-07 15:13 - 2016-07-17 00:51 - 00241188 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-07 04:19 - 2014-05-14 01:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-06 06:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2017-04-06 00:35 - 2016-08-30 01:10 - 00000000 ____D C:\Users\Manja\AppData\Local\ElevatedDiagnostics
2017-04-03 20:03 - 2014-05-13 18:56 - 00000000 ____D C:\Users\Manja\AppData\Local\Packages
2017-04-01 17:49 - 2017-03-05 03:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-01 17:49 - 2014-05-17 21:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-30 23:06 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-30 23:06 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-27 00:56 - 2017-02-28 05:02 - 00000000 ____D C:\Users\Manja
2017-03-27 00:46 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-26 00:58 - 2017-03-05 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-25 08:02 - 2014-05-29 13:06 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Nitro PDF
2017-03-24 00:27 - 2017-02-03 18:19 - 00000000 ____D C:\Users\Manja\Downloads\Intel Components
2017-03-24 00:19 - 2016-10-16 23:55 - 00000000 ____D C:\Users\Manja\Documents\My Albums
2017-03-24 00:19 - 2015-10-11 21:15 - 00000000 ____D C:\Users\Manja\AppData\Roaming\ArcSoft
2017-03-22 21:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-22 21:21 - 2016-10-28 17:51 - 00000000 ____D C:\Program Files (x86)\BILDmobil
2017-03-22 20:28 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-22 20:26 - 2015-01-13 08:02 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-03-20 23:00 - 2017-03-04 16:47 - 00000000 ____D C:\AdwCleaner
2017-03-18 05:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-16 04:07 - 2017-02-28 04:46 - 00240912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-16 04:07 - 2015-05-04 21:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-16 04:07 - 2015-05-04 21:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-16 03:58 - 2014-07-05 18:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-16 03:56 - 2014-07-05 18:19 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-16 03:37 - 2015-05-04 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-16 03:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
 
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 
2017-02-08 00:52 - 2017-02-08 00:52 - 1907939 _____ () C:\Users\Manja\AppData\Roaming\Bioflex.tst
2017-03-16 02:48 - 2017-04-06 04:42 - 0007600 _____ () C:\Users\Manja\AppData\Local\Resmon.ResmonCfg
2017-02-28 04:53 - 2017-02-28 04:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap ======================
 
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
LastRegBack: 2017-04-09 13:44
 
==================== Ende von FRST.txt ============================
         
__________________


Alt 11.04.2017, 07:56   #3
Manicka
 
Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab - Standard

Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab



Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Manja (10-04-2017 22:55:33)
Gestartet von C:\Users\Manja\Desktop
Windows 10 Home Version 1607 (X64) (2017-02-28 03:37:34)
Start-Modus: Normal
==========================================================
 
 
==================== Konten: =============================
 
Administrator (S-1-5-21-2024608735-1276328420-4132175576-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2024608735-1276328420-4132175576-503 - Limited - Disabled)
Gast (S-1-5-21-2024608735-1276328420-4132175576-501 - Limited - Disabled)
Manja (S-1-5-21-2024608735-1276328420-4132175576-1001 - Administrator - Enabled) => C:\Users\Manja
 
==================== Sicherheits-Center ========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installierte Programme ======================
 
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 
. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.2.4 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{435CE0C6-084B-7235-D55E-8C6E630D78EA}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcSoft Software Suite (HKLM-x32\...\{4A712D29-DBE3-4381-A331-AF4AE5BEB244}) (Version:  - )
ArcSoft TV 5.0 (HKLM-x32\...\{94ED52E0-24A0-4AD8-9BFD-0560CA680A80}) (Version: 5.0.28.218 - ArcSoft, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.172 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{1f8bb480-f5d7-4414-a6ea-28e005509ae4}) (Version: 1.2.81.6390 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.6390 - Avira Operations GmbH & Co. KG) Hidden
Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.1.18829 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden
Epson Benutzerhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Useg) (Version:  - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version:  - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.62.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Netg) (Version:  - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0045 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 52.0.2 (x64 de) (HKLM\...\Mozilla Firefox 52.0.2 (x64 de)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
Nitro Pro 8 (HKLM\...\{84DAF9F1-513C-49F8-89D2-63CB3F4A7E39}) (Version: 8.5.7.1 - Nitro)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.320.0 - Tracker Software Products Ltd)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0231 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Tor 0.2.4.9-alpha (HKLM-x32\...\Tor) (Version:  - )
ultron AG ultron DVB-T Stick (HKLM-x32\...\ultron AG ultron DVB-T Stick) (Version: 4.3.5.7 - ultron AG)
USB2.0 PC Camera (SN9C201&202) (HKLM-x32\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.22.000 - Sonix)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
Vidalia 0.2.21 (HKLM-x32\...\Vidalia) (Version:  - )
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows-Treiberpaket - ultron AG (smsbda) MEDIA  (04/27/2014 4.3.5.7) (HKLM\...\37842D1EA68B09186EEC8F2AE7AB5BF2FF059EFD) (Version: 04/27/2014 4.3.5.7 - ultron AG)
         
Code:
ATTFilter
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
Task: {007CE586-4B43-4396-BFE2-48C8514C822D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {008A7AF6-95D9-43D8-A75B-1373322D096C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {0AF08785-5B75-4A1D-8B84-44A6BF45F641} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {1130142D-1830-4153-B73C-1581E70F4141} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {1199A92B-5DF3-49A8-A505-D7FEB1C8ECD9} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {25AB9E8F-02F4-49FE-93DA-D8D24303AC8A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {2B70B99A-C3F8-4818-9ADE-63195674E9BF} - System32\Tasks\{5CCF53E0-6195-7F54-A07D-AE72C1E5B301} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\de0915e3\9a636640.dll" <==== ACHTUNG
Task: {3362DCCF-B0FD-413F-84E4-CD6AFF019356} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {483B62EE-FDC9-404A-ADF8-A68EB03E4578} - System32\Tasks\Grotersp Mapper => C:\Program Files (x86)\Clerbespdremerle\rerjupy.exe
Task: {48FF7396-B258-4F3D-A824-CA9F5E06DBB9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4C18A89B-BCED-4D53-988C-3B9FF2D9D036} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {4C3373A6-B580-4D06-982D-0456F128C31A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {5442CF63-E79F-4E46-9FEA-E831ADA4D657} - \Lenovo\Lenovo Service Bridge\S-1-5-21-2024608735-1276328420-4132175576-1001 -> Keine Datei <==== ACHTUNG
Task: {5997D2F3-C670-4A8F-97AC-0E54F8541177} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5C054594-146F-495F-BF90-55074A55420B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {5F651B40-E495-40FC-97CC-B769D51E3625} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {5FB14A42-4AF0-4FCF-ACA5-C9AAB1A5AC30} - System32\Tasks\{5B99FE32-EC32-4999-CADC-3708E75AFA31} => C:\ProgramData\{1234AB96-A59F-1C3D-87BC-4DC6AFCEA6B8}\C27A3036-75D1-879D-3EA9-9F8FB2081826.exe  <==== ACHTUNG
Task: {5FE19C98-5417-4C21-A91A-205AE70A2CE4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {60B080EC-5184-4AB0-B6BA-4FC6DD8F78B2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {6712DD73-AC71-419E-819B-8BBD8937253F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-16] (Microsoft Corporation)
Task: {69995769-F31F-4B57-B315-12E77BE81A30} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-08-24] (Lenovo)
Task: {7BBB3BD4-C6F6-4E53-88CA-8DF876BA46E0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9A16F10C-3941-40EC-8E53-4D6A0AD6E30A} - \WPD\SqmUpload_S-1-5-21-2024608735-1276328420-4132175576-1001 -> Keine Datei <==== ACHTUNG
Task: {A97D182E-6FD5-4958-B722-8B7AEF57915D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {ABA34A64-4C7A-4B97-A40B-E3FAEC12C771} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {AFF68E91-0BEB-46CA-983A-953F2E6C8006} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {B159F619-E2CE-44CC-A560-90AD0D7675AF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {B352E0CE-D6FF-4FC1-9638-7FCBF2C5DA91} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {B8ACA62D-0C89-4170-94AD-D8CA9BA18F3B} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {BDB645B7-5705-4CF1-93E9-A218011E3CA0} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2017-02-06] (Tracker Software Products (Canada) Ltd.)
Task: {C5E1E20C-B993-414C-8950-C242C3BC2BFF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {DC54BA35-E04E-4660-BF9F-072D454DB84E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {E7588F34-6D49-478B-92E0-D17D81DACCD2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {EFB1B60A-BE55-495E-B471-04CFE945341B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F3A0743A-9069-41A6-8B85-645E032923B4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {F6B9BC7D-407E-4F6C-B928-EE278BAA6425} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-08-24] ()
Task: {F742BC81-DCCF-42E3-9077-D19C28618FB7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
 
==================== Verknüpfungen =============================
 
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 
Shortcut: C:\Users\Manja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk -> C:\Users\Manja\Desktop\Ordner\Tor Browser\Browser\firefox.bat (Keine Datei)
Shortcut: C:\Users\Manja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (Keine Datei)
 
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 
2015-01-15 07:38 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-12 03:03 - 2012-04-24 12:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-11-17 23:05 - 2016-11-17 23:05 - 00156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-02-07 23:24 - 2017-02-07 23:23 - 00145408 _____ () C:\Users\Manja\AppData\Roaming\Valrythujaent\Faoing.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-07 00:07 - 2016-10-07 00:07 - 00393208 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-02-28 04:35 - 2017-02-28 04:35 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-01-26 14:02 - 2013-01-26 14:02 - 06239727 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
2000-01-01 01:00 - 2000-01-01 02:00 - 03096064 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\tor.exe
2017-02-08 04:52 - 2017-02-08 04:52 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-01-29 22:45 - 2017-01-18 17:36 - 00023416 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2017-04-10 22:04 - 2017-04-10 22:08 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 22:04 - 2017-04-10 22:08 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 22:04 - 2017-04-10 22:08 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 22:04 - 2017-04-10 22:08 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2009-06-23 04:42 - 2009-06-23 04:42 - 00043008 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\libgcc_s_dw2-1.dll
2011-08-24 00:59 - 2011-08-24 00:59 - 00047972 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\mingwm10.dll
2015-10-11 21:15 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
2015-10-11 21:15 - 2013-09-02 09:45 - 00016384 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00719217 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libevent-2-0-5.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00092599 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libssp-0.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00523262 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libgcc_s_sjlj-1.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00107520 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\zlib1.dll
2016-09-20 09:48 - 2016-09-20 09:48 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
 
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 
 
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 
==================== Hosts Inhalt: ===============================
 
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 
2013-08-22 15:25 - 2017-02-07 23:23 - 00007503 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Andere Bereiche ============================
 
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
 
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 
HKLM\...\StartupApproved\Run: => "emsisoft anti-malware"
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "avgnt"
 
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
FirewallRules: [TCP Query User{7FD5A268-6318-48F0-8D91-557CEA5E5BC9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{468F2A13-871E-419E-8131-BDCCD8EC0650}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{959E9D9F-BF07-476F-B6A3-B75BA71E4E26}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{7A5E8E0A-128C-4F5A-9FCD-599D552B2A72}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{C41149A8-34A4-49AF-B780-D8057222A577}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{2537BB56-6DCB-4828-AA2B-4019C03D21B2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{D9852551-C2C2-46AE-8563-737DB5119F16}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AD7A18C9-3CA1-4090-B4DD-D49D6ECFA06B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{ABA2D586-0848-41C9-B75B-94D23CE8B2C1}] => (Allow) %systemroot%\system32\alg.exe
 
==================== Wiederherstellungspunkte =========================
 
22-03-2017 21:15:54 Windows Update
30-03-2017 23:04:02 Windows Update
 
==================== Fehlerhafte Geräte im Gerätemanager =============
 
Name: Microsoft Kerneldebugger-Netzwerkadapter
Description: Microsoft Kerneldebugger-Netzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Fehlereinträge in der Ereignisanzeige: =========================
 
Applikationsfehler:
==================
Error: (04/10/2017 10:41:18 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LENOVO-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c5
 
Error: (04/10/2017 09:55:05 PM) (Source: chip 1-click download service) (EventID: 0) (User: )
Description: |ERORRS=;(380) error at getOrdersForVersion:Der Remotename konnte nicht aufgelöst werden: 'service.chip-secured-download.de'
;(180) error at GetHttpWebRequest: 1Der Remotename konnte nicht aufgelöst werden: 'api.chip-secured-download.de'
;(480) Could not load new Downlaoder
 
Error: (04/09/2017 10:14:37 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
 
Error: (04/09/2017 10:14:35 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
 
Error: (04/09/2017 10:04:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppXxat4m5y1bf9ghax409y1vwyatpqea4s8.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error: (04/09/2017 10:01:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe:App.AppX65n3t4j73ch7cremsjxn7q8bph1ma8jw.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error: (04/09/2017 10:00:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error: (04/09/2017 10:00:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error: (04/09/2017 10:00:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error: (04/09/2017 09:17:46 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
 
 
Systemfehler:
=============
Error: (04/10/2017 10:51:10 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (04/10/2017 10:51:10 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (04/10/2017 10:51:10 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (04/10/2017 10:47:01 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (04/10/2017 10:47:01 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (04/10/2017 10:47:01 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (04/10/2017 10:46:28 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (04/10/2017 10:46:28 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (04/10/2017 10:46:28 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
 
Error: (04/10/2017 10:46:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
 
Code: 8 0x0 0x0
 
 
CodeIntegrity:
===================================
  Date: 2017-03-05 02:17:37.039
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-03-05 02:13:48.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-03-05 02:08:50.229
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
 
  Date: 2017-03-05 02:07:50.147
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-03-05 02:07:50.139
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-03-05 02:05:31.368
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-03-05 01:59:37.819
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-03-05 01:58:40.854
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
 
  Date: 2017-03-05 01:45:29.239
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-03-05 01:16:53.221
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Speicherinformationen ===========================
 
Prozessor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 5749.09 MB
Summe virtueller Speicher: 17832.27 MB
Verfügbarer virtueller Speicher: 15210.32 MB
 
==================== Laufwerke ================================
 
Drive c: (Windows8_OS) (Fixed) (Total:891.53 GB) (Free:834.55 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.2 GB) NTFS
 
==================== MBR & Partitionstabelle ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 401F9FD4)
 
Partition: GPT.
 
==================== Ende von Addition.txt ============================
         
__________________

Alt 19.04.2017, 20:51   #4
M-K-D-B
/// TB-Ausbilder
 
Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab - Standard

Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.

  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.

  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 21.04.2017, 21:21   #5
Manicka
 
Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab - Standard

Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab



TDSS

Code:
ATTFilter
20:57:35.0839 0x2674  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
20:57:35.0839 0x2674  UEFI system
20:57:54.0464 0x2674  ============================================================
20:57:54.0464 0x2674  Current date / time: 2017/04/21 20:57:54.0464
20:57:54.0464 0x2674  SystemInfo:
20:57:54.0464 0x2674  
20:57:54.0464 0x2674  OS Version: 10.0.14393 ServicePack: 0.0
20:57:54.0464 0x2674  Product type: Workstation
20:57:54.0464 0x2674  ComputerName: LENOVO-PC
20:57:54.0464 0x2674  UserName: Manja
20:57:54.0464 0x2674  Windows directory: C:\WINDOWS
20:57:54.0464 0x2674  System windows directory: C:\WINDOWS
20:57:54.0464 0x2674  Running under WOW64
20:57:54.0464 0x2674  Processor architecture: Intel x64
20:57:54.0464 0x2674  Number of processors: 4
20:57:54.0464 0x2674  Page size: 0x1000
20:57:54.0464 0x2674  Boot type: Normal boot
20:57:54.0464 0x2674  CodeIntegrityOptions = 0x00000001
20:57:54.0464 0x2674  ============================================================
20:58:02.0229 0x2674  KLMD registered as C:\WINDOWS\system32\drivers\04160760.sys
20:58:02.0229 0x2674  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.953, osProperties = 0x19
20:58:03.0229 0x2674  System UUID: {4F31EA09-3837-F40B-F169-B5FDCF9CF545}
20:58:04.0511 0x2674  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:58:04.0589 0x2674  ============================================================
20:58:04.0589 0x2674  \Device\Harddisk0\DR0:
20:58:04.0604 0x2674  GPT partitions:
20:58:04.0604 0x2674  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BF6A7184-8544-45FB-A78B-BBC875CD61C8}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
20:58:04.0604 0x2674  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3C4D5381-1FEE-49F4-BD08-A2842BEBD1A1}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:58:04.0604 0x2674  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {37B2536D-FC21-4E94-B713-58F446803292}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
20:58:04.0604 0x2674  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {628B78F7-34B0-491A-9D29-C48630E2AD30}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
20:58:04.0604 0x2674  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F6046E4B-531D-47E6-B859-17E7D4316F7C}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F70D800
20:58:04.0604 0x2674  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1039B095-4DDE-40DA-8D93-4306C7407A22}, Name: Basic data partition, StartLBA 0x6FBB8000, BlocksNum 0x3200000
20:58:04.0604 0x2674  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2ABF23B6-FA2C-428F-BC39-6BEC8C606C7E}, Name: Basic data partition, StartLBA 0x72DB8000, BlocksNum 0x194E800
20:58:04.0604 0x2674  MBR partitions:
20:58:04.0604 0x2674  ============================================================
20:58:04.0745 0x2674  C: <-> \Device\Harddisk0\DR0\Partition5
20:58:04.0933 0x2674  D: <-> \Device\Harddisk0\DR0\Partition6
20:58:04.0933 0x2674  ============================================================
20:58:04.0933 0x2674  Initialize success
20:58:04.0933 0x2674  ============================================================
20:59:17.0063 0x1c98  ============================================================
20:59:17.0063 0x1c98  Scan started
20:59:17.0063 0x1c98  Mode: Manual; SigCheck; TDLFS; 
20:59:17.0063 0x1c98  ============================================================
20:59:17.0063 0x1c98  KSN ping started
20:59:43.0657 0x1c98  KSN ping finished: true
20:59:56.0767 0x1c98  ================ Scan system memory ========================
20:59:56.0767 0x1c98  System memory - ok
20:59:56.0767 0x1c98  ================ Scan services =============================
20:59:57.0173 0x1c98  1394ohci - ok
20:59:57.0189 0x1c98  3ware - ok
20:59:57.0220 0x1c98  ACPI - ok
20:59:57.0251 0x1c98  AcpiDev - ok
20:59:57.0267 0x1c98  acpiex - ok
20:59:57.0267 0x1c98  acpipagr - ok
20:59:57.0329 0x1c98  AcpiPmi - ok
20:59:57.0345 0x1c98  acpitime - ok
20:59:57.0392 0x1c98  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
20:59:57.0923 0x1c98  ACPIVPC - ok
20:59:58.0126 0x1c98  [ 671133C0AC2D8B40B7574F69059653E9, A36CC49A0C829A5C4D6CF273791071213F5FFB57DC7022D523CFB731374FF63C ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:59:58.0157 0x1c98  AdobeARMservice - ok
20:59:58.0220 0x1c98  ADP80XX - ok
20:59:58.0423 0x1c98  [ 0D0E5281784C2C526BA43C2ECD374288, BE4B16E08A96A24BEB904A2216A538340FD91A11E0CAB43BF8788C35DAD2D2B5 ] Afc             C:\WINDOWS\syswow64\drivers\Afc.sys
20:59:58.0454 0x1c98  Afc - ok
20:59:58.0470 0x1c98  AFD - ok
20:59:58.0517 0x1c98  ahcache - ok
20:59:58.0532 0x1c98  AJRouter - ok
20:59:58.0548 0x1c98  ALG - ok
20:59:58.0642 0x1c98  [ 0990E6809D6C56C6DA85FE0EF20280EA, CC18608EB12DFB055C3AFCA2BB44FEDEE451F3F8CFEB87141F8EAD53F6BF6DD5 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
20:59:58.0689 0x1c98  AMD External Events Utility - ok
20:59:58.0720 0x1c98  AmdK8 - ok
20:59:58.0720 0x1c98  amdkmdag - ok
20:59:58.0861 0x1c98  [ 29C00798F093C2F54628F7C54DA77001, 8C85D9936103E19C60C8DE4DE98EA7F722BD3676911D873007FF2D152A456ED7 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
20:59:58.0954 0x1c98  amdkmdap - ok
20:59:59.0001 0x1c98  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
20:59:59.0032 0x1c98  amdkmpfd - ok
20:59:59.0048 0x1c98  AmdPPM - ok
20:59:59.0048 0x1c98  amdsata - ok
20:59:59.0064 0x1c98  amdsbs - ok
20:59:59.0064 0x1c98  amdxata - ok
20:59:59.0345 0x1c98  [ E6CEE7C270AD1CAE17EA910C85211BAE, 1DEB7185CEDC5918C20353C13AA0398D739A318729700F057B13821FF0FF5C97 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
20:59:59.0392 0x1c98  AntiVirMailService - ok
20:59:59.0423 0x1c98  [ 9658B76971381D9053E48E896256D5EB, 48C763BAF349E663D0E41657779BF5D1106A7C3E7F8C898185DC5D1998C0CDAF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
20:59:59.0470 0x1c98  AntiVirSchedulerService - ok
20:59:59.0517 0x1c98  [ 9658B76971381D9053E48E896256D5EB, 48C763BAF349E663D0E41657779BF5D1106A7C3E7F8C898185DC5D1998C0CDAF ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
20:59:59.0564 0x1c98  AntiVirService - ok
20:59:59.0736 0x1c98  [ B62E24EEC8C4B6E8A173CAD069B5033A, 719F7C51D615591E70D549552AC66343526902007480278C0E56AA7E1F406F96 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
20:59:59.0782 0x1c98  AntiVirWebService - ok
20:59:59.0798 0x1c98  AppID - ok
20:59:59.0814 0x1c98  AppIDSvc - ok
20:59:59.0829 0x1c98  Appinfo - ok
20:59:59.0861 0x1c98  applockerfltr - ok
20:59:59.0907 0x1c98  AppReadiness - ok
20:59:59.0923 0x1c98  AppXSvc - ok
20:59:59.0939 0x1c98  arcsas - ok
20:59:59.0954 0x1c98  AsyncMac - ok
21:00:00.0017 0x1c98  atapi - ok
21:00:00.0048 0x1c98  athr - ok
21:00:00.0079 0x1c98  AudioEndpointBuilder - ok
21:00:00.0095 0x1c98  Audiosrv - ok
21:00:00.0173 0x1c98  [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:00:00.0236 0x1c98  avgntflt - ok
21:00:00.0298 0x1c98  [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:00:00.0345 0x1c98  avipbb - ok
21:00:00.0517 0x1c98  [ 586FCB1EEC849C06A8DDDDAB276AF113, E193FA64A86C27B2B7AA43E74A196BCBF79A9644F94C96E84E6CC76A405193B6 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:00:00.0548 0x1c98  Avira.ServiceHost - ok
21:00:00.0579 0x1c98  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:00:00.0595 0x1c98  avkmgr - ok
21:00:00.0626 0x1c98  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\WINDOWS\system32\drivers\avmeject.sys
21:00:00.0673 0x1c98  avmeject - ok
21:00:00.0720 0x1c98  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
21:00:00.0767 0x1c98  avnetflt - ok
21:00:00.0907 0x1c98  [ D50D54178CA7BF63BD60ABEC8E7772CC, 19EFE0808C2660A22DD69158FEC30F8CB83167D832C3EBE12C99261C6FB79ADF ] avusbflt        C:\WINDOWS\system32\Drivers\avusbflt.sys
21:00:00.0939 0x1c98  avusbflt - ok
21:00:00.0970 0x1c98  AxInstSV - ok
21:00:00.0986 0x1c98  b06bdrv - ok
21:00:01.0017 0x1c98  BasicDisplay - ok
21:00:01.0032 0x1c98  BasicRender - ok
21:00:01.0079 0x1c98  [ E68481BE45ADDF4E2A6790BB653610A4, 1F868D19C2CF206CAB36E990E5DC20782DB69FC51944CDFD494A09333E35F026 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
21:00:01.0157 0x1c98  bcbtums - ok
21:00:01.0986 0x1c98  [ 85081187E02D743CDC8E2B8728281734, AB1BB7BB4A1C4446754D5A77D4DE25B042AEA95870092FE951C8C4CCDA8FCD15 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
21:00:02.0345 0x1c98  BCM43XX - ok
21:00:02.0564 0x1c98  [ 02123BE5D4D5CA48E93AC914EC936DC4, 1F5EBE116590726D0F601D487F26C7FC550F62144A0F9A64022E3DC2C940F17E ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
21:00:02.0626 0x1c98  BcmBtRSupport - ok
21:00:02.0657 0x1c98  bcmfn - ok
21:00:02.0673 0x1c98  bcmfn2 - ok
21:00:03.0376 0x1c98  [ 85081187E02D743CDC8E2B8728281734, AB1BB7BB4A1C4446754D5A77D4DE25B042AEA95870092FE951C8C4CCDA8FCD15 ] BCMWL63A        C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
21:00:03.0579 0x1c98  BCMWL63A - ok
21:00:03.0611 0x1c98  BDESVC - ok
21:00:03.0626 0x1c98  Beep - ok
21:00:03.0657 0x1c98  BFE - ok
21:00:03.0689 0x1c98  BITS - ok
21:00:03.0689 0x1c98  bowser - ok
21:00:03.0720 0x1c98  BrokerInfrastructure - ok
21:00:03.0751 0x1c98  Browser - ok
21:00:03.0767 0x1c98  BthA2DP - ok
21:00:03.0829 0x1c98  BthAvrcpTg - ok
21:00:03.0829 0x1c98  BthEnum - ok
21:00:03.0892 0x1c98  BthHFAud - ok
21:00:03.0907 0x1c98  BthHFEnum - ok
21:00:03.0923 0x1c98  bthhfhid - ok
21:00:03.0939 0x1c98  BthHFSrv - ok
21:00:03.0970 0x1c98  BthLEEnum - ok
21:00:03.0986 0x1c98  BTHMODEM - ok
21:00:04.0001 0x1c98  BthPan - ok
21:00:04.0017 0x1c98  BTHPORT - ok
21:00:04.0017 0x1c98  bthserv - ok
21:00:04.0017 0x1c98  BTHUSB - ok
21:00:04.0111 0x1c98  [ 93995198BCBA40C99994B4CF3ABCE964, 38A9422D9202FC1BA4104186BBA60CE55FD7A7239DB2CDE12B8D727F00F977AF ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
21:00:04.0329 0x1c98  btwampfl - ok
21:00:04.0376 0x1c98  buttonconverter - ok
21:00:04.0392 0x1c98  CapImg - ok
21:00:04.0407 0x1c98  cdfs - ok
21:00:04.0439 0x1c98  CDPSvc - ok
21:00:04.0439 0x1c98  CDPUserSvc - ok
21:00:04.0626 0x1c98  cdrom - ok
21:00:04.0704 0x1c98  CertPropSvc - ok
21:00:04.0892 0x1c98  [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
21:00:05.0282 0x1c98  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
21:00:05.0970 0x1c98  Detect skipped due to KSN trusted
21:00:05.0970 0x1c98  chip1click - ok
21:00:05.0986 0x1c98  cht4iscsi - ok
21:00:06.0017 0x1c98  cht4vbd - ok
21:00:06.0079 0x1c98  circlass - ok
21:00:06.0111 0x1c98  CLFS - ok
21:00:06.0767 0x1c98  [ 209D07A9F54C2211C4C1E387EC971C97, 02112545E31E617602ED527E9191BD819413FB3732EAD16699E0C5795F8C58B2 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:00:06.0829 0x1c98  ClickToRunSvc - ok
21:00:06.0845 0x1c98  ClipSVC - ok
21:00:06.0861 0x1c98  clreg - ok
21:00:06.0907 0x1c98  CmBatt - ok
21:00:06.0939 0x1c98  CNG - ok
21:00:06.0970 0x1c98  cnghwassist - ok
21:00:07.0095 0x1c98  [ A0E8F4630E62D7616F0186B07ED3B66B, 9EF5FCA42FF7ECA59EDE736908D37CF53421EED830FAA8EBBD461CE7939EA09C ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
21:00:07.0126 0x1c98  CnxtHdAudService - ok
21:00:07.0282 0x1c98  CompositeBus - ok
21:00:07.0298 0x1c98  COMSysApp - ok
21:00:07.0329 0x1c98  condrv - ok
21:00:07.0345 0x1c98  CoreMessagingRegistrar - ok
21:00:07.0501 0x1c98  [ 2EF1127FFCB66C5D41A98A734B021FE1, 4587DF6F67BAD40BDC07B9670CF15EBC86337A2B8AFAE73F89827076886F8B1A ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:00:09.0064 0x1c98  cphs - ok
21:00:09.0079 0x1c98  CryptSvc - ok
21:00:09.0142 0x1c98  [ 4E6337DE03F36BCE168110E6B59F6A5B, 2DB940EBBA971B3801E273B80D8CBD975040A8B87908E7E0733E4DBB0EFC2611 ] CxAudMsg        C:\WINDOWS\system32\CxAudMsg64.exe
21:00:09.0157 0x1c98  CxAudMsg - ok
21:00:09.0173 0x1c98  dam - ok
21:00:09.0204 0x1c98  DcomLaunch - ok
21:00:09.0236 0x1c98  DcpSvc - ok
21:00:09.0267 0x1c98  defragsvc - ok
21:00:09.0282 0x1c98  DeviceAssociationService - ok
21:00:09.0298 0x1c98  DeviceInstall - ok
21:00:09.0345 0x1c98  DevQueryBroker - ok
21:00:09.0361 0x1c98  Dfsc - ok
21:00:09.0439 0x1c98  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:00:09.0861 0x1c98  dg_ssudbus - ok
21:00:09.0954 0x1c98  Dhcp - ok
21:00:10.0048 0x1c98  diagnosticshub.standardcollector.service - ok
21:00:10.0079 0x1c98  DiagTrack - ok
21:00:10.0126 0x1c98  disk - ok
21:00:10.0173 0x1c98  DmEnrollmentSvc - ok
21:00:10.0220 0x1c98  dmvsc - ok
21:00:10.0251 0x1c98  dmwappushservice - ok
21:00:10.0282 0x1c98  Dnscache - ok
21:00:10.0314 0x1c98  dot3svc - ok
21:00:10.0345 0x1c98  DPS - ok
21:00:10.0408 0x1c98  drmkaud - ok
21:00:10.0470 0x1c98  DsmSvc - ok
21:00:10.0486 0x1c98  DsSvc - ok
21:00:10.0517 0x1c98  DXGKrnl - ok
21:00:10.0532 0x1c98  EapHost - ok
21:00:10.0564 0x1c98  ebdrv - ok
21:00:10.0595 0x1c98  EFS - ok
21:00:10.0611 0x1c98  EhStorClass - ok
21:00:10.0657 0x1c98  EhStorTcgDrv - ok
21:00:10.0689 0x1c98  embeddedmode - ok
21:00:10.0704 0x1c98  EntAppSvc - ok
21:00:10.0814 0x1c98  [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
21:00:10.0829 0x1c98  EpsonScanSvc - ok
21:00:11.0017 0x1c98  [ A7E8186E04F38E836C19AC147F8B2ED0, 329639595F02060C215A6334FCE1651FB9B9B5679BA9052A487B57265608D162 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
21:00:11.0032 0x1c98  EPSON_PM_RPCV4_05 - ok
21:00:11.0032 0x1c98  ErrDev - ok
21:00:11.0283 0x1c98  [ 8842ED1E87D7662F249B5B63501E693B, A6D71351C2F32295926664875369C0BF93C59541B023884BDAC684E1EA94487A ] ESRV_SVC_QUEENCREEK C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
21:00:11.0361 0x1c98  ESRV_SVC_QUEENCREEK - ok
21:00:11.0595 0x1c98  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
21:00:11.0657 0x1c98  ETD - ok
21:00:11.0736 0x1c98  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
21:00:11.0767 0x1c98  ETDService - ok
21:00:11.0829 0x1c98  EventSystem - ok
21:00:11.0861 0x1c98  exfat - ok
21:00:11.0892 0x1c98  fastfat - ok
21:00:11.0908 0x1c98  Fax - ok
21:00:11.0939 0x1c98  fdc - ok
21:00:11.0970 0x1c98  fdPHost - ok
21:00:11.0970 0x1c98  FDResPub - ok
21:00:12.0048 0x1c98  fhsvc - ok
21:00:12.0111 0x1c98  FileCrypt - ok
21:00:12.0126 0x1c98  FileInfo - ok
21:00:12.0142 0x1c98  Filetrace - ok
21:00:12.0157 0x1c98  flpydisk - ok
21:00:12.0173 0x1c98  FltMgr - ok
21:00:12.0204 0x1c98  FontCache - ok
21:00:12.0314 0x1c98  FontCache3.0.0.0 - ok
21:00:12.0329 0x1c98  FrameServer - ok
21:00:12.0345 0x1c98  FsDepends - ok
21:00:12.0361 0x1c98  Fs_Rec - ok
21:00:12.0376 0x1c98  fvevol - ok
21:00:12.0611 0x1c98  [ 0D2843C3C676B852D0B01CEA1E1DAE6C, 2F2751E09725D52008865F08A08F9989BCC4BA07FBC11B3BEF4332DC463CFC63 ] fwlanusb5_nv2   C:\WINDOWS\system32\DRIVERS\fwlanusb5_nv2.sys
21:00:12.0657 0x1c98  fwlanusb5_nv2 - ok
21:00:12.0704 0x1c98  gencounter - ok
21:00:12.0767 0x1c98  genericusbfn - ok
21:00:12.0783 0x1c98  GPIOClx0101 - ok
21:00:12.0814 0x1c98  gpsvc - ok
21:00:12.0861 0x1c98  GpuEnergyDrv - ok
21:00:12.0892 0x1c98  HDAudBus - ok
21:00:12.0939 0x1c98  HidBatt - ok
21:00:12.0970 0x1c98  HidBth - ok
21:00:12.0986 0x1c98  hidi2c - ok
21:00:13.0001 0x1c98  hidinterrupt - ok
21:00:13.0001 0x1c98  HidIr - ok
21:00:13.0064 0x1c98  hidserv - ok
21:00:13.0079 0x1c98  HidUsb - ok
21:00:13.0095 0x1c98  HomeGroupListener - ok
21:00:13.0173 0x1c98  HomeGroupProvider - ok
21:00:13.0236 0x1c98  HpSAMD - ok
21:00:13.0251 0x1c98  HTTP - ok
21:00:13.0298 0x1c98  HvHost - ok
21:00:13.0361 0x1c98  hvservice - ok
21:00:13.0376 0x1c98  hwpolicy - ok
21:00:13.0392 0x1c98  hyperkbd - ok
21:00:13.0423 0x1c98  i8042prt - ok
21:00:13.0454 0x1c98  iagpio - ok
21:00:13.0470 0x1c98  iai2c - ok
21:00:13.0501 0x1c98  iaLPSS2i_GPIO2 - ok
21:00:13.0517 0x1c98  iaLPSS2i_I2C - ok
21:00:13.0548 0x1c98  iaLPSSi_GPIO - ok
21:00:13.0548 0x1c98  iaLPSSi_I2C - ok
21:00:13.0736 0x1c98  [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
21:00:13.0767 0x1c98  iaStorA - ok
21:00:13.0783 0x1c98  iaStorAV - ok
21:00:13.0892 0x1c98  [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:00:13.0907 0x1c98  IAStorDataMgrSvc - ok
21:00:13.0923 0x1c98  iaStorV - ok
21:00:13.0954 0x1c98  ibbus - ok
21:00:14.0001 0x1c98  icssvc - ok
21:00:15.0345 0x1c98  [ 197FC03D62EEBCBCB8866B7EC0E1A6F0, 4197CBDAED113D13256C20FD2058E72C60EB2C28AE60EF6C3B3A0969CD7B2764 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:00:15.0611 0x1c98  igfx - ok
21:00:15.0751 0x1c98  [ 34CB407D6FCAB16C8C1A1C97C72D15AC, 4EBC135F8ECB9756F62C0918CB811420FAC36AAE78667D318B9F4BF01862ECBD ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:00:15.0798 0x1c98  igfxCUIService2.0.0.0 - ok
21:00:15.0829 0x1c98  IKEEXT - ok
21:00:15.0861 0x1c98  IndirectKmd - ok
21:00:15.0908 0x1c98  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
21:00:15.0954 0x1c98  intaud_WaveExtensible - ok
21:00:16.0079 0x1c98  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:00:16.0111 0x1c98  IntcDAud - ok
21:00:16.0314 0x1c98  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:00:16.0408 0x1c98  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:00:17.0673 0x1c98  Detect skipped due to KSN trusted
21:00:17.0673 0x1c98  Intel(R) Capability Licensing Service Interface - ok
21:00:17.0892 0x1c98  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:00:17.0923 0x1c98  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:00:17.0986 0x1c98  intelide - ok
21:00:18.0017 0x1c98  intelpep - ok
21:00:18.0048 0x1c98  intelppm - ok
21:00:18.0064 0x1c98  iorate - ok
21:00:18.0064 0x1c98  IpFilterDriver - ok
21:00:18.0126 0x1c98  iphlpsvc - ok
21:00:18.0142 0x1c98  IPMIDRV - ok
21:00:18.0158 0x1c98  IPNAT - ok
21:00:18.0173 0x1c98  irda - ok
21:00:18.0173 0x1c98  IRENUM - ok
21:00:18.0189 0x1c98  irmon - ok
21:00:18.0220 0x1c98  isapnp - ok
21:00:18.0251 0x1c98  iScsiPrt - ok
21:00:18.0548 0x1c98  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:00:18.0579 0x1c98  jhi_service - ok
21:00:18.0658 0x1c98  kbdclass - ok
21:00:18.0673 0x1c98  kbdhid - ok
21:00:18.0704 0x1c98  kdnic - ok
21:00:18.0704 0x1c98  KeyIso - ok
21:00:18.0720 0x1c98  KSecDD - ok
21:00:18.0751 0x1c98  KSecPkg - ok
21:00:18.0767 0x1c98  ksthunk - ok
21:00:18.0798 0x1c98  KtmRm - ok
21:00:18.0845 0x1c98  [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C             C:\WINDOWS\System32\drivers\L1C63x64.sys
21:00:18.0876 0x1c98  L1C - ok
21:00:18.0892 0x1c98  LanmanServer - ok
21:00:18.0892 0x1c98  LanmanWorkstation - ok
21:00:18.0939 0x1c98  lfsvc - ok
21:00:18.0970 0x1c98  LicenseManager - ok
21:00:18.0970 0x1c98  lltdio - ok
21:00:18.0986 0x1c98  lltdsvc - ok
21:00:19.0017 0x1c98  lmhosts - ok
21:00:19.0236 0x1c98  [ 4799AAD825F79C187FBA948D299386E7, 4E3618CF59B81825CF3E2AEC070CC57E3869BFF7543BB151530F02A3947A22F8 ] LSC.Services.SystemService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
21:00:19.0298 0x1c98  LSC.Services.SystemService - ok
21:00:19.0345 0x1c98  LSI_SAS - ok
21:00:19.0361 0x1c98  LSI_SAS2i - ok
21:00:19.0392 0x1c98  LSI_SAS3i - ok
21:00:19.0408 0x1c98  LSI_SSS - ok
21:00:19.0439 0x1c98  LSM - ok
21:00:19.0439 0x1c98  luafv - ok
21:00:19.0470 0x1c98  MapsBroker - ok
21:00:19.0501 0x1c98  megasas - ok
21:00:19.0564 0x1c98  megasas2i - ok
21:00:19.0579 0x1c98  megasr - ok
21:00:19.0626 0x1c98  [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:00:19.0673 0x1c98  MEIx64 - ok
21:00:19.0736 0x1c98  MessagingService - ok
21:00:19.0767 0x1c98  mlx4_bus - ok
21:00:19.0783 0x1c98  MMCSS - ok
21:00:19.0829 0x1c98  Modem - ok
21:00:19.0876 0x1c98  monitor - ok
21:00:19.0908 0x1c98  mouclass - ok
21:00:19.0908 0x1c98  mouhid - ok
21:00:19.0908 0x1c98  mountmgr - ok
21:00:20.0001 0x1c98  [ 2419641B6E64F4F76D369110969DA77C, 6E3FBCA61089BFFA0B214CD8AFF35E8F85FD3240BBA75B05FA4E98B2453AEF55 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:00:20.0048 0x1c98  MozillaMaintenance - ok
21:00:20.0048 0x1c98  mpsdrv - ok
21:00:20.0064 0x1c98  MpsSvc - ok
21:00:20.0095 0x1c98  MRxDAV - ok
21:00:20.0126 0x1c98  mrxsmb - ok
21:00:20.0142 0x1c98  mrxsmb10 - ok
21:00:20.0158 0x1c98  mrxsmb20 - ok
21:00:20.0189 0x1c98  MsBridge - ok
21:00:20.0204 0x1c98  MSDTC - ok
21:00:20.0220 0x1c98  Msfs - ok
21:00:20.0283 0x1c98  msgpiowin32 - ok
21:00:20.0298 0x1c98  mshidkmdf - ok
21:00:20.0314 0x1c98  mshidumdf - ok
21:00:20.0329 0x1c98  msisadrv - ok
21:00:20.0392 0x1c98  MSiSCSI - ok
21:00:20.0408 0x1c98  msiserver - ok
21:00:20.0423 0x1c98  MSKSSRV - ok
21:00:20.0439 0x1c98  MsLldp - ok
21:00:20.0470 0x1c98  MSPCLOCK - ok
21:00:20.0486 0x1c98  MSPQM - ok
21:00:20.0501 0x1c98  MsRPC - ok
21:00:20.0533 0x1c98  mssmbios - ok
21:00:20.0548 0x1c98  MSTEE - ok
21:00:20.0579 0x1c98  MTConfig - ok
21:00:20.0579 0x1c98  Mup - ok
21:00:20.0595 0x1c98  mvumis - ok
21:00:20.0611 0x1c98  NativeWifiP - ok
21:00:20.0642 0x1c98  NcaSvc - ok
21:00:20.0658 0x1c98  NcbService - ok
21:00:20.0689 0x1c98  NcdAutoSetup - ok
21:00:20.0704 0x1c98  ndfltr - ok
21:00:20.0736 0x1c98  NDIS - ok
21:00:20.0736 0x1c98  NdisCap - ok
21:00:20.0814 0x1c98  NdisImPlatform - ok
21:00:20.0829 0x1c98  NdisTapi - ok
21:00:20.0829 0x1c98  Ndisuio - ok
21:00:20.0845 0x1c98  NdisVirtualBus - ok
21:00:20.0861 0x1c98  NdisWan - ok
21:00:20.0861 0x1c98  ndiswanlegacy - ok
21:00:20.0876 0x1c98  ndproxy - ok
21:00:20.0892 0x1c98  Ndu - ok
21:00:20.0908 0x1c98  NetAdapterCx - ok
21:00:20.0908 0x1c98  NetBIOS - ok
21:00:20.0923 0x1c98  NetBT - ok
21:00:20.0923 0x1c98  Netlogon - ok
21:00:20.0939 0x1c98  Netman - ok
21:00:20.0986 0x1c98  netprofm - ok
21:00:21.0017 0x1c98  NetSetupSvc - ok
21:00:21.0158 0x1c98  NetTcpPortSharing - ok
21:00:21.0204 0x1c98  NgcCtnrSvc - ok
21:00:21.0236 0x1c98  NgcSvc - ok
21:00:21.0361 0x1c98  [ 9B214FF571749C9055EEDFCE52A81F90, F1D0BD4DF34B6F5532B1756E50C6317D63DD71AB577D1F8CBA74A7A225456EB0 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
21:00:21.0408 0x1c98  NitroDriverReadSpool8 - ok
21:00:21.0408 0x1c98  NlaSvc - ok
21:00:22.0220 0x1c98  [ BF15D119A19F8FD8B71F1E22C1BDA579, D24EFD135DB598DF2858AE8CDBEF92B439AE47F2880DD6E45D52ABD1E4FA5394 ] nlsX86cc        C:\WINDOWS\SysWOW64\NLSSRV32.EXE
21:00:22.0892 0x1c98  nlsX86cc - ok
21:00:22.0908 0x1c98  Npfs - ok
21:00:22.0954 0x1c98  npsvctrig - ok
21:00:22.0986 0x1c98  nsi - ok
21:00:22.0986 0x1c98  nsiproxy - ok
21:00:23.0001 0x1c98  NTFS - ok
21:00:23.0033 0x1c98  Null - ok
21:00:23.0080 0x1c98  nvraid - ok
21:00:23.0080 0x1c98  nvstor - ok
21:00:23.0142 0x1c98  OneSyncSvc - ok
21:00:23.0298 0x1c98  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:00:23.0329 0x1c98  ose - ok
21:00:23.0345 0x1c98  p2pimsvc - ok
21:00:23.0345 0x1c98  p2psvc - ok
21:00:23.0361 0x1c98  Parport - ok
21:00:23.0376 0x1c98  partmgr - ok
21:00:23.0423 0x1c98  PcaSvc - ok
21:00:23.0439 0x1c98  pci - ok
21:00:23.0470 0x1c98  pciide - ok
21:00:23.0486 0x1c98  pcmcia - ok
21:00:23.0501 0x1c98  pcw - ok
21:00:23.0517 0x1c98  pdc - ok
21:00:23.0533 0x1c98  PEAUTH - ok
21:00:23.0548 0x1c98  percsas2i - ok
21:00:23.0564 0x1c98  percsas3i - ok
21:00:23.0595 0x1c98  PerfHost - ok
21:00:23.0642 0x1c98  PhoneSvc - ok
21:00:23.0689 0x1c98  PimIndexMaintenanceSvc - ok
21:00:23.0736 0x1c98  pla - ok
21:00:23.0736 0x1c98  PlugPlay - ok
21:00:23.0751 0x1c98  PNRPAutoReg - ok
21:00:23.0751 0x1c98  PNRPsvc - ok
21:00:23.0767 0x1c98  PolicyAgent - ok
21:00:23.0767 0x1c98  Power - ok
21:00:23.0798 0x1c98  PptpMiniport - ok
21:00:24.0439 0x1c98  [ 77ABF70C71922873BC160933571B3F83, 7FCFBB4B42E7A92FCF11388CD5B600EA79A7C134F13A8A88CF8DCD3DB96C3F5A ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:00:24.0908 0x1c98  PrintNotify - ok
21:00:24.0955 0x1c98  Processor - ok
21:00:24.0986 0x1c98  ProfSvc - ok
21:00:24.0986 0x1c98  Psched - ok
21:00:25.0017 0x1c98  QWAVE - ok
21:00:25.0048 0x1c98  QWAVEdrv - ok
21:00:25.0080 0x1c98  RasAcd - ok
21:00:25.0158 0x1c98  RasAgileVpn - ok
21:00:25.0189 0x1c98  RasAuto - ok
21:00:25.0220 0x1c98  Rasl2tp - ok
21:00:25.0236 0x1c98  RasMan - ok
21:00:25.0251 0x1c98  RasPppoe - ok
21:00:25.0251 0x1c98  RasSstp - ok
21:00:25.0267 0x1c98  rdbss - ok
21:00:25.0298 0x1c98  rdpbus - ok
21:00:25.0314 0x1c98  RDPDR - ok
21:00:25.0345 0x1c98  RdpVideoMiniport - ok
21:00:25.0345 0x1c98  rdyboost - ok
21:00:25.0392 0x1c98  ReFSv1 - ok
21:00:25.0423 0x1c98  RemoteAccess - ok
21:00:25.0455 0x1c98  RemoteRegistry - ok
21:00:25.0501 0x1c98  RetailDemo - ok
21:00:25.0533 0x1c98  RFCOMM - ok
21:00:25.0736 0x1c98  [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
21:00:25.0767 0x1c98  RichVideo64 - ok
21:00:25.0783 0x1c98  RmSvc - ok
21:00:25.0814 0x1c98  RpcEptMapper - ok
21:00:25.0845 0x1c98  RpcLocator - ok
21:00:25.0861 0x1c98  RpcSs - ok
21:00:25.0876 0x1c98  rspndr - ok
21:00:26.0001 0x1c98  [ 05E8543E0D8C07535944FC0CB15E0DA0, 8E076E7582C95E9251CB03D2F1F7FBA1E31ACAE21E16224C9ACDCC1489165A86 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
21:00:26.0017 0x1c98  RTSUER - ok
21:00:26.0423 0x1c98  [ FF8B926ABA5BDA6562D7106E8A92BE7B, 887007E4D3F90CF6228B21D75E5B89818C18A7F2E2DB66C85039E6ECB5A16A15 ] rtsuvc          C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
21:00:26.0501 0x1c98  rtsuvc - ok
21:00:26.0548 0x1c98  s3cap - ok
21:00:26.0580 0x1c98  SamSs - ok
21:00:26.0580 0x1c98  SAService - ok
21:00:26.0642 0x1c98  sbp2port - ok
21:00:26.0720 0x1c98  SCardSvr - ok
21:00:26.0751 0x1c98  ScDeviceEnum - ok
21:00:26.0798 0x1c98  scfilter - ok
21:00:26.0814 0x1c98  Schedule - ok
21:00:26.0829 0x1c98  scmbus - ok
21:00:26.0876 0x1c98  scmdisk0101 - ok
21:00:26.0923 0x1c98  SCPolicySvc - ok
21:00:26.0955 0x1c98  sdbus - ok
21:00:27.0001 0x1c98  SDRSVC - ok
21:00:27.0048 0x1c98  sdstor - ok
21:00:27.0064 0x1c98  seclogon - ok
21:00:27.0142 0x1c98  [ 07F83829E7429E60298440CD1E601A6A, 9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33 ] semav6msr64     C:\WINDOWS\system32\drivers\semav6msr64.sys
21:00:27.0189 0x1c98  semav6msr64 - ok
21:00:27.0204 0x1c98  SENS - ok
21:00:27.0236 0x1c98  SensorDataService - ok
21:00:27.0267 0x1c98  SensorService - ok
21:00:27.0298 0x1c98  SensrSvc - ok
21:00:27.0314 0x1c98  SerCx - ok
21:00:27.0330 0x1c98  SerCx2 - ok
21:00:27.0345 0x1c98  Serenum - ok
21:00:27.0376 0x1c98  Serial - ok
21:00:27.0408 0x1c98  sermouse - ok
21:00:27.0439 0x1c98  SessionEnv - ok
21:00:27.0454 0x1c98  sfloppy - ok
21:00:27.0501 0x1c98  SharedAccess - ok
21:00:27.0626 0x1c98  ShellHWDetection - ok
21:00:27.0658 0x1c98  shpamsvc - ok
21:00:27.0673 0x1c98  SiSRaid2 - ok
21:00:27.0689 0x1c98  SiSRaid4 - ok
21:00:27.0814 0x1c98  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:00:27.0861 0x1c98  SkypeUpdate - ok
21:00:27.0923 0x1c98  smphost - ok
21:00:27.0986 0x1c98  [ 6CFE5AB2A11DC8FD80B4CE74364C39BC, E271867F4944CFA1E3ED25061C190D00B808198E20153E56D22D63871019F315 ] smsbda          C:\WINDOWS\system32\drivers\smsbda.sys
21:00:28.0048 0x1c98  smsbda - ok
21:00:28.0142 0x1c98  SmsRouter - ok
21:00:28.0173 0x1c98  SNMPTRAP - ok
21:00:28.0251 0x1c98  [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
21:00:28.0361 0x1c98  Sony PC Companion - detected UnsignedFile.Multi.Generic ( 1 )
21:00:28.0923 0x1c98  Detect skipped due to KSN trusted
21:00:28.0923 0x1c98  Sony PC Companion - ok
21:00:28.0970 0x1c98  spaceport - ok
21:00:28.0986 0x1c98  SpbCx - ok
21:00:29.0017 0x1c98  Spooler - ok
21:00:29.0048 0x1c98  sppsvc - ok
21:00:29.0064 0x1c98  srv - ok
21:00:29.0080 0x1c98  srv2 - ok
21:00:29.0095 0x1c98  srvnet - ok
21:00:29.0189 0x1c98  SSDPSRV - ok
21:00:29.0220 0x1c98  SstpSvc - ok
21:00:29.0314 0x1c98  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:00:29.0392 0x1c98  ssudmdm - ok
21:00:29.0423 0x1c98  StateRepository - ok
21:00:29.0455 0x1c98  stexstor - ok
21:00:29.0517 0x1c98  stisvc - ok
21:00:29.0533 0x1c98  storahci - ok
21:00:29.0580 0x1c98  storflt - ok
21:00:29.0595 0x1c98  stornvme - ok
21:00:29.0642 0x1c98  storqosflt - ok
21:00:29.0673 0x1c98  StorSvc - ok
21:00:29.0689 0x1c98  storufs - ok
21:00:29.0705 0x1c98  storvsc - ok
21:00:29.0830 0x1c98  [ 26B2BB5733F69B0A8306BAC37551F90A, 60F1A0C23727144B53F1C64348907AAD611F991C0A8C9F93AC8194210634420B ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:00:29.0861 0x1c98  SUService - ok
21:00:29.0892 0x1c98  svsvc - ok
21:00:29.0892 0x1c98  swenum - ok
21:00:29.0908 0x1c98  swprv - ok
21:00:29.0955 0x1c98  Synth3dVsc - ok
21:00:29.0986 0x1c98  SysMain - ok
21:00:30.0033 0x1c98  SystemEventsBroker - ok
21:00:30.0189 0x1c98  [ 48D2B8AA8C2F1C3360EC33554EC4E6D2, 0F66A9CBED9E70DA3CED6E009795000D41259AD345E3BD3C2EA2F2969588BB04 ] SystemUsageReportSvc_QUEENCREEK C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
21:00:30.0236 0x1c98  SystemUsageReportSvc_QUEENCREEK - ok
21:00:30.0267 0x1c98  TabletInputService - ok
21:00:30.0267 0x1c98  TapiSrv - ok
21:00:30.0298 0x1c98  Tcpip - ok
21:00:30.0298 0x1c98  Tcpip6 - ok
21:00:30.0345 0x1c98  tcpipreg - ok
21:00:30.0361 0x1c98  tdx - ok
21:00:30.0376 0x1c98  terminpt - ok
21:00:30.0408 0x1c98  TermService - ok
21:00:30.0439 0x1c98  Themes - ok
21:00:30.0455 0x1c98  TieringEngineService - ok
21:00:30.0470 0x1c98  tiledatamodelsvc - ok
21:00:30.0501 0x1c98  TimeBrokerSvc - ok
21:00:30.0517 0x1c98  TPM - ok
21:00:30.0533 0x1c98  TrkWks - ok
21:00:30.0580 0x1c98  TrustedInstaller - ok
21:00:30.0580 0x1c98  tsusbflt - ok
21:00:30.0626 0x1c98  TsUsbGD - ok
21:00:30.0626 0x1c98  tunnel - ok
21:00:30.0658 0x1c98  tzautoupdate - ok
21:00:30.0705 0x1c98  UASPStor - ok
21:00:30.0705 0x1c98  UcmCx0101 - ok
21:00:30.0720 0x1c98  UcmTcpciCx0101 - ok
21:00:30.0720 0x1c98  UcmUcsi - ok
21:00:30.0736 0x1c98  Ucx01000 - ok
21:00:30.0751 0x1c98  UdeCx - ok
21:00:30.0751 0x1c98  udfs - ok
21:00:30.0767 0x1c98  UEFI - ok
21:00:30.0767 0x1c98  Ufx01000 - ok
21:00:30.0783 0x1c98  UfxChipidea - ok
21:00:30.0798 0x1c98  ufxsynopsys - ok
21:00:30.0830 0x1c98  UI0Detect - ok
21:00:30.0861 0x1c98  umbus - ok
21:00:30.0892 0x1c98  UmPass - ok
21:00:30.0908 0x1c98  UmRdpService - ok
21:00:30.0955 0x1c98  UnistoreSvc - ok
21:00:30.0986 0x1c98  upnphost - ok
21:00:31.0001 0x1c98  UrsChipidea - ok
21:00:31.0017 0x1c98  UrsCx01000 - ok
21:00:31.0017 0x1c98  UrsSynopsys - ok
21:00:31.0048 0x1c98  usbccgp - ok
21:00:31.0095 0x1c98  usbcir - ok
21:00:31.0095 0x1c98  usbehci - ok
21:00:31.0111 0x1c98  usbhub - ok
21:00:31.0126 0x1c98  USBHUB3 - ok
21:00:31.0142 0x1c98  usbohci - ok
21:00:31.0142 0x1c98  usbprint - ok
21:00:31.0158 0x1c98  usbser - ok
21:00:31.0189 0x1c98  USBSTOR - ok
21:00:31.0205 0x1c98  usbuhci - ok
21:00:31.0220 0x1c98  USBXHCI - ok
21:00:31.0220 0x1c98  usb_rndisx - ok
21:00:31.0251 0x1c98  UserDataSvc - ok
21:00:31.0267 0x1c98  UserManager - ok
21:00:31.0533 0x1c98  [ 8842ED1E87D7662F249B5B63501E693B, A6D71351C2F32295926664875369C0BF93C59541B023884BDAC684E1EA94487A ] USER_ESRV_SVC_QUEENCREEK C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
21:00:31.0564 0x1c98  USER_ESRV_SVC_QUEENCREEK - ok
21:00:31.0564 0x1c98  UsoSvc - ok
21:00:31.0580 0x1c98  VaultSvc - ok
21:00:31.0580 0x1c98  vdrvroot - ok
21:00:31.0595 0x1c98  vds - ok
21:00:31.0626 0x1c98  VerifierExt - ok
21:00:31.0626 0x1c98  vhdmp - ok
21:00:31.0642 0x1c98  vhf - ok
21:00:31.0642 0x1c98  vmbus - ok
21:00:31.0673 0x1c98  VMBusHID - ok
21:00:31.0673 0x1c98  vmgid - ok
21:00:31.0689 0x1c98  vmicguestinterface - ok
21:00:31.0705 0x1c98  vmicheartbeat - ok
21:00:31.0705 0x1c98  vmickvpexchange - ok
21:00:31.0736 0x1c98  vmicrdv - ok
21:00:31.0751 0x1c98  vmicshutdown - ok
21:00:31.0751 0x1c98  vmictimesync - ok
21:00:31.0751 0x1c98  vmicvmsession - ok
21:00:31.0767 0x1c98  vmicvss - ok
21:00:31.0767 0x1c98  volmgr - ok
21:00:31.0783 0x1c98  volmgrx - ok
21:00:31.0798 0x1c98  volsnap - ok
21:00:31.0814 0x1c98  volume - ok
21:00:31.0845 0x1c98  vpci - ok
21:00:31.0861 0x1c98  vsmraid - ok
21:00:31.0876 0x1c98  VSS - ok
21:00:31.0892 0x1c98  VSTXRAID - ok
21:00:31.0923 0x1c98  vwifibus - ok
21:00:31.0923 0x1c98  vwififlt - ok
21:00:31.0923 0x1c98  vwifimp - ok
21:00:31.0939 0x1c98  W32Time - ok
21:00:31.0955 0x1c98  WacomPen - ok
21:00:32.0001 0x1c98  WalletService - ok
21:00:32.0017 0x1c98  wanarp - ok
21:00:32.0033 0x1c98  wanarpv6 - ok
21:00:32.0080 0x1c98  wbengine - ok
21:00:32.0111 0x1c98  WbioSrvc - ok
21:00:32.0111 0x1c98  wcifs - ok
21:00:32.0142 0x1c98  Wcmsvc - ok
21:00:32.0158 0x1c98  wcncsvc - ok
21:00:32.0173 0x1c98  wcnfs - ok
21:00:32.0173 0x1c98  WdBoot - ok
21:00:32.0205 0x1c98  Wdf01000 - ok
21:00:32.0205 0x1c98  WdFilter - ok
21:00:32.0330 0x1c98  WdiServiceHost - ok
21:00:32.0345 0x1c98  WdiSystemHost - ok
21:00:32.0361 0x1c98  wdiwifi - ok
21:00:32.0376 0x1c98  WdNisDrv - ok
21:00:32.0408 0x1c98  WdNisSvc - ok
21:00:32.0423 0x1c98  WebClient - ok
21:00:32.0439 0x1c98  Wecsvc - ok
21:00:32.0455 0x1c98  WEPHOSTSVC - ok
21:00:32.0501 0x1c98  wercplsupport - ok
21:00:32.0501 0x1c98  WerSvc - ok
21:00:32.0517 0x1c98  WFPLWFS - ok
21:00:32.0517 0x1c98  WiaRpc - ok
21:00:32.0548 0x1c98  WIMMount - ok
21:00:32.0548 0x1c98  WinDefend - ok
21:00:32.0580 0x1c98  WindowsTrustedRT - ok
21:00:32.0595 0x1c98  WindowsTrustedRTProxy - ok
21:00:32.0626 0x1c98  WinHttpAutoProxySvc - ok
21:00:32.0642 0x1c98  WinMad - ok
21:00:32.0798 0x1c98  Winmgmt - ok
21:00:32.0814 0x1c98  WinRM - ok
21:00:32.0861 0x1c98  WINUSB - ok
21:00:32.0876 0x1c98  WinVerbs - ok
21:00:32.0908 0x1c98  wisvc - ok
21:00:32.0955 0x1c98  WlanSvc - ok
21:00:32.0970 0x1c98  wlidsvc - ok
21:00:32.0970 0x1c98  WmiAcpi - ok
21:00:33.0017 0x1c98  wmiApSrv - ok
21:00:33.0064 0x1c98  WMPNetworkSvc - ok
21:00:33.0080 0x1c98  Wof - ok
21:00:33.0111 0x1c98  workfolderssvc - ok
21:00:33.0158 0x1c98  WPDBusEnum - ok
21:00:33.0205 0x1c98  WpdUpFltr - ok
21:00:33.0220 0x1c98  WpnService - ok
21:00:33.0236 0x1c98  WpnUserService - ok
21:00:33.0251 0x1c98  ws2ifsl - ok
21:00:33.0283 0x1c98  wscsvc - ok
21:00:33.0298 0x1c98  WSDPrintDevice - ok
21:00:33.0314 0x1c98  WSDScan - ok
21:00:33.0330 0x1c98  WSearch - ok
21:00:33.0361 0x1c98  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
21:00:33.0705 0x1c98  wsvd - ok
21:00:33.0814 0x1c98  wuauserv - ok
21:00:33.0830 0x1c98  WudfPf - ok
21:00:33.0845 0x1c98  WUDFRd - ok
21:00:33.0876 0x1c98  wudfsvc - ok
21:00:33.0876 0x1c98  WUDFWpdFs - ok
21:00:33.0892 0x1c98  WUDFWpdMtp - ok
21:00:33.0908 0x1c98  WwanSvc - ok
21:00:33.0939 0x1c98  XblAuthManager - ok
21:00:33.0986 0x1c98  XblGameSave - ok
21:00:34.0001 0x1c98  xboxgip - ok
21:00:34.0048 0x1c98  XboxNetApiSvc - ok
21:00:34.0095 0x1c98  xinputhid - ok
21:00:34.0158 0x1c98  ================ Scan global ===============================
21:00:34.0345 0x1c98  [ Global ] - ok
21:00:34.0345 0x1c98  ================ Scan MBR ==================================
21:00:34.0376 0x1c98  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:00:34.0783 0x1c98  \Device\Harddisk0\DR0 - ok
21:00:34.0783 0x1c98  ================ Scan VBR ==================================
21:00:34.0814 0x1c98  [ 2E17CCD49D062E31E0B3A9684E00B350 ] \Device\Harddisk0\DR0\Partition1
21:00:34.0845 0x1c98  \Device\Harddisk0\DR0\Partition1 - ok
21:00:34.0876 0x1c98  [ C3176033020941E2EBB9159D1CDFFBA7 ] \Device\Harddisk0\DR0\Partition2
21:00:34.0892 0x1c98  \Device\Harddisk0\DR0\Partition2 - ok
21:00:34.0908 0x1c98  [ 8BAE10C7C382DC892756A9D0E473039A ] \Device\Harddisk0\DR0\Partition3
21:00:34.0908 0x1c98  \Device\Harddisk0\DR0\Partition3 - ok
21:00:34.0939 0x1c98  [ F5A529530EF5DB5350E971E33C81254D ] \Device\Harddisk0\DR0\Partition4
21:00:34.0939 0x1c98  \Device\Harddisk0\DR0\Partition4 - ok
21:00:34.0955 0x1c98  [ 5122B00C1E0E999E5CF0A458F0650CCD ] \Device\Harddisk0\DR0\Partition5
21:00:34.0970 0x1c98  \Device\Harddisk0\DR0\Partition5 - ok
21:00:35.0001 0x1c98  [ 03AD12C5EF9EE07B720AF1D09B4A77FE ] \Device\Harddisk0\DR0\Partition6
21:00:35.0048 0x1c98  \Device\Harddisk0\DR0\Partition6 - ok
21:00:35.0080 0x1c98  [ 9A20E57ED890E0C7CA48B383F2AD9784 ] \Device\Harddisk0\DR0\Partition7
21:00:35.0126 0x1c98  \Device\Harddisk0\DR0\Partition7 - ok
21:00:35.0126 0x1c98  ================ Scan generic autorun ======================
21:00:35.0298 0x1c98  [ FFBFE1175531CD582D89796835CBB598, 7DC1FEB90AFC08C829001849985C7B20CB782F05CD9C000C6C9D42D3FDB1DDF4 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
21:00:35.0330 0x1c98  cAudioFilterAgent - ok
21:00:35.0658 0x1c98  [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
21:00:35.0705 0x1c98  SmartAudio - ok
21:00:35.0705 0x1c98  ETDCtrl - ok
21:00:37.0751 0x1c98  [ AC2ECBAA39F816944A608926973EFDB7, 9C32F89B255B2690843EA96A331665B27A28E4EF67B16AC6D254FE593146F7D5 ] C:\WINDOWS\RTFTrack.exe
21:00:38.0001 0x1c98  RtsFT - ok
21:00:38.0095 0x1c98  [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
21:00:38.0189 0x1c98  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
21:00:38.0564 0x1c98  Detect skipped due to KSN trusted
21:00:38.0564 0x1c98  IAStorIcon - ok
21:00:38.0673 0x1c98  [ 48EB2BD8D360E9C8D9A71968A477ADBE, 2E9D5D9790EC07279CDA6A213A90D52C764CD9338194C47DBA26C545D65853BA ] C:\WINDOWS\system32\igfxtray.exe
21:00:38.0720 0x1c98  IgfxTray - ok
21:00:41.0642 0x1c98  [ E0AD9F72153A7F55702C3170FDA7876C, 839A8D0B72C3A0530ACC447532CA4CACC19E3C91CEA6B9CBB9498D36DD2DFBE6 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
21:00:42.0095 0x1c98  Energy Manager - ok
21:00:42.0158 0x1c98  [ F0627CE818DA58BAE771DCD4669FA343, 070CE17C9DAC01CC5AE465DFA3FDD8A44ABF97AC8101ED238C96668027B6F10B ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
21:00:42.0158 0x1c98  Lenovo Utility - ok
21:00:42.0439 0x1c98  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\WINDOWS\WindowsMobile\wmdc.exe
21:00:42.0470 0x1c98  Windows Mobile Device Center - ok
21:00:43.0423 0x1c98  [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] C:\Users\Administrator\Desktop\Everything\Everything.exe
21:00:43.0548 0x1c98  Everything - detected UnsignedFile.Multi.Generic ( 1 )
21:00:43.0705 0x1c98  Detect skipped due to KSN trusted
21:00:43.0705 0x1c98  Everything - ok
21:00:43.0830 0x1c98  [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
21:00:43.0861 0x1c98  UpdateP2GShortCut - ok
21:00:44.0080 0x1c98  [ 305C1D680482E937D65D2A43448629A1, EFCA1B8FB5F932276E1CE6679EB155CF643E2B3CCCE36AF07C68C2A82473C7F6 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
21:00:44.0111 0x1c98  FUFAXRCV - ok
21:00:44.0298 0x1c98  [ 92B992307F1BF5F9DE727ACDD5A4CD4A, B6F751A990A90C5346CE5C2B11EEB8A09F582835A63D3921E70E286E45C24475 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
21:00:44.0330 0x1c98  FUFAXSTM - ok
21:00:44.0486 0x1c98  [ 4ABA86D5B0D440F33BDBDBDAEA065C42, 434E035E4748D0E4CEB08E655FF9A1739FF7E0099CCCC42122A24736DE3DE7E3 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
21:00:44.0533 0x1c98  EEventManager - ok
21:00:44.0595 0x1c98  [ 7D440447C6FCDEC9BBB739A048AA90CD, FA39828FD3FE9A1B57E1022B04729E7711C984E131CBE44BF1FAE73EF430D762 ] C:\WINDOWS\tsnp2std.exe
21:00:44.0673 0x1c98  tsnp2std - detected UnsignedFile.Multi.Generic ( 1 )
21:00:44.0830 0x1c98  Detect skipped due to KSN trusted
21:00:44.0830 0x1c98  tsnp2std - ok
21:00:45.0080 0x1c98  [ D9F25B1C673DEEF18A45AD2080DC9A5E, 76C4E520099F0CF3556158B6C154B68E4F954D4CA6A1851FB08979207F482200 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
21:00:45.0095 0x1c98  StartCCC - ok
21:00:45.0330 0x1c98  [ DBD8934E3909B60DA81A91BF53B76901, 29B061C5E05097394B8B9D7C6681783DB02735CE8AAD06BCC03C08617D778039 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
21:00:45.0361 0x1c98  avgnt - ok
21:00:45.0470 0x1c98  [ 2AB57E205B61BCB095168A97B8D2AC4D, 18D9709CED7F02B694405E62ED5BA8EBE737FF59BB2D9EFBF0335C0F3BEE105B ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
21:00:45.0502 0x1c98  Avira SystrayStartTrigger - ok
21:00:46.0111 0x1c98  OneDriveSetup - ok
21:00:46.0111 0x1c98  OneDriveSetup - ok
21:00:47.0595 0x1c98  [ 103C5E01E5705A4BD468CBC902AA8EEF, 7598411CE3BA9C79CF74E64A5691D92ADA8121735495C1AB3B56F9E6CA3B0FB1 ] C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
21:00:47.0986 0x1c98  Vidalia - detected UnsignedFile.Multi.Generic ( 1 )
21:00:48.0252 0x1c98  Vidalia ( UnsignedFile.Multi.Generic ) - warning
21:00:51.0111 0x1c98  [ 3F6B014280D8A98ACC323BB28CA5BCA7, 724FE1E949D57E982B50CC6FBBA8BCB524C42592A39ED60D37042CC2C2E73CAB ] C:\Program Files\CCleaner\CCleaner64.exe
21:00:51.0392 0x1c98  CCleaner Monitoring - ok
21:00:51.0783 0x1c98  [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Manja\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:00:51.0830 0x1c98  OneDrive - ok
21:00:52.0064 0x1c98  [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:00:52.0189 0x1c98  OneDrive - ok
21:00:52.0189 0x1c98  Waiting for KSN requests completion. In queue: 3
21:00:52.0330 0x0650  Object required for P2P: [ 3F6B014280D8A98ACC323BB28CA5BCA7 ] C:\Program Files\CCleaner\CCleaner64.exe
21:00:52.0689 0x0650  Object send P2P result: true
21:00:53.0220 0x1c98  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.25.170 ), 0x41000 ( enabled : updated )
21:00:53.0267 0x1c98  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
21:00:53.0283 0x1c98  Win FW state via NFP2: enabled ( trusted )
21:00:53.0455 0x1c98  ============================================================
21:00:53.0455 0x1c98  Scan finished
21:00:53.0455 0x1c98  ============================================================
21:00:53.0470 0x045c  Detected object count: 1
21:00:53.0470 0x045c  Actual detected object count: 1
21:01:26.0991 0x045c  Vidalia ( UnsignedFile.Multi.Generic ) - skipped by user
21:01:26.0991 0x045c  Vidalia ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:02:53.0290 0x27ac  ============================================================
21:02:53.0290 0x27ac  Scan started
21:02:53.0290 0x27ac  Mode: Manual; SigCheck; TDLFS; 
21:02:53.0290 0x27ac  ============================================================
21:02:53.0290 0x27ac  KSN ping started
21:02:53.0290 0x27ac  KSN ping finished: false
21:02:57.0906 0x27ac  ================ Scan system memory ========================
21:02:57.0906 0x27ac  System memory - ok
21:02:57.0906 0x27ac  ================ Scan services =============================
21:02:58.0328 0x27ac  1394ohci - ok
21:02:58.0343 0x27ac  3ware - ok
21:02:58.0375 0x27ac  ACPI - ok
21:02:58.0390 0x27ac  AcpiDev - ok
21:02:58.0406 0x27ac  acpiex - ok
21:02:58.0422 0x27ac  acpipagr - ok
21:02:58.0468 0x27ac  AcpiPmi - ok
21:02:58.0484 0x27ac  acpitime - ok
21:02:58.0531 0x27ac  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
21:02:58.0562 0x27ac  ACPIVPC - ok
21:02:58.0640 0x27ac  [ 671133C0AC2D8B40B7574F69059653E9, A36CC49A0C829A5C4D6CF273791071213F5FFB57DC7022D523CFB731374FF63C ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:02:58.0672 0x27ac  AdobeARMservice - ok
21:02:58.0687 0x27ac  ADP80XX - ok
21:02:58.0812 0x27ac  [ 0D0E5281784C2C526BA43C2ECD374288, BE4B16E08A96A24BEB904A2216A538340FD91A11E0CAB43BF8788C35DAD2D2B5 ] Afc             C:\WINDOWS\syswow64\drivers\Afc.sys
21:02:58.0828 0x27ac  Afc - ok
21:02:58.0859 0x27ac  AFD - ok
21:02:58.0875 0x27ac  ahcache - ok
21:02:58.0906 0x27ac  AJRouter - ok
21:02:58.0937 0x27ac  ALG - ok
21:02:59.0031 0x27ac  [ 0990E6809D6C56C6DA85FE0EF20280EA, CC18608EB12DFB055C3AFCA2BB44FEDEE451F3F8CFEB87141F8EAD53F6BF6DD5 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
21:02:59.0062 0x27ac  AMD External Events Utility - ok
21:02:59.0078 0x27ac  AmdK8 - ok
21:02:59.0078 0x27ac  amdkmdag - ok
21:02:59.0218 0x27ac  [ 29C00798F093C2F54628F7C54DA77001, 8C85D9936103E19C60C8DE4DE98EA7F722BD3676911D873007FF2D152A456ED7 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
21:02:59.0250 0x27ac  amdkmdap - ok
21:02:59.0297 0x27ac  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
21:02:59.0312 0x27ac  amdkmpfd - ok
21:02:59.0328 0x27ac  AmdPPM - ok
21:02:59.0359 0x27ac  amdsata - ok
21:02:59.0390 0x27ac  amdsbs - ok
21:02:59.0390 0x27ac  amdxata - ok
21:02:59.0609 0x27ac  [ E6CEE7C270AD1CAE17EA910C85211BAE, 1DEB7185CEDC5918C20353C13AA0398D739A318729700F057B13821FF0FF5C97 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
21:02:59.0640 0x27ac  AntiVirMailService - ok
21:02:59.0734 0x27ac  [ 9658B76971381D9053E48E896256D5EB, 48C763BAF349E663D0E41657779BF5D1106A7C3E7F8C898185DC5D1998C0CDAF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
21:02:59.0765 0x27ac  AntiVirSchedulerService - ok
21:02:59.0828 0x27ac  [ 9658B76971381D9053E48E896256D5EB, 48C763BAF349E663D0E41657779BF5D1106A7C3E7F8C898185DC5D1998C0CDAF ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
21:02:59.0859 0x27ac  AntiVirService - ok
21:03:00.0140 0x27ac  [ B62E24EEC8C4B6E8A173CAD069B5033A, 719F7C51D615591E70D549552AC66343526902007480278C0E56AA7E1F406F96 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
21:03:00.0172 0x27ac  AntiVirWebService - ok
21:03:00.0203 0x27ac  AppID - ok
21:03:00.0219 0x27ac  AppIDSvc - ok
21:03:00.0234 0x27ac  Appinfo - ok
21:03:00.0265 0x27ac  applockerfltr - ok
21:03:00.0297 0x27ac  AppReadiness - ok
21:03:00.0328 0x27ac  AppXSvc - ok
21:03:00.0375 0x27ac  arcsas - ok
21:03:00.0375 0x27ac  AsyncMac - ok
21:03:00.0437 0x27ac  atapi - ok
21:03:00.0453 0x27ac  athr - ok
21:03:00.0500 0x27ac  AudioEndpointBuilder - ok
21:03:00.0515 0x27ac  Audiosrv - ok
21:03:00.0547 0x27ac  [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:03:00.0562 0x27ac  avgntflt - ok
21:03:00.0625 0x27ac  [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:03:00.0656 0x27ac  avipbb - ok
21:03:00.0828 0x27ac  [ 586FCB1EEC849C06A8DDDDAB276AF113, E193FA64A86C27B2B7AA43E74A196BCBF79A9644F94C96E84E6CC76A405193B6 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:03:00.0875 0x27ac  Avira.ServiceHost - ok
21:03:00.0890 0x27ac  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:03:00.0906 0x27ac  avkmgr - ok
21:03:00.0953 0x27ac  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\WINDOWS\system32\drivers\avmeject.sys
21:03:00.0968 0x27ac  avmeject - ok
21:03:01.0015 0x27ac  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
21:03:01.0031 0x27ac  avnetflt - ok
21:03:01.0078 0x27ac  [ D50D54178CA7BF63BD60ABEC8E7772CC, 19EFE0808C2660A22DD69158FEC30F8CB83167D832C3EBE12C99261C6FB79ADF ] avusbflt        C:\WINDOWS\system32\Drivers\avusbflt.sys
21:03:01.0109 0x27ac  avusbflt - ok
21:03:01.0125 0x27ac  AxInstSV - ok
21:03:01.0172 0x27ac  b06bdrv - ok
21:03:01.0203 0x27ac  BasicDisplay - ok
21:03:01.0218 0x27ac  BasicRender - ok
21:03:01.0328 0x27ac  [ E68481BE45ADDF4E2A6790BB653610A4, 1F868D19C2CF206CAB36E990E5DC20782DB69FC51944CDFD494A09333E35F026 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
21:03:01.0359 0x27ac  bcbtums - ok
21:03:02.0547 0x27ac  [ 85081187E02D743CDC8E2B8728281734, AB1BB7BB4A1C4446754D5A77D4DE25B042AEA95870092FE951C8C4CCDA8FCD15 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
21:03:02.0734 0x27ac  BCM43XX - ok
21:03:03.0015 0x27ac  [ 02123BE5D4D5CA48E93AC914EC936DC4, 1F5EBE116590726D0F601D487F26C7FC550F62144A0F9A64022E3DC2C940F17E ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
21:03:03.0093 0x27ac  BcmBtRSupport - ok
21:03:03.0140 0x27ac  bcmfn - ok
21:03:03.0140 0x27ac  bcmfn2 - ok
21:03:03.0890 0x27ac  [ 85081187E02D743CDC8E2B8728281734, AB1BB7BB4A1C4446754D5A77D4DE25B042AEA95870092FE951C8C4CCDA8FCD15 ] BCMWL63A        C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
21:03:04.0094 0x27ac  BCMWL63A - ok
21:03:04.0109 0x27ac  BDESVC - ok
21:03:04.0172 0x27ac  Beep - ok
21:03:04.0203 0x27ac  BFE - ok
21:03:04.0234 0x27ac  BITS - ok
21:03:04.0265 0x27ac  bowser - ok
21:03:04.0281 0x27ac  BrokerInfrastructure - ok
21:03:04.0312 0x27ac  Browser - ok
21:03:04.0344 0x27ac  BthA2DP - ok
21:03:04.0375 0x27ac  BthAvrcpTg - ok
21:03:04.0375 0x27ac  BthEnum - ok
21:03:04.0453 0x27ac  BthHFAud - ok
21:03:04.0469 0x27ac  BthHFEnum - ok
21:03:04.0484 0x27ac  bthhfhid - ok
21:03:04.0500 0x27ac  BthHFSrv - ok
21:03:04.0531 0x27ac  BthLEEnum - ok
21:03:04.0562 0x27ac  BTHMODEM - ok
21:03:04.0578 0x27ac  BthPan - ok
21:03:04.0578 0x27ac  BTHPORT - ok
21:03:04.0594 0x27ac  bthserv - ok
21:03:04.0609 0x27ac  BTHUSB - ok
21:03:04.0672 0x27ac  [ 93995198BCBA40C99994B4CF3ABCE964, 38A9422D9202FC1BA4104186BBA60CE55FD7A7239DB2CDE12B8D727F00F977AF ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
21:03:04.0703 0x27ac  btwampfl - ok
21:03:04.0750 0x27ac  buttonconverter - ok
21:03:04.0750 0x27ac  CapImg - ok
21:03:04.0765 0x27ac  cdfs - ok
21:03:04.0797 0x27ac  CDPSvc - ok
21:03:04.0797 0x27ac  CDPUserSvc - ok
21:03:04.0922 0x27ac  cdrom - ok
21:03:04.0969 0x27ac  CertPropSvc - ok
21:03:05.0078 0x27ac  [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
21:03:05.0094 0x27ac  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
21:03:05.0094 0x27ac  Detect skipped due to KSN trusted
21:03:05.0094 0x27ac  chip1click - ok
21:03:05.0109 0x27ac  cht4iscsi - ok
21:03:05.0109 0x27ac  cht4vbd - ok
21:03:05.0140 0x27ac  circlass - ok
21:03:05.0172 0x27ac  CLFS - ok
21:03:05.0578 0x27ac  [ 209D07A9F54C2211C4C1E387EC971C97, 02112545E31E617602ED527E9191BD819413FB3732EAD16699E0C5795F8C58B2 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:03:05.0640 0x27ac  ClickToRunSvc - ok
21:03:05.0656 0x27ac  ClipSVC - ok
21:03:05.0687 0x27ac  clreg - ok
21:03:05.0719 0x27ac  CmBatt - ok
21:03:05.0750 0x27ac  CNG - ok
21:03:05.0781 0x27ac  cnghwassist - ok
21:03:05.0937 0x27ac  [ A0E8F4630E62D7616F0186B07ED3B66B, 9EF5FCA42FF7ECA59EDE736908D37CF53421EED830FAA8EBBD461CE7939EA09C ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
21:03:05.0984 0x27ac  CnxtHdAudService - ok
21:03:06.0062 0x27ac  CompositeBus - ok
21:03:06.0078 0x27ac  COMSysApp - ok
21:03:06.0094 0x27ac  condrv - ok
21:03:06.0125 0x27ac  CoreMessagingRegistrar - ok
21:03:06.0328 0x27ac  [ 2EF1127FFCB66C5D41A98A734B021FE1, 4587DF6F67BAD40BDC07B9670CF15EBC86337A2B8AFAE73F89827076886F8B1A ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:03:06.0359 0x27ac  cphs - ok
21:03:06.0406 0x27ac  CryptSvc - ok
21:03:06.0469 0x27ac  [ 4E6337DE03F36BCE168110E6B59F6A5B, 2DB940EBBA971B3801E273B80D8CBD975040A8B87908E7E0733E4DBB0EFC2611 ] CxAudMsg        C:\WINDOWS\system32\CxAudMsg64.exe
21:03:06.0500 0x27ac  CxAudMsg - ok
21:03:06.0515 0x27ac  dam - ok
21:03:06.0531 0x27ac  DcomLaunch - ok
21:03:06.0578 0x27ac  DcpSvc - ok
21:03:06.0625 0x27ac  defragsvc - ok
21:03:06.0656 0x27ac  DeviceAssociationService - ok
21:03:06.0672 0x27ac  DeviceInstall - ok
21:03:06.0734 0x27ac  DevQueryBroker - ok
21:03:06.0734 0x27ac  Dfsc - ok
21:03:06.0797 0x27ac  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:03:06.0828 0x27ac  dg_ssudbus - ok
21:03:06.0875 0x27ac  Dhcp - ok
21:03:06.0984 0x27ac  diagnosticshub.standardcollector.service - ok
21:03:07.0015 0x27ac  DiagTrack - ok
21:03:07.0062 0x27ac  disk - ok
21:03:07.0094 0x27ac  DmEnrollmentSvc - ok
21:03:07.0140 0x27ac  dmvsc - ok
21:03:07.0172 0x27ac  dmwappushservice - ok
21:03:07.0219 0x27ac  Dnscache - ok
21:03:07.0250 0x27ac  dot3svc - ok
21:03:07.0265 0x27ac  DPS - ok
21:03:07.0312 0x27ac  drmkaud - ok
21:03:07.0344 0x27ac  DsmSvc - ok
21:03:07.0375 0x27ac  DsSvc - ok
21:03:07.0390 0x27ac  DXGKrnl - ok
21:03:07.0406 0x27ac  EapHost - ok
21:03:07.0437 0x27ac  ebdrv - ok
21:03:07.0469 0x27ac  EFS - ok
21:03:07.0500 0x27ac  EhStorClass - ok
21:03:07.0515 0x27ac  EhStorTcgDrv - ok
21:03:07.0562 0x27ac  embeddedmode - ok
21:03:07.0578 0x27ac  EntAppSvc - ok
21:03:07.0640 0x27ac  [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
21:03:07.0672 0x27ac  EpsonScanSvc - ok
21:03:07.0765 0x27ac  [ A7E8186E04F38E836C19AC147F8B2ED0, 329639595F02060C215A6334FCE1651FB9B9B5679BA9052A487B57265608D162 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
21:03:07.0797 0x27ac  EPSON_PM_RPCV4_05 - ok
21:03:07.0797 0x27ac  ErrDev - ok
21:03:08.0031 0x27ac  [ 8842ED1E87D7662F249B5B63501E693B, A6D71351C2F32295926664875369C0BF93C59541B023884BDAC684E1EA94487A ] ESRV_SVC_QUEENCREEK C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
21:03:08.0062 0x27ac  ESRV_SVC_QUEENCREEK - ok
21:03:08.0109 0x27ac  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
21:03:08.0125 0x27ac  ETD - ok
21:03:08.0234 0x27ac  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
21:03:08.0265 0x27ac  ETDService - ok
21:03:08.0437 0x27ac  EventSystem - ok
21:03:08.0469 0x27ac  exfat - ok
21:03:08.0484 0x27ac  fastfat - ok
21:03:08.0500 0x27ac  Fax - ok
21:03:08.0531 0x27ac  fdc - ok
21:03:08.0562 0x27ac  fdPHost - ok
21:03:08.0562 0x27ac  FDResPub - ok
21:03:08.0640 0x27ac  fhsvc - ok
21:03:08.0687 0x27ac  FileCrypt - ok
21:03:08.0703 0x27ac  FileInfo - ok
21:03:08.0703 0x27ac  Filetrace - ok
21:03:08.0703 0x27ac  flpydisk - ok
21:03:08.0719 0x27ac  FltMgr - ok
21:03:08.0781 0x27ac  FontCache - ok
21:03:08.0875 0x27ac  FontCache3.0.0.0 - ok
21:03:08.0906 0x27ac  FrameServer - ok
21:03:08.0906 0x27ac  FsDepends - ok
21:03:08.0922 0x27ac  Fs_Rec - ok
21:03:08.0969 0x27ac  fvevol - ok
21:03:09.0094 0x27ac  [ 0D2843C3C676B852D0B01CEA1E1DAE6C, 2F2751E09725D52008865F08A08F9989BCC4BA07FBC11B3BEF4332DC463CFC63 ] fwlanusb5_nv2   C:\WINDOWS\system32\DRIVERS\fwlanusb5_nv2.sys
21:03:09.0125 0x27ac  fwlanusb5_nv2 - ok
21:03:09.0187 0x27ac  gencounter - ok
21:03:09.0203 0x27ac  genericusbfn - ok
21:03:09.0250 0x27ac  GPIOClx0101 - ok
21:03:09.0265 0x27ac  gpsvc - ok
21:03:09.0312 0x27ac  GpuEnergyDrv - ok
21:03:09.0344 0x27ac  HDAudBus - ok
21:03:09.0359 0x27ac  HidBatt - ok
21:03:09.0375 0x27ac  HidBth - ok
21:03:09.0375 0x27ac  hidi2c - ok
21:03:09.0390 0x27ac  hidinterrupt - ok
21:03:09.0406 0x27ac  HidIr - ok
21:03:09.0422 0x27ac  hidserv - ok
21:03:09.0453 0x27ac  HidUsb - ok
21:03:09.0469 0x27ac  HomeGroupListener - ok
21:03:09.0515 0x27ac  HomeGroupProvider - ok
21:03:09.0547 0x27ac  HpSAMD - ok
21:03:09.0578 0x27ac  HTTP - ok
21:03:09.0625 0x27ac  HvHost - ok
21:03:09.0687 0x27ac  hvservice - ok
21:03:09.0703 0x27ac  hwpolicy - ok
21:03:09.0734 0x27ac  hyperkbd - ok
21:03:09.0765 0x27ac  i8042prt - ok
21:03:09.0812 0x27ac  iagpio - ok
21:03:09.0828 0x27ac  iai2c - ok
21:03:09.0844 0x27ac  iaLPSS2i_GPIO2 - ok
21:03:09.0844 0x27ac  iaLPSS2i_I2C - ok
21:03:09.0890 0x27ac  iaLPSSi_GPIO - ok
21:03:09.0906 0x27ac  iaLPSSi_I2C - ok
21:03:10.0015 0x27ac  [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
21:03:10.0062 0x27ac  iaStorA - ok
21:03:10.0109 0x27ac  iaStorAV - ok
21:03:10.0187 0x27ac  [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:03:10.0203 0x27ac  IAStorDataMgrSvc - ok
21:03:10.0234 0x27ac  iaStorV - ok
21:03:10.0250 0x27ac  ibbus - ok
21:03:10.0312 0x27ac  icssvc - ok
21:03:11.0242 0x27ac  [ 197FC03D62EEBCBCB8866B7EC0E1A6F0, 4197CBDAED113D13256C20FD2058E72C60EB2C28AE60EF6C3B3A0969CD7B2764 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:03:11.0367 0x27ac  igfx - ok
21:03:11.0445 0x27ac  [ 34CB407D6FCAB16C8C1A1C97C72D15AC, 4EBC135F8ECB9756F62C0918CB811420FAC36AAE78667D318B9F4BF01862ECBD ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:03:11.0477 0x27ac  igfxCUIService2.0.0.0 - ok
21:03:11.0492 0x27ac  IKEEXT - ok
21:03:11.0524 0x27ac  IndirectKmd - ok
21:03:11.0586 0x27ac  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
21:03:11.0602 0x27ac  intaud_WaveExtensible - ok
21:03:11.0711 0x27ac  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:03:11.0742 0x27ac  IntcDAud - ok
21:03:11.0914 0x27ac  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:03:11.0945 0x27ac  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:03:11.0945 0x27ac  Detect skipped due to KSN trusted
21:03:11.0945 0x27ac  Intel(R) Capability Licensing Service Interface - ok
21:03:12.0218 0x27ac  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:03:12.0249 0x27ac  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:03:12.0296 0x27ac  intelide - ok
21:03:12.0327 0x27ac  intelpep - ok
21:03:12.0343 0x27ac  intelppm - ok
21:03:12.0374 0x27ac  iorate - ok
21:03:12.0390 0x27ac  IpFilterDriver - ok
21:03:12.0436 0x27ac  iphlpsvc - ok
21:03:12.0468 0x27ac  IPMIDRV - ok
21:03:12.0468 0x27ac  IPNAT - ok
21:03:12.0499 0x27ac  irda - ok
21:03:12.0515 0x27ac  IRENUM - ok
21:03:12.0536 0x27ac  irmon - ok
21:03:12.0552 0x27ac  isapnp - ok
21:03:12.0598 0x27ac  iScsiPrt - ok
21:03:12.0802 0x27ac  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:03:12.0817 0x27ac  jhi_service - ok
21:03:12.0911 0x27ac  kbdclass - ok
21:03:12.0958 0x27ac  kbdhid - ok
21:03:12.0973 0x27ac  kdnic - ok
21:03:12.0989 0x27ac  KeyIso - ok
21:03:12.0989 0x27ac  KSecDD - ok
21:03:13.0020 0x27ac  KSecPkg - ok
21:03:13.0036 0x27ac  ksthunk - ok
21:03:13.0067 0x27ac  KtmRm - ok
21:03:13.0098 0x27ac  [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C             C:\WINDOWS\System32\drivers\L1C63x64.sys
21:03:13.0130 0x27ac  L1C - ok
21:03:13.0161 0x27ac  LanmanServer - ok
21:03:13.0161 0x27ac  LanmanWorkstation - ok
21:03:13.0196 0x27ac  lfsvc - ok
21:03:13.0226 0x27ac  LicenseManager - ok
21:03:13.0226 0x27ac  lltdio - ok
21:03:13.0242 0x27ac  lltdsvc - ok
21:03:13.0273 0x27ac  lmhosts - ok
21:03:13.0476 0x27ac  [ 4799AAD825F79C187FBA948D299386E7, 4E3618CF59B81825CF3E2AEC070CC57E3869BFF7543BB151530F02A3947A22F8 ] LSC.Services.SystemService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
21:03:13.0492 0x27ac  LSC.Services.SystemService - ok
21:03:13.0570 0x27ac  LSI_SAS - ok
21:03:13.0570 0x27ac  LSI_SAS2i - ok
21:03:13.0617 0x27ac  LSI_SAS3i - ok
21:03:13.0648 0x27ac  LSI_SSS - ok
21:03:13.0664 0x27ac  LSM - ok
21:03:13.0695 0x27ac  luafv - ok
21:03:13.0711 0x27ac  MapsBroker - ok
21:03:13.0742 0x27ac  megasas - ok
21:03:13.0780 0x27ac  megasas2i - ok
21:03:13.0811 0x27ac  megasr - ok
21:03:13.0858 0x27ac  [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:03:13.0889 0x27ac  MEIx64 - ok
21:03:13.0920 0x27ac  MessagingService - ok
21:03:13.0967 0x27ac  mlx4_bus - ok
21:03:13.0967 0x27ac  MMCSS - ok
21:03:13.0998 0x27ac  Modem - ok
21:03:14.0030 0x27ac  monitor - ok
21:03:14.0030 0x27ac  mouclass - ok
21:03:14.0061 0x27ac  mouhid - ok
21:03:14.0076 0x27ac  mountmgr - ok
21:03:14.0202 0x27ac  [ 2419641B6E64F4F76D369110969DA77C, 6E3FBCA61089BFFA0B214CD8AFF35E8F85FD3240BBA75B05FA4E98B2453AEF55 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:03:14.0233 0x27ac  MozillaMaintenance - ok
21:03:14.0280 0x27ac  mpsdrv - ok
21:03:14.0295 0x27ac  MpsSvc - ok
21:03:14.0342 0x27ac  MRxDAV - ok
21:03:14.0358 0x27ac  mrxsmb - ok
21:03:14.0389 0x27ac  mrxsmb10 - ok
21:03:14.0405 0x27ac  mrxsmb20 - ok
21:03:14.0436 0x27ac  MsBridge - ok
21:03:14.0452 0x27ac  MSDTC - ok
21:03:14.0467 0x27ac  Msfs - ok
21:03:14.0498 0x27ac  msgpiowin32 - ok
21:03:14.0498 0x27ac  mshidkmdf - ok
21:03:14.0514 0x27ac  mshidumdf - ok
21:03:14.0530 0x27ac  msisadrv - ok
21:03:14.0561 0x27ac  MSiSCSI - ok
21:03:14.0561 0x27ac  msiserver - ok
21:03:14.0592 0x27ac  MSKSSRV - ok
21:03:14.0608 0x27ac  MsLldp - ok
21:03:14.0623 0x27ac  MSPCLOCK - ok
21:03:14.0639 0x27ac  MSPQM - ok
21:03:14.0655 0x27ac  MsRPC - ok
21:03:14.0655 0x27ac  mssmbios - ok
21:03:14.0670 0x27ac  MSTEE - ok
21:03:14.0670 0x27ac  MTConfig - ok
21:03:14.0670 0x27ac  Mup - ok
21:03:14.0670 0x27ac  mvumis - ok
21:03:14.0686 0x27ac  NativeWifiP - ok
21:03:14.0717 0x27ac  NcaSvc - ok
21:03:14.0717 0x27ac  NcbService - ok
21:03:14.0717 0x27ac  NcdAutoSetup - ok
21:03:14.0733 0x27ac  ndfltr - ok
21:03:14.0733 0x27ac  NDIS - ok
21:03:14.0733 0x27ac  NdisCap - ok
21:03:14.0998 0x27ac  NdisImPlatform - ok
21:03:15.0061 0x27ac  NdisTapi - ok
21:03:15.0061 0x27ac  Ndisuio - ok
21:03:15.0092 0x27ac  NdisVirtualBus - ok
21:03:15.0123 0x27ac  NdisWan - ok
21:03:15.0123 0x27ac  ndiswanlegacy - ok
21:03:15.0139 0x27ac  ndproxy - ok
21:03:15.0155 0x27ac  Ndu - ok
21:03:15.0155 0x27ac  NetAdapterCx - ok
21:03:15.0155 0x27ac  NetBIOS - ok
21:03:15.0155 0x27ac  NetBT - ok
21:03:15.0170 0x27ac  Netlogon - ok
21:03:15.0186 0x27ac  Netman - ok
21:03:15.0233 0x27ac  netprofm - ok
21:03:15.0295 0x27ac  NetSetupSvc - ok
21:03:15.0545 0x27ac  NetTcpPortSharing - ok
21:03:15.0577 0x27ac  NgcCtnrSvc - ok
21:03:15.0608 0x27ac  NgcSvc - ok
21:03:15.0702 0x27ac  [ 9B214FF571749C9055EEDFCE52A81F90, F1D0BD4DF34B6F5532B1756E50C6317D63DD71AB577D1F8CBA74A7A225456EB0 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
21:03:15.0717 0x27ac  NitroDriverReadSpool8 - ok
21:03:15.0733 0x27ac  NlaSvc - ok
21:03:16.0655 0x27ac  [ BF15D119A19F8FD8B71F1E22C1BDA579, D24EFD135DB598DF2858AE8CDBEF92B439AE47F2880DD6E45D52ABD1E4FA5394 ] nlsX86cc        C:\WINDOWS\SysWOW64\NLSSRV32.EXE
21:03:16.0670 0x27ac  nlsX86cc - ok
21:03:16.0702 0x27ac  Npfs - ok
21:03:16.0733 0x27ac  npsvctrig - ok
21:03:16.0764 0x27ac  nsi - ok
21:03:16.0764 0x27ac  nsiproxy - ok
21:03:16.0811 0x27ac  NTFS - ok
21:03:16.0811 0x27ac  Null - ok
21:03:16.0858 0x27ac  nvraid - ok
21:03:16.0858 0x27ac  nvstor - ok
21:03:16.0920 0x27ac  OneSyncSvc - ok
21:03:17.0092 0x27ac  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:03:17.0123 0x27ac  ose - ok
21:03:17.0139 0x27ac  p2pimsvc - ok
21:03:17.0170 0x27ac  p2psvc - ok
21:03:17.0186 0x27ac  Parport - ok
21:03:17.0202 0x27ac  partmgr - ok
21:03:17.0233 0x27ac  PcaSvc - ok
21:03:17.0248 0x27ac  pci - ok
21:03:17.0311 0x27ac  pciide - ok
21:03:17.0328 0x27ac  pcmcia - ok
21:03:17.0328 0x27ac  pcw - ok
21:03:17.0360 0x27ac  pdc - ok
21:03:17.0375 0x27ac  PEAUTH - ok
21:03:17.0391 0x27ac  percsas2i - ok
21:03:17.0407 0x27ac  percsas3i - ok
21:03:17.0422 0x27ac  PerfHost - ok
21:03:17.0453 0x27ac  PhoneSvc - ok
21:03:17.0469 0x27ac  PimIndexMaintenanceSvc - ok
21:03:17.0519 0x27ac  pla - ok
21:03:17.0535 0x27ac  PlugPlay - ok
21:03:17.0535 0x27ac  PNRPAutoReg - ok
21:03:17.0550 0x27ac  PNRPsvc - ok
21:03:17.0566 0x27ac  PolicyAgent - ok
21:03:17.0581 0x27ac  Power - ok
21:03:17.0597 0x27ac  PptpMiniport - ok
21:03:18.0331 0x27ac  [ 77ABF70C71922873BC160933571B3F83, 7FCFBB4B42E7A92FCF11388CD5B600EA79A7C134F13A8A88CF8DCD3DB96C3F5A ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:03:18.0425 0x27ac  PrintNotify - ok
21:03:18.0472 0x27ac  Processor - ok
21:03:18.0503 0x27ac  ProfSvc - ok
21:03:18.0519 0x27ac  Psched - ok
21:03:18.0534 0x27ac  QWAVE - ok
21:03:18.0566 0x27ac  QWAVEdrv - ok
21:03:18.0597 0x27ac  RasAcd - ok
21:03:18.0628 0x27ac  RasAgileVpn - ok
21:03:18.0660 0x27ac  RasAuto - ok
21:03:18.0675 0x27ac  Rasl2tp - ok
21:03:18.0691 0x27ac  RasMan - ok
21:03:18.0706 0x27ac  RasPppoe - ok
21:03:18.0722 0x27ac  RasSstp - ok
21:03:18.0722 0x27ac  rdbss - ok
21:03:18.0769 0x27ac  rdpbus - ok
21:03:18.0769 0x27ac  RDPDR - ok
21:03:18.0800 0x27ac  RdpVideoMiniport - ok
21:03:18.0800 0x27ac  rdyboost - ok
21:03:18.0816 0x27ac  ReFSv1 - ok
21:03:18.0863 0x27ac  RemoteAccess - ok
21:03:18.0878 0x27ac  RemoteRegistry - ok
21:03:18.0910 0x27ac  RetailDemo - ok
21:03:18.0941 0x27ac  RFCOMM - ok
21:03:19.0050 0x27ac  [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
21:03:19.0081 0x27ac  RichVideo64 - ok
21:03:19.0206 0x27ac  RmSvc - ok
21:03:19.0222 0x27ac  RpcEptMapper - ok
21:03:19.0253 0x27ac  RpcLocator - ok
21:03:19.0253 0x27ac  RpcSs - ok
21:03:19.0269 0x27ac  rspndr - ok
21:03:19.0391 0x27ac  [ 05E8543E0D8C07535944FC0CB15E0DA0, 8E076E7582C95E9251CB03D2F1F7FBA1E31ACAE21E16224C9ACDCC1489165A86 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
21:03:19.0422 0x27ac  RTSUER - ok
21:03:19.0672 0x27ac  [ FF8B926ABA5BDA6562D7106E8A92BE7B, 887007E4D3F90CF6228B21D75E5B89818C18A7F2E2DB66C85039E6ECB5A16A15 ] rtsuvc          C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
21:03:19.0719 0x27ac  rtsuvc - ok
21:03:19.0766 0x27ac  s3cap - ok
21:03:19.0797 0x27ac  SamSs - ok
21:03:19.0813 0x27ac  SAService - ok
21:03:19.0844 0x27ac  sbp2port - ok
21:03:19.0906 0x27ac  SCardSvr - ok
21:03:19.0969 0x27ac  ScDeviceEnum - ok
21:03:20.0016 0x27ac  scfilter - ok
21:03:20.0047 0x27ac  Schedule - ok
21:03:20.0063 0x27ac  scmbus - ok
21:03:20.0078 0x27ac  scmdisk0101 - ok
21:03:20.0141 0x27ac  SCPolicySvc - ok
21:03:20.0170 0x27ac  sdbus - ok
21:03:20.0178 0x27ac  SDRSVC - ok
21:03:20.0194 0x27ac  sdstor - ok
21:03:20.0209 0x27ac  seclogon - ok
21:03:20.0269 0x27ac  [ 07F83829E7429E60298440CD1E601A6A, 9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33 ] semav6msr64     C:\WINDOWS\system32\drivers\semav6msr64.sys
21:03:20.0285 0x27ac  semav6msr64 - ok
21:03:20.0316 0x27ac  SENS - ok
21:03:20.0347 0x27ac  SensorDataService - ok
21:03:20.0378 0x27ac  SensorService - ok
21:03:20.0410 0x27ac  SensrSvc - ok
21:03:20.0425 0x27ac  SerCx - ok
21:03:20.0425 0x27ac  SerCx2 - ok
21:03:20.0441 0x27ac  Serenum - ok
21:03:20.0456 0x27ac  Serial - ok
21:03:20.0472 0x27ac  sermouse - ok
21:03:20.0503 0x27ac  SessionEnv - ok
21:03:20.0503 0x27ac  sfloppy - ok
21:03:20.0550 0x27ac  SharedAccess - ok
21:03:20.0613 0x27ac  ShellHWDetection - ok
21:03:20.0628 0x27ac  shpamsvc - ok
21:03:20.0644 0x27ac  SiSRaid2 - ok
21:03:20.0660 0x27ac  SiSRaid4 - ok
21:03:20.0816 0x27ac  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:03:20.0847 0x27ac  SkypeUpdate - ok
21:03:20.0863 0x27ac  smphost - ok
21:03:20.0894 0x27ac  [ 6CFE5AB2A11DC8FD80B4CE74364C39BC, E271867F4944CFA1E3ED25061C190D00B808198E20153E56D22D63871019F315 ] smsbda          C:\WINDOWS\system32\drivers\smsbda.sys
21:03:20.0910 0x27ac  smsbda - ok
21:03:20.0957 0x27ac  SmsRouter - ok
21:03:20.0988 0x27ac  SNMPTRAP - ok
21:03:21.0113 0x27ac  [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
21:03:21.0144 0x27ac  Sony PC Companion - detected UnsignedFile.Multi.Generic ( 1 )
21:03:21.0144 0x27ac  Detect skipped due to KSN trusted
21:03:21.0144 0x27ac  Sony PC Companion - ok
21:03:21.0197 0x27ac  spaceport - ok
21:03:21.0213 0x27ac  SpbCx - ok
21:03:21.0229 0x27ac  Spooler - ok
21:03:21.0260 0x27ac  sppsvc - ok
21:03:21.0275 0x27ac  srv - ok
21:03:21.0291 0x27ac  srv2 - ok
21:03:21.0307 0x27ac  srvnet - ok
21:03:21.0322 0x27ac  SSDPSRV - ok
21:03:21.0338 0x27ac  SstpSvc - ok
21:03:21.0416 0x27ac  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:03:21.0447 0x27ac  ssudmdm - ok
21:03:21.0479 0x27ac  StateRepository - ok
21:03:21.0510 0x27ac  stexstor - ok
21:03:21.0557 0x27ac  stisvc - ok
21:03:21.0572 0x27ac  storahci - ok
21:03:21.0619 0x27ac  storflt - ok
21:03:21.0650 0x27ac  stornvme - ok
21:03:21.0682 0x27ac  storqosflt - ok
21:03:21.0697 0x27ac  StorSvc - ok
21:03:21.0713 0x27ac  storufs - ok
21:03:21.0728 0x27ac  storvsc - ok
21:03:21.0838 0x27ac  [ 26B2BB5733F69B0A8306BAC37551F90A, 60F1A0C23727144B53F1C64348907AAD611F991C0A8C9F93AC8194210634420B ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:03:21.0869 0x27ac  SUService - ok
21:03:21.0885 0x27ac  svsvc - ok
21:03:21.0900 0x27ac  swenum - ok
21:03:21.0900 0x27ac  swprv - ok
21:03:21.0947 0x27ac  Synth3dVsc - ok
21:03:21.0979 0x27ac  SysMain - ok
21:03:22.0025 0x27ac  SystemEventsBroker - ok
21:03:22.0088 0x27ac  [ 48D2B8AA8C2F1C3360EC33554EC4E6D2, 0F66A9CBED9E70DA3CED6E009795000D41259AD345E3BD3C2EA2F2969588BB04 ] SystemUsageReportSvc_QUEENCREEK C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
21:03:22.0103 0x27ac  SystemUsageReportSvc_QUEENCREEK - ok
21:03:22.0119 0x27ac  TabletInputService - ok
21:03:22.0135 0x27ac  TapiSrv - ok
21:03:22.0160 0x27ac  Tcpip - ok
21:03:22.0160 0x27ac  Tcpip6 - ok
21:03:22.0188 0x27ac  tcpipreg - ok
21:03:22.0219 0x27ac  tdx - ok
21:03:22.0235 0x27ac  terminpt - ok
21:03:22.0266 0x27ac  TermService - ok
21:03:22.0313 0x27ac  Themes - ok
21:03:22.0360 0x27ac  TieringEngineService - ok
21:03:22.0360 0x27ac  tiledatamodelsvc - ok
21:03:22.0391 0x27ac  TimeBrokerSvc - ok
21:03:22.0422 0x27ac  TPM - ok
21:03:22.0438 0x27ac  TrkWks - ok
21:03:22.0501 0x27ac  TrustedInstaller - ok
21:03:22.0516 0x27ac  tsusbflt - ok
21:03:22.0532 0x27ac  TsUsbGD - ok
21:03:22.0547 0x27ac  tunnel - ok
21:03:22.0579 0x27ac  tzautoupdate - ok
21:03:22.0610 0x27ac  UASPStor - ok
21:03:22.0641 0x27ac  UcmCx0101 - ok
21:03:22.0641 0x27ac  UcmTcpciCx0101 - ok
21:03:22.0657 0x27ac  UcmUcsi - ok
21:03:22.0672 0x27ac  Ucx01000 - ok
21:03:22.0688 0x27ac  UdeCx - ok
21:03:22.0704 0x27ac  udfs - ok
21:03:22.0721 0x27ac  UEFI - ok
21:03:22.0721 0x27ac  Ufx01000 - ok
21:03:22.0737 0x27ac  UfxChipidea - ok
21:03:22.0768 0x27ac  ufxsynopsys - ok
21:03:22.0831 0x27ac  UI0Detect - ok
21:03:22.0846 0x27ac  umbus - ok
21:03:22.0871 0x27ac  UmPass - ok
21:03:22.0899 0x27ac  UmRdpService - ok
21:03:22.0931 0x27ac  UnistoreSvc - ok
21:03:22.0962 0x27ac  upnphost - ok
21:03:23.0009 0x27ac  UrsChipidea - ok
21:03:23.0024 0x27ac  UrsCx01000 - ok
21:03:23.0040 0x27ac  UrsSynopsys - ok
21:03:23.0065 0x27ac  usbccgp - ok
21:03:23.0065 0x27ac  usbcir - ok
21:03:23.0081 0x27ac  usbehci - ok
21:03:23.0096 0x27ac  usbhub - ok
21:03:23.0112 0x27ac  USBHUB3 - ok
21:03:23.0128 0x27ac  usbohci - ok
21:03:23.0143 0x27ac  usbprint - ok
21:03:23.0143 0x27ac  usbser - ok
21:03:23.0143 0x27ac  USBSTOR - ok
21:03:23.0159 0x27ac  usbuhci - ok
21:03:23.0180 0x27ac  USBXHCI - ok
21:03:23.0180 0x27ac  usb_rndisx - ok
21:03:23.0243 0x27ac  UserDataSvc - ok
21:03:23.0258 0x27ac  UserManager - ok
21:03:23.0540 0x27ac  [ 8842ED1E87D7662F249B5B63501E693B, A6D71351C2F32295926664875369C0BF93C59541B023884BDAC684E1EA94487A ] USER_ESRV_SVC_QUEENCREEK C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
21:03:23.0571 0x27ac  USER_ESRV_SVC_QUEENCREEK - ok
21:03:23.0603 0x27ac  UsoSvc - ok
21:03:23.0603 0x27ac  VaultSvc - ok
21:03:23.0603 0x27ac  vdrvroot - ok
21:03:23.0634 0x27ac  vds - ok
21:03:23.0649 0x27ac  VerifierExt - ok
21:03:23.0649 0x27ac  vhdmp - ok
21:03:23.0665 0x27ac  vhf - ok
21:03:23.0665 0x27ac  vmbus - ok
21:03:23.0681 0x27ac  VMBusHID - ok
21:03:23.0681 0x27ac  vmgid - ok
21:03:23.0712 0x27ac  vmicguestinterface - ok
21:03:23.0712 0x27ac  vmicheartbeat - ok
21:03:23.0712 0x27ac  vmickvpexchange - ok
21:03:23.0745 0x27ac  vmicrdv - ok
21:03:23.0760 0x27ac  vmicshutdown - ok
21:03:23.0760 0x27ac  vmictimesync - ok
21:03:23.0760 0x27ac  vmicvmsession - ok
21:03:23.0760 0x27ac  vmicvss - ok
21:03:23.0780 0x27ac  volmgr - ok
21:03:23.0780 0x27ac  volmgrx - ok
21:03:23.0780 0x27ac  volsnap - ok
21:03:23.0812 0x27ac  volume - ok
21:03:23.0841 0x27ac  vpci - ok
21:03:23.0841 0x27ac  vsmraid - ok
21:03:23.0857 0x27ac  VSS - ok
21:03:23.0873 0x27ac  VSTXRAID - ok
21:03:23.0904 0x27ac  vwifibus - ok
21:03:23.0904 0x27ac  vwififlt - ok
21:03:23.0904 0x27ac  vwifimp - ok
21:03:23.0920 0x27ac  W32Time - ok
21:03:23.0935 0x27ac  WacomPen - ok
21:03:23.0982 0x27ac  WalletService - ok
21:03:24.0013 0x27ac  wanarp - ok
21:03:24.0013 0x27ac  wanarpv6 - ok
21:03:24.0045 0x27ac  wbengine - ok
21:03:24.0071 0x27ac  WbioSrvc - ok
21:03:24.0077 0x27ac  wcifs - ok
21:03:24.0109 0x27ac  Wcmsvc - ok
21:03:24.0124 0x27ac  wcncsvc - ok
21:03:24.0124 0x27ac  wcnfs - ok
21:03:24.0140 0x27ac  WdBoot - ok
21:03:24.0140 0x27ac  Wdf01000 - ok
21:03:24.0156 0x27ac  WdFilter - ok
21:03:24.0171 0x27ac  WdiServiceHost - ok
21:03:24.0171 0x27ac  WdiSystemHost - ok
21:03:24.0187 0x27ac  wdiwifi - ok
21:03:24.0202 0x27ac  WdNisDrv - ok
21:03:24.0234 0x27ac  WdNisSvc - ok
21:03:24.0249 0x27ac  WebClient - ok
21:03:24.0281 0x27ac  Wecsvc - ok
21:03:24.0296 0x27ac  WEPHOSTSVC - ok
21:03:24.0328 0x27ac  wercplsupport - ok
21:03:24.0359 0x27ac  WerSvc - ok
21:03:24.0359 0x27ac  WFPLWFS - ok
21:03:24.0390 0x27ac  WiaRpc - ok
21:03:24.0421 0x27ac  WIMMount - ok
21:03:24.0421 0x27ac  WinDefend - ok
21:03:24.0468 0x27ac  WindowsTrustedRT - ok
21:03:24.0484 0x27ac  WindowsTrustedRTProxy - ok
21:03:24.0499 0x27ac  WinHttpAutoProxySvc - ok
21:03:24.0515 0x27ac  WinMad - ok
21:03:24.0578 0x27ac  Winmgmt - ok
21:03:24.0625 0x27ac  WinRM - ok
21:03:24.0703 0x27ac  WINUSB - ok
21:03:24.0718 0x27ac  WinVerbs - ok
21:03:24.0765 0x27ac  wisvc - ok
21:03:24.0812 0x27ac  WlanSvc - ok
21:03:24.0843 0x27ac  wlidsvc - ok
21:03:24.0843 0x27ac  WmiAcpi - ok
21:03:24.0877 0x27ac  wmiApSrv - ok
21:03:24.0908 0x27ac  WMPNetworkSvc - ok
21:03:24.0939 0x27ac  Wof - ok
21:03:24.0971 0x27ac  workfolderssvc - ok
21:03:25.0017 0x27ac  WPDBusEnum - ok
21:03:25.0033 0x27ac  WpdUpFltr - ok
21:03:25.0064 0x27ac  WpnService - ok
21:03:25.0064 0x27ac  WpnUserService - ok
21:03:25.0096 0x27ac  ws2ifsl - ok
21:03:25.0127 0x27ac  wscsvc - ok
21:03:25.0142 0x27ac  WSDPrintDevice - ok
21:03:25.0158 0x27ac  WSDScan - ok
21:03:25.0174 0x27ac  WSearch - ok
21:03:25.0221 0x27ac  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
21:03:25.0267 0x27ac  wsvd - ok
21:03:25.0299 0x27ac  wuauserv - ok
21:03:25.0299 0x27ac  WudfPf - ok
21:03:25.0314 0x27ac  WUDFRd - ok
21:03:25.0330 0x27ac  wudfsvc - ok
21:03:25.0330 0x27ac  WUDFWpdFs - ok
21:03:25.0330 0x27ac  WUDFWpdMtp - ok
21:03:25.0346 0x27ac  WwanSvc - ok
21:03:25.0385 0x27ac  XblAuthManager - ok
21:03:25.0448 0x27ac  XblGameSave - ok
21:03:25.0479 0x27ac  xboxgip - ok
21:03:25.0526 0x27ac  XboxNetApiSvc - ok
21:03:25.0573 0x27ac  xinputhid - ok
21:03:25.0635 0x27ac  ================ Scan global ===============================
21:03:25.0729 0x27ac  [ Global ] - ok
21:03:25.0729 0x27ac  ================ Scan MBR ==================================
21:03:25.0760 0x27ac  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:03:26.0107 0x27ac  \Device\Harddisk0\DR0 - ok
21:03:26.0107 0x27ac  ================ Scan VBR ==================================
21:03:26.0138 0x27ac  [ 2E17CCD49D062E31E0B3A9684E00B350 ] \Device\Harddisk0\DR0\Partition1
21:03:26.0169 0x27ac  \Device\Harddisk0\DR0\Partition1 - ok
21:03:26.0200 0x27ac  [ C3176033020941E2EBB9159D1CDFFBA7 ] \Device\Harddisk0\DR0\Partition2
21:03:26.0200 0x27ac  \Device\Harddisk0\DR0\Partition2 - ok
21:03:26.0232 0x27ac  [ 8BAE10C7C382DC892756A9D0E473039A ] \Device\Harddisk0\DR0\Partition3
21:03:26.0232 0x27ac  \Device\Harddisk0\DR0\Partition3 - ok
21:03:26.0263 0x27ac  [ F5A529530EF5DB5350E971E33C81254D ] \Device\Harddisk0\DR0\Partition4
21:03:26.0263 0x27ac  \Device\Harddisk0\DR0\Partition4 - ok
21:03:26.0294 0x27ac  [ 5122B00C1E0E999E5CF0A458F0650CCD ] \Device\Harddisk0\DR0\Partition5
21:03:26.0326 0x27ac  \Device\Harddisk0\DR0\Partition5 - ok
21:03:26.0372 0x27ac  [ 03AD12C5EF9EE07B720AF1D09B4A77FE ] \Device\Harddisk0\DR0\Partition6
21:03:26.0419 0x27ac  \Device\Harddisk0\DR0\Partition6 - ok
21:03:26.0466 0x27ac  [ 9A20E57ED890E0C7CA48B383F2AD9784 ] \Device\Harddisk0\DR0\Partition7
21:03:26.0513 0x27ac  \Device\Harddisk0\DR0\Partition7 - ok
21:03:26.0513 0x27ac  ================ Scan generic autorun ======================
21:03:26.0685 0x27ac  [ FFBFE1175531CD582D89796835CBB598, 7DC1FEB90AFC08C829001849985C7B20CB782F05CD9C000C6C9D42D3FDB1DDF4 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
21:03:26.0716 0x27ac  cAudioFilterAgent - ok
21:03:26.0857 0x27ac  [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
21:03:26.0888 0x27ac  SmartAudio - ok
21:03:26.0888 0x27ac  ETDCtrl - ok
21:03:27.0872 0x27ac  [ AC2ECBAA39F816944A608926973EFDB7, 9C32F89B255B2690843EA96A331665B27A28E4EF67B16AC6D254FE593146F7D5 ] C:\WINDOWS\RTFTrack.exe
21:03:28.0029 0x27ac  RtsFT - ok
21:03:28.0122 0x27ac  [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
21:03:28.0138 0x27ac  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
21:03:28.0138 0x27ac  Detect skipped due to KSN trusted
21:03:28.0138 0x27ac  IAStorIcon - ok
21:03:28.0216 0x27ac  [ 48EB2BD8D360E9C8D9A71968A477ADBE, 2E9D5D9790EC07279CDA6A213A90D52C764CD9338194C47DBA26C545D65853BA ] C:\WINDOWS\system32\igfxtray.exe
21:03:28.0247 0x27ac  IgfxTray - ok
21:03:30.0107 0x27ac  [ E0AD9F72153A7F55702C3170FDA7876C, 839A8D0B72C3A0530ACC447532CA4CACC19E3C91CEA6B9CBB9498D36DD2DFBE6 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
21:03:30.0373 0x27ac  Energy Manager - ok
21:03:30.0435 0x27ac  [ F0627CE818DA58BAE771DCD4669FA343, 070CE17C9DAC01CC5AE465DFA3FDD8A44ABF97AC8101ED238C96668027B6F10B ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
21:03:30.0451 0x27ac  Lenovo Utility - ok
21:03:30.0529 0x27ac  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\WINDOWS\WindowsMobile\wmdc.exe
21:03:30.0560 0x27ac  Windows Mobile Device Center - ok
21:03:30.0837 0x27ac  [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] C:\Users\Administrator\Desktop\Everything\Everything.exe
21:03:30.0884 0x27ac  Everything - detected UnsignedFile.Multi.Generic ( 1 )
21:03:30.0884 0x27ac  Detect skipped due to KSN trusted
21:03:30.0884 0x27ac  Everything - ok
21:03:31.0072 0x27ac  [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
21:03:31.0103 0x27ac  UpdateP2GShortCut - ok
21:03:31.0243 0x27ac  [ 305C1D680482E937D65D2A43448629A1, EFCA1B8FB5F932276E1CE6679EB155CF643E2B3CCCE36AF07C68C2A82473C7F6 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
21:03:31.0259 0x27ac  FUFAXRCV - ok
21:03:31.0384 0x27ac  [ 92B992307F1BF5F9DE727ACDD5A4CD4A, B6F751A990A90C5346CE5C2B11EEB8A09F582835A63D3921E70E286E45C24475 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
21:03:31.0400 0x27ac  FUFAXSTM - ok
21:03:31.0541 0x27ac  [ 4ABA86D5B0D440F33BDBDBDAEA065C42, 434E035E4748D0E4CEB08E655FF9A1739FF7E0099CCCC42122A24736DE3DE7E3 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
21:03:31.0557 0x27ac  EEventManager - ok
21:03:31.0650 0x27ac  [ 7D440447C6FCDEC9BBB739A048AA90CD, FA39828FD3FE9A1B57E1022B04729E7711C984E131CBE44BF1FAE73EF430D762 ] C:\WINDOWS\tsnp2std.exe
21:03:31.0681 0x27ac  tsnp2std - detected UnsignedFile.Multi.Generic ( 1 )
21:03:31.0681 0x27ac  Detect skipped due to KSN trusted
21:03:31.0681 0x27ac  tsnp2std - ok
21:03:32.0135 0x27ac  [ D9F25B1C673DEEF18A45AD2080DC9A5E, 76C4E520099F0CF3556158B6C154B68E4F954D4CA6A1851FB08979207F482200 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
21:03:32.0182 0x27ac  StartCCC - ok
21:03:32.0807 0x27ac  [ DBD8934E3909B60DA81A91BF53B76901, 29B061C5E05097394B8B9D7C6681783DB02735CE8AAD06BCC03C08617D778039 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
21:03:32.0838 0x27ac  avgnt - ok
21:03:32.0932 0x27ac  [ 2AB57E205B61BCB095168A97B8D2AC4D, 18D9709CED7F02B694405E62ED5BA8EBE737FF59BB2D9EFBF0335C0F3BEE105B ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
21:03:32.0947 0x27ac  Avira SystrayStartTrigger - ok
21:03:33.0197 0x27ac  OneDriveSetup - ok
21:03:33.0197 0x27ac  OneDriveSetup - ok
21:03:33.0807 0x27ac  [ 103C5E01E5705A4BD468CBC902AA8EEF, 7598411CE3BA9C79CF74E64A5691D92ADA8121735495C1AB3B56F9E6CA3B0FB1 ] C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
21:03:33.0963 0x27ac  Vidalia - detected UnsignedFile.Multi.Generic ( 1 )
21:03:33.0963 0x27ac  Vidalia ( UnsignedFile.Multi.Generic ) - warning
21:03:36.0713 0x27ac  [ 3F6B014280D8A98ACC323BB28CA5BCA7, 724FE1E949D57E982B50CC6FBBA8BCB524C42592A39ED60D37042CC2C2E73CAB ] C:\Program Files\CCleaner\CCleaner64.exe
21:03:36.0885 0x27ac  CCleaner Monitoring - ok
21:03:36.0901 0x27ac  Object required for P2P: [ 3F6B014280D8A98ACC323BB28CA5BCA7 ] C:\Program Files\CCleaner\CCleaner64.exe
21:03:36.0916 0x27ac  Object send P2P result: false
21:03:37.0229 0x27ac  [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Manja\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:03:37.0276 0x27ac  OneDrive - ok
21:03:37.0527 0x27ac  [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:03:37.0559 0x27ac  OneDrive - ok
21:03:37.0574 0x27ac  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.25.170 ), 0x41000 ( enabled : updated )
21:03:37.0574 0x27ac  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
21:03:37.0621 0x27ac  Win FW state via NFP2: enabled ( trusted )
21:03:37.0621 0x27ac  ============================================================
21:03:37.0621 0x27ac  Scan finished
21:03:37.0621 0x27ac  ============================================================
21:03:37.0637 0x276c  Detected object count: 1
21:03:37.0637 0x276c  Actual detected object count: 1
21:03:47.0806 0x276c  Vidalia ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:47.0806 0x276c  Vidalia ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:05:17.0505 0x02c0  Deinitialize success
         
FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 (ACHTUNG: ====> FRSTVersion ist 37 Tage alt und könnte veraltet sein)
durchgeführt von Manja (Administrator) auf LENOVO-PC (21-04-2017 21:06:50)
Gestartet von C:\Users\Manja\Desktop
Geladene Profile: Manja (Verfügbare Profile: Manja & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\Vidalia Relay Bundle\Tor\tor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Lenovo) C:\Users\Manja\AppData\Local\Apps\2.0\H1XBY3NA.MTY\ORDNQXPM.YZE\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9309936 2015-08-30] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [393208 2016-10-07] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-03-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-03-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Everything] => C:\Users\Administrator\Desktop\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [tsnp2std] => C:\WINDOWS\tsnp2std.exe [258048 2007-01-05] (SONIX)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [63432 2017-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\Run: [Vidalia] => C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe [6239727 2013-01-26] ()
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\MountPoints2: {152510a8-0b88-11e7-8381-4a5ab6dfb585} - "F:\AutoRun.exe" 
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKLM\...\Providers\uccs53rf: C:\Program Files (x86)\Grotersp Mapper\local64spl.dll [310784 2017-02-07] ()
ShellExecuteHooks: Kein Name - {B7F52870-EABC-11E6-A3B1-64006A5CFC23} - C:\Users\Manja\AppData\Roaming\Valrythujaent\Faoing.dll [145408 2017-02-07] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2015-10-11]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe (ArcSoft, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a859d951-1702-4c70-843c-1f03b6a5db08}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> DefaultScope {F89CBD86-A9F4-11E4-826F-485AB6DFB586} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {0BB5F216-46AD-4421-8307-71AD5A980D61} URL = 
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {F89CBD86-A9F4-11E4-826F-485AB6DFB586} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {FF9451C6-C472-4F44-98C3-0A2D6DCACFBE} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 [2017-04-21]
FF Homepage: Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 -> hxxps://www.ixquick.com/do/mypage.pl?prf=71655fbbbc8e4b165b2a6245f3e01481
FF NetworkProxy: Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 -> type", 0
FF Extension: (Easy Screenshot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\easyscreenshot@mozillaonline.com.xpi [2017-03-05]
FF Extension: (Ghostery) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\firefox@ghostery.com.xpi [2017-03-05]
FF Extension: (HTTPS Everywhere) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\https-everywhere-eff@eff.org.xpi [2017-04-09]
FF Extension: (ProxTube) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\ich@maltegoetz.de.xpi [2017-04-21]
FF Extension: (YouTube mp3) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\info@youtube-mp3.org.xpi [2017-03-05]
FF Extension: (FireShot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2017-03-05]
FF Extension: (FlashGot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-03-05]
FF Extension: (Youtube to MP3 Converter) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{37115292-022c-4500-a5da-95738388073a}.xpi [2017-03-06]
FF Extension: (NoScript) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-18]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-03-05]
FF Extension: (Video DownloadHelper) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-03-05]
FF Extension: (Adblock Plus) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-05]
FF Extension: (DownThemAll!) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-03-05]
FF Extension: (Site Deployment Checker) - C:\Program Files\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-22] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-05] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-05] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-13] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-08-17] (Nitro PDF)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2024608735-1276328420-4132175576-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-07]
         


Alt 21.04.2017, 21:24   #6
Manicka
 
Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab - Standard

Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab



Teil 2

Code:
ATTFilter
==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487432 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487432 2017-03-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519136 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349096 2017-01-19] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365048 2016-10-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-02-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-02-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-02-15] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\WINDOWS\System32\drivers\avmeject.sys [14120 2014-11-21] (AVM Berlin)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-02-15] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [48584 2017-02-15] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
S3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11245816 2015-07-31] (Broadcom Corp)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11245816 2015-07-31] (Broadcom Corp)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 fwlanusb5_nv2; C:\WINDOWS\system32\DRIVERS\fwlanusb5_nv2.sys [1322824 2014-11-21] (AVM GmbH)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059440 2015-08-30] (Realtek Semiconductor Corp.)
U5 sbnetsys; C:\Windows\System32\Drivers\sbnetsys.sys [44648 2015-04-17] (NT Kernel Resources)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 smsbda; C:\WINDOWS\system32\drivers\smsbda.sys [89224 2014-04-27] (Siano)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-21 20:57 - 2017-04-21 21:05 - 00180284 _____ C:\Users\Manja\Desktop\TDSSKiller.3.1.0.15_21.04.2017_20.57.35_log.txt
2017-04-21 20:32 - 2017-04-21 20:57 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Manja\Desktop\tdsskiller.exe
2017-04-20 07:52 - 2017-04-21 20:54 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-11 00:09 - 2017-04-11 00:09 - 00211765 _____ C:\Users\Manja\Desktop\Fehler.txt
2017-04-10 22:59 - 2017-04-10 22:59 - 00002273 _____ C:\Users\Manja\Desktop\AdwCleaner[C5].txt
2017-04-10 22:52 - 2017-04-10 22:55 - 00045181 _____ C:\Users\Manja\Desktop\Addition.txt
2017-04-10 22:51 - 2017-04-21 21:07 - 00024550 _____ C:\Users\Manja\Desktop\FRST.txt
2017-04-10 22:46 - 2017-04-21 21:06 - 00000000 ____D C:\FRST
2017-04-10 22:36 - 2017-04-10 22:39 - 02424832 _____ (Farbar) C:\Users\Manja\Desktop\FRST64.exe
2017-04-09 22:03 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2017-04-09 22:03 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2017-04-09 20:25 - 2017-04-09 20:38 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2017-04-09 20:25 - 2017-04-09 20:30 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2017-04-09 20:25 - 2017-04-09 20:25 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2017-04-09 19:51 - 2017-04-09 19:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\NetworkTiles
2017-04-07 22:48 - 2017-04-07 22:48 - 00000064 _____ C:\Users\Administrator\Desktop\Liste.txt
2017-04-07 21:09 - 2017-04-07 21:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IrfanView
2017-04-07 19:23 - 2017-04-07 19:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Nitro
2017-04-07 19:23 - 2017-04-07 19:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\FileOpen
2017-04-07 11:22 - 2017-04-07 01:08 - 00380928 _____ C:\Users\Administrator\Desktop\gmer-2.2.19882.exe
2017-04-07 07:12 - 2017-04-07 07:12 - 00000000 _____ C:\WINDOWS\EEventManager.INI
2017-04-07 07:10 - 2017-04-07 07:10 - 00000126 _____ C:\Users\Administrator\Desktop\suchen.txt
2017-04-07 07:07 - 2017-04-07 07:07 - 00000000 ____D C:\Users\Manja\Desktop\Ordner
2017-04-07 07:04 - 2017-04-11 00:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Everything
2017-04-07 07:04 - 2017-04-07 07:04 - 00000000 ____D C:\Users\Administrator\Desktop\Everything
2017-04-07 07:04 - 2017-04-07 07:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2017-04-07 04:47 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-04-07 04:47 - 2017-04-07 04:47 - 00004130 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9DEBC851-7D2C-4B48-9E0E-F39BF352DD8A}
2017-04-07 04:22 - 2017-04-07 04:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2017-04-07 04:21 - 2017-04-07 04:21 - 00002458 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ___RD C:\Users\Administrator\OneDrive
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Epson
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ArcSoft
2017-04-07 04:20 - 2017-04-07 04:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2017-04-07 04:19 - 2017-04-11 00:15 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2017-04-07 04:19 - 2017-04-09 22:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-04-07 04:19 - 2017-04-07 08:58 - 00000000 ____D C:\Users\Administrator
2017-04-07 04:19 - 2017-04-07 08:56 - 00000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2017-04-07 04:19 - 2017-04-07 04:19 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI
2017-04-07 04:19 - 2013-02-04 08:18 - 00000189 _____ C:\Users\Administrator\Desktop\Lenovo Telephony Start Now.url
2017-04-07 01:43 - 2017-04-07 01:43 - 00000000 ____D C:\ProgramData\ATI
2017-04-06 07:01 - 2017-04-07 01:08 - 00380928 _____ C:\Users\Manja\Desktop\gmer-2.2.19882.exe
2017-04-03 21:12 - 2017-04-03 21:12 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2017-04-03 19:42 - 2017-04-03 19:49 - 286261248 _____ C:\Users\Manja\Downloads\gparted-live-0.28.1-1-amd64.iso
2017-04-03 19:42 - 2017-04-03 19:42 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-04-03 19:37 - 2017-04-03 19:39 - 01496584 _____ C:\Users\Manja\Downloads\GParted Live 64 Bit ISO Image - CHIP-Installer.exe
2017-03-31 05:15 - 2017-04-11 00:14 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Everything
2017-03-31 05:15 - 2017-03-31 05:15 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2017-03-31 05:15 - 2017-03-31 05:15 - 00000000 ____D C:\Program Files\Everything
2017-03-31 05:13 - 2017-03-31 05:13 - 00000000 ____D C:\Users\Manja\Documents\Everything_1.3.4.686
2017-03-27 00:37 - 2017-03-27 00:38 - 00412748 _____ C:\WINDOWS\Minidump\032717-28515-01.dmp
2017-03-25 21:04 - 2017-03-25 21:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-03-25 20:45 - 2017-03-27 00:37 - 594119935 _____ C:\WINDOWS\MEMORY.DMP
2017-03-25 20:45 - 2017-03-27 00:37 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-25 20:45 - 2017-03-25 20:47 - 00413052 _____ C:\WINDOWS\Minidump\032517-31109-01.dmp
2017-03-25 07:51 - 2017-04-06 03:30 - 00000437 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-03-25 07:32 - 2017-03-25 07:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2017-03-25 05:22 - 2017-03-25 05:23 - 00000000 ____D C:\Users\Manja\AppData\Local\Deployment
2017-03-25 05:19 - 2017-03-25 05:21 - 00611400 _____ () C:\Users\Manja\Downloads\LSBsetup(1).exe
2017-03-22 21:14 - 2017-03-16 07:17 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-22 21:14 - 2017-03-16 07:17 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-22 21:14 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-22 21:14 - 2017-03-16 06:46 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-22 21:14 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-22 21:14 - 2017-03-16 06:19 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-22 21:14 - 2017-03-16 06:05 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-22 21:14 - 2017-03-16 06:03 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-22 21:05 - 2017-03-22 21:05 - 00000000 ____D C:\Users\Manja\Documents\Epson

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-21 21:03 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-21 21:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-21 20:57 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-21 20:56 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Manja\AppData\Roaming\tor
2017-04-21 20:55 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Manja\AppData\Local\Vidalia
2017-04-21 20:55 - 2015-01-13 08:02 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-04-21 20:54 - 2016-02-24 11:28 - 00000000 __SHD C:\Users\Manja\IntelGraphicsProfiles
2017-04-21 20:34 - 2017-02-28 05:24 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-21 20:33 - 2016-11-25 13:06 - 00000000 ____D C:\Users\Manja\AppData\LocalLow\Mozilla
2017-04-21 20:29 - 2016-02-24 11:37 - 00002438 _____ C:\Users\Manja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-21 20:29 - 2016-02-24 11:37 - 00000000 ___RD C:\Users\Manja\OneDrive
2017-04-20 08:01 - 2017-02-28 04:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-20 07:58 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-20 07:51 - 2017-02-28 05:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-11 01:04 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-07 19:23 - 2014-06-03 11:42 - 00000000 ____D C:\ProgramData\tmp
2017-04-07 15:13 - 2017-02-28 05:22 - 02471578 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-07 15:13 - 2016-07-17 00:51 - 01043428 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-07 15:13 - 2016-07-17 00:51 - 00241188 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-07 04:19 - 2014-05-14 01:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-06 06:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2017-04-06 04:42 - 2017-03-16 02:48 - 00007600 _____ C:\Users\Manja\AppData\Local\Resmon.ResmonCfg
2017-04-06 00:35 - 2016-08-30 01:10 - 00000000 ____D C:\Users\Manja\AppData\Local\ElevatedDiagnostics
2017-04-03 20:03 - 2014-05-13 18:56 - 00000000 ____D C:\Users\Manja\AppData\Local\Packages
2017-04-01 17:49 - 2017-03-05 03:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-01 17:49 - 2014-05-17 21:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-30 23:06 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-30 23:06 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-27 00:56 - 2017-02-28 05:02 - 00000000 ____D C:\Users\Manja
2017-03-27 00:46 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-26 00:58 - 2017-03-05 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-25 08:02 - 2014-05-29 13:06 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Nitro PDF
2017-03-24 00:27 - 2017-02-03 18:19 - 00000000 ____D C:\Users\Manja\Downloads\Intel Components
2017-03-24 00:19 - 2016-10-16 23:55 - 00000000 ____D C:\Users\Manja\Documents\My Albums
2017-03-24 00:19 - 2015-10-11 21:15 - 00000000 ____D C:\Users\Manja\AppData\Roaming\ArcSoft
2017-03-22 21:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-22 21:21 - 2016-10-28 17:51 - 00000000 ____D C:\Program Files (x86)\BILDmobil

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-08 00:52 - 2017-02-08 00:52 - 1907939 _____ () C:\Users\Manja\AppData\Roaming\Bioflex.tst
2017-03-16 02:48 - 2017-04-06 04:42 - 0007600 _____ () C:\Users\Manja\AppData\Local\Resmon.ResmonCfg
2017-02-28 04:53 - 2017-02-28 04:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-09 13:44

==================== Ende von FRST.txt ============================
         
Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Manja (21-04-2017 21:08:22)
Gestartet von C:\Users\Manja\Desktop
Windows 10 Home Version 1607 (X64) (2017-02-28 03:37:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2024608735-1276328420-4132175576-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2024608735-1276328420-4132175576-503 - Limited - Disabled)
Gast (S-1-5-21-2024608735-1276328420-4132175576-501 - Limited - Disabled)
Manja (S-1-5-21-2024608735-1276328420-4132175576-1001 - Administrator - Enabled) => C:\Users\Manja

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.2.4 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{435CE0C6-084B-7235-D55E-8C6E630D78EA}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcSoft Software Suite (HKLM-x32\...\{4A712D29-DBE3-4381-A331-AF4AE5BEB244}) (Version:  - )
ArcSoft TV 5.0 (HKLM-x32\...\{94ED52E0-24A0-4AD8-9BFD-0560CA680A80}) (Version: 5.0.28.218 - ArcSoft, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.172 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{1f8bb480-f5d7-4414-a6ea-28e005509ae4}) (Version: 1.2.81.6390 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.6390 - Avira Operations GmbH & Co. KG) Hidden
Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.1.18829 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden
Epson Benutzerhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Useg) (Version:  - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version:  - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.62.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Netg) (Version:  - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0045 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4919.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 52.0.2 (x64 de) (HKLM\...\Mozilla Firefox 52.0.2 (x64 de)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
Nitro Pro 8 (HKLM\...\{84DAF9F1-513C-49F8-89D2-63CB3F4A7E39}) (Version: 8.5.7.1 - Nitro)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.320.0 - Tracker Software Products Ltd)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0231 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Tor 0.2.4.9-alpha (HKLM-x32\...\Tor) (Version:  - )
ultron AG ultron DVB-T Stick (HKLM-x32\...\ultron AG ultron DVB-T Stick) (Version: 4.3.5.7 - ultron AG)
USB2.0 PC Camera (SN9C201&202) (HKLM-x32\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.22.000 - Sonix)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
Vidalia 0.2.21 (HKLM-x32\...\Vidalia) (Version:  - )
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows-Treiberpaket - ultron AG (smsbda) MEDIA  (04/27/2014 4.3.5.7) (HKLM\...\37842D1EA68B09186EEC8F2AE7AB5BF2FF059EFD) (Version: 04/27/2014 4.3.5.7 - ultron AG)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {007CE586-4B43-4396-BFE2-48C8514C822D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {008A7AF6-95D9-43D8-A75B-1373322D096C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe 
Task: {0AF08785-5B75-4A1D-8B84-44A6BF45F641} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {1130142D-1830-4153-B73C-1581E70F4141} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {1199A92B-5DF3-49A8-A505-D7FEB1C8ECD9} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {144A3231-260C-4785-9393-3D9DD121C367} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {25AB9E8F-02F4-49FE-93DA-D8D24303AC8A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {2B70B99A-C3F8-4818-9ADE-63195674E9BF} - System32\Tasks\{5CCF53E0-6195-7F54-A07D-AE72C1E5B301} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\de0915e3\9a636640.dll" <==== ACHTUNG
Task: {3362DCCF-B0FD-413F-84E4-CD6AFF019356} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {483B62EE-FDC9-404A-ADF8-A68EB03E4578} - System32\Tasks\Grotersp Mapper => C:\Program Files (x86)\Clerbespdremerle\rerjupy.exe 
Task: {48FF7396-B258-4F3D-A824-CA9F5E06DBB9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4C18A89B-BCED-4D53-988C-3B9FF2D9D036} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {4C3373A6-B580-4D06-982D-0456F128C31A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {5442CF63-E79F-4E46-9FEA-E831ADA4D657} - \Lenovo\Lenovo Service Bridge\S-1-5-21-2024608735-1276328420-4132175576-1001 -> Keine Datei <==== ACHTUNG
Task: {5997D2F3-C670-4A8F-97AC-0E54F8541177} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5F651B40-E495-40FC-97CC-B769D51E3625} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {5FB14A42-4AF0-4FCF-ACA5-C9AAB1A5AC30} - System32\Tasks\{5B99FE32-EC32-4999-CADC-3708E75AFA31} => C:\ProgramData\{1234AB96-A59F-1C3D-87BC-4DC6AFCEA6B8}\C27A3036-75D1-879D-3EA9-9F8FB2081826.exe  <==== ACHTUNG
Task: {5FE19C98-5417-4C21-A91A-205AE70A2CE4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {60B080EC-5184-4AB0-B6BA-4FC6DD8F78B2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {6712DD73-AC71-419E-819B-8BBD8937253F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-16] (Microsoft Corporation)
Task: {69995769-F31F-4B57-B315-12E77BE81A30} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-08-24] (Lenovo)
Task: {7BBB3BD4-C6F6-4E53-88CA-8DF876BA46E0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9A16F10C-3941-40EC-8E53-4D6A0AD6E30A} - \WPD\SqmUpload_S-1-5-21-2024608735-1276328420-4132175576-1001 -> Keine Datei <==== ACHTUNG
Task: {A97D182E-6FD5-4958-B722-8B7AEF57915D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {ABA34A64-4C7A-4B97-A40B-E3FAEC12C771} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe 
Task: {AFF68E91-0BEB-46CA-983A-953F2E6C8006} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe 
Task: {B352E0CE-D6FF-4FC1-9638-7FCBF2C5DA91} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {B8ACA62D-0C89-4170-94AD-D8CA9BA18F3B} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe 
Task: {BDB645B7-5705-4CF1-93E9-A218011E3CA0} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2017-02-06] (Tracker Software Products (Canada) Ltd.)
Task: {C5E1E20C-B993-414C-8950-C242C3BC2BFF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {DC54BA35-E04E-4660-BF9F-072D454DB84E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {EFB1B60A-BE55-495E-B471-04CFE945341B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F3A0743A-9069-41A6-8B85-645E032923B4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {F6B9BC7D-407E-4F6C-B928-EE278BAA6425} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-08-24] ()
Task: {F742BC81-DCCF-42E3-9077-D19C28618FB7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {FD53AFDF-952D-40F3-A8F0-158CF45A66A3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {FFB2CA41-85E2-4DDD-93CA-3D0AC3D27C5C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Manja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk -> C:\Users\Manja\Desktop\Ordner\Tor Browser\Browser\firefox.bat (Keine Datei)
Shortcut: C:\Users\Manja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (Keine Datei)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-03-12 03:03 - 2012-04-24 12:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-11-17 23:05 - 2016-11-17 23:05 - 00156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2017-01-29 22:45 - 2017-01-18 17:36 - 00023416 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-02-07 23:24 - 2017-02-07 23:23 - 00145408 _____ () C:\Users\Manja\AppData\Roaming\Valrythujaent\Faoing.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-07 00:07 - 2016-10-07 00:07 - 00393208 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-02-28 04:35 - 2017-02-28 04:35 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-10 22:04 - 2017-04-10 22:08 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 22:04 - 2017-04-10 22:08 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 22:04 - 2017-04-10 22:08 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 22:04 - 2017-04-10 22:08 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2013-01-26 14:02 - 2013-01-26 14:02 - 06239727 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
2000-01-01 01:00 - 2000-01-01 02:00 - 03096064 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\tor.exe
2017-02-08 04:52 - 2017-02-08 04:52 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-01-15 07:38 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2009-06-23 04:42 - 2009-06-23 04:42 - 00043008 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\libgcc_s_dw2-1.dll
2011-08-24 00:59 - 2011-08-24 00:59 - 00047972 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\mingwm10.dll
2015-10-11 21:15 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
2015-10-11 21:15 - 2013-09-02 09:45 - 00016384 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00719217 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libevent-2-0-5.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00092599 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libssp-0.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00523262 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libgcc_s_sjlj-1.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00107520 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\zlib1.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-02-07 23:23 - 00007503 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "emsisoft anti-malware"
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "avgnt"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{7FD5A268-6318-48F0-8D91-557CEA5E5BC9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{468F2A13-871E-419E-8131-BDCCD8EC0650}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{959E9D9F-BF07-476F-B6A3-B75BA71E4E26}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{7A5E8E0A-128C-4F5A-9FCD-599D552B2A72}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{C41149A8-34A4-49AF-B780-D8057222A577}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{2537BB56-6DCB-4828-AA2B-4019C03D21B2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{D9852551-C2C2-46AE-8563-737DB5119F16}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AD7A18C9-3CA1-4090-B4DD-D49D6ECFA06B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{ABA2D586-0848-41C9-B75B-94D23CE8B2C1}] => (Allow) %systemroot%\system32\alg.exe

==================== Wiederherstellungspunkte =========================

22-03-2017 21:15:54 Windows Update
30-03-2017 23:04:02 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft Kerneldebugger-Netzwerkadapter
Description: Microsoft Kerneldebugger-Netzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/21/2017 09:08:19 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LENOVO-PC)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe5

Error: (04/21/2017 08:35:18 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (04/21/2017 08:35:07 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (04/20/2017 08:01:10 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (04/20/2017 08:01:06 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (04/20/2017 07:58:40 AM) (Source: chip 1-click download service) (EventID: 0) (User: )
Description: |ERORRS=;(380) error at getOrdersForVersion:Der Remotename konnte nicht aufgelöst werden: 'service.chip-secured-download.de'
;(180) error at GetHttpWebRequest: 1Der Remotename konnte nicht aufgelöst werden: 'api.chip-secured-download.de'
;(480) Could not load new Downlaoder

Error: (04/20/2017 07:51:35 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (04/11/2017 12:51:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.OneConnect_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/11/2017 12:51:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „E0469640.CameraMan_5grkq8ppsgwt4!App“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/11/2017 12:18:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.Getstarted_5.0.13.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (04/21/2017 08:54:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-03-05 02:17:37.039
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-03-05 02:13:48.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-03-05 02:08:50.229
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2017-03-05 02:07:50.147
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-03-05 02:07:50.139
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-03-05 02:05:31.368
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-05 01:59:37.819
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-03-05 01:58:40.854
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2017-03-05 01:45:29.239
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-03-05 01:16:53.221
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 5832.46 MB
Summe virtueller Speicher: 17832.27 MB
Verfügbarer virtueller Speicher: 15484.86 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:891.53 GB) (Free:834.09 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.2 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 401F9FD4)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
Vielen Dank! Beste Grüße

Alt 28.04.2017, 21:15   #7
M-K-D-B
/// TB-Ausbilder
 
Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab - Standard

Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab



Servus,



FRST bitte erneut ausführen, die verwendete Version ist veraltet.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 02.05.2017, 16:08   #8
M-K-D-B
/// TB-Ausbilder
 
Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab - Standard

Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
Profilnachricht inklusive Link zum Thema an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Antwort

Themen zu Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab
100%, antivirus, ausgelastet, blockiert, converter, dateien unsichtbar, desktop, dringend, festplatte, firefox, home, homepage, hängt, langsam, mozilla, mp3, problem, prozesse, realtek, registry, scan, schädling, software, system, taskmanager, windows



Ähnliche Themen: Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab


  1. Pc Desktop friert immer mal wieder ein.
    Netzwerk und Hardware - 03.12.2016 (6)
  2. Wlan ist am Fernseher langsam und wird immer schlimmer!!
    Log-Analyse und Auswertung - 21.08.2016 (1)
  3. Fritz!WLAN USB Stick Verbindung bricht immer ab
    Netzwerk und Hardware - 04.08.2016 (27)
  4. Wlan-Verbindung bricht oft ab am Laptop und ist extrem langsam, am Handy und an der TV-Box allerdings keine Probleme
    Plagegeister aller Art und deren Bekämpfung - 17.06.2016 (11)
  5. Desktop Leer - Daten übernacht verschwunden - Unbekannter Ordner aufgetaucht.
    Log-Analyse und Auswertung - 27.01.2016 (35)
  6. WLAN Verbindung zeitweise defekt
    Netzwerk und Hardware - 16.09.2014 (6)
  7. immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC
    Log-Analyse und Auswertung - 25.04.2014 (8)
  8. Ordner Boost_interprocess immer wieder da !
    Plagegeister aller Art und deren Bekämpfung - 21.10.2013 (21)
  9. Wlan verbindet nur kurz und bricht wieder ab...
    Netzwerk und Hardware - 14.02.2013 (0)
  10. Laufwerke verschwunden & leere Ordner nicht wieder herstellbar
    Plagegeister aller Art und deren Bekämpfung - 12.05.2012 (6)
  11. W-Lan Verbindung bricht immer wieder ab
    Alles rund um Windows - 26.04.2012 (8)
  12. Desktop schwarz. Ordner verschwunden
    Log-Analyse und Auswertung - 24.05.2011 (5)
  13. Es erstellt sich immer ein Ordner und er kommt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 14.04.2011 (1)
  14. Immer wieder Wlan Probleme - Kein Verbindungsaufbau - mögl. Ursachen bekannt >?<
    Plagegeister aller Art und deren Bekämpfung - 03.05.2010 (4)
  15. nach jedem Neustart immer ein Ordner Neuer Ordner auf dem Desktop
    Alles rund um Windows - 11.11.2009 (1)
  16. 2ter Desktop Ordner unter All Users verschwunden!
    Mülltonne - 03.12.2008 (2)
  17. Ordner und exe kommen immer wieder
    Log-Analyse und Auswertung - 05.12.2006 (3)

Zum Thema Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab - Hallo, ich brauche bitte dringend Hilfe. Ich habe mir Anfang des Jahres (ca. Mitte Februar) vermutlich einen Schädling eingefangen. Der Firefox war betroffen und spuckte nur noch Werbeseiten aus. Arbeiten - Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab...
Archiv
Du betrachtest: Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.