Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 14.07.2017, 17:17   #1
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



Guten Abend zusammen,

weiß gar nicht wie ich anfangen soll. Ich versuche mich kurz zu fassen. Möchte aber auch keine eventuell wichtigen Informationen auslassen.
Ich spiele ein Online-Spiel (Blade&Soul) wo es jemand gelungen ist Zugang zu bekommen. Ich vermute durch die E-Mailadresse. Wie er an die Daten kam war mir schleierhaft. Bis dahin hatte ich auch nicht das beste Passwort auf der E-Mail.
Sicher war ich mir nicht ob ich mir was eingefangen hatte. Also habe ich damals ein Scan durchlaufen lassen ohne Befund. Ich hatte trotzdem Windows neu installiert um sicher zu gehen. Das ist jetzt genau eine Woche her.

Gestern hab ich festgestellt, dass von Avira der Echtzeit-Scanner nicht funktionierte und lies sich nicht einschalten. Dann hab ich ein System-Check via Avira gemacht der ohne Befund war.
Darauf hin hab ich Avira neu installiert, nach der Anleitung von der Homepage.
Obwohl ich free-Version ausgewählt habe hat er mir eine draufgepackt die ich nur mit Geld upgraden konnte. Konnte vorher auch kein Update durchführen. Er zeigte mir das die Lizenz seitdem 31.01.2017 abgelaufen war. Sah mir wie eine veraltete Version aus. Trotzdem ein Scan gemacht und er hat mir auf einmal 5 Sachen angezeigt. Diese hab ich in Quarantäne verschoben. Darauf hin hab ich es nochmal neu installiert und diesmal drauf geachtet, dass es die richtige Version ist.. Dadurch fehlt der Report von den gefundenen Sachen. Diese habe ich aber abgeschrieben. Mit der aktuellen Version einen Scan gemacht, ohne Befund.
Ich habe im ComputerBase Forum gelesen, dass Avira manchmal was anzeigt, weil es so ähnlich ist und quasi einen Fehlalarm ausspuckt.

Trotzdem war ich ab dem Punkt skeptisch und bin mir nicht sicher ob ich nun infiziert bin oder nicht. Habe dann zusätzlich Malewarebytes und kaspersky rescue cd durchlaufen lassen. Beides ohne Befund.
Vielleicht zu übervorsichtig, aber leider kenne ich mich nicht so gut aus. Falls ich was hab, dann wüsste ich auch nicht woher. Öffne keine unbekannten E-Mails und downloade nichts verbotenes.

Die FRST.txt-Datei ist zu groß zum Anhängen. Soll ich diese als zweite Antwort posten oder gezippt anhängen?


Hier nun sämtliche Logs.

Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 13-07-2017
durchgeführt von Christoph (14-07-2017 17:03:04)
Gestartet von C:\Users\Christoph\Downloads
Windows 10 Pro Version 1703 (X64) (2017-07-06 16:31:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1995552849-4031116117-681190137-500 - Administrator - Disabled)
Christoph (S-1-5-21-1995552849-4031116117-681190137-1001 - Administrator - Enabled) => C:\Users\Christoph
DefaultAccount (S-1-5-21-1995552849-4031116117-681190137-503 - Limited - Disabled)
Gast (S-1-5-21-1995552849-4031116117-681190137-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Blade & Soul (HKLM-x32\...\{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1995552849-4031116117-681190137-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-04] (Avira Operations GmbH & Co. KG)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {24A57E97-BBED-40EC-9B65-194640448BA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-07] (Google Inc.)
Task: {73A55F35-FF27-4E3C-97B4-C49834CB8504} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-07] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-06 19:31 - 2017-07-06 19:31 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-06 19:31 - 2017-07-06 19:31 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-06 19:31 - 2017-07-06 19:31 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-06 19:31 - 2017-07-06 19:31 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-07 06:45 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-07-07 06:45 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 23:03 - 2017-03-18 23:01 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1995552849-4031116117-681190137-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A4B6EA15-DC13-47E8-83EB-6F7BBE25EE55}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

06-07-2017 18:38:39 Windows Update
12-07-2017 11:31:31 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/14/2017 03:31:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.8.652, Zeitstempel: 0x55070df3
Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.8.652, Zeitstempel: 0x5507092a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000528b
ID des fehlerhaften Prozesses: 0xf9c
Startzeit der fehlerhaften Anwendung: 0x01d2fc40ec3b8881
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Avira\AntiVir Desktop\AVSCPLR.DLL
Berichtskennung: 0329fde4-e729-406d-b939-0807ebd60a25
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/12/2017 11:32:11 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (07/08/2017 07:07:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-50MUQLP)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/06/2017 07:25:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-50MUQLP)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/06/2017 06:59:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (07/06/2017 06:33:19 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Windows Defender-Status auf SECURITY_PRODUCT_STATE_ON.

Error: (07/06/2017 06:33:19 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Windows Defender-Status auf SECURITY_PRODUCT_STATE_ON.

Error: (07/06/2017 06:31:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x8024402C
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1


Systemfehler:
=============
Error: (07/14/2017 04:29:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/14/2017 02:30:57 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-50MUQLP)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/14/2017 02:24:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/14/2017 02:24:34 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841179680

Error: (07/14/2017 02:24:41 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎07.‎2017 um 05:34:45 unerwartet heruntergefahren.

Error: (07/14/2017 05:34:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/14/2017 05:24:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/14/2017 05:14:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/14/2017 05:13:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/14/2017 05:08:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.


CodeIntegrity:
===================================
  Date: 2017-07-14 00:10:50.441
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-13 11:14:57.897
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-12 23:25:30.368
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-12 11:32:04.213
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-11 23:35:28.707
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-11 10:23:15.233
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-10 23:30:48.972
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-10 11:08:17.047
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-09 15:36:37.211
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-08 21:02:15.812
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 16303.05 MB
Verfügbarer physikalischer RAM: 13523.55 MB
Summe virtueller Speicher: 18735.05 MB
Verfügbarer virtueller Speicher: 15612.49 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.33 GB) (Free:159.23 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.39 GB) (Free:931.18 GB) NTFS
Drive e: (KRD10) (CDROM) (Total:0.31 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 6DDE38CD)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Avira (was ich vor der Neuinstallation von Avira angezeigt bekommen habe. nun nicht mehr)
Code:
ATTFilter
Objekt                                Fund
WinMail.exe                 TR/Crypt.XPACK.Gen3
pipanel.exe                  TR/Crypt.XPACK.Gen
Xing.UWP.exe               HIDDENEXT/Crypted
SharedLibrary.dll          TR/Crypt.XPACK.Gen
SharedLibrary.dll          TR/Crypt.XPACK.Gen
         
Malwarebytes
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 14.07.17
Scan-Zeit: 17:49
Protokolldatei: Malware.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2363
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.483)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-50MUQLP\Christoph

-Scan-Übersicht-
Scan-Typ: Benutzerdefinierter Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 277684
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 3 Min., 10 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         

rescue CD
Code:
ATTFilter
14.07.17 15:32	Aufgabe wurde gestartet			
Untersuchung von Objekten: wurde abgeschlossen vor weniger als einer Minute  (Ereignis: 192, Objekte: 404927, Zeit: 00:49:39)	
14.07.17 16:24	Aufgabe wurde abgeschlossen			
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler	
14.07.17 15:46	Verarbeitungsfehler	C:/Program Files (x86)/NCSOFT/BnS/bin64/XignCode:	Lesefehler
         
Liebe Grüße,
Chemani

Alt 18.07.2017, 18:50   #2
M-K-D-B
/// TB-Ausbilder
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.

  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.

  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!

  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.


  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!

  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!

  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.


  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.

  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________


Alt 18.07.2017, 23:00   #3
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



Musste ich leider alles splitten. TDSS und FRST
Sind 586 Objekte normal bei TDSS? War genauso gemacht wie in der Anleitung.

TDSS 1
Code:
ATTFilter
23:16:58.0205 0x7dd0  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
23:16:58.0205 0x7dd0  UEFI system
23:17:01.0352 0x7dd0  ============================================================
23:17:01.0352 0x7dd0  Current date / time: 2017/07/18 23:17:01.0352
23:17:01.0352 0x7dd0  SystemInfo:
23:17:01.0352 0x7dd0  
23:17:01.0352 0x7dd0  OS Version: 10.0.15063 ServicePack: 0.0
23:17:01.0352 0x7dd0  Product type: Workstation
23:17:01.0352 0x7dd0  ComputerName: DESKTOP-50MUQLP
23:17:01.0352 0x7dd0  UserName: Christoph
23:17:01.0352 0x7dd0  Windows directory: C:\Windows
23:17:01.0352 0x7dd0  System windows directory: C:\Windows
23:17:01.0352 0x7dd0  Running under WOW64
23:17:01.0352 0x7dd0  Processor architecture: Intel x64
23:17:01.0352 0x7dd0  Number of processors: 8
23:17:01.0352 0x7dd0  Page size: 0x1000
23:17:01.0352 0x7dd0  Boot type: Normal boot
23:17:01.0352 0x7dd0  CodeIntegrityOptions = 0x0000C001
23:17:01.0352 0x7dd0  ============================================================
23:17:01.0492 0x7dd0  KLMD registered as C:\Windows\system32\drivers\19769038.sys
23:17:01.0492 0x7dd0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
23:17:01.0602 0x7dd0  System UUID: {39811369-AB6D-4D83-F729-5DA5A7749895}
23:17:01.0852 0x7dd0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:17:01.0852 0x7dd0  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:17:01.0867 0x7dd0  ============================================================
23:17:01.0867 0x7dd0  \Device\Harddisk0\DR0:
23:17:01.0867 0x7dd0  GPT partitions:
23:17:01.0867 0x7dd0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D646E3E0-1D42-4A47-9BD5-29B5E466ED23}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
23:17:01.0867 0x7dd0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {98AE85EF-A324-4338-AB6B-5BCAA5894690}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
23:17:01.0867 0x7dd0  MBR partitions:
23:17:01.0867 0x7dd0  \Device\Harddisk1\DR1:
23:17:01.0867 0x7dd0  GPT partitions:
23:17:01.0867 0x7dd0  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {795C8428-8F62-4AF8-A171-89D4BF52A4C2}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
23:17:01.0867 0x7dd0  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {312C8741-6720-480E-84FF-0BABF79D4263}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x32000
23:17:01.0867 0x7dd0  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2483ED4A-20CB-4222-A870-6065DA90132C}, Name: Microsoft reserved partition, StartLBA 0x113800, BlocksNum 0x8000
23:17:01.0867 0x7dd0  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {628A2529-D833-476D-8DE0-AF57F67274DD}, Name: Basic data partition, StartLBA 0x11B800, BlocksNum 0x1D0AA000
23:17:01.0867 0x7dd0  MBR partitions:
23:17:01.0867 0x7dd0  ============================================================
23:17:01.0867 0x7dd0  C: <-> \Device\Harddisk1\DR1\Partition4
23:17:01.0867 0x7dd0  D: <-> \Device\Harddisk0\DR0\Partition2
23:17:01.0867 0x7dd0  ============================================================
23:17:01.0867 0x7dd0  Initialize success
23:17:01.0867 0x7dd0  ============================================================
23:17:10.0515 0x7534  ============================================================
23:17:10.0515 0x7534  Scan started
23:17:10.0515 0x7534  Mode: Manual; SigCheck; TDLFS; 
23:17:10.0515 0x7534  ============================================================
23:17:10.0515 0x7534  KSN ping started
23:17:10.0656 0x7534  KSN ping finished: true
23:17:10.0874 0x7534  ================ Scan system memory ========================
23:17:10.0874 0x7534  System memory - ok
23:17:10.0874 0x7534  ================ Scan services =============================
23:17:10.0906 0x7534  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
23:17:10.0953 0x7534  1394ohci - ok
23:17:10.0953 0x7534  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\Windows\system32\drivers\3ware.sys
23:17:10.0968 0x7534  3ware - ok
23:17:10.0984 0x7534  [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:17:11.0000 0x7534  ACPI - ok
23:17:11.0000 0x7534  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
23:17:11.0015 0x7534  AcpiDev - ok
23:17:11.0015 0x7534  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
23:17:11.0015 0x7534  acpiex - ok
23:17:11.0015 0x7534  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
23:17:11.0031 0x7534  acpipagr - ok
23:17:11.0031 0x7534  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
23:17:11.0046 0x7534  AcpiPmi - ok
23:17:11.0046 0x7534  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\Windows\System32\drivers\acpitime.sys
23:17:11.0046 0x7534  acpitime - ok
23:17:11.0078 0x7534  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
23:17:11.0093 0x7534  ADP80XX - ok
23:17:11.0109 0x7534  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\Windows\system32\drivers\afd.sys
23:17:11.0125 0x7534  AFD - ok
23:17:11.0125 0x7534  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
23:17:11.0140 0x7534  ahcache - ok
23:17:11.0140 0x7534  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\Windows\System32\AJRouter.dll
23:17:11.0156 0x7534  AJRouter - ok
23:17:11.0156 0x7534  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\Windows\System32\alg.exe
23:17:11.0171 0x7534  ALG - ok
23:17:11.0171 0x7534  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
23:17:11.0187 0x7534  AmdK8 - ok
23:17:11.0187 0x7534  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
23:17:11.0203 0x7534  AmdPPM - ok
23:17:11.0203 0x7534  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:17:11.0218 0x7534  amdsata - ok
23:17:11.0218 0x7534  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:17:11.0234 0x7534  amdsbs - ok
23:17:11.0234 0x7534  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:17:11.0234 0x7534  amdxata - ok
23:17:11.0250 0x7534  [ A587017D8CAF0B67FCD4B589C1ABF22B, 5B8024C0BAB30C9F850D189A1D3B5B385177BD7EA54C5FE6FD8506686B2A886E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
23:17:11.0281 0x7534  AntiVirMailService - ok
23:17:11.0296 0x7534  [ 69681426797E0E78F4D9398BD789F1F8, 8B336406B009AF66D558998AE62466AAE24E84DC5D0E98EB2BE7AA38FABD1042 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
23:17:11.0296 0x7534  AntiVirSchedulerService - ok
23:17:11.0312 0x7534  [ 69681426797E0E78F4D9398BD789F1F8, 8B336406B009AF66D558998AE62466AAE24E84DC5D0E98EB2BE7AA38FABD1042 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
23:17:11.0328 0x7534  AntiVirService - ok
23:17:11.0343 0x7534  [ B2868F2E2057D4EA9E7EA061102D8921, 1FCB309421FC58E68E162282816ACB88A1E20C148A0B5C423FEC49123D033EA0 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
23:17:11.0375 0x7534  AntiVirWebService - ok
23:17:11.0375 0x7534  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\Windows\system32\drivers\appid.sys
23:17:11.0390 0x7534  AppID - ok
23:17:11.0390 0x7534  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:17:11.0406 0x7534  AppIDSvc - ok
23:17:11.0406 0x7534  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\Windows\System32\appinfo.dll
23:17:11.0421 0x7534  Appinfo - ok
23:17:11.0421 0x7534  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\Windows\system32\drivers\applockerfltr.sys
23:17:11.0437 0x7534  applockerfltr - ok
23:17:11.0437 0x7534  [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:17:11.0453 0x7534  AppMgmt - ok
23:17:11.0468 0x7534  [ FFAE5D5B096BBF43A1E917331727FD17, AF4DB56FEB2D9A671BFE9E0BF9BC89E71A503DBDF2B25CA32FA17948FC38AB0D ] AppReadiness    C:\Windows\system32\AppReadiness.dll
23:17:11.0484 0x7534  AppReadiness - ok
23:17:11.0500 0x7534  [ E3404B730D313C5EA99969ACF3B5436B, 02513749EE7C08E4079D2F8B976D53F3CFDD05735C2A813699B6CB9F742F5219 ] AppVClient      C:\Windows\system32\AppVClient.exe
23:17:11.0515 0x7534  AppVClient - ok
23:17:11.0531 0x7534  [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm        C:\Windows\system32\drivers\AppvStrm.sys
23:17:11.0531 0x7534  AppvStrm - ok
23:17:11.0531 0x7534  [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr       C:\Windows\system32\drivers\AppvVemgr.sys
23:17:11.0546 0x7534  AppvVemgr - ok
23:17:11.0546 0x7534  [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs         C:\Windows\system32\drivers\AppvVfs.sys
23:17:11.0562 0x7534  AppvVfs - ok
23:17:11.0593 0x7534  [ 4C63CB8375AE0BD0BD6496850D8A14B5, 7E29C8CD1F122CFA917AD835AD4B82B482FD0BEC5F4664816C0A2F39B85F49C4 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
23:17:11.0671 0x7534  AppXSvc - ok
23:17:11.0671 0x7534  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:17:11.0687 0x7534  arcsas - ok
23:17:11.0687 0x7534  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
23:17:11.0687 0x7534  AsyncMac - ok
23:17:11.0687 0x7534  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\Windows\system32\drivers\atapi.sys
23:17:11.0703 0x7534  atapi - ok
23:17:11.0718 0x7534  [ 435DC20A3642BA5974FC30A6C8AAAB66, 841CFC54B3FC1A07AD3E20FF9FD5B490EA1197E410E16984B4640B2737C210BB ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
23:17:11.0734 0x7534  AudioEndpointBuilder - ok
23:17:11.0750 0x7534  [ 132A5D82E9BC66F6B013AE28C4A182BC, 2DB8FD551575F3CDA5DD2BFAB5277FE11FC467F9A8B5218D00C1A8DCBF8E0209 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:17:11.0796 0x7534  Audiosrv - ok
23:17:11.0796 0x7534  [ 4621EA3385170B087A03F3C90E276B4A, 1513802CF844B1B7A70C820AEF732EDA432D44CD8726560D95F05EB5CA556CD7 ] avdevprot       C:\Windows\system32\DRIVERS\avdevprot.sys
23:17:11.0796 0x7534  avdevprot - ok
23:17:11.0796 0x7534  [ 0C6D49FFD4B70F95E24EF5311ED57A28, AB58DC263E3B5DE2E5E76DCBE8061D9B6736B411C2D572E56AD68BB326818FAF ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:17:11.0812 0x7534  avgntflt - ok
23:17:11.0812 0x7534  [ DAA6BD143D3AC4274791018FFAD5543A, 2D85818C52FF768579528A81DEB8D106421D986B28837B301F53B600E382E6CF ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:17:11.0828 0x7534  avipbb - ok
23:17:11.0828 0x7534  [ 899C706D9C5A829BEA290CD02A95B07C, 40121149932C76E2377386D4C286E1C0CE5AE382515C8DE391B68A0E77478B28 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
23:17:11.0843 0x7534  Avira.ServiceHost - ok
23:17:11.0843 0x7534  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:17:11.0843 0x7534  avkmgr - ok
23:17:11.0859 0x7534  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
23:17:11.0859 0x7534  avnetflt - ok
23:17:11.0859 0x7534  [ 9C71227D9D0A6F929C97294842A988B1, 3C79297A19001902A48BAFEF545CFB70D51509FA704EAE716B1858D1A66386A0 ] avusbflt        C:\Windows\system32\Drivers\avusbflt.sys
23:17:11.0875 0x7534  avusbflt - ok
23:17:11.0875 0x7534  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:17:11.0875 0x7534  AxInstSV - ok
23:17:11.0890 0x7534  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:17:11.0906 0x7534  b06bdrv - ok
23:17:11.0906 0x7534  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
23:17:11.0921 0x7534  BasicDisplay - ok
23:17:11.0921 0x7534  [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
23:17:11.0921 0x7534  BasicRender - ok
23:17:11.0937 0x7534  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
23:17:11.0937 0x7534  bcmfn2 - ok
23:17:11.0953 0x7534  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:17:11.0968 0x7534  BDESVC - ok
23:17:11.0968 0x7534  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:17:11.0968 0x7534  Beep - ok
23:17:11.0984 0x7534  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\Windows\System32\bfe.dll
23:17:12.0015 0x7534  BFE - ok
23:17:12.0031 0x7534  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\Windows\System32\qmgr.dll
23:17:12.0062 0x7534  BITS - ok
23:17:12.0062 0x7534  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:17:12.0078 0x7534  bowser - ok
23:17:12.0093 0x7534  [ 29052CEB6E1DA5F58D20F7A28F392D5B, AFA283D3F61A9D32BAD3132A24ACC6AC0586803EE5EDF1B11779DEE32B865ABA ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
23:17:12.0109 0x7534  BrokerInfrastructure - ok
23:17:12.0125 0x7534  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\Windows\System32\browser.dll
23:17:12.0125 0x7534  Browser - ok
23:17:12.0125 0x7534  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
23:17:12.0140 0x7534  BthAvrcpTg - ok
23:17:12.0140 0x7534  [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
23:17:12.0156 0x7534  BthHFEnum - ok
23:17:12.0156 0x7534  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
23:17:12.0156 0x7534  bthhfhid - ok
23:17:12.0172 0x7534  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
23:17:12.0187 0x7534  BthHFSrv - ok
23:17:12.0187 0x7534  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
23:17:12.0203 0x7534  BTHMODEM - ok
23:17:12.0203 0x7534  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\Windows\system32\bthserv.dll
23:17:12.0218 0x7534  bthserv - ok
23:17:12.0218 0x7534  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
23:17:12.0234 0x7534  buttonconverter - ok
23:17:12.0234 0x7534  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\Windows\System32\drivers\CAD.sys
23:17:12.0234 0x7534  CAD - ok
23:17:12.0234 0x7534  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\Windows\System32\drivers\capimg.sys
23:17:12.0250 0x7534  CapImg - ok
23:17:12.0250 0x7534  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:17:12.0265 0x7534  cdfs - ok
23:17:12.0281 0x7534  [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc          C:\Windows\System32\CDPSvc.dll
23:17:12.0312 0x7534  CDPSvc - ok
23:17:12.0312 0x7534  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\Windows\System32\CDPUserSvc.dll
23:17:12.0343 0x7534  CDPUserSvc - ok
23:17:12.0343 0x7534  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
23:17:12.0359 0x7534  cdrom - ok
23:17:12.0359 0x7534  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] CertPropSvc     C:\Windows\System32\certprop.dll
23:17:12.0375 0x7534  CertPropSvc - ok
23:17:12.0375 0x7534  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\Windows\system32\drivers\cht4sx64.sys
23:17:12.0390 0x7534  cht4iscsi - ok
23:17:12.0422 0x7534  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\Windows\System32\drivers\cht4vx64.sys
23:17:12.0453 0x7534  cht4vbd - ok
23:17:12.0468 0x7534  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\Windows\System32\drivers\circlass.sys
23:17:12.0468 0x7534  circlass - ok
23:17:12.0468 0x7534  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\Windows\system32\drivers\cldflt.sys
23:17:12.0484 0x7534  CldFlt - ok
23:17:12.0500 0x7534  [ 1BF9D74451B8AF166105E28F1D7A5C27, D76BDE26658AE5A46D15F54F7753D398A9E39B21191A7A8FFA95E1097F52EEB7 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
23:17:12.0500 0x7534  CLFS - ok
23:17:12.0515 0x7534  [ 4351225ABE115E9B81639CFC87B980BB, 366532C832729982C7485BB43C883E897E2E4C37F4C517A321E18DEBF165C7AC ] ClipSVC         C:\Windows\System32\ClipSVC.dll
23:17:12.0547 0x7534  ClipSVC - ok
23:17:12.0547 0x7534  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\Windows\System32\drivers\registry.sys
23:17:12.0547 0x7534  clreg - ok
23:17:12.0562 0x7534  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
23:17:12.0562 0x7534  CmBatt - ok
23:17:12.0578 0x7534  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\Windows\system32\Drivers\cng.sys
23:17:12.0593 0x7534  CNG - ok
23:17:12.0593 0x7534  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
23:17:12.0609 0x7534  cnghwassist - ok
23:17:12.0609 0x7534  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
23:17:12.0625 0x7534  CompositeBus - ok
23:17:12.0625 0x7534  COMSysApp - ok
23:17:12.0625 0x7534  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\Windows\system32\drivers\condrv.sys
23:17:12.0625 0x7534  condrv - ok
23:17:12.0640 0x7534  [ D270EE296EDA16437812C04B4CD61561, 76D974DBFFCE7E7A4DFC7010385FA7FA4FEB9FB2B1C8D13BABFEBABB93DEAC82 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
23:17:12.0672 0x7534  CoreMessagingRegistrar - ok
23:17:12.0672 0x7534  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:17:12.0687 0x7534  CryptSvc - ok
23:17:12.0703 0x7534  [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC             C:\Windows\system32\drivers\csc.sys
23:17:12.0718 0x7534  CSC - ok
23:17:12.0734 0x7534  [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService      C:\Windows\System32\cscsvc.dll
23:17:12.0750 0x7534  CscService - ok
23:17:12.0750 0x7534  [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam             C:\Windows\system32\drivers\dam.sys
23:17:12.0765 0x7534  dam - ok
23:17:12.0781 0x7534  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:17:12.0812 0x7534  DcomLaunch - ok
23:17:12.0828 0x7534  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:17:12.0843 0x7534  defragsvc - ok
23:17:12.0859 0x7534  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\Windows\system32\das.dll
23:17:12.0875 0x7534  DeviceAssociationService - ok
23:17:12.0875 0x7534  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
23:17:12.0890 0x7534  DeviceInstall - ok
23:17:12.0906 0x7534  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\Windows\System32\DevicesFlowBroker.dll
23:17:12.0922 0x7534  DevicesFlowUserSvc - ok
23:17:12.0922 0x7534  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
23:17:12.0937 0x7534  DevQueryBroker - ok
23:17:12.0937 0x7534  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
23:17:12.0953 0x7534  Dfsc - ok
23:17:12.0968 0x7534  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:17:12.0984 0x7534  Dhcp - ok
23:17:12.0984 0x7534  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
23:17:12.0984 0x7534  diagnosticshub.standardcollector.service - ok
23:17:13.0031 0x7534  [ 3835D0DD7A932266CC0746FDC5EC5568, 9F0933698C94FB51960818D20DAF2EE7530EA77DCA6E30603EEE85B60D807891 ] DiagTrack       C:\Windows\system32\diagtrack.dll
23:17:13.0078 0x7534  DiagTrack - ok
23:17:13.0093 0x7534  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\Windows\system32\drivers\disk.sys
23:17:13.0093 0x7534  Disk - ok
23:17:13.0109 0x7534  [ 92DD540BF9B920E2E0127E5884E48BC1, A488D60322B7AB4A64CF785888AD07AE0A1A87876E8C9D6BB06A76EC20AB94DA ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
23:17:13.0125 0x7534  DmEnrollmentSvc - ok
23:17:13.0125 0x7534  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
23:17:13.0140 0x7534  dmvsc - ok
23:17:13.0140 0x7534  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
23:17:13.0156 0x7534  dmwappushservice - ok
23:17:13.0172 0x7534  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:17:13.0172 0x7534  Dnscache - ok
23:17:13.0187 0x7534  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\Windows\System32\dot3svc.dll
23:17:13.0203 0x7534  dot3svc - ok
23:17:13.0203 0x7534  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\Windows\system32\dps.dll
23:17:13.0218 0x7534  DPS - ok
23:17:13.0234 0x7534  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\Windows\System32\drivers\drmkaud.sys
23:17:13.0234 0x7534  drmkaud - ok
23:17:13.0234 0x7534  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
23:17:13.0250 0x7534  DsmSvc - ok
23:17:13.0250 0x7534  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\Windows\System32\DsSvc.dll
23:17:13.0265 0x7534  DsSvc - ok
23:17:13.0281 0x7534  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\Windows\System32\dusmsvc.dll
23:17:13.0297 0x7534  DusmSvc - ok
23:17:13.0328 0x7534  [ D2D4095909DD26445139EC9B7C86DA5D, 246AF45588B859F3A32152C0CA14A2AD84361B08FDA5430B24E049CEE03B6271 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:17:13.0375 0x7534  DXGKrnl - ok
23:17:13.0375 0x7534  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\Windows\System32\eapsvc.dll
23:17:13.0390 0x7534  EapHost - ok
23:17:13.0453 0x7534  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:17:13.0515 0x7534  ebdrv - ok
23:17:13.0531 0x7534  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] EFS             C:\Windows\System32\lsass.exe
23:17:13.0531 0x7534  EFS - ok
23:17:13.0547 0x7534  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
23:17:13.0547 0x7534  EhStorClass - ok
23:17:13.0547 0x7534  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
23:17:13.0562 0x7534  EhStorTcgDrv - ok
23:17:13.0562 0x7534  [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
23:17:13.0578 0x7534  embeddedmode - ok
23:17:13.0578 0x7534  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
23:17:13.0594 0x7534  EntAppSvc - ok
23:17:13.0594 0x7534  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
23:17:13.0609 0x7534  ErrDev - ok
23:17:13.0625 0x7534  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\Windows\system32\es.dll
23:17:13.0640 0x7534  EventSystem - ok
23:17:13.0640 0x7534  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:17:13.0656 0x7534  exfat - ok
23:17:13.0672 0x7534  [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:17:13.0687 0x7534  fastfat - ok
23:17:13.0687 0x7534  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\Windows\system32\fxssvc.exe
23:17:13.0719 0x7534  Fax - ok
23:17:13.0719 0x7534  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\Windows\System32\drivers\fdc.sys
23:17:13.0734 0x7534  fdc - ok
23:17:13.0734 0x7534  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:17:13.0734 0x7534  fdPHost - ok
23:17:13.0734 0x7534  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:17:13.0750 0x7534  FDResPub - ok
23:17:13.0750 0x7534  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\Windows\system32\fhsvc.dll
23:17:13.0765 0x7534  fhsvc - ok
23:17:13.0765 0x7534  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
23:17:13.0781 0x7534  FileCrypt - ok
23:17:13.0781 0x7534  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:17:13.0797 0x7534  FileInfo - ok
23:17:13.0797 0x7534  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:17:13.0812 0x7534  Filetrace - ok
23:17:13.0812 0x7534  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
23:17:13.0812 0x7534  flpydisk - ok
23:17:13.0828 0x7534  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:17:13.0828 0x7534  FltMgr - ok
23:17:13.0859 0x7534  [ 3020F526B7E94A178D3EBF958397F7BC, DD0105BBEFFA7E1F54BC2199C7DB60F9C650D76DA36598E934F45D44BCE1DE3A ] FontCache       C:\Windows\system32\FntCache.dll
23:17:13.0906 0x7534  FontCache - ok
23:17:13.0922 0x7534  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:17:13.0922 0x7534  FontCache3.0.0.0 - ok
23:17:13.0937 0x7534  [ 2A2EB05E795BBDDAABE82639E9691502, 1115CF68EC7CF9ECDDA7BE84C54F6CB0D871FFA89B127CC3573AB120FD600E51 ] FrameServer     C:\Windows\system32\FrameServer.dll
23:17:13.0953 0x7534  FrameServer - ok
23:17:13.0953 0x7534  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:17:13.0969 0x7534  FsDepends - ok
23:17:13.0969 0x7534  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:17:13.0984 0x7534  Fs_Rec - ok
23:17:14.0000 0x7534  [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:17:14.0015 0x7534  fvevol - ok
23:17:14.0015 0x7534  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
23:17:14.0015 0x7534  gencounter - ok
23:17:14.0031 0x7534  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\Windows\System32\drivers\genericusbfn.sys
23:17:14.0031 0x7534  genericusbfn - ok
23:17:14.0031 0x7534  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
23:17:14.0047 0x7534  GPIOClx0101 - ok
23:17:14.0062 0x7534  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\Windows\System32\gpsvc.dll
23:17:14.0109 0x7534  gpsvc - ok
23:17:14.0109 0x7534  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
23:17:14.0125 0x7534  GpuEnergyDrv - ok
23:17:14.0125 0x7534  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:17:14.0140 0x7534  gupdate - ok
23:17:14.0140 0x7534  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:17:14.0140 0x7534  gupdatem - ok
23:17:14.0156 0x7534  [ BF14976E8223D334B21792FB8B74D7FF, 0939B6605E9BCE2EC888AF3F3DA953351AB56E993B2C8BC6A6DC577D287811FD ] HdAudAddService C:\Windows\System32\drivers\HdAudio.sys
23:17:14.0172 0x7534  HdAudAddService - ok
23:17:14.0172 0x7534  [ 02B9639D9997E95CDF2F4C4F3BDCC73D, 612F472A72E44199E0B1ECEE6FF2836359039402212CBD26D1A1CDDAC61052A9 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
23:17:14.0187 0x7534  HDAudBus - ok
23:17:14.0187 0x7534  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
23:17:14.0187 0x7534  HidBatt - ok
23:17:14.0187 0x7534  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\Windows\System32\drivers\hidbth.sys
23:17:14.0203 0x7534  HidBth - ok
23:17:14.0203 0x7534  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
23:17:14.0219 0x7534  hidi2c - ok
23:17:14.0219 0x7534  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
23:17:14.0219 0x7534  hidinterrupt - ok
23:17:14.0234 0x7534  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\Windows\System32\drivers\hidir.sys
23:17:14.0234 0x7534  HidIr - ok
23:17:14.0234 0x7534  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\Windows\system32\hidserv.dll
23:17:14.0250 0x7534  hidserv - ok
23:17:14.0250 0x7534  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
23:17:14.0250 0x7534  HidUsb - ok
23:17:14.0265 0x7534  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:17:14.0281 0x7534  HomeGroupListener - ok
23:17:14.0281 0x7534  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:17:14.0297 0x7534  HomeGroupProvider - ok
23:17:14.0297 0x7534  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:17:14.0312 0x7534  HpSAMD - ok
23:17:14.0328 0x7534  [ BB1AE72906564A6E81B79D73A05AE21F, 9BAC18FE0F99479E7B2AB804A0B4C286E55155A8C051CC7D20CE94798EEA0721 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:17:14.0344 0x7534  HTTP - ok
23:17:14.0359 0x7534  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\Windows\System32\hvhostsvc.dll
23:17:14.0359 0x7534  HvHost - ok
23:17:14.0359 0x7534  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\Windows\system32\drivers\hvservice.sys
23:17:14.0375 0x7534  hvservice - ok
23:17:14.0375 0x7534  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:17:14.0375 0x7534  hwpolicy - ok
23:17:14.0391 0x7534  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
23:17:14.0391 0x7534  hyperkbd - ok
23:17:14.0391 0x7534  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
23:17:14.0406 0x7534  i8042prt - ok
23:17:14.0406 0x7534  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\Windows\System32\drivers\iagpio.sys
23:17:14.0422 0x7534  iagpio - ok
23:17:14.0422 0x7534  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\Windows\System32\drivers\iai2c.sys
23:17:14.0422 0x7534  iai2c - ok
23:17:14.0437 0x7534  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
23:17:14.0437 0x7534  iaLPSS2i_GPIO2 - ok
23:17:14.0437 0x7534  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
23:17:14.0453 0x7534  iaLPSS2i_GPIO2_BXT_P - ok
23:17:14.0453 0x7534  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
23:17:14.0469 0x7534  iaLPSS2i_I2C - ok
23:17:14.0469 0x7534  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
23:17:14.0484 0x7534  iaLPSS2i_I2C_BXT_P - ok
23:17:14.0484 0x7534  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
23:17:14.0484 0x7534  iaLPSSi_GPIO - ok
23:17:14.0500 0x7534  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
23:17:14.0500 0x7534  iaLPSSi_I2C - ok
23:17:14.0516 0x7534  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
23:17:14.0531 0x7534  iaStorAV - ok
23:17:14.0531 0x7534  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:17:14.0547 0x7534  iaStorV - ok
23:17:14.0562 0x7534  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\Windows\System32\drivers\ibbus.sys
23:17:14.0578 0x7534  ibbus - ok
23:17:14.0578 0x7534  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\Windows\System32\tetheringservice.dll
23:17:14.0594 0x7534  icssvc - ok
23:17:14.0609 0x7534  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:17:14.0641 0x7534  IKEEXT - ok
23:17:14.0641 0x7534  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\Windows\System32\drivers\IndirectKmd.sys
23:17:14.0641 0x7534  IndirectKmd - ok
23:17:14.0656 0x7534  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:17:14.0656 0x7534  intelide - ok
23:17:14.0656 0x7534  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\Windows\system32\drivers\intelpep.sys
23:17:14.0672 0x7534  intelpep - ok
23:17:14.0672 0x7534  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
23:17:14.0687 0x7534  intelppm - ok
23:17:14.0687 0x7534  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\Windows\system32\drivers\iorate.sys
23:17:14.0687 0x7534  iorate - ok
23:17:14.0703 0x7534  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:17:14.0703 0x7534  IpFilterDriver - ok
23:17:14.0719 0x7534  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:17:14.0750 0x7534  iphlpsvc - ok
23:17:14.0766 0x7534  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
23:17:14.0766 0x7534  IPMIDRV - ok
23:17:14.0781 0x7534  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:17:14.0781 0x7534  IPNAT - ok
23:17:14.0781 0x7534  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\Windows\System32\IpxlatCfg.dll
23:17:14.0797 0x7534  IpxlatCfgSvc - ok
23:17:14.0812 0x7534  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\Windows\system32\drivers\irda.sys
23:17:14.0812 0x7534  irda - ok
23:17:14.0812 0x7534  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:17:14.0828 0x7534  IRENUM - ok
23:17:14.0828 0x7534  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\Windows\System32\irmon.dll
23:17:14.0828 0x7534  irmon - ok
23:17:14.0844 0x7534  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:17:14.0844 0x7534  isapnp - ok
23:17:14.0844 0x7534  [ B6BA01EA6B2CCCB90A6FDCFF68F4A992, 7F45A015D413DCAF8551FD229A7C03F6ADD66467B4C37155E300E0777DDE5E8B ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
23:17:14.0859 0x7534  iScsiPrt - ok
23:17:14.0859 0x7534  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
23:17:14.0875 0x7534  kbdclass - ok
23:17:14.0875 0x7534  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
23:17:14.0875 0x7534  kbdhid - ok
23:17:14.0875 0x7534  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
23:17:14.0891 0x7534  kdnic - ok
23:17:14.0891 0x7534  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] KeyIso          C:\Windows\system32\lsass.exe
23:17:14.0891 0x7534  KeyIso - ok
23:17:14.0906 0x7534  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:17:14.0906 0x7534  KSecDD - ok
23:17:14.0906 0x7534  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:17:14.0922 0x7534  KSecPkg - ok
23:17:14.0922 0x7534  [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:17:14.0937 0x7534  ksthunk - ok
23:17:14.0937 0x7534  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:17:14.0953 0x7534  KtmRm - ok
23:17:14.0953 0x7534  [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:17:14.0969 0x7534  LanmanServer - ok
23:17:14.0984 0x7534  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:17:15.0000 0x7534  LanmanWorkstation - ok
23:17:15.0000 0x7534  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\Windows\System32\lfsvc.dll
23:17:15.0000 0x7534  lfsvc - ok
23:17:15.0000 0x7534  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
23:17:15.0016 0x7534  LicenseManager - ok
23:17:15.0016 0x7534  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\Windows\system32\drivers\lltdio.sys
23:17:15.0031 0x7534  lltdio - ok
23:17:15.0031 0x7534  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:17:15.0062 0x7534  lltdsvc - ok
23:17:15.0062 0x7534  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:17:15.0062 0x7534  lmhosts - ok
23:17:15.0078 0x7534  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:17:15.0078 0x7534  LSI_SAS - ok
23:17:15.0078 0x7534  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
23:17:15.0094 0x7534  LSI_SAS2i - ok
23:17:15.0094 0x7534  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
23:17:15.0094 0x7534  LSI_SAS3i - ok
23:17:15.0109 0x7534  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
23:17:15.0109 0x7534  LSI_SSS - ok
23:17:15.0125 0x7534  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\Windows\System32\lsm.dll
23:17:15.0141 0x7534  LSM - ok
23:17:15.0156 0x7534  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\Windows\system32\drivers\luafv.sys
23:17:15.0156 0x7534  luafv - ok
23:17:15.0172 0x7534  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\Windows\System32\moshost.dll
23:17:15.0172 0x7534  MapsBroker - ok
23:17:15.0187 0x7534  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\Windows\System32\drivers\mausbhost.sys
23:17:15.0203 0x7534  mausbhost - ok
23:17:15.0203 0x7534  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\Windows\System32\drivers\mausbip.sys
23:17:15.0203 0x7534  mausbip - ok
23:17:15.0219 0x7534  [ 0C847B9BD2D1F1E97037F8C3DA6D5A1B, B2405BBAFBE78DF554B963C53DE843419AE873B82A1B0C2FA8D1779D1CC142BE ] MBAMChameleon   C:\Windows\system32\drivers\MBAMChameleon.sys
23:17:15.0219 0x7534  MBAMChameleon - ok
23:17:15.0219 0x7534  [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection  C:\Windows\system32\drivers\mbam.sys
23:17:15.0234 0x7534  MBAMProtection - ok
23:17:15.0297 0x7534  [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
23:17:15.0359 0x7534  MBAMService - ok
23:17:15.0359 0x7534  [ C3549BE8C1FE4ECBEE21DAD3378F6CD0, E4FB6856C1A8B9185322EFC4AF31A3748365ED2E3E4FB6DF57B35569D8D42AAD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
23:17:15.0375 0x7534  MBAMSwissArmy - ok
23:17:15.0375 0x7534  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\Windows\system32\drivers\megasas.sys
23:17:15.0375 0x7534  megasas - ok
23:17:15.0391 0x7534  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\Windows\system32\drivers\MegaSas2i.sys
23:17:15.0391 0x7534  megasas2i - ok
23:17:15.0406 0x7534  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\Windows\system32\drivers\megasr.sys
23:17:15.0406 0x7534  megasr - ok
23:17:15.0422 0x7534  [ 8EC6459491D8508BBA5E3CEC5C930914, E01AEE2E6F569429BC5582AEB63A2CB288499A878B0806D21CC9D78F00E0B284 ] MEIx64          C:\Windows\System32\drivers\TeeDriverW8x64.sys
23:17:15.0438 0x7534  MEIx64 - ok
23:17:15.0438 0x7534  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\Windows\System32\MessagingService.dll
23:17:15.0453 0x7534  MessagingService - ok
23:17:15.0469 0x7534  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
23:17:15.0484 0x7534  mlx4_bus - ok
23:17:15.0484 0x7534  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
23:17:15.0484 0x7534  MMCSS - ok
23:17:15.0500 0x7534  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\Windows\system32\drivers\modem.sys
23:17:15.0500 0x7534  Modem - ok
23:17:15.0516 0x7534  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\Windows\System32\drivers\monitor.sys
23:17:15.0516 0x7534  monitor - ok
23:17:15.0516 0x7534  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\Windows\System32\drivers\mouclass.sys
23:17:15.0531 0x7534  mouclass - ok
23:17:15.0531 0x7534  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
23:17:15.0531 0x7534  mouhid - ok
23:17:15.0531 0x7534  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:17:15.0547 0x7534  mountmgr - ok
23:17:15.0547 0x7534  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:17:15.0563 0x7534  mpsdrv - ok
23:17:15.0578 0x7534  [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:17:15.0594 0x7534  MpsSvc - ok
23:17:15.0609 0x7534  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:17:15.0609 0x7534  MRxDAV - ok
23:17:15.0625 0x7534  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:17:15.0641 0x7534  mrxsmb - ok
23:17:15.0641 0x7534  [ 84700F40C0E41AEA91F8F3D6218A8A68, 72BB529367095EE19F299232648B7E347590C9F4F89DE3FDA41724BFCAC1F49C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:17:15.0656 0x7534  mrxsmb10 - ok
23:17:15.0656 0x7534  [ B855479BA6A74349CEF8061808C90201, BA70A9EBC2E2895419C5D46806153DCA061E3C836F3D97A622E7672140107F81 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:17:15.0672 0x7534  mrxsmb20 - ok
23:17:15.0672 0x7534  [ 670E6CFDA70C106342C0D63D014B6822, 8178C9E02CBE52F45C28ACC643287D8DA46FCED88D63957E3ABEAD9393B5827E ] MsBridge        C:\Windows\system32\drivers\bridge.sys
23:17:15.0688 0x7534  MsBridge - ok
23:17:15.0688 0x7534  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\Windows\System32\msdtc.exe
23:17:15.0703 0x7534  MSDTC - ok
23:17:15.0703 0x7534  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:17:15.0703 0x7534  Msfs - ok
23:17:15.0719 0x7534  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
23:17:15.0719 0x7534  msgpiowin32 - ok
23:17:15.0719 0x7534  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:17:15.0734 0x7534  mshidkmdf - ok
23:17:15.0734 0x7534  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
23:17:15.0734 0x7534  mshidumdf - ok
23:17:15.0734 0x7534  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:17:15.0750 0x7534  msisadrv - ok
23:17:15.0750 0x7534  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:17:15.0750 0x7534  MSiSCSI - ok
23:17:15.0766 0x7534  msiserver - ok
23:17:15.0766 0x7534  [ C2939119A17E52D74191EFC1E4CDEE09, B5738A32B02CDD816F086BA84C733D9597A0193F42C068D7B90E386D1CA92EE1 ] MSKSSRV         C:\Windows\system32\DRIVERS\MSKSSRV.sys
23:17:15.0766 0x7534  MSKSSRV - ok
23:17:15.0781 0x7534  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
23:17:15.0781 0x7534  MsLldp - ok
23:17:15.0781 0x7534  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\Windows\system32\DRIVERS\MSPCLOCK.sys
23:17:15.0797 0x7534  MSPCLOCK - ok
23:17:15.0797 0x7534  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\Windows\system32\DRIVERS\MSPQM.sys
23:17:15.0813 0x7534  MSPQM - ok
23:17:15.0813 0x7534  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:17:15.0828 0x7534  MsRPC - ok
23:17:15.0844 0x7534  [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt        C:\Windows\system32\drivers\mssecflt.sys
23:17:15.0844 0x7534  MsSecFlt - ok
23:17:15.0844 0x7534  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
23:17:15.0859 0x7534  mssmbios - ok
23:17:15.0859 0x7534  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\Windows\system32\DRIVERS\MSTEE.sys
23:17:15.0875 0x7534  MSTEE - ok
23:17:15.0875 0x7534  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
23:17:15.0875 0x7534  MTConfig - ok
23:17:15.0891 0x7534  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:17:15.0891 0x7534  Mup - ok
23:17:15.0891 0x7534  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
23:17:15.0906 0x7534  mvumis - ok
23:17:15.0906 0x7534  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:17:15.0922 0x7534  NativeWifiP - ok
23:17:15.0938 0x7534  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\Windows\System32\NaturalAuth.dll
23:17:15.0969 0x7534  NaturalAuthentication - ok
23:17:15.0969 0x7534  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\Windows\System32\ncasvc.dll
23:17:15.0984 0x7534  NcaSvc - ok
23:17:15.0984 0x7534  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\Windows\System32\ncbservice.dll
23:17:16.0000 0x7534  NcbService - ok
23:17:16.0016 0x7534  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
23:17:16.0016 0x7534  NcdAutoSetup - ok
23:17:16.0031 0x7534  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
23:17:16.0031 0x7534  ndfltr - ok
23:17:16.0047 0x7534  [ 59F3D5FEF4A24871C07C279762DA8624, 00DD19E3FBC7FCFE2768409E2B4AE931205D53A22072D958950E8FBA1D14F071 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:17:16.0078 0x7534  NDIS - ok
23:17:16.0078 0x7534  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
23:17:16.0094 0x7534  NdisCap - ok
23:17:16.0094 0x7534  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
23:17:16.0109 0x7534  NdisImPlatform - ok
23:17:16.0125 0x7534  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:17:16.0141 0x7534  NdisTapi - ok
23:17:16.0141 0x7534  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
23:17:16.0141 0x7534  Ndisuio - ok
23:17:16.0156 0x7534  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
23:17:16.0156 0x7534  NdisVirtualBus - ok
23:17:16.0172 0x7534  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
23:17:16.0188 0x7534  NdisWan - ok
23:17:16.0188 0x7534  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
23:17:16.0203 0x7534  ndiswanlegacy - ok
23:17:16.0203 0x7534  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
23:17:16.0219 0x7534  ndproxy - ok
23:17:16.0219 0x7534  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
23:17:16.0234 0x7534  Ndu - ok
23:17:16.0250 0x7534  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\Windows\system32\drivers\NetAdapterCx.sys
23:17:16.0250 0x7534  NetAdapterCx - ok
23:17:16.0250 0x7534  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
23:17:16.0266 0x7534  NetBIOS - ok
23:17:16.0266 0x7534  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:17:16.0281 0x7534  NetBT - ok
23:17:16.0297 0x7534  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] Netlogon        C:\Windows\system32\lsass.exe
23:17:16.0297 0x7534  Netlogon - ok
23:17:16.0297 0x7534  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\Windows\System32\netman.dll
23:17:16.0313 0x7534  Netman - ok
23:17:16.0328 0x7534  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\Windows\System32\netprofmsvc.dll
23:17:16.0359 0x7534  netprofm - ok
23:17:16.0359 0x7534  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
23:17:16.0375 0x7534  NetSetupSvc - ok
23:17:16.0375 0x7534  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:17:16.0391 0x7534  NetTcpPortSharing - ok
23:17:16.0391 0x7534  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\Windows\System32\drivers\netvsc.sys
23:17:16.0406 0x7534  netvsc - ok
23:17:16.0406 0x7534  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
23:17:16.0422 0x7534  NgcCtnrSvc - ok
23:17:16.0453 0x7534  [ 9ECFD7DD594DBEAED3A2889045B2DCBD, 984B10A88E304B805153C49B3D618315926635A270AB34D2976E7AA5AE00E2F4 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
23:17:16.0485 0x7534  NgcSvc - ok
23:17:16.0485 0x7534  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:17:16.0516 0x7534  NlaSvc - ok
23:17:16.0516 0x7534  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:17:16.0516 0x7534  Npfs - ok
23:17:16.0516 0x7534  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
23:17:16.0531 0x7534  npsvctrig - ok
23:17:16.0531 0x7534  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\Windows\system32\nsisvc.dll
23:17:16.0547 0x7534  nsi - ok
23:17:16.0547 0x7534  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:17:16.0547 0x7534  nsiproxy - ok
23:17:16.0594 0x7534  [ 8D72D5038C5F91AFEF1B160FE524C2D9, 7F9913B6BC87DDCCA2A684CD211B8CB6EE7116BFEA162DD19185E6003576C1F7 ] NTFS            C:\Windows\system32\drivers\NTFS.sys
23:17:16.0625 0x7534  NTFS - ok
23:17:16.0641 0x7534  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\Windows\system32\drivers\Null.sys
23:17:16.0641 0x7534  Null - ok
23:17:16.0641 0x7534  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\Windows\System32\drivers\nvdimmn.sys
23:17:16.0656 0x7534  nvdimmn - ok
23:17:16.0656 0x7534  [ 6E256C42FD27FADEA9BDD2E98CB53FE4, 8E2BDADFCC4B0C7208E937462DDF9CD9810E1B66375BD22F26C5D94376BDEC44 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
23:17:16.0672 0x7534  NVHDA - ok
23:17:16.0891 0x7534  [ BD000446F0B4FA1E87E7D10356C49564, 95F495549F35FFD64D3132D46923D1502C10AC77E7031EE1DE629E218EC584E0 ] nvlddmkm        C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys
23:17:17.0094 0x7534  nvlddmkm - ok
23:17:17.0110 0x7534  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:17:17.0125 0x7534  nvraid - ok
23:17:17.0125 0x7534  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:17:17.0141 0x7534  nvstor - ok
23:17:17.0141 0x7534  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\Windows\System32\APHostService.dll
23:17:17.0172 0x7534  OneSyncSvc - ok
23:17:17.0172 0x7534  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:17:17.0188 0x7534  p2pimsvc - ok
23:17:17.0203 0x7534  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\Windows\system32\p2psvc.dll
23:17:17.0219 0x7534  p2psvc - ok
23:17:17.0219 0x7534  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\Windows\System32\drivers\parport.sys
23:17:17.0235 0x7534  Parport - ok
23:17:17.0235 0x7534  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:17:17.0235 0x7534  partmgr - ok
23:17:17.0250 0x7534  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:17:17.0266 0x7534  PcaSvc - ok
23:17:17.0281 0x7534  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\Windows\system32\drivers\pci.sys
23:17:17.0281 0x7534  pci - ok
23:17:17.0281 0x7534  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:17:17.0297 0x7534  pciide - ok
23:17:17.0297 0x7534  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:17:17.0313 0x7534  pcmcia - ok
23:17:17.0313 0x7534  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:17:17.0313 0x7534  pcw - ok
23:17:17.0313 0x7534  [ 10E48E45A03A7F4C2B7C11738BE87816, 44870E26C3B75D51F5035DE78E62F3EFF222D314DAACBD60AE40BF34BC706F2E ] pdc             C:\Windows\system32\drivers\pdc.sys
23:17:17.0328 0x7534  pdc - ok
23:17:17.0344 0x7534  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:17:17.0375 0x7534  PEAUTH - ok
23:17:17.0406 0x7534  [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:17:17.0453 0x7534  PeerDistSvc - ok
23:17:17.0453 0x7534  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
23:17:17.0469 0x7534  percsas2i - ok
23:17:17.0469 0x7534  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
23:17:17.0469 0x7534  percsas3i - ok
23:17:17.0485 0x7534  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:17:17.0485 0x7534  PerfHost - ok
23:17:17.0500 0x7534  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\Windows\System32\PhoneService.dll
23:17:17.0531 0x7534  PhoneSvc - ok
23:17:17.0547 0x7534  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
23:17:17.0563 0x7534  PimIndexMaintenanceSvc - ok
23:17:17.0578 0x7534  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\Windows\system32\pla.dll
23:17:17.0625 0x7534  pla - ok
23:17:17.0625 0x7534  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:17:17.0641 0x7534  PlugPlay - ok
23:17:17.0641 0x7534  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\Windows\System32\drivers\pmem.sys
23:17:17.0656 0x7534  pmem - ok
23:17:17.0656 0x7534  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:17:17.0672 0x7534  PNRPAutoReg - ok
23:17:17.0672 0x7534  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:17:17.0688 0x7534  PNRPsvc - ok
23:17:17.0703 0x7534  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:17:17.0719 0x7534  PolicyAgent - ok
23:17:17.0719 0x7534  [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power           C:\Windows\system32\umpo.dll
23:17:17.0735 0x7534  Power - ok
23:17:17.0735 0x7534  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
23:17:17.0750 0x7534  PptpMiniport - ok
23:17:17.0797 0x7534  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
23:17:17.0860 0x7534  PrintNotify - ok
23:17:17.0860 0x7534  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\Windows\System32\drivers\processr.sys
23:17:17.0875 0x7534  Processor - ok
23:17:17.0891 0x7534  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\Windows\system32\profsvc.dll
23:17:17.0906 0x7534  ProfSvc - ok
23:17:17.0906 0x7534  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\Windows\system32\drivers\pacer.sys
23:17:17.0922 0x7534  Psched - ok
23:17:17.0922 0x7534  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\Windows\system32\qwave.dll
23:17:17.0953 0x7534  QWAVE - ok
23:17:17.0953 0x7534  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:17:17.0969 0x7534  QWAVEdrv - ok
23:17:17.0969 0x7534  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:17:17.0985 0x7534  RasAcd - ok
23:17:17.0985 0x7534  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
23:17:18.0000 0x7534  RasAgileVpn - ok
23:17:18.0000 0x7534  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\Windows\System32\rasauto.dll
23:17:18.0016 0x7534  RasAuto - ok
23:17:18.0016 0x7534  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
23:17:18.0032 0x7534  Rasl2tp - ok
23:17:18.0047 0x7534  [ D5E9823BC7CD1149917CC49AD4052D94, 4A40400FC1B43EF3EADA420F9898AF2A24585199B6F11AA8C2E7E15E2CDA3BAA ] RasMan          C:\Windows\System32\rasmans.dll
23:17:18.0078 0x7534  RasMan - ok
23:17:18.0078 0x7534  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:17:18.0094 0x7534  RasPppoe - ok
23:17:18.0094 0x7534  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
23:17:18.0110 0x7534  RasSstp - ok
23:17:18.0125 0x7534  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:17:18.0141 0x7534  rdbss - ok
23:17:18.0141 0x7534  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
23:17:18.0157 0x7534  rdpbus - ok
23:17:18.0157 0x7534  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:17:18.0172 0x7534  RDPDR - ok
23:17:18.0172 0x7534  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:17:18.0172 0x7534  RdpVideoMiniport - ok
23:17:18.0188 0x7534  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:17:18.0203 0x7534  rdyboost - ok
23:17:18.0219 0x7534  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\Windows\system32\drivers\ReFS.sys
23:17:18.0266 0x7534  ReFS - ok
23:17:18.0282 0x7534  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
23:17:18.0297 0x7534  ReFSv1 - ok
23:17:18.0313 0x7534  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:17:18.0328 0x7534  RemoteAccess - ok
23:17:18.0328 0x7534  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:17:18.0344 0x7534  RemoteRegistry - ok
23:17:18.0360 0x7534  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\Windows\system32\RDXService.dll
23:17:18.0391 0x7534  RetailDemo - ok
23:17:18.0391 0x7534  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\Windows\System32\RMapi.dll
23:17:18.0407 0x7534  RmSvc - ok
23:17:18.0407 0x7534  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:17:18.0422 0x7534  RpcEptMapper - ok
23:17:18.0422 0x7534  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\Windows\system32\locator.exe
23:17:18.0438 0x7534  RpcLocator - ok
23:17:18.0453 0x7534  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\Windows\system32\rpcss.dll
23:17:18.0485 0x7534  RpcSs - ok
23:17:18.0485 0x7534  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\Windows\system32\drivers\rspndr.sys
23:17:18.0500 0x7534  rspndr - ok
23:17:18.0516 0x7534  [ AB7C0639DF052528C2CB06D0EAE115EC, 5D709DE453FBC3DD880859D2B11BCB780FEA8C0618AA47622C85BD414EC540BE ] rt640x64        C:\Windows\System32\drivers\rt640x64.sys
23:17:18.0532 0x7534  rt640x64 - ok
23:17:18.0594 0x7534  [ 9748533EAF7F9E3D8F3F7A0AF066B31D, BB8D21BF26568ECE0599D8469121C73A6AE847203C110B6F0B94B5E7F76D6DF6 ] rtwlane_13      C:\Windows\System32\drivers\rtwlane_13.sys
23:17:18.0688 0x7534  rtwlane_13 - ok
23:17:18.0688 0x7534  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
23:17:18.0688 0x7534  s3cap - ok
23:17:18.0703 0x7534  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] SamSs           C:\Windows\system32\lsass.exe
23:17:18.0703 0x7534  SamSs - ok
23:17:18.0703 0x7534  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:17:18.0719 0x7534  sbp2port - ok
23:17:18.0719 0x7534  [ 53F03A8A228D6C8016139A4B2583A2D8, 8EA046C7537B2D926D3AE1F058A9880F823EBEA6DC77F312082EDE1722F08236 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:17:18.0735 0x7534  SCardSvr - ok
23:17:18.0750 0x7534  [ CBCC25CDF5D30ACB253CC92ADC7D569C, 0DF0DE3B0F0007E4F3D663EB7CC503C38B5A99F5859A6BD8564F8153F1D925D5 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
23:17:18.0750 0x7534  ScDeviceEnum - ok
23:17:18.0766 0x7534  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:17:18.0766 0x7534  scfilter - ok
23:17:18.0782 0x7534  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\Windows\system32\schedsvc.dll
23:17:18.0813 0x7534  Schedule - ok
23:17:18.0813 0x7534  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\Windows\system32\drivers\scmbus.sys
23:17:18.0828 0x7534  scmbus - ok
23:17:18.0828 0x7534  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:17:18.0844 0x7534  SCPolicySvc - ok
23:17:18.0844 0x7534  [ 71A494A502F24465317E88E80F6C0C2C, D85F139982804B8419D7CCF01F35CCDDA580BA5276A6261D0662028080F7765B ] sdbus           C:\Windows\System32\drivers\sdbus.sys
23:17:18.0860 0x7534  sdbus - ok
23:17:18.0860 0x7534  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\Windows\System32\drivers\SDFRd.sys
23:17:18.0860 0x7534  SDFRd - ok
23:17:18.0875 0x7534  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:17:18.0875 0x7534  SDRSVC - ok
23:17:18.0891 0x7534  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\Windows\System32\drivers\sdstor.sys
23:17:18.0891 0x7534  sdstor - ok
23:17:18.0891 0x7534  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\Windows\system32\seclogon.dll
23:17:18.0907 0x7534  seclogon - ok
23:17:18.0922 0x7534  [ 1D4F5F50BEA1329FAEFA5D15F683F87F, C5E0BFFB4E4589AAD87D8BA0F779DC94ED6F85A8003B71D0A858CC32912A3F0F ] SecurityHealthService C:\Windows\system32\SecurityHealthService.exe
23:17:18.0922 0x7534  SecurityHealthService - ok
23:17:18.0953 0x7534  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\Windows\system32\SEMgrSvc.dll
23:17:18.0985 0x7534  SEMgrSvc - ok
23:17:18.0985 0x7534  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\Windows\System32\sens.dll
23:17:19.0000 0x7534  SENS - ok
23:17:19.0000 0x7534  Sense - ok
23:17:19.0032 0x7534  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\Windows\System32\SensorDataService.exe
23:17:19.0078 0x7534  SensorDataService - ok
23:17:19.0094 0x7534  [ AA4BA5CCB3B01E23605ACE13F4A94ECE, 7D8374FA03C33CFC7EA7CF680F81B0090AB22076E389EB6B6233F696FC63E1B0 ] SensorService   C:\Windows\system32\SensorService.dll
23:17:19.0110 0x7534  SensorService - ok
23:17:19.0110 0x7534  [ 00897F867A525D2118DF98E2DCADA050, ADAEB414EE5F3EFE90AE8A56136FB0165CF68962661FE0B937150235DE1F4DE6 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:17:19.0125 0x7534  SensrSvc - ok
23:17:19.0125 0x7534  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\Windows\system32\drivers\SerCx.sys
23:17:19.0141 0x7534  SerCx - ok
23:17:19.0141 0x7534  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
23:17:19.0157 0x7534  SerCx2 - ok
23:17:19.0157 0x7534  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\Windows\System32\drivers\serenum.sys
23:17:19.0157 0x7534  Serenum - ok
23:17:19.0172 0x7534  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\Windows\System32\drivers\serial.sys
23:17:19.0172 0x7534  Serial - ok
23:17:19.0172 0x7534  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\Windows\System32\drivers\sermouse.sys
23:17:19.0188 0x7534  sermouse - ok
23:17:19.0204 0x7534  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:17:19.0219 0x7534  SessionEnv - ok
23:17:19.0219 0x7534  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
23:17:19.0219 0x7534  sfloppy - ok
23:17:19.0235 0x7534  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:17:19.0266 0x7534  SharedAccess - ok
23:17:19.0282 0x7534  [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:17:19.0297 0x7534  ShellHWDetection - ok
23:17:19.0313 0x7534  [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc        C:\Windows\system32\Windows.SharedPC.AccountManager.dll
23:17:19.0313 0x7534  shpamsvc - ok
23:17:19.0329 0x7534  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:17:19.0329 0x7534  SiSRaid2 - ok
23:17:19.0329 0x7534  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:17:19.0344 0x7534  SiSRaid4 - ok
23:17:19.0344 0x7534  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\Windows\System32\smphost.dll
23:17:19.0360 0x7534  smphost - ok
23:17:19.0375 0x7534  [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
23:17:19.0407 0x7534  SmsRouter - ok
23:17:19.0407 0x7534  [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:17:19.0422 0x7534  SNMPTRAP - ok
23:17:19.0422 0x7534  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\Windows\system32\drivers\spaceport.sys
23:17:19.0438 0x7534  spaceport - ok
23:17:19.0454 0x7534  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\Windows\system32\drivers\SpatialGraphFilter.sys
23:17:19.0454 0x7534  SpatialGraphFilter - ok
23:17:19.0454 0x7534  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
23:17:19.0469 0x7534  SpbCx - ok
23:17:19.0485 0x7534  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\Windows\system32\spectrum.exe
23:17:19.0516 0x7534  spectrum - ok
23:17:19.0532 0x7534  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\Windows\System32\spoolsv.exe
23:17:19.0547 0x7534  Spooler - ok
23:17:19.0610 0x7534  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\Windows\system32\sppsvc.exe
23:17:19.0704 0x7534  sppsvc - ok
23:17:19.0719 0x7534  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:17:19.0719 0x7534  srv - ok
23:17:19.0735 0x7534  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:17:19.0766 0x7534  srv2 - ok
23:17:19.0766 0x7534  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:17:19.0782 0x7534  srvnet - ok
23:17:19.0797 0x7534  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:17:19.0813 0x7534  SSDPSRV - ok
23:17:19.0813 0x7534  [ 392BB410D26B66CBBE4D702AEF755351, 83762BBF1111FACFDE42087E641301A8C154943CE7C1C0F40CBCFD813E10CF83 ] sshid           C:\Windows\System32\drivers\sshid.sys
23:17:19.0829 0x7534  sshid - ok
23:17:19.0829 0x7534  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:17:19.0844 0x7534  SstpSvc - ok
23:17:19.0907 0x7534  [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\Windows\system32\windows.staterepository.dll
23:17:20.0000 0x7534  StateRepository - ok
23:17:20.0016 0x7534  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:17:20.0016 0x7534  stexstor - ok
23:17:20.0032 0x7534  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\Windows\System32\wiaservc.dll
23:17:20.0047 0x7534  stisvc - ok
23:17:20.0063 0x7534  [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci        C:\Windows\system32\drivers\storahci.sys
23:17:20.0063 0x7534  storahci - ok
23:17:20.0063 0x7534  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:17:20.0079 0x7534  storflt - ok
23:17:20.0079 0x7534  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
23:17:20.0079 0x7534  stornvme - ok
23:17:20.0094 0x7534  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
23:17:20.0094 0x7534  storqosflt - ok
23:17:20.0110 0x7534  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\Windows\system32\storsvc.dll
23:17:20.0125 0x7534  StorSvc - ok
23:17:20.0141 0x7534  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\Windows\system32\drivers\storufs.sys
23:17:20.0141 0x7534  storufs - ok
23:17:20.0141 0x7534  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:17:20.0157 0x7534  storvsc - ok
23:17:20.0157 0x7534  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\Windows\system32\svsvc.dll
23:17:20.0172 0x7534  svsvc - ok
23:17:20.0172 0x7534  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\Windows\System32\drivers\swenum.sys
23:17:20.0188 0x7534  swenum - ok
23:17:20.0204 0x7534  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\Windows\System32\swprv.dll
23:17:20.0219 0x7534  swprv - ok
23:17:20.0235 0x7534  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
23:17:20.0235 0x7534  Synth3dVsc - ok
23:17:20.0250 0x7534  [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain         C:\Windows\system32\sysmain.dll
23:17:20.0282 0x7534  SysMain - ok
23:17:20.0297 0x7534  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
23:17:20.0313 0x7534  SystemEventsBroker - ok
23:17:20.0313 0x7534  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:17:20.0329 0x7534  TabletInputService - ok
23:17:20.0329 0x7534  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:17:20.0344 0x7534  TapiSrv - ok
23:17:20.0391 0x7534  [ DC0D1B5284152315F81894DAABBB2AF3, 8FE66A87910959EDE865FD296878FFFDB5D3100F9041C74060FC2CE19E29C3B2 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:17:20.0438 0x7534  Tcpip - ok
23:17:20.0469 0x7534  [ DC0D1B5284152315F81894DAABBB2AF3, 8FE66A87910959EDE865FD296878FFFDB5D3100F9041C74060FC2CE19E29C3B2 ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
23:17:20.0532 0x7534  Tcpip6 - ok
23:17:20.0532 0x7534  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:17:20.0547 0x7534  tcpipreg - ok
23:17:20.0547 0x7534  [ 892AB2637603A5E9507C39E61101C3C3, 04B06BBEFC033BC9395123AE623E0BB3A241F05AA93EA2625CF2DBE1B3FFD1B6 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:17:20.0547 0x7534  tdx - ok
23:17:20.0563 0x7534  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\Windows\System32\drivers\terminpt.sys
23:17:20.0563 0x7534  terminpt - ok
23:17:20.0579 0x7534  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\Windows\System32\termsrv.dll
23:17:20.0610 0x7534  TermService - ok
23:17:20.0610 0x7534  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\Windows\system32\themeservice.dll
23:17:20.0626 0x7534  Themes - ok
23:17:20.0641 0x7534  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
23:17:20.0657 0x7534  TieringEngineService - ok
23:17:20.0657 0x7534  [ 4F9A5CE9F3C75AF1EE4B00D5E69F7CF7, 5FEE41C10629E89BD372E5D6C05A78FC0F2C394F4DE7C70AACC8720C6C6590DA ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
23:17:20.0688 0x7534  tiledatamodelsvc - ok
23:17:20.0688 0x7534  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\Windows\System32\TimeBrokerServer.dll
23:17:20.0704 0x7534  TimeBrokerSvc - ok
23:17:20.0719 0x7534  [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker     C:\Windows\System32\TokenBroker.dll
23:17:20.0751 0x7534  TokenBroker - ok
23:17:20.0766 0x7534  [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM             C:\Windows\System32\drivers\tpm.sys
23:17:20.0766 0x7534  TPM - ok
23:17:20.0766 0x7534  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\Windows\System32\trkwks.dll
23:17:20.0782 0x7534  TrkWks - ok
23:17:20.0782 0x7534  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:17:20.0797 0x7534  TrustedInstaller - ok
23:17:20.0797 0x7534  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:17:20.0813 0x7534  TsUsbFlt - ok
23:17:20.0813 0x7534  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
23:17:20.0829 0x7534  TsUsbGD - ok
23:17:20.0829 0x7534  [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
23:17:20.0829 0x7534  tsusbhub - ok
23:17:20.0844 0x7534  [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel          C:\Windows\System32\drivers\tunnel.sys
23:17:20.0860 0x7534  tunnel - ok
23:17:20.0860 0x7534  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
23:17:20.0876 0x7534  tzautoupdate - ok
23:17:20.0876 0x7534  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
23:17:20.0891 0x7534  UASPStor - ok
23:17:20.0891 0x7534  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
23:17:20.0891 0x7534  UcmCx0101 - ok
23:17:20.0907 0x7534  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\Windows\system32\Drivers\UcmTcpciCx.sys
23:17:20.0907 0x7534  UcmTcpciCx0101 - ok
23:17:20.0922 0x7534  [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi         C:\Windows\System32\drivers\UcmUcsi.sys
23:17:20.0922 0x7534  UcmUcsi - ok
23:17:20.0922 0x7534  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
23:17:20.0938 0x7534  Ucx01000 - ok
23:17:20.0938 0x7534  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\Windows\system32\drivers\udecx.sys
23:17:20.0954 0x7534  UdeCx - ok
23:17:20.0954 0x7534  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:17:20.0969 0x7534  udfs - ok
23:17:20.0969 0x7534  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\Windows\System32\drivers\UEFI.sys
23:17:20.0985 0x7534  UEFI - ok
23:17:20.0985 0x7534  [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver  C:\Windows\system32\drivers\UevAgentDriver.sys
23:17:20.0985 0x7534  UevAgentDriver - ok
23:17:21.0016 0x7534  [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\Windows\system32\AgentService.exe
23:17:21.0047 0x7534  UevAgentService - ok
23:17:21.0047 0x7534  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
23:17:21.0063 0x7534  Ufx01000 - ok
23:17:21.0063 0x7534  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\Windows\System32\drivers\UfxChipidea.sys
23:17:21.0079 0x7534  UfxChipidea - ok
23:17:21.0079 0x7534  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
23:17:21.0094 0x7534  ufxsynopsys - ok
23:17:21.0094 0x7534  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:17:21.0110 0x7534  UI0Detect - ok
23:17:21.0110 0x7534  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\Windows\System32\drivers\umbus.sys
23:17:21.0110 0x7534  umbus - ok
23:17:21.0110 0x7534  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\Windows\System32\drivers\umpass.sys
23:17:21.0126 0x7534  UmPass - ok
23:17:21.0126 0x7534  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\Windows\System32\umrdp.dll
23:17:21.0141 0x7534  UmRdpService - ok
23:17:21.0157 0x7534  [ 5B17D5E9FBF65ED93078DEB687357BAF, 00BC68F16E36681254E72D8D39006F695D38246EAB6ABC6F40E5305D5ACE26A1 ] UnistoreSvc     C:\Windows\System32\unistore.dll
23:17:21.0188 0x7534  UnistoreSvc - ok
23:17:21.0204 0x7534  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\Windows\System32\upnphost.dll
23:17:21.0235 0x7534  upnphost - ok
23:17:21.0235 0x7534  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\Windows\System32\drivers\urschipidea.sys
23:17:21.0235 0x7534  UrsChipidea - ok
23:17:21.0235 0x7534  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
23:17:21.0251 0x7534  UrsCx01000 - ok
23:17:21.0251 0x7534  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\Windows\System32\drivers\urssynopsys.sys
23:17:21.0251 0x7534  UrsSynopsys - ok
23:17:21.0266 0x7534  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
23:17:21.0266 0x7534  usbccgp - ok
23:17:21.0266 0x7534  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\Windows\System32\drivers\usbcir.sys
23:17:21.0282 0x7534  usbcir - ok
23:17:21.0282 0x7534  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
23:17:21.0297 0x7534  usbehci - ok
23:17:21.0297 0x7534  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
23:17:21.0313 0x7534  usbhub - ok
23:17:21.0329 0x7534  [ B9651548CE196186A72CE8C6D0C094FC, FD46C71C58701DF4CA89BE82BECACB00A0ACFE34A330676BD88666BBB2DE4D6D ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
23:17:21.0344 0x7534  USBHUB3 - ok
23:17:21.0344 0x7534  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\Windows\System32\drivers\usbohci.sys
23:17:21.0360 0x7534  usbohci - ok
23:17:21.0360 0x7534  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
23:17:21.0360 0x7534  usbprint - ok
23:17:21.0376 0x7534  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\Windows\System32\drivers\usbser.sys
23:17:21.0376 0x7534  usbser - ok
23:17:21.0376 0x7534  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
23:17:21.0391 0x7534  USBSTOR - ok
23:17:21.0391 0x7534  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
23:17:21.0407 0x7534  usbuhci - ok
23:17:21.0422 0x7534  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
23:17:21.0422 0x7534  USBXHCI - ok
23:17:21.0454 0x7534  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\Windows\System32\userdataservice.dll
23:17:21.0501 0x7534  UserDataSvc - ok
23:17:21.0516 0x7534  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\Windows\System32\usermgr.dll
23:17:21.0548 0x7534  UserManager - ok
23:17:21.0563 0x7534  [ 65D70A530105E0576641493D6292C9EA, 1059285060E700449C6BB99DB0E5E4FF4A32215323F45C11DA7617785F073276 ] UsoSvc          C:\Windows\system32\usocore.dll
23:17:21.0579 0x7534  UsoSvc - ok
23:17:21.0594 0x7534  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] VaultSvc        C:\Windows\system32\lsass.exe
23:17:21.0594 0x7534  VaultSvc - ok
23:17:21.0594 0x7534  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:17:21.0610 0x7534  vdrvroot - ok
23:17:21.0626 0x7534  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\Windows\System32\vds.exe
23:17:21.0641 0x7534  vds - ok
23:17:21.0657 0x7534  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
23:17:21.0657 0x7534  VerifierExt - ok
23:17:21.0673 0x7534  [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
23:17:21.0688 0x7534  vhdmp - ok
23:17:21.0688 0x7534  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\Windows\System32\drivers\vhf.sys
23:17:21.0704 0x7534  vhf - ok
23:17:21.0704 0x7534  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:17:21.0719 0x7534  vmbus - ok
23:17:21.0719 0x7534  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
23:17:21.0719 0x7534  VMBusHID - ok
23:17:21.0719 0x7534  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\Windows\System32\drivers\vmgid.sys
23:17:21.0735 0x7534  vmgid - ok
23:17:21.0735 0x7534  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\Windows\System32\icsvc.dll
23:17:21.0751 0x7534  vmicguestinterface - ok
23:17:21.0751 0x7534  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\Windows\System32\icsvc.dll
23:17:21.0766 0x7534  vmicheartbeat - ok
23:17:21.0766 0x7534  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\Windows\System32\icsvc.dll
23:17:21.0782 0x7534  vmickvpexchange - ok
23:17:21.0798 0x7534  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\Windows\System32\icsvcext.dll
23:17:21.0813 0x7534  vmicrdv - ok
23:17:21.0813 0x7534  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\Windows\System32\icsvc.dll
23:17:21.0829 0x7534  vmicshutdown - ok
23:17:21.0829 0x7534  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\Windows\System32\icsvc.dll
23:17:21.0844 0x7534  vmictimesync - ok
23:17:21.0844 0x7534  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\Windows\System32\icsvc.dll
23:17:21.0860 0x7534  vmicvmsession - ok
23:17:21.0876 0x7534  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\Windows\System32\icsvcext.dll
23:17:21.0876 0x7534  vmicvss - ok
23:17:21.0891 0x7534  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:17:21.0891 0x7534  volmgr - ok
23:17:21.0907 0x7534  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:17:21.0907 0x7534  volmgrx - ok
23:17:21.0923 0x7534  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:17:21.0938 0x7534  volsnap - ok
23:17:21.0938 0x7534  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\Windows\system32\drivers\volume.sys
23:17:21.0938 0x7534  volume - ok
23:17:21.0938 0x7534  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\Windows\System32\drivers\vpci.sys
23:17:21.0954 0x7534  vpci - ok
23:17:21.0954 0x7534  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:17:21.0969 0x7534  vsmraid - ok
23:17:21.0985 0x7534  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\Windows\system32\vssvc.exe
23:17:22.0032 0x7534  VSS - ok
23:17:22.0032 0x7534  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
23:17:22.0048 0x7534  VSTXRAID - ok
23:17:22.0048 0x7534  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:17:22.0063 0x7534  vwifibus - ok
23:17:22.0063 0x7534  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
23:17:22.0079 0x7534  vwififlt - ok
23:17:22.0094 0x7534  [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp         C:\Windows\System32\drivers\vwifimp.sys
23:17:22.0110 0x7534  vwifimp - ok
23:17:22.0110 0x7534  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\Windows\system32\w32time.dll
23:17:22.0141 0x7534  W32Time - ok
23:17:22.0141 0x7534  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
23:17:22.0141 0x7534  WacomPen - ok
         
__________________

Alt 18.07.2017, 23:01   #4
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



TDSS 2
Code:
ATTFilter
23:17:22.0157 0x7534  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\Windows\system32\WalletService.dll
23:17:22.0173 0x7534  WalletService - ok
23:17:22.0173 0x7534  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
23:17:22.0188 0x7534  wanarp - ok
23:17:22.0188 0x7534  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:17:22.0204 0x7534  wanarpv6 - ok
23:17:22.0235 0x7534  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\Windows\system32\wbengine.exe
23:17:22.0266 0x7534  wbengine - ok
23:17:22.0282 0x7534  [ 4D5CDE84068F3D4613C3C17CFEA4515D, 2F011CE35AAAD8BA7AD61E1FBDAC225A3C1B06EFE89CAE2FCC65E92BF4AB1CC0 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:17:22.0313 0x7534  WbioSrvc - ok
23:17:22.0313 0x7534  [ 923200B78F5284D674A3712204D0FEFA, 4B00785D2E9D12052C2C8E80C568606E0148AA230285D4018A0A603E16224CEE ] wcifs           C:\Windows\system32\drivers\wcifs.sys
23:17:22.0329 0x7534  wcifs - ok
23:17:22.0344 0x7534  [ 9DDD15FCE0BE61F25C20CC7E2A96B77C, 072E6B3D86CD4F4A55305986E3848A47B7E8000FF5AEFE8A206FD4F7BE958872 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
23:17:22.0360 0x7534  Wcmsvc - ok
23:17:22.0376 0x7534  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:17:22.0391 0x7534  wcncsvc - ok
23:17:22.0391 0x7534  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\Windows\system32\drivers\wcnfs.sys
23:17:22.0407 0x7534  wcnfs - ok
23:17:22.0407 0x7534  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
23:17:22.0407 0x7534  WdBoot - ok
23:17:22.0423 0x7534  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:17:22.0454 0x7534  Wdf01000 - ok
23:17:22.0454 0x7534  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
23:17:22.0470 0x7534  WdFilter - ok
23:17:22.0470 0x7534  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:17:22.0485 0x7534  WdiServiceHost - ok
23:17:22.0485 0x7534  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:17:22.0501 0x7534  WdiSystemHost - ok
23:17:22.0516 0x7534  [ BF45B43BA47D0FA769CE5AFBF7104F01, CBEEC0E915162BEBFCD2CA9EF72C02E82AFAB2A016F1750A7982975A94599CF6 ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
23:17:22.0532 0x7534  wdiwifi - ok
23:17:22.0532 0x7534  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
23:17:22.0548 0x7534  WdNisDrv - ok
23:17:22.0548 0x7534  WdNisSvc - ok
23:17:22.0548 0x7534  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\Windows\System32\webclnt.dll
23:17:22.0563 0x7534  WebClient - ok
23:17:22.0579 0x7534  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:17:22.0595 0x7534  Wecsvc - ok
23:17:22.0595 0x7534  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
23:17:22.0595 0x7534  WEPHOSTSVC - ok
23:17:22.0610 0x7534  [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:17:22.0610 0x7534  wercplsupport - ok
23:17:22.0626 0x7534  [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc          C:\Windows\System32\WerSvc.dll
23:17:22.0626 0x7534  WerSvc - ok
23:17:22.0641 0x7534  [ 4D64719B4819CA22A046EC32809BBD98, 0ABD6C7D039E57F5637E843388FA8D52072237061EB75C7CDEBC9E13A6C8F06E ] WFDSConMgrSvc   C:\Windows\System32\wfdsconmgrsvc.dll
23:17:22.0657 0x7534  WFDSConMgrSvc - ok
23:17:22.0673 0x7534  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
23:17:22.0673 0x7534  WFPLWFS - ok
23:17:22.0673 0x7534  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\Windows\System32\wiarpc.dll
23:17:22.0688 0x7534  WiaRpc - ok
23:17:22.0688 0x7534  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:17:22.0704 0x7534  WIMMount - ok
23:17:22.0704 0x7534  WinDefend - ok
23:17:22.0704 0x7534  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
23:17:22.0720 0x7534  WindowsTrustedRT - ok
23:17:22.0720 0x7534  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
23:17:22.0720 0x7534  WindowsTrustedRTProxy - ok
23:17:22.0735 0x7534  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
23:17:22.0751 0x7534  WinHttpAutoProxySvc - ok
23:17:22.0766 0x7534  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\Windows\System32\drivers\winmad.sys
23:17:22.0766 0x7534  WinMad - ok
23:17:22.0782 0x7534  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:17:22.0798 0x7534  Winmgmt - ok
23:17:22.0798 0x7534  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\Windows\system32\drivers\winnat.sys
23:17:22.0813 0x7534  WinNat - ok
23:17:22.0845 0x7534  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:17:22.0923 0x7534  WinRM - ok
23:17:22.0923 0x7534  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
23:17:22.0938 0x7534  WINUSB - ok
23:17:22.0938 0x7534  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
23:17:22.0954 0x7534  WinVerbs - ok
23:17:22.0954 0x7534  [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc           C:\Windows\system32\flightsettings.dll
23:17:22.0985 0x7534  wisvc - ok
23:17:23.0016 0x7534  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\Windows\System32\wlansvc.dll
23:17:23.0079 0x7534  WlanSvc - ok
23:17:23.0110 0x7534  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\Windows\system32\wlidsvc.dll
23:17:23.0173 0x7534  wlidsvc - ok
23:17:23.0188 0x7534  [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc         C:\Windows\System32\lpasvc.dll
23:17:23.0235 0x7534  wlpasvc - ok
23:17:23.0235 0x7534  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
23:17:23.0235 0x7534  WmiAcpi - ok
23:17:23.0251 0x7534  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:17:23.0266 0x7534  wmiApSrv - ok
23:17:23.0266 0x7534  WMPNetworkSvc - ok
23:17:23.0266 0x7534  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\Windows\system32\drivers\Wof.sys
23:17:23.0282 0x7534  Wof - ok
23:17:23.0313 0x7534  [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
23:17:23.0360 0x7534  workfolderssvc - ok
23:17:23.0360 0x7534  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:17:23.0376 0x7534  WPDBusEnum - ok
23:17:23.0376 0x7534  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
23:17:23.0376 0x7534  WpdUpFltr - ok
23:17:23.0391 0x7534  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\Windows\system32\WpnService.dll
23:17:23.0407 0x7534  WpnService - ok
23:17:23.0407 0x7534  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\Windows\System32\WpnUserService.dll
23:17:23.0407 0x7534  WpnUserService - ok
23:17:23.0423 0x7534  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:17:23.0423 0x7534  ws2ifsl - ok
23:17:23.0438 0x7534  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\Windows\System32\wscsvc.dll
23:17:23.0454 0x7534  wscsvc - ok
23:17:23.0454 0x7534  WSearch - ok
23:17:23.0485 0x7534  [ 359A4FC47628C0E66894B80C97932C71, 2E4A70754619285184BA605800A9ACBB0658E7EC005271652BD465A34015B990 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:17:23.0548 0x7534  wuauserv - ok
23:17:23.0548 0x7534  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:17:23.0563 0x7534  WudfPf - ok
23:17:23.0563 0x7534  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
23:17:23.0579 0x7534  WUDFRd - ok
23:17:23.0579 0x7534  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:17:23.0595 0x7534  wudfsvc - ok
23:17:23.0595 0x7534  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
23:17:23.0610 0x7534  WUDFWpdFs - ok
23:17:23.0642 0x7534  [ B0C56930417D00E44B3FDBF6FC282943, 837776DBB83184015E7B0C5821E914325E39A8CF51497A95389B33C1E995C55E ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:17:23.0673 0x7534  WwanSvc - ok
23:17:23.0673 0x7534  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\Windows\System32\xbgmsvc.dll
23:17:23.0688 0x7534  xbgm - ok
23:17:23.0704 0x7534  [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
23:17:23.0735 0x7534  XblAuthManager - ok
23:17:23.0751 0x7534  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\Windows\System32\XblGameSave.dll
23:17:23.0782 0x7534  XblGameSave - ok
23:17:23.0798 0x7534  [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
23:17:23.0813 0x7534  xboxgip - ok
23:17:23.0813 0x7534  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\Windows\System32\XboxGipSvc.dll
23:17:23.0813 0x7534  XboxGipSvc - ok
23:17:23.0845 0x7534  [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
23:17:23.0876 0x7534  XboxNetApiSvc - ok
23:17:23.0876 0x7534  xhunter1 - ok
23:17:23.0892 0x7534  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
23:17:23.0892 0x7534  xinputhid - ok
23:17:23.0892 0x7534  ================ Scan global ===============================
23:17:23.0907 0x7534  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\Windows\system32\basesrv.dll
23:17:23.0907 0x7534  [ 981EC77511EBFE8AE5731C08A194A685, DBA05F38AB2536BF6BAC2103843CBAA46E601D9DCF4B72628CAA13F8E37DDB9D ] C:\Windows\system32\winsrv.dll
23:17:23.0907 0x7534  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\Windows\system32\sxssrv.dll
23:17:23.0923 0x7534  [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\Windows\system32\services.exe
23:17:23.0923 0x7534  [ Global ] - ok
23:17:23.0923 0x7534  ================ Scan MBR ==================================
23:17:23.0954 0x7534  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:17:24.0032 0x7534  \Device\Harddisk0\DR0 - ok
23:17:24.0048 0x7534  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:17:24.0095 0x7534  \Device\Harddisk1\DR1 - ok
23:17:24.0095 0x7534  ================ Scan VBR ==================================
23:17:24.0095 0x7534  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
23:17:24.0095 0x7534  \Device\Harddisk0\DR0\Partition1 - ok
23:17:24.0095 0x7534  [ A2F60A604B43F97351351D5BD3D733DA ] \Device\Harddisk0\DR0\Partition2
23:17:24.0110 0x7534  \Device\Harddisk0\DR0\Partition2 - ok
23:17:24.0110 0x7534  [ B68767BE629024F99C02C50A64A1166D ] \Device\Harddisk1\DR1\Partition1
23:17:24.0110 0x7534  \Device\Harddisk1\DR1\Partition1 - ok
23:17:24.0110 0x7534  [ BC36EB795B9C005815BA84E907CB127A ] \Device\Harddisk1\DR1\Partition2
23:17:24.0110 0x7534  \Device\Harddisk1\DR1\Partition2 - ok
23:17:24.0126 0x7534  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition3
23:17:24.0126 0x7534  \Device\Harddisk1\DR1\Partition3 - ok
23:17:24.0126 0x7534  [ 86B5B7C43C265FE1E57F6B51F402F79F ] \Device\Harddisk1\DR1\Partition4
23:17:24.0126 0x7534  \Device\Harddisk1\DR1\Partition4 - ok
23:17:24.0126 0x7534  ================ Scan generic autorun ======================
23:17:24.0126 0x7534  SecurityHealth - ok
23:17:24.0157 0x7534  [ 26765B5C617F2BC199C29FA5643F6177, A871D14CB830D7B13D9C3A451E1448D66D28CEECB08DDD6E7075B58A1AB1779C ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
23:17:24.0173 0x7534  avgnt - ok
23:17:24.0173 0x7534  [ 36828A828CEAA19A0FEA14C8723DC60C, 005627B96A08AC88BE3813DCB73228D8668A8270021D824FFC5EEA26C29027FA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
23:17:24.0188 0x7534  Avira SystrayStartTrigger - ok
23:17:24.0517 0x7534  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:17:24.0782 0x7534  OneDriveSetup - ok
23:17:25.0079 0x7534  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:17:25.0345 0x7534  OneDriveSetup - ok
23:17:25.0392 0x7534  [ C5D30E88C97825CF0652B60C42F103AD, D605DC9021021714BDA36EF48C335F85C77F85474A21B6E5258270E1703B8DC8 ] C:\Users\Christoph\AppData\Local\Microsoft\OneDrive\OneDrive.exe
23:17:25.0407 0x7534  OneDrive - ok
23:17:25.0407 0x7534  Waiting for KSN requests completion. In queue: 230
23:17:26.0454 0x7534  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.28.21 ), 0x41000 ( enabled : updated )
23:17:26.0454 0x7534  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
23:17:26.0454 0x7534  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x60000 ( disabled : updated )
23:17:26.0470 0x7534  Win FW state via NFP2: enabled ( trusted )
23:17:26.0579 0x7534  ============================================================
23:17:26.0579 0x7534  Scan finished
23:17:26.0579 0x7534  ============================================================
23:17:26.0579 0x7d68  Detected object count: 0
23:17:26.0579 0x7d68  Actual detected object count: 0
23:28:26.0247 0x8b6c  ============================================================
23:28:26.0247 0x8b6c  Scan started
23:28:26.0247 0x8b6c  Mode: Manual; SigCheck; TDLFS; 
23:28:26.0247 0x8b6c  ============================================================
23:28:26.0247 0x8b6c  KSN ping started
23:28:26.0368 0x8b6c  KSN ping finished: true
23:28:26.0593 0x8b6c  ================ Scan system memory ========================
23:28:26.0593 0x8b6c  System memory - ok
23:28:26.0593 0x8b6c  ================ Scan services =============================
23:28:26.0617 0x8b6c  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
23:28:26.0634 0x8b6c  1394ohci - ok
23:28:26.0638 0x8b6c  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\Windows\system32\drivers\3ware.sys
23:28:26.0647 0x8b6c  3ware - ok
23:28:26.0661 0x8b6c  [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:28:26.0680 0x8b6c  ACPI - ok
23:28:26.0683 0x8b6c  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\Windows\System32\drivers\AcpiDev.sys
23:28:26.0692 0x8b6c  AcpiDev - ok
23:28:26.0696 0x8b6c  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
23:28:26.0705 0x8b6c  acpiex - ok
23:28:26.0708 0x8b6c  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
23:28:26.0717 0x8b6c  acpipagr - ok
23:28:26.0719 0x8b6c  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
23:28:26.0727 0x8b6c  AcpiPmi - ok
23:28:26.0729 0x8b6c  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\Windows\System32\drivers\acpitime.sys
23:28:26.0737 0x8b6c  acpitime - ok
23:28:26.0757 0x8b6c  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
23:28:26.0781 0x8b6c  ADP80XX - ok
23:28:26.0794 0x8b6c  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\Windows\system32\drivers\afd.sys
23:28:26.0808 0x8b6c  AFD - ok
23:28:26.0816 0x8b6c  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
23:28:26.0830 0x8b6c  ahcache - ok
23:28:26.0833 0x8b6c  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\Windows\System32\AJRouter.dll
23:28:26.0841 0x8b6c  AJRouter - ok
23:28:26.0846 0x8b6c  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\Windows\System32\alg.exe
23:28:26.0855 0x8b6c  ALG - ok
23:28:26.0860 0x8b6c  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
23:28:26.0871 0x8b6c  AmdK8 - ok
23:28:26.0876 0x8b6c  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
23:28:26.0887 0x8b6c  AmdPPM - ok
23:28:26.0891 0x8b6c  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:28:26.0898 0x8b6c  amdsata - ok
23:28:26.0904 0x8b6c  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:28:26.0914 0x8b6c  amdsbs - ok
23:28:26.0917 0x8b6c  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:28:26.0923 0x8b6c  amdxata - ok
23:28:26.0946 0x8b6c  [ A587017D8CAF0B67FCD4B589C1ABF22B, 5B8024C0BAB30C9F850D189A1D3B5B385177BD7EA54C5FE6FD8506686B2A886E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
23:28:26.0967 0x8b6c  AntiVirMailService - ok
23:28:26.0978 0x8b6c  [ 69681426797E0E78F4D9398BD789F1F8, 8B336406B009AF66D558998AE62466AAE24E84DC5D0E98EB2BE7AA38FABD1042 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
23:28:26.0988 0x8b6c  AntiVirSchedulerService - ok
23:28:26.0997 0x8b6c  [ 69681426797E0E78F4D9398BD789F1F8, 8B336406B009AF66D558998AE62466AAE24E84DC5D0E98EB2BE7AA38FABD1042 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
23:28:27.0008 0x8b6c  AntiVirService - ok
23:28:27.0032 0x8b6c  [ B2868F2E2057D4EA9E7EA061102D8921, 1FCB309421FC58E68E162282816ACB88A1E20C148A0B5C423FEC49123D033EA0 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
23:28:27.0059 0x8b6c  AntiVirWebService - ok
23:28:27.0065 0x8b6c  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\Windows\system32\drivers\appid.sys
23:28:27.0073 0x8b6c  AppID - ok
23:28:27.0079 0x8b6c  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:28:27.0090 0x8b6c  AppIDSvc - ok
23:28:27.0094 0x8b6c  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\Windows\System32\appinfo.dll
23:28:27.0105 0x8b6c  Appinfo - ok
23:28:27.0108 0x8b6c  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\Windows\system32\drivers\applockerfltr.sys
23:28:27.0123 0x8b6c  applockerfltr - ok
23:28:27.0128 0x8b6c  [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:28:27.0138 0x8b6c  AppMgmt - ok
23:28:27.0149 0x8b6c  [ FFAE5D5B096BBF43A1E917331727FD17, AF4DB56FEB2D9A671BFE9E0BF9BC89E71A503DBDF2B25CA32FA17948FC38AB0D ] AppReadiness    C:\Windows\system32\AppReadiness.dll
23:28:27.0168 0x8b6c  AppReadiness - ok
23:28:27.0184 0x8b6c  [ E3404B730D313C5EA99969ACF3B5436B, 02513749EE7C08E4079D2F8B976D53F3CFDD05735C2A813699B6CB9F742F5219 ] AppVClient      C:\Windows\system32\AppVClient.exe
23:28:27.0203 0x8b6c  AppVClient - ok
23:28:27.0208 0x8b6c  [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm        C:\Windows\system32\drivers\AppvStrm.sys
23:28:27.0217 0x8b6c  AppvStrm - ok
23:28:27.0222 0x8b6c  [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr       C:\Windows\system32\drivers\AppvVemgr.sys
23:28:27.0230 0x8b6c  AppvVemgr - ok
23:28:27.0234 0x8b6c  [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs         C:\Windows\system32\drivers\AppvVfs.sys
23:28:27.0243 0x8b6c  AppvVfs - ok
23:28:27.0283 0x8b6c  [ 4C63CB8375AE0BD0BD6496850D8A14B5, 7E29C8CD1F122CFA917AD835AD4B82B482FD0BEC5F4664816C0A2F39B85F49C4 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
23:28:27.0349 0x8b6c  AppXSvc - ok
23:28:27.0356 0x8b6c  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:28:27.0364 0x8b6c  arcsas - ok
23:28:27.0367 0x8b6c  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
23:28:27.0375 0x8b6c  AsyncMac - ok
23:28:27.0380 0x8b6c  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\Windows\system32\drivers\atapi.sys
23:28:27.0386 0x8b6c  atapi - ok
23:28:27.0397 0x8b6c  [ 435DC20A3642BA5974FC30A6C8AAAB66, 841CFC54B3FC1A07AD3E20FF9FD5B490EA1197E410E16984B4640B2737C210BB ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
23:28:27.0418 0x8b6c  AudioEndpointBuilder - ok
23:28:27.0439 0x8b6c  [ 132A5D82E9BC66F6B013AE28C4A182BC, 2DB8FD551575F3CDA5DD2BFAB5277FE11FC467F9A8B5218D00C1A8DCBF8E0209 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:28:27.0475 0x8b6c  Audiosrv - ok
23:28:27.0480 0x8b6c  [ 4621EA3385170B087A03F3C90E276B4A, 1513802CF844B1B7A70C820AEF732EDA432D44CD8726560D95F05EB5CA556CD7 ] avdevprot       C:\Windows\system32\DRIVERS\avdevprot.sys
23:28:27.0486 0x8b6c  avdevprot - ok
23:28:27.0490 0x8b6c  [ 0C6D49FFD4B70F95E24EF5311ED57A28, AB58DC263E3B5DE2E5E76DCBE8061D9B6736B411C2D572E56AD68BB326818FAF ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:28:27.0497 0x8b6c  avgntflt - ok
23:28:27.0503 0x8b6c  [ DAA6BD143D3AC4274791018FFAD5543A, 2D85818C52FF768579528A81DEB8D106421D986B28837B301F53B600E382E6CF ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:28:27.0510 0x8b6c  avipbb - ok
23:28:27.0518 0x8b6c  [ 899C706D9C5A829BEA290CD02A95B07C, 40121149932C76E2377386D4C286E1C0CE5AE382515C8DE391B68A0E77478B28 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
23:28:27.0529 0x8b6c  Avira.ServiceHost - ok
23:28:27.0532 0x8b6c  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:28:27.0538 0x8b6c  avkmgr - ok
23:28:27.0541 0x8b6c  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
23:28:27.0548 0x8b6c  avnetflt - ok
23:28:27.0551 0x8b6c  [ 9C71227D9D0A6F929C97294842A988B1, 3C79297A19001902A48BAFEF545CFB70D51509FA704EAE716B1858D1A66386A0 ] avusbflt        C:\Windows\system32\Drivers\avusbflt.sys
23:28:27.0556 0x8b6c  avusbflt - ok
23:28:27.0560 0x8b6c  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:28:27.0570 0x8b6c  AxInstSV - ok
23:28:27.0582 0x8b6c  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:28:27.0596 0x8b6c  b06bdrv - ok
23:28:27.0599 0x8b6c  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
23:28:27.0608 0x8b6c  BasicDisplay - ok
23:28:27.0612 0x8b6c  [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
23:28:27.0620 0x8b6c  BasicRender - ok
23:28:27.0623 0x8b6c  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
23:28:27.0638 0x8b6c  bcmfn2 - ok
23:28:27.0651 0x8b6c  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:28:27.0671 0x8b6c  BDESVC - ok
23:28:27.0675 0x8b6c  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:28:27.0685 0x8b6c  Beep - ok
23:28:27.0702 0x8b6c  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\Windows\System32\bfe.dll
23:28:27.0728 0x8b6c  BFE - ok
23:28:27.0749 0x8b6c  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\Windows\System32\qmgr.dll
23:28:27.0782 0x8b6c  BITS - ok
23:28:27.0787 0x8b6c  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:28:27.0797 0x8b6c  bowser - ok
23:28:27.0812 0x8b6c  [ 29052CEB6E1DA5F58D20F7A28F392D5B, AFA283D3F61A9D32BAD3132A24ACC6AC0586803EE5EDF1B11779DEE32B865ABA ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
23:28:27.0839 0x8b6c  BrokerInfrastructure - ok
23:28:27.0844 0x8b6c  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\Windows\System32\browser.dll
23:28:27.0857 0x8b6c  Browser - ok
23:28:27.0862 0x8b6c  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
23:28:27.0871 0x8b6c  BthAvrcpTg - ok
23:28:27.0875 0x8b6c  [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
23:28:27.0886 0x8b6c  BthHFEnum - ok
23:28:27.0889 0x8b6c  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
23:28:27.0897 0x8b6c  bthhfhid - ok
23:28:27.0908 0x8b6c  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
23:28:27.0926 0x8b6c  BthHFSrv - ok
23:28:27.0930 0x8b6c  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
23:28:27.0940 0x8b6c  BTHMODEM - ok
23:28:27.0946 0x8b6c  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\Windows\system32\bthserv.dll
23:28:27.0956 0x8b6c  bthserv - ok
23:28:27.0960 0x8b6c  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
23:28:27.0968 0x8b6c  buttonconverter - ok
23:28:27.0971 0x8b6c  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\Windows\System32\drivers\CAD.sys
23:28:27.0980 0x8b6c  CAD - ok
23:28:27.0984 0x8b6c  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\Windows\System32\drivers\capimg.sys
23:28:27.0994 0x8b6c  CapImg - ok
23:28:27.0998 0x8b6c  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:28:28.0008 0x8b6c  cdfs - ok
23:28:28.0024 0x8b6c  [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc          C:\Windows\System32\CDPSvc.dll
23:28:28.0054 0x8b6c  CDPSvc - ok
23:28:28.0065 0x8b6c  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\Windows\System32\CDPUserSvc.dll
23:28:28.0086 0x8b6c  CDPUserSvc - ok
23:28:28.0093 0x8b6c  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\Windows\System32\drivers\cdrom.sys
23:28:28.0103 0x8b6c  cdrom - ok
23:28:28.0108 0x8b6c  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] CertPropSvc     C:\Windows\System32\certprop.dll
23:28:28.0120 0x8b6c  CertPropSvc - ok
23:28:28.0128 0x8b6c  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\Windows\system32\drivers\cht4sx64.sys
23:28:28.0138 0x8b6c  cht4iscsi - ok
23:28:28.0169 0x8b6c  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\Windows\System32\drivers\cht4vx64.sys
23:28:28.0211 0x8b6c  cht4vbd - ok
23:28:28.0215 0x8b6c  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\Windows\System32\drivers\circlass.sys
23:28:28.0224 0x8b6c  circlass - ok
23:28:28.0227 0x8b6c  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\Windows\system32\drivers\cldflt.sys
23:28:28.0240 0x8b6c  CldFlt - ok
23:28:28.0249 0x8b6c  [ 1BF9D74451B8AF166105E28F1D7A5C27, D76BDE26658AE5A46D15F54F7753D398A9E39B21191A7A8FFA95E1097F52EEB7 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
23:28:28.0261 0x8b6c  CLFS - ok
23:28:28.0277 0x8b6c  [ 4351225ABE115E9B81639CFC87B980BB, 366532C832729982C7485BB43C883E897E2E4C37F4C517A321E18DEBF165C7AC ] ClipSVC         C:\Windows\System32\ClipSVC.dll
23:28:28.0298 0x8b6c  ClipSVC - ok
23:28:28.0301 0x8b6c  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\Windows\System32\drivers\registry.sys
23:28:28.0308 0x8b6c  clreg - ok
23:28:28.0315 0x8b6c  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
23:28:28.0323 0x8b6c  CmBatt - ok
23:28:28.0336 0x8b6c  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\Windows\system32\Drivers\cng.sys
23:28:28.0352 0x8b6c  CNG - ok
23:28:28.0356 0x8b6c  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
23:28:28.0363 0x8b6c  cnghwassist - ok
23:28:28.0371 0x8b6c  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
23:28:28.0380 0x8b6c  CompositeBus - ok
23:28:28.0383 0x8b6c  COMSysApp - ok
23:28:28.0385 0x8b6c  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\Windows\system32\drivers\condrv.sys
23:28:28.0392 0x8b6c  condrv - ok
23:28:28.0407 0x8b6c  [ D270EE296EDA16437812C04B4CD61561, 76D974DBFFCE7E7A4DFC7010385FA7FA4FEB9FB2B1C8D13BABFEBABB93DEAC82 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
23:28:28.0429 0x8b6c  CoreMessagingRegistrar - ok
23:28:28.0435 0x8b6c  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:28:28.0447 0x8b6c  CryptSvc - ok
23:28:28.0457 0x8b6c  [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC             C:\Windows\system32\drivers\csc.sys
23:28:28.0478 0x8b6c  CSC - ok
23:28:28.0491 0x8b6c  [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService      C:\Windows\System32\cscsvc.dll
23:28:28.0515 0x8b6c  CscService - ok
23:28:28.0519 0x8b6c  [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam             C:\Windows\system32\drivers\dam.sys
23:28:28.0527 0x8b6c  dam - ok
23:28:28.0546 0x8b6c  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:28:28.0579 0x8b6c  DcomLaunch - ok
23:28:28.0590 0x8b6c  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:28:28.0614 0x8b6c  defragsvc - ok
23:28:28.0624 0x8b6c  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\Windows\system32\das.dll
23:28:28.0641 0x8b6c  DeviceAssociationService - ok
23:28:28.0646 0x8b6c  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
23:28:28.0664 0x8b6c  DeviceInstall - ok
23:28:28.0677 0x8b6c  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\Windows\System32\DevicesFlowBroker.dll
23:28:28.0702 0x8b6c  DevicesFlowUserSvc - ok
23:28:28.0707 0x8b6c  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
23:28:28.0717 0x8b6c  DevQueryBroker - ok
23:28:28.0721 0x8b6c  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
23:28:28.0739 0x8b6c  Dfsc - ok
23:28:28.0747 0x8b6c  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:28:28.0764 0x8b6c  Dhcp - ok
23:28:28.0769 0x8b6c  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
23:28:28.0780 0x8b6c  diagnosticshub.standardcollector.service - ok
23:28:28.0819 0x8b6c  [ 3835D0DD7A932266CC0746FDC5EC5568, 9F0933698C94FB51960818D20DAF2EE7530EA77DCA6E30603EEE85B60D807891 ] DiagTrack       C:\Windows\system32\diagtrack.dll
23:28:28.0880 0x8b6c  DiagTrack - ok
23:28:28.0887 0x8b6c  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\Windows\system32\drivers\disk.sys
23:28:28.0895 0x8b6c  Disk - ok
23:28:28.0905 0x8b6c  [ 92DD540BF9B920E2E0127E5884E48BC1, A488D60322B7AB4A64CF785888AD07AE0A1A87876E8C9D6BB06A76EC20AB94DA ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
23:28:28.0927 0x8b6c  DmEnrollmentSvc - ok
23:28:28.0930 0x8b6c  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
23:28:28.0938 0x8b6c  dmvsc - ok
23:28:28.0941 0x8b6c  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
23:28:28.0957 0x8b6c  dmwappushservice - ok
23:28:28.0964 0x8b6c  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:28:28.0979 0x8b6c  Dnscache - ok
23:28:28.0986 0x8b6c  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\Windows\System32\dot3svc.dll
23:28:29.0001 0x8b6c  dot3svc - ok
23:28:29.0006 0x8b6c  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\Windows\system32\dps.dll
23:28:29.0021 0x8b6c  DPS - ok
23:28:29.0024 0x8b6c  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\Windows\System32\drivers\drmkaud.sys
23:28:29.0030 0x8b6c  drmkaud - ok
23:28:29.0036 0x8b6c  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
23:28:29.0051 0x8b6c  DsmSvc - ok
23:28:29.0056 0x8b6c  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\Windows\System32\DsSvc.dll
23:28:29.0070 0x8b6c  DsSvc - ok
23:28:29.0077 0x8b6c  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\Windows\System32\dusmsvc.dll
23:28:29.0101 0x8b6c  DusmSvc - ok
23:28:29.0137 0x8b6c  [ D2D4095909DD26445139EC9B7C86DA5D, 246AF45588B859F3A32152C0CA14A2AD84361B08FDA5430B24E049CEE03B6271 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:28:29.0184 0x8b6c  DXGKrnl - ok
23:28:29.0191 0x8b6c  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\Windows\System32\eapsvc.dll
23:28:29.0207 0x8b6c  EapHost - ok
23:28:29.0259 0x8b6c  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:28:29.0321 0x8b6c  ebdrv - ok
23:28:29.0328 0x8b6c  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] EFS             C:\Windows\System32\lsass.exe
23:28:29.0336 0x8b6c  EFS - ok
23:28:29.0340 0x8b6c  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
23:28:29.0348 0x8b6c  EhStorClass - ok
23:28:29.0353 0x8b6c  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
23:28:29.0361 0x8b6c  EhStorTcgDrv - ok
23:28:29.0366 0x8b6c  [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
23:28:29.0379 0x8b6c  embeddedmode - ok
23:28:29.0386 0x8b6c  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
23:28:29.0401 0x8b6c  EntAppSvc - ok
23:28:29.0404 0x8b6c  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\Windows\System32\drivers\errdev.sys
23:28:29.0414 0x8b6c  ErrDev - ok
23:28:29.0424 0x8b6c  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\Windows\system32\es.dll
23:28:29.0443 0x8b6c  EventSystem - ok
23:28:29.0452 0x8b6c  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:28:29.0467 0x8b6c  exfat - ok
23:28:29.0475 0x8b6c  [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:28:29.0488 0x8b6c  fastfat - ok
23:28:29.0499 0x8b6c  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\Windows\system32\fxssvc.exe
23:28:29.0521 0x8b6c  Fax - ok
23:28:29.0524 0x8b6c  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\Windows\System32\drivers\fdc.sys
23:28:29.0533 0x8b6c  fdc - ok
23:28:29.0535 0x8b6c  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:28:29.0544 0x8b6c  fdPHost - ok
23:28:29.0547 0x8b6c  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:28:29.0558 0x8b6c  FDResPub - ok
23:28:29.0562 0x8b6c  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\Windows\system32\fhsvc.dll
23:28:29.0575 0x8b6c  fhsvc - ok
23:28:29.0579 0x8b6c  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
23:28:29.0588 0x8b6c  FileCrypt - ok
23:28:29.0591 0x8b6c  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:28:29.0598 0x8b6c  FileInfo - ok
23:28:29.0601 0x8b6c  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:28:29.0613 0x8b6c  Filetrace - ok
23:28:29.0615 0x8b6c  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
23:28:29.0623 0x8b6c  flpydisk - ok
23:28:29.0631 0x8b6c  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:28:29.0644 0x8b6c  FltMgr - ok
23:28:29.0672 0x8b6c  [ 3020F526B7E94A178D3EBF958397F7BC, DD0105BBEFFA7E1F54BC2199C7DB60F9C650D76DA36598E934F45D44BCE1DE3A ] FontCache       C:\Windows\system32\FntCache.dll
23:28:29.0719 0x8b6c  FontCache - ok
23:28:29.0725 0x8b6c  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:28:29.0732 0x8b6c  FontCache3.0.0.0 - ok
23:28:29.0743 0x8b6c  [ 2A2EB05E795BBDDAABE82639E9691502, 1115CF68EC7CF9ECDDA7BE84C54F6CB0D871FFA89B127CC3573AB120FD600E51 ] FrameServer     C:\Windows\system32\FrameServer.dll
23:28:29.0777 0x8b6c  FrameServer - ok
23:28:29.0783 0x8b6c  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:28:29.0791 0x8b6c  FsDepends - ok
23:28:29.0794 0x8b6c  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:28:29.0802 0x8b6c  Fs_Rec - ok
23:28:29.0815 0x8b6c  [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:28:29.0833 0x8b6c  fvevol - ok
23:28:29.0836 0x8b6c  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
23:28:29.0844 0x8b6c  gencounter - ok
23:28:29.0847 0x8b6c  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\Windows\System32\drivers\genericusbfn.sys
23:28:29.0854 0x8b6c  genericusbfn - ok
23:28:29.0859 0x8b6c  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
23:28:29.0867 0x8b6c  GPIOClx0101 - ok
23:28:29.0889 0x8b6c  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\Windows\System32\gpsvc.dll
23:28:29.0924 0x8b6c  gpsvc - ok
23:28:29.0928 0x8b6c  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
23:28:29.0943 0x8b6c  GpuEnergyDrv - ok
23:28:29.0948 0x8b6c  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:28:29.0954 0x8b6c  gupdate - ok
23:28:29.0958 0x8b6c  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:28:29.0966 0x8b6c  gupdatem - ok
23:28:29.0982 0x8b6c  [ BF14976E8223D334B21792FB8B74D7FF, 0939B6605E9BCE2EC888AF3F3DA953351AB56E993B2C8BC6A6DC577D287811FD ] HdAudAddService C:\Windows\System32\drivers\HdAudio.sys
23:28:30.0003 0x8b6c  HdAudAddService - ok
23:28:30.0007 0x8b6c  [ 02B9639D9997E95CDF2F4C4F3BDCC73D, 612F472A72E44199E0B1ECEE6FF2836359039402212CBD26D1A1CDDAC61052A9 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
23:28:30.0017 0x8b6c  HDAudBus - ok
23:28:30.0020 0x8b6c  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
23:28:30.0027 0x8b6c  HidBatt - ok
23:28:30.0030 0x8b6c  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\Windows\System32\drivers\hidbth.sys
23:28:30.0039 0x8b6c  HidBth - ok
23:28:30.0043 0x8b6c  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
23:28:30.0052 0x8b6c  hidi2c - ok
23:28:30.0055 0x8b6c  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
23:28:30.0061 0x8b6c  hidinterrupt - ok
23:28:30.0064 0x8b6c  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\Windows\System32\drivers\hidir.sys
23:28:30.0072 0x8b6c  HidIr - ok
23:28:30.0075 0x8b6c  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\Windows\system32\hidserv.dll
23:28:30.0085 0x8b6c  hidserv - ok
23:28:30.0087 0x8b6c  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
23:28:30.0095 0x8b6c  HidUsb - ok
23:28:30.0101 0x8b6c  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:28:30.0115 0x8b6c  HomeGroupListener - ok
23:28:30.0124 0x8b6c  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:28:30.0140 0x8b6c  HomeGroupProvider - ok
23:28:30.0144 0x8b6c  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:28:30.0151 0x8b6c  HpSAMD - ok
23:28:30.0168 0x8b6c  [ BB1AE72906564A6E81B79D73A05AE21F, 9BAC18FE0F99479E7B2AB804A0B4C286E55155A8C051CC7D20CE94798EEA0721 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:28:30.0193 0x8b6c  HTTP - ok
23:28:30.0197 0x8b6c  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\Windows\System32\hvhostsvc.dll
23:28:30.0204 0x8b6c  HvHost - ok
23:28:30.0207 0x8b6c  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\Windows\system32\drivers\hvservice.sys
23:28:30.0215 0x8b6c  hvservice - ok
23:28:30.0217 0x8b6c  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:28:30.0223 0x8b6c  hwpolicy - ok
23:28:30.0226 0x8b6c  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
23:28:30.0233 0x8b6c  hyperkbd - ok
23:28:30.0237 0x8b6c  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
23:28:30.0246 0x8b6c  i8042prt - ok
23:28:30.0249 0x8b6c  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\Windows\System32\drivers\iagpio.sys
23:28:30.0257 0x8b6c  iagpio - ok
23:28:30.0261 0x8b6c  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\Windows\System32\drivers\iai2c.sys
23:28:30.0269 0x8b6c  iai2c - ok
23:28:30.0272 0x8b6c  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
23:28:30.0281 0x8b6c  iaLPSS2i_GPIO2 - ok
23:28:30.0284 0x8b6c  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
23:28:30.0293 0x8b6c  iaLPSS2i_GPIO2_BXT_P - ok
23:28:30.0297 0x8b6c  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
23:28:30.0307 0x8b6c  iaLPSS2i_I2C - ok
23:28:30.0314 0x8b6c  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
23:28:30.0325 0x8b6c  iaLPSS2i_I2C_BXT_P - ok
23:28:30.0328 0x8b6c  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
23:28:30.0333 0x8b6c  iaLPSSi_GPIO - ok
23:28:30.0336 0x8b6c  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
23:28:30.0346 0x8b6c  iaLPSSi_I2C - ok
23:28:30.0357 0x8b6c  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
23:28:30.0374 0x8b6c  iaStorAV - ok
23:28:30.0385 0x8b6c  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:28:30.0397 0x8b6c  iaStorV - ok
23:28:30.0406 0x8b6c  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\Windows\System32\drivers\ibbus.sys
23:28:30.0421 0x8b6c  ibbus - ok
23:28:30.0427 0x8b6c  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\Windows\System32\tetheringservice.dll
23:28:30.0440 0x8b6c  icssvc - ok
23:28:30.0456 0x8b6c  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:28:30.0485 0x8b6c  IKEEXT - ok
23:28:30.0489 0x8b6c  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\Windows\System32\drivers\IndirectKmd.sys
23:28:30.0497 0x8b6c  IndirectKmd - ok
23:28:30.0501 0x8b6c  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:28:30.0507 0x8b6c  intelide - ok
23:28:30.0513 0x8b6c  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\Windows\system32\drivers\intelpep.sys
23:28:30.0519 0x8b6c  intelpep - ok
23:28:30.0524 0x8b6c  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
23:28:30.0536 0x8b6c  intelppm - ok
23:28:30.0539 0x8b6c  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\Windows\system32\drivers\iorate.sys
23:28:30.0547 0x8b6c  iorate - ok
23:28:30.0550 0x8b6c  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:28:30.0559 0x8b6c  IpFilterDriver - ok
23:28:30.0577 0x8b6c  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:28:30.0614 0x8b6c  iphlpsvc - ok
23:28:30.0618 0x8b6c  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
23:28:30.0625 0x8b6c  IPMIDRV - ok
23:28:30.0631 0x8b6c  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:28:30.0641 0x8b6c  IPNAT - ok
23:28:30.0645 0x8b6c  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\Windows\System32\IpxlatCfg.dll
23:28:30.0660 0x8b6c  IpxlatCfgSvc - ok
23:28:30.0664 0x8b6c  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\Windows\system32\drivers\irda.sys
23:28:30.0674 0x8b6c  irda - ok
23:28:30.0677 0x8b6c  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:28:30.0685 0x8b6c  IRENUM - ok
23:28:30.0688 0x8b6c  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\Windows\System32\irmon.dll
23:28:30.0696 0x8b6c  irmon - ok
23:28:30.0699 0x8b6c  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:28:30.0705 0x8b6c  isapnp - ok
23:28:30.0712 0x8b6c  [ B6BA01EA6B2CCCB90A6FDCFF68F4A992, 7F45A015D413DCAF8551FD229A7C03F6ADD66467B4C37155E300E0777DDE5E8B ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
23:28:30.0722 0x8b6c  iScsiPrt - ok
23:28:30.0725 0x8b6c  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
23:28:30.0732 0x8b6c  kbdclass - ok
23:28:30.0735 0x8b6c  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
23:28:30.0743 0x8b6c  kbdhid - ok
23:28:30.0746 0x8b6c  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
23:28:30.0755 0x8b6c  kdnic - ok
23:28:30.0758 0x8b6c  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] KeyIso          C:\Windows\system32\lsass.exe
23:28:30.0765 0x8b6c  KeyIso - ok
23:28:30.0769 0x8b6c  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:28:30.0778 0x8b6c  KSecDD - ok
23:28:30.0782 0x8b6c  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:28:30.0790 0x8b6c  KSecPkg - ok
23:28:30.0793 0x8b6c  [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:28:30.0801 0x8b6c  ksthunk - ok
23:28:30.0809 0x8b6c  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:28:30.0825 0x8b6c  KtmRm - ok
23:28:30.0832 0x8b6c  [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:28:30.0849 0x8b6c  LanmanServer - ok
23:28:30.0855 0x8b6c  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:28:30.0870 0x8b6c  LanmanWorkstation - ok
23:28:30.0874 0x8b6c  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\Windows\System32\lfsvc.dll
23:28:30.0883 0x8b6c  lfsvc - ok
23:28:30.0885 0x8b6c  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
23:28:30.0894 0x8b6c  LicenseManager - ok
23:28:30.0897 0x8b6c  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\Windows\system32\drivers\lltdio.sys
23:28:30.0912 0x8b6c  lltdio - ok
23:28:30.0918 0x8b6c  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:28:30.0937 0x8b6c  lltdsvc - ok
23:28:30.0939 0x8b6c  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:28:30.0949 0x8b6c  lmhosts - ok
23:28:30.0954 0x8b6c  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:28:30.0961 0x8b6c  LSI_SAS - ok
23:28:30.0965 0x8b6c  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
23:28:30.0972 0x8b6c  LSI_SAS2i - ok
23:28:30.0977 0x8b6c  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
23:28:30.0984 0x8b6c  LSI_SAS3i - ok
23:28:30.0987 0x8b6c  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
23:28:30.0994 0x8b6c  LSI_SSS - ok
23:28:31.0007 0x8b6c  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\Windows\System32\lsm.dll
23:28:31.0029 0x8b6c  LSM - ok
23:28:31.0033 0x8b6c  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\Windows\system32\drivers\luafv.sys
23:28:31.0046 0x8b6c  luafv - ok
23:28:31.0050 0x8b6c  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\Windows\System32\moshost.dll
23:28:31.0060 0x8b6c  MapsBroker - ok
23:28:31.0067 0x8b6c  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\Windows\System32\drivers\mausbhost.sys
23:28:31.0081 0x8b6c  mausbhost - ok
23:28:31.0084 0x8b6c  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\Windows\System32\drivers\mausbip.sys
23:28:31.0091 0x8b6c  mausbip - ok
23:28:31.0096 0x8b6c  [ 0C847B9BD2D1F1E97037F8C3DA6D5A1B, B2405BBAFBE78DF554B963C53DE843419AE873B82A1B0C2FA8D1779D1CC142BE ] MBAMChameleon   C:\Windows\system32\drivers\MBAMChameleon.sys
23:28:31.0104 0x8b6c  MBAMChameleon - ok
23:28:31.0107 0x8b6c  [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection  C:\Windows\system32\drivers\mbam.sys
23:28:31.0114 0x8b6c  MBAMProtection - ok
23:28:31.0176 0x8b6c  [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
23:28:31.0239 0x8b6c  MBAMService - ok
23:28:31.0250 0x8b6c  [ C3549BE8C1FE4ECBEE21DAD3378F6CD0, E4FB6856C1A8B9185322EFC4AF31A3748365ED2E3E4FB6DF57B35569D8D42AAD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
23:28:31.0258 0x8b6c  MBAMSwissArmy - ok
23:28:31.0262 0x8b6c  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\Windows\system32\drivers\megasas.sys
23:28:31.0269 0x8b6c  megasas - ok
23:28:31.0273 0x8b6c  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\Windows\system32\drivers\MegaSas2i.sys
23:28:31.0282 0x8b6c  megasas2i - ok
23:28:31.0293 0x8b6c  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\Windows\system32\drivers\megasr.sys
23:28:31.0309 0x8b6c  megasr - ok
23:28:31.0316 0x8b6c  [ 8EC6459491D8508BBA5E3CEC5C930914, E01AEE2E6F569429BC5582AEB63A2CB288499A878B0806D21CC9D78F00E0B284 ] MEIx64          C:\Windows\System32\drivers\TeeDriverW8x64.sys
23:28:31.0327 0x8b6c  MEIx64 - ok
23:28:31.0330 0x8b6c  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\Windows\System32\MessagingService.dll
23:28:31.0340 0x8b6c  MessagingService - ok
23:28:31.0357 0x8b6c  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
23:28:31.0377 0x8b6c  mlx4_bus - ok
23:28:31.0381 0x8b6c  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
23:28:31.0390 0x8b6c  MMCSS - ok
23:28:31.0393 0x8b6c  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\Windows\system32\drivers\modem.sys
23:28:31.0401 0x8b6c  Modem - ok
23:28:31.0404 0x8b6c  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\Windows\System32\drivers\monitor.sys
23:28:31.0413 0x8b6c  monitor - ok
23:28:31.0416 0x8b6c  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\Windows\System32\drivers\mouclass.sys
23:28:31.0422 0x8b6c  mouclass - ok
23:28:31.0424 0x8b6c  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
23:28:31.0432 0x8b6c  mouhid - ok
23:28:31.0436 0x8b6c  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:28:31.0443 0x8b6c  mountmgr - ok
23:28:31.0448 0x8b6c  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:28:31.0456 0x8b6c  mpsdrv - ok
23:28:31.0472 0x8b6c  [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:28:31.0500 0x8b6c  MpsSvc - ok
23:28:31.0505 0x8b6c  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:28:31.0519 0x8b6c  MRxDAV - ok
23:28:31.0528 0x8b6c  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:28:31.0541 0x8b6c  mrxsmb - ok
23:28:31.0548 0x8b6c  [ 84700F40C0E41AEA91F8F3D6218A8A68, 72BB529367095EE19F299232648B7E347590C9F4F89DE3FDA41724BFCAC1F49C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:28:31.0562 0x8b6c  mrxsmb10 - ok
23:28:31.0568 0x8b6c  [ B855479BA6A74349CEF8061808C90201, BA70A9EBC2E2895419C5D46806153DCA061E3C836F3D97A622E7672140107F81 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:28:31.0578 0x8b6c  mrxsmb20 - ok
23:28:31.0582 0x8b6c  [ 670E6CFDA70C106342C0D63D014B6822, 8178C9E02CBE52F45C28ACC643287D8DA46FCED88D63957E3ABEAD9393B5827E ] MsBridge        C:\Windows\system32\drivers\bridge.sys
23:28:31.0592 0x8b6c  MsBridge - ok
23:28:31.0596 0x8b6c  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\Windows\System32\msdtc.exe
23:28:31.0607 0x8b6c  MSDTC - ok
23:28:31.0613 0x8b6c  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:28:31.0621 0x8b6c  Msfs - ok
23:28:31.0623 0x8b6c  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
23:28:31.0630 0x8b6c  msgpiowin32 - ok
23:28:31.0632 0x8b6c  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:28:31.0639 0x8b6c  mshidkmdf - ok
23:28:31.0642 0x8b6c  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
23:28:31.0650 0x8b6c  mshidumdf - ok
23:28:31.0652 0x8b6c  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:28:31.0658 0x8b6c  msisadrv - ok
23:28:31.0663 0x8b6c  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:28:31.0673 0x8b6c  MSiSCSI - ok
23:28:31.0675 0x8b6c  msiserver - ok
23:28:31.0678 0x8b6c  [ C2939119A17E52D74191EFC1E4CDEE09, B5738A32B02CDD816F086BA84C733D9597A0193F42C068D7B90E386D1CA92EE1 ] MSKSSRV         C:\Windows\system32\DRIVERS\MSKSSRV.sys
23:28:31.0688 0x8b6c  MSKSSRV - ok
23:28:31.0691 0x8b6c  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
23:28:31.0700 0x8b6c  MsLldp - ok
23:28:31.0702 0x8b6c  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\Windows\system32\DRIVERS\MSPCLOCK.sys
23:28:31.0717 0x8b6c  MSPCLOCK - ok
23:28:31.0719 0x8b6c  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\Windows\system32\DRIVERS\MSPQM.sys
23:28:31.0734 0x8b6c  MSPQM - ok
23:28:31.0741 0x8b6c  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:28:31.0753 0x8b6c  MsRPC - ok
23:28:31.0760 0x8b6c  [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt        C:\Windows\system32\drivers\mssecflt.sys
23:28:31.0770 0x8b6c  MsSecFlt - ok
23:28:31.0773 0x8b6c  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
23:28:31.0781 0x8b6c  mssmbios - ok
23:28:31.0783 0x8b6c  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\Windows\system32\DRIVERS\MSTEE.sys
23:28:31.0798 0x8b6c  MSTEE - ok
23:28:31.0800 0x8b6c  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
23:28:31.0807 0x8b6c  MTConfig - ok
23:28:31.0813 0x8b6c  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:28:31.0820 0x8b6c  Mup - ok
23:28:31.0823 0x8b6c  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
23:28:31.0831 0x8b6c  mvumis - ok
23:28:31.0843 0x8b6c  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:28:31.0863 0x8b6c  NativeWifiP - ok
23:28:31.0876 0x8b6c  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\Windows\System32\NaturalAuth.dll
23:28:31.0906 0x8b6c  NaturalAuthentication - ok
23:28:31.0912 0x8b6c  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\Windows\System32\ncasvc.dll
23:28:31.0922 0x8b6c  NcaSvc - ok
23:28:31.0929 0x8b6c  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\Windows\System32\ncbservice.dll
23:28:31.0944 0x8b6c  NcbService - ok
23:28:31.0948 0x8b6c  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
23:28:31.0960 0x8b6c  NcdAutoSetup - ok
23:28:31.0964 0x8b6c  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
23:28:31.0971 0x8b6c  ndfltr - ok
23:28:31.0991 0x8b6c  [ 59F3D5FEF4A24871C07C279762DA8624, 00DD19E3FBC7FCFE2768409E2B4AE931205D53A22072D958950E8FBA1D14F071 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:28:32.0017 0x8b6c  NDIS - ok
23:28:32.0021 0x8b6c  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
23:28:32.0035 0x8b6c  NdisCap - ok
23:28:32.0038 0x8b6c  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
23:28:32.0055 0x8b6c  NdisImPlatform - ok
23:28:32.0057 0x8b6c  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:28:32.0085 0x8b6c  NdisTapi - ok
23:28:32.0091 0x8b6c  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
23:28:32.0101 0x8b6c  Ndisuio - ok
23:28:32.0103 0x8b6c  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
23:28:32.0113 0x8b6c  NdisVirtualBus - ok
23:28:32.0118 0x8b6c  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
23:28:32.0137 0x8b6c  NdisWan - ok
23:28:32.0142 0x8b6c  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
23:28:32.0162 0x8b6c  ndiswanlegacy - ok
23:28:32.0165 0x8b6c  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
23:28:32.0182 0x8b6c  ndproxy - ok
23:28:32.0186 0x8b6c  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
23:28:32.0202 0x8b6c  Ndu - ok
23:28:32.0207 0x8b6c  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\Windows\system32\drivers\NetAdapterCx.sys
23:28:32.0218 0x8b6c  NetAdapterCx - ok
23:28:32.0221 0x8b6c  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
23:28:32.0227 0x8b6c  NetBIOS - ok
23:28:32.0234 0x8b6c  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:28:32.0249 0x8b6c  NetBT - ok
23:28:32.0252 0x8b6c  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] Netlogon        C:\Windows\system32\lsass.exe
23:28:32.0259 0x8b6c  Netlogon - ok
23:28:32.0265 0x8b6c  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\Windows\System32\netman.dll
23:28:32.0280 0x8b6c  Netman - ok
23:28:32.0289 0x8b6c  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\Windows\System32\netprofmsvc.dll
23:28:32.0314 0x8b6c  netprofm - ok
23:28:32.0320 0x8b6c  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
23:28:32.0333 0x8b6c  NetSetupSvc - ok
23:28:32.0340 0x8b6c  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:28:32.0348 0x8b6c  NetTcpPortSharing - ok
23:28:32.0352 0x8b6c  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\Windows\System32\drivers\netvsc.sys
23:28:32.0362 0x8b6c  netvsc - ok
23:28:32.0372 0x8b6c  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
23:28:32.0390 0x8b6c  NgcCtnrSvc - ok
23:28:32.0408 0x8b6c  [ 9ECFD7DD594DBEAED3A2889045B2DCBD, 984B10A88E304B805153C49B3D618315926635A270AB34D2976E7AA5AE00E2F4 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
23:28:32.0438 0x8b6c  NgcSvc - ok
23:28:32.0447 0x8b6c  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:28:32.0468 0x8b6c  NlaSvc - ok
23:28:32.0471 0x8b6c  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:28:32.0480 0x8b6c  Npfs - ok
23:28:32.0483 0x8b6c  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
23:28:32.0490 0x8b6c  npsvctrig - ok
23:28:32.0493 0x8b6c  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\Windows\system32\nsisvc.dll
23:28:32.0501 0x8b6c  nsi - ok
23:28:32.0504 0x8b6c  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:28:32.0513 0x8b6c  nsiproxy - ok
23:28:32.0547 0x8b6c  [ 8D72D5038C5F91AFEF1B160FE524C2D9, 7F9913B6BC87DDCCA2A684CD211B8CB6EE7116BFEA162DD19185E6003576C1F7 ] NTFS            C:\Windows\system32\drivers\NTFS.sys
23:28:32.0591 0x8b6c  NTFS - ok
23:28:32.0595 0x8b6c  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\Windows\system32\drivers\Null.sys
23:28:32.0604 0x8b6c  Null - ok
23:28:32.0607 0x8b6c  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\Windows\System32\drivers\nvdimmn.sys
23:28:32.0618 0x8b6c  nvdimmn - ok
23:28:32.0624 0x8b6c  [ 6E256C42FD27FADEA9BDD2E98CB53FE4, 8E2BDADFCC4B0C7208E937462DDF9CD9810E1B66375BD22F26C5D94376BDEC44 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
23:28:32.0633 0x8b6c  NVHDA - ok
23:28:32.0835 0x8b6c  [ BD000446F0B4FA1E87E7D10356C49564, 95F495549F35FFD64D3132D46923D1502C10AC77E7031EE1DE629E218EC584E0 ] nvlddmkm        C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys
23:28:33.0043 0x8b6c  nvlddmkm - ok
23:28:33.0062 0x8b6c  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:28:33.0069 0x8b6c  nvraid - ok
23:28:33.0074 0x8b6c  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:28:33.0083 0x8b6c  nvstor - ok
23:28:33.0091 0x8b6c  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\Windows\System32\APHostService.dll
23:28:33.0114 0x8b6c  OneSyncSvc - ok
23:28:33.0122 0x8b6c  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:28:33.0137 0x8b6c  p2pimsvc - ok
23:28:33.0147 0x8b6c  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\Windows\system32\p2psvc.dll
23:28:33.0163 0x8b6c  p2psvc - ok
23:28:33.0167 0x8b6c  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\Windows\System32\drivers\parport.sys
23:28:33.0177 0x8b6c  Parport - ok
23:28:33.0183 0x8b6c  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:28:33.0190 0x8b6c  partmgr - ok
23:28:33.0201 0x8b6c  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:28:33.0216 0x8b6c  PcaSvc - ok
23:28:33.0224 0x8b6c  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\Windows\system32\drivers\pci.sys
23:28:33.0236 0x8b6c  pci - ok
23:28:33.0239 0x8b6c  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:28:33.0246 0x8b6c  pciide - ok
23:28:33.0250 0x8b6c  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:28:33.0257 0x8b6c  pcmcia - ok
23:28:33.0261 0x8b6c  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:28:33.0267 0x8b6c  pcw - ok
23:28:33.0271 0x8b6c  [ 10E48E45A03A7F4C2B7C11738BE87816, 44870E26C3B75D51F5035DE78E62F3EFF222D314DAACBD60AE40BF34BC706F2E ] pdc             C:\Windows\system32\drivers\pdc.sys
23:28:33.0280 0x8b6c  pdc - ok
23:28:33.0293 0x8b6c  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:28:33.0321 0x8b6c  PEAUTH - ok
23:28:33.0351 0x8b6c  [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:28:33.0398 0x8b6c  PeerDistSvc - ok
23:28:33.0403 0x8b6c  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
23:28:33.0410 0x8b6c  percsas2i - ok
23:28:33.0414 0x8b6c  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
23:28:33.0420 0x8b6c  percsas3i - ok
23:28:33.0432 0x8b6c  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:28:33.0440 0x8b6c  PerfHost - ok
23:28:33.0469 0x8b6c  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\Windows\System32\PhoneService.dll
23:28:33.0506 0x8b6c  PhoneSvc - ok
23:28:33.0514 0x8b6c  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
23:28:33.0526 0x8b6c  PimIndexMaintenanceSvc - ok
23:28:33.0552 0x8b6c  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\Windows\system32\pla.dll
23:28:33.0593 0x8b6c  pla - ok
23:28:33.0598 0x8b6c  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:28:33.0615 0x8b6c  PlugPlay - ok
23:28:33.0619 0x8b6c  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\Windows\System32\drivers\pmem.sys
23:28:33.0629 0x8b6c  pmem - ok
23:28:33.0632 0x8b6c  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:28:33.0640 0x8b6c  PNRPAutoReg - ok
23:28:33.0647 0x8b6c  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:28:33.0662 0x8b6c  PNRPsvc - ok
23:28:33.0670 0x8b6c  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:28:33.0689 0x8b6c  PolicyAgent - ok
23:28:33.0695 0x8b6c  [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power           C:\Windows\system32\umpo.dll
23:28:33.0706 0x8b6c  Power - ok
23:28:33.0711 0x8b6c  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
23:28:33.0727 0x8b6c  PptpMiniport - ok
23:28:33.0770 0x8b6c  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
23:28:33.0838 0x8b6c  PrintNotify - ok
23:28:33.0846 0x8b6c  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\Windows\System32\drivers\processr.sys
23:28:33.0856 0x8b6c  Processor - ok
23:28:33.0865 0x8b6c  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\Windows\system32\profsvc.dll
23:28:33.0883 0x8b6c  ProfSvc - ok
23:28:33.0888 0x8b6c  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\Windows\system32\drivers\pacer.sys
23:28:33.0896 0x8b6c  Psched - ok
23:28:33.0902 0x8b6c  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\Windows\system32\qwave.dll
23:28:33.0923 0x8b6c  QWAVE - ok
23:28:33.0926 0x8b6c  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:28:33.0940 0x8b6c  QWAVEdrv - ok
23:28:33.0943 0x8b6c  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:28:33.0952 0x8b6c  RasAcd - ok
23:28:33.0956 0x8b6c  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
23:28:33.0973 0x8b6c  RasAgileVpn - ok
23:28:33.0978 0x8b6c  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\Windows\System32\rasauto.dll
23:28:33.0989 0x8b6c  RasAuto - ok
23:28:33.0994 0x8b6c  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
23:28:34.0012 0x8b6c  Rasl2tp - ok
23:28:34.0027 0x8b6c  [ D5E9823BC7CD1149917CC49AD4052D94, 4A40400FC1B43EF3EADA420F9898AF2A24585199B6F11AA8C2E7E15E2CDA3BAA ] RasMan          C:\Windows\System32\rasmans.dll
23:28:34.0054 0x8b6c  RasMan - ok
23:28:34.0060 0x8b6c  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:28:34.0070 0x8b6c  RasPppoe - ok
23:28:34.0073 0x8b6c  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
23:28:34.0090 0x8b6c  RasSstp - ok
23:28:34.0099 0x8b6c  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:28:34.0121 0x8b6c  rdbss - ok
23:28:34.0129 0x8b6c  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
23:28:34.0138 0x8b6c  rdpbus - ok
23:28:34.0144 0x8b6c  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:28:34.0155 0x8b6c  RDPDR - ok
23:28:34.0161 0x8b6c  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:28:34.0167 0x8b6c  RdpVideoMiniport - ok
23:28:34.0173 0x8b6c  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:28:34.0185 0x8b6c  rdyboost - ok
23:28:34.0212 0x8b6c  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\Windows\system32\drivers\ReFS.sys
23:28:34.0248 0x8b6c  ReFS - ok
23:28:34.0266 0x8b6c  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
23:28:34.0288 0x8b6c  ReFSv1 - ok
23:28:34.0300 0x8b6c  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:28:34.0321 0x8b6c  RemoteAccess - ok
23:28:34.0326 0x8b6c  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:28:34.0344 0x8b6c  RemoteRegistry - ok
23:28:34.0356 0x8b6c  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\Windows\system32\RDXService.dll
23:28:34.0379 0x8b6c  RetailDemo - ok
23:28:34.0386 0x8b6c  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\Windows\System32\RMapi.dll
23:28:34.0406 0x8b6c  RmSvc - ok
23:28:34.0411 0x8b6c  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:28:34.0423 0x8b6c  RpcEptMapper - ok
23:28:34.0426 0x8b6c  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\Windows\system32\locator.exe
23:28:34.0436 0x8b6c  RpcLocator - ok
23:28:34.0454 0x8b6c  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\Windows\system32\rpcss.dll
23:28:34.0487 0x8b6c  RpcSs - ok
23:28:34.0492 0x8b6c  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\Windows\system32\drivers\rspndr.sys
23:28:34.0507 0x8b6c  rspndr - ok
23:28:34.0519 0x8b6c  [ AB7C0639DF052528C2CB06D0EAE115EC, 5D709DE453FBC3DD880859D2B11BCB780FEA8C0618AA47622C85BD414EC540BE ] rt640x64        C:\Windows\System32\drivers\rt640x64.sys
23:28:34.0539 0x8b6c  rt640x64 - ok
23:28:34.0594 0x8b6c  [ 9748533EAF7F9E3D8F3F7A0AF066B31D, BB8D21BF26568ECE0599D8469121C73A6AE847203C110B6F0B94B5E7F76D6DF6 ] rtwlane_13      C:\Windows\System32\drivers\rtwlane_13.sys
23:28:34.0681 0x8b6c  rtwlane_13 - ok
23:28:34.0686 0x8b6c  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
23:28:34.0694 0x8b6c  s3cap - ok
23:28:34.0697 0x8b6c  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] SamSs           C:\Windows\system32\lsass.exe
23:28:34.0704 0x8b6c  SamSs - ok
23:28:34.0707 0x8b6c  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:28:34.0716 0x8b6c  sbp2port - ok
23:28:34.0721 0x8b6c  [ 53F03A8A228D6C8016139A4B2583A2D8, 8EA046C7537B2D926D3AE1F058A9880F823EBEA6DC77F312082EDE1722F08236 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:28:34.0734 0x8b6c  SCardSvr - ok
23:28:34.0739 0x8b6c  [ CBCC25CDF5D30ACB253CC92ADC7D569C, 0DF0DE3B0F0007E4F3D663EB7CC503C38B5A99F5859A6BD8564F8153F1D925D5 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
23:28:34.0752 0x8b6c  ScDeviceEnum - ok
23:28:34.0755 0x8b6c  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:28:34.0763 0x8b6c  scfilter - ok
23:28:34.0779 0x8b6c  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\Windows\system32\schedsvc.dll
23:28:34.0811 0x8b6c  Schedule - ok
23:28:34.0815 0x8b6c  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\Windows\system32\drivers\scmbus.sys
23:28:34.0821 0x8b6c  scmbus - ok
23:28:34.0827 0x8b6c  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:28:34.0837 0x8b6c  SCPolicySvc - ok
23:28:34.0845 0x8b6c  [ 71A494A502F24465317E88E80F6C0C2C, D85F139982804B8419D7CCF01F35CCDDA580BA5276A6261D0662028080F7765B ] sdbus           C:\Windows\System32\drivers\sdbus.sys
23:28:34.0855 0x8b6c  sdbus - ok
23:28:34.0858 0x8b6c  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\Windows\System32\drivers\SDFRd.sys
23:28:34.0864 0x8b6c  SDFRd - ok
23:28:34.0868 0x8b6c  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:28:34.0881 0x8b6c  SDRSVC - ok
23:28:34.0885 0x8b6c  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\Windows\System32\drivers\sdstor.sys
23:28:34.0892 0x8b6c  sdstor - ok
23:28:34.0895 0x8b6c  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\Windows\system32\seclogon.dll
23:28:34.0909 0x8b6c  seclogon - ok
23:28:34.0917 0x8b6c  [ 1D4F5F50BEA1329FAEFA5D15F683F87F, C5E0BFFB4E4589AAD87D8BA0F779DC94ED6F85A8003B71D0A858CC32912A3F0F ] SecurityHealthService C:\Windows\system32\SecurityHealthService.exe
23:28:34.0930 0x8b6c  SecurityHealthService - ok
23:28:34.0950 0x8b6c  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\Windows\system32\SEMgrSvc.dll
23:28:34.0983 0x8b6c  SEMgrSvc - ok
23:28:34.0987 0x8b6c  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\Windows\System32\sens.dll
23:28:35.0000 0x8b6c  SENS - ok
23:28:35.0002 0x8b6c  Sense - ok
23:28:35.0023 0x8b6c  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\Windows\System32\SensorDataService.exe
23:28:35.0065 0x8b6c  SensorDataService - ok
23:28:35.0077 0x8b6c  [ AA4BA5CCB3B01E23605ACE13F4A94ECE, 7D8374FA03C33CFC7EA7CF680F81B0090AB22076E389EB6B6233F696FC63E1B0 ] SensorService   C:\Windows\system32\SensorService.dll
23:28:35.0097 0x8b6c  SensorService - ok
23:28:35.0102 0x8b6c  [ 00897F867A525D2118DF98E2DCADA050, ADAEB414EE5F3EFE90AE8A56136FB0165CF68962661FE0B937150235DE1F4DE6 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:28:35.0116 0x8b6c  SensrSvc - ok
23:28:35.0119 0x8b6c  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\Windows\system32\drivers\SerCx.sys
23:28:35.0126 0x8b6c  SerCx - ok
23:28:35.0130 0x8b6c  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
23:28:35.0138 0x8b6c  SerCx2 - ok
23:28:35.0141 0x8b6c  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\Windows\System32\drivers\serenum.sys
23:28:35.0150 0x8b6c  Serenum - ok
23:28:35.0153 0x8b6c  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\Windows\System32\drivers\serial.sys
23:28:35.0163 0x8b6c  Serial - ok
23:28:35.0165 0x8b6c  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\Windows\System32\drivers\sermouse.sys
23:28:35.0173 0x8b6c  sermouse - ok
23:28:35.0186 0x8b6c  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:28:35.0202 0x8b6c  SessionEnv - ok
23:28:35.0204 0x8b6c  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
23:28:35.0213 0x8b6c  sfloppy - ok
23:28:35.0223 0x8b6c  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:28:35.0249 0x8b6c  SharedAccess - ok
23:28:35.0262 0x8b6c  [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:28:35.0286 0x8b6c  ShellHWDetection - ok
23:28:35.0293 0x8b6c  [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc        C:\Windows\system32\Windows.SharedPC.AccountManager.dll
23:28:35.0305 0x8b6c  shpamsvc - ok
23:28:35.0309 0x8b6c  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:28:35.0316 0x8b6c  SiSRaid2 - ok
23:28:35.0320 0x8b6c  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:28:35.0327 0x8b6c  SiSRaid4 - ok
23:28:35.0330 0x8b6c  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\Windows\System32\smphost.dll
23:28:35.0344 0x8b6c  smphost - ok
23:28:35.0355 0x8b6c  [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
23:28:35.0383 0x8b6c  SmsRouter - ok
23:28:35.0388 0x8b6c  [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:28:35.0397 0x8b6c  SNMPTRAP - ok
23:28:35.0407 0x8b6c  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\Windows\system32\drivers\spaceport.sys
23:28:35.0423 0x8b6c  spaceport - ok
23:28:35.0427 0x8b6c  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\Windows\system32\drivers\SpatialGraphFilter.sys
23:28:35.0433 0x8b6c  SpatialGraphFilter - ok
23:28:35.0437 0x8b6c  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
23:28:35.0444 0x8b6c  SpbCx - ok
23:28:35.0462 0x8b6c  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\Windows\system32\spectrum.exe
23:28:35.0488 0x8b6c  spectrum - ok
23:28:35.0502 0x8b6c  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\Windows\System32\spoolsv.exe
23:28:35.0528 0x8b6c  Spooler - ok
23:28:35.0605 0x8b6c  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\Windows\system32\sppsvc.exe
23:28:35.0686 0x8b6c  sppsvc - ok
23:28:35.0698 0x8b6c  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:28:35.0715 0x8b6c  srv - ok
23:28:35.0728 0x8b6c  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:28:35.0751 0x8b6c  srv2 - ok
23:28:35.0757 0x8b6c  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:28:35.0777 0x8b6c  srvnet - ok
23:28:35.0783 0x8b6c  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:28:35.0803 0x8b6c  SSDPSRV - ok
23:28:35.0806 0x8b6c  [ 392BB410D26B66CBBE4D702AEF755351, 83762BBF1111FACFDE42087E641301A8C154943CE7C1C0F40CBCFD813E10CF83 ] sshid           C:\Windows\System32\drivers\sshid.sys
23:28:35.0813 0x8b6c  sshid - ok
23:28:35.0818 0x8b6c  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:28:35.0833 0x8b6c  SstpSvc - ok
23:28:35.0905 0x8b6c  [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\Windows\system32\windows.staterepository.dll
23:28:35.0998 0x8b6c  StateRepository - ok
23:28:36.0005 0x8b6c  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:28:36.0013 0x8b6c  stexstor - ok
23:28:36.0025 0x8b6c  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\Windows\System32\wiaservc.dll
23:28:36.0048 0x8b6c  stisvc - ok
23:28:36.0052 0x8b6c  [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci        C:\Windows\system32\drivers\storahci.sys
23:28:36.0061 0x8b6c  storahci - ok
23:28:36.0064 0x8b6c  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:28:36.0070 0x8b6c  storflt - ok
23:28:36.0074 0x8b6c  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
23:28:36.0082 0x8b6c  stornvme - ok
23:28:36.0086 0x8b6c  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
23:28:36.0095 0x8b6c  storqosflt - ok
23:28:36.0108 0x8b6c  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\Windows\system32\storsvc.dll
23:28:36.0133 0x8b6c  StorSvc - ok
23:28:36.0136 0x8b6c  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\Windows\system32\drivers\storufs.sys
23:28:36.0142 0x8b6c  storufs - ok
23:28:36.0146 0x8b6c  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:28:36.0152 0x8b6c  storvsc - ok
23:28:36.0154 0x8b6c  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\Windows\system32\svsvc.dll
23:28:36.0166 0x8b6c  svsvc - ok
23:28:36.0168 0x8b6c  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\Windows\System32\drivers\swenum.sys
23:28:36.0174 0x8b6c  swenum - ok
23:28:36.0185 0x8b6c  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\Windows\System32\swprv.dll
23:28:36.0206 0x8b6c  swprv - ok
23:28:36.0212 0x8b6c  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
23:28:36.0221 0x8b6c  Synth3dVsc - ok
23:28:36.0238 0x8b6c  [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain         C:\Windows\system32\sysmain.dll
23:28:36.0271 0x8b6c  SysMain - ok
23:28:36.0280 0x8b6c  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
23:28:36.0294 0x8b6c  SystemEventsBroker - ok
23:28:36.0300 0x8b6c  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:28:36.0313 0x8b6c  TabletInputService - ok
23:28:36.0320 0x8b6c  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:28:36.0335 0x8b6c  TapiSrv - ok
23:28:36.0376 0x8b6c  [ DC0D1B5284152315F81894DAABBB2AF3, 8FE66A87910959EDE865FD296878FFFDB5D3100F9041C74060FC2CE19E29C3B2 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:28:36.0426 0x8b6c  Tcpip - ok
23:28:36.0468 0x8b6c  [ DC0D1B5284152315F81894DAABBB2AF3, 8FE66A87910959EDE865FD296878FFFDB5D3100F9041C74060FC2CE19E29C3B2 ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
23:28:36.0517 0x8b6c  Tcpip6 - ok
23:28:36.0523 0x8b6c  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:28:36.0533 0x8b6c  tcpipreg - ok
23:28:36.0538 0x8b6c  [ 892AB2637603A5E9507C39E61101C3C3, 04B06BBEFC033BC9395123AE623E0BB3A241F05AA93EA2625CF2DBE1B3FFD1B6 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:28:36.0547 0x8b6c  tdx - ok
23:28:36.0550 0x8b6c  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\Windows\System32\drivers\terminpt.sys
23:28:36.0556 0x8b6c  terminpt - ok
23:28:36.0573 0x8b6c  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\Windows\System32\termsrv.dll
23:28:36.0602 0x8b6c  TermService - ok
23:28:36.0606 0x8b6c  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\Windows\system32\themeservice.dll
23:28:36.0620 0x8b6c  Themes - ok
23:28:36.0628 0x8b6c  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
23:28:36.0646 0x8b6c  TieringEngineService - ok
23:28:36.0659 0x8b6c  [ 4F9A5CE9F3C75AF1EE4B00D5E69F7CF7, 5FEE41C10629E89BD372E5D6C05A78FC0F2C394F4DE7C70AACC8720C6C6590DA ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
23:28:36.0681 0x8b6c  tiledatamodelsvc - ok
23:28:36.0687 0x8b6c  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\Windows\System32\TimeBrokerServer.dll
23:28:36.0698 0x8b6c  TimeBrokerSvc - ok
23:28:36.0718 0x8b6c  [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker     C:\Windows\System32\TokenBroker.dll
23:28:36.0748 0x8b6c  TokenBroker - ok
23:28:36.0755 0x8b6c  [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM             C:\Windows\System32\drivers\tpm.sys
23:28:36.0764 0x8b6c  TPM - ok
23:28:36.0768 0x8b6c  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\Windows\System32\trkwks.dll
23:28:36.0781 0x8b6c  TrkWks - ok
23:28:36.0784 0x8b6c  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:28:36.0794 0x8b6c  TrustedInstaller - ok
23:28:36.0798 0x8b6c  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:28:36.0807 0x8b6c  TsUsbFlt - ok
23:28:36.0810 0x8b6c  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
23:28:36.0818 0x8b6c  TsUsbGD - ok
23:28:36.0822 0x8b6c  [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
23:28:36.0832 0x8b6c  tsusbhub - ok
23:28:36.0837 0x8b6c  [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel          C:\Windows\System32\drivers\tunnel.sys
23:28:36.0855 0x8b6c  tunnel - ok
23:28:36.0860 0x8b6c  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
23:28:36.0870 0x8b6c  tzautoupdate - ok
23:28:36.0873 0x8b6c  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
23:28:36.0881 0x8b6c  UASPStor - ok
23:28:36.0885 0x8b6c  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
23:28:36.0894 0x8b6c  UcmCx0101 - ok
23:28:36.0899 0x8b6c  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\Windows\system32\Drivers\UcmTcpciCx.sys
23:28:36.0910 0x8b6c  UcmTcpciCx0101 - ok
23:28:36.0914 0x8b6c  [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi         C:\Windows\System32\drivers\UcmUcsi.sys
23:28:36.0922 0x8b6c  UcmUcsi - ok
23:28:36.0927 0x8b6c  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
23:28:36.0936 0x8b6c  Ucx01000 - ok
23:28:36.0939 0x8b6c  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\Windows\system32\drivers\udecx.sys
23:28:36.0948 0x8b6c  UdeCx - ok
23:28:36.0954 0x8b6c  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:28:36.0974 0x8b6c  udfs - ok
23:28:36.0977 0x8b6c  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\Windows\System32\drivers\UEFI.sys
23:28:36.0983 0x8b6c  UEFI - ok
23:28:36.0985 0x8b6c  [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver  C:\Windows\system32\drivers\UevAgentDriver.sys
23:28:36.0992 0x8b6c  UevAgentDriver - ok
23:28:37.0013 0x8b6c  [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\Windows\system32\AgentService.exe
23:28:37.0046 0x8b6c  UevAgentService - ok
23:28:37.0053 0x8b6c  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
23:28:37.0063 0x8b6c  Ufx01000 - ok
23:28:37.0068 0x8b6c  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\Windows\System32\drivers\UfxChipidea.sys
23:28:37.0076 0x8b6c  UfxChipidea - ok
23:28:37.0081 0x8b6c  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
23:28:37.0089 0x8b6c  ufxsynopsys - ok
23:28:37.0095 0x8b6c  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:28:37.0107 0x8b6c  UI0Detect - ok
23:28:37.0112 0x8b6c  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\Windows\System32\drivers\umbus.sys
23:28:37.0120 0x8b6c  umbus - ok
23:28:37.0124 0x8b6c  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\Windows\System32\drivers\umpass.sys
23:28:37.0132 0x8b6c  UmPass - ok
23:28:37.0138 0x8b6c  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\Windows\System32\umrdp.dll
23:28:37.0153 0x8b6c  UmRdpService - ok
23:28:37.0172 0x8b6c  [ 5B17D5E9FBF65ED93078DEB687357BAF, 00BC68F16E36681254E72D8D39006F695D38246EAB6ABC6F40E5305D5ACE26A1 ] UnistoreSvc     C:\Windows\System32\unistore.dll
23:28:37.0207 0x8b6c  UnistoreSvc - ok
23:28:37.0219 0x8b6c  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\Windows\System32\upnphost.dll
23:28:37.0245 0x8b6c  upnphost - ok
23:28:37.0248 0x8b6c  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\Windows\System32\drivers\urschipidea.sys
23:28:37.0255 0x8b6c  UrsChipidea - ok
23:28:37.0258 0x8b6c  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
23:28:37.0265 0x8b6c  UrsCx01000 - ok
23:28:37.0268 0x8b6c  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\Windows\System32\drivers\urssynopsys.sys
23:28:37.0275 0x8b6c  UrsSynopsys - ok
23:28:37.0280 0x8b6c  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
23:28:37.0290 0x8b6c  usbccgp - ok
23:28:37.0295 0x8b6c  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\Windows\System32\drivers\usbcir.sys
23:28:37.0305 0x8b6c  usbcir - ok
23:28:37.0309 0x8b6c  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
23:28:37.0317 0x8b6c  usbehci - ok
23:28:37.0327 0x8b6c  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
23:28:37.0342 0x8b6c  usbhub - ok
23:28:37.0353 0x8b6c  [ B9651548CE196186A72CE8C6D0C094FC, FD46C71C58701DF4CA89BE82BECACB00A0ACFE34A330676BD88666BBB2DE4D6D ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
23:28:37.0370 0x8b6c  USBHUB3 - ok
23:28:37.0374 0x8b6c  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\Windows\System32\drivers\usbohci.sys
23:28:37.0383 0x8b6c  usbohci - ok
23:28:37.0385 0x8b6c  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
         

Alt 18.07.2017, 23:02   #5
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



TDSS 3:
Code:
ATTFilter
23:28:37.0394 0x8b6c  usbprint - ok
23:28:37.0398 0x8b6c  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\Windows\System32\drivers\usbser.sys
23:28:37.0407 0x8b6c  usbser - ok
23:28:37.0412 0x8b6c  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
23:28:37.0421 0x8b6c  USBSTOR - ok
23:28:37.0424 0x8b6c  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
23:28:37.0434 0x8b6c  usbuhci - ok
23:28:37.0442 0x8b6c  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
23:28:37.0456 0x8b6c  USBXHCI - ok
23:28:37.0483 0x8b6c  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\Windows\System32\userdataservice.dll
23:28:37.0531 0x8b6c  UserDataSvc - ok
23:28:37.0551 0x8b6c  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\Windows\System32\usermgr.dll
23:28:37.0587 0x8b6c  UserManager - ok
23:28:37.0600 0x8b6c  [ 65D70A530105E0576641493D6292C9EA, 1059285060E700449C6BB99DB0E5E4FF4A32215323F45C11DA7617785F073276 ] UsoSvc          C:\Windows\system32\usocore.dll
23:28:37.0625 0x8b6c  UsoSvc - ok
23:28:37.0628 0x8b6c  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] VaultSvc        C:\Windows\system32\lsass.exe
23:28:37.0636 0x8b6c  VaultSvc - ok
23:28:37.0639 0x8b6c  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:28:37.0647 0x8b6c  vdrvroot - ok
23:28:37.0658 0x8b6c  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\Windows\System32\vds.exe
23:28:37.0684 0x8b6c  vds - ok
23:28:37.0690 0x8b6c  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
23:28:37.0700 0x8b6c  VerifierExt - ok
23:28:37.0714 0x8b6c  [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
23:28:37.0734 0x8b6c  vhdmp - ok
23:28:37.0738 0x8b6c  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\Windows\System32\drivers\vhf.sys
23:28:37.0746 0x8b6c  vhf - ok
23:28:37.0751 0x8b6c  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:28:37.0758 0x8b6c  vmbus - ok
23:28:37.0761 0x8b6c  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
23:28:37.0769 0x8b6c  VMBusHID - ok
23:28:37.0772 0x8b6c  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\Windows\System32\drivers\vmgid.sys
23:28:37.0781 0x8b6c  vmgid - ok
23:28:37.0787 0x8b6c  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\Windows\System32\icsvc.dll
23:28:37.0801 0x8b6c  vmicguestinterface - ok
23:28:37.0807 0x8b6c  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\Windows\System32\icsvc.dll
23:28:37.0821 0x8b6c  vmicheartbeat - ok
23:28:37.0827 0x8b6c  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\Windows\System32\icsvc.dll
23:28:37.0840 0x8b6c  vmickvpexchange - ok
23:28:37.0848 0x8b6c  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\Windows\System32\icsvcext.dll
23:28:37.0861 0x8b6c  vmicrdv - ok
23:28:37.0867 0x8b6c  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\Windows\System32\icsvc.dll
23:28:37.0881 0x8b6c  vmicshutdown - ok
23:28:37.0887 0x8b6c  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\Windows\System32\icsvc.dll
23:28:37.0900 0x8b6c  vmictimesync - ok
23:28:37.0908 0x8b6c  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\Windows\System32\icsvc.dll
23:28:37.0921 0x8b6c  vmicvmsession - ok
23:28:37.0927 0x8b6c  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\Windows\System32\icsvcext.dll
23:28:37.0941 0x8b6c  vmicvss - ok
23:28:37.0945 0x8b6c  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:28:37.0954 0x8b6c  volmgr - ok
23:28:37.0962 0x8b6c  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:28:37.0974 0x8b6c  volmgrx - ok
23:28:37.0982 0x8b6c  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:28:37.0995 0x8b6c  volsnap - ok
23:28:37.0997 0x8b6c  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\Windows\system32\drivers\volume.sys
23:28:38.0003 0x8b6c  volume - ok
23:28:38.0007 0x8b6c  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\Windows\System32\drivers\vpci.sys
23:28:38.0016 0x8b6c  vpci - ok
23:28:38.0021 0x8b6c  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:28:38.0030 0x8b6c  vsmraid - ok
23:28:38.0056 0x8b6c  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\Windows\system32\vssvc.exe
23:28:38.0099 0x8b6c  VSS - ok
23:28:38.0108 0x8b6c  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
23:28:38.0119 0x8b6c  VSTXRAID - ok
23:28:38.0122 0x8b6c  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:28:38.0138 0x8b6c  vwifibus - ok
23:28:38.0142 0x8b6c  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
23:28:38.0165 0x8b6c  vwififlt - ok
23:28:38.0171 0x8b6c  [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp         C:\Windows\System32\drivers\vwifimp.sys
23:28:38.0193 0x8b6c  vwifimp - ok
23:28:38.0204 0x8b6c  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\Windows\system32\w32time.dll
23:28:38.0233 0x8b6c  W32Time - ok
23:28:38.0236 0x8b6c  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
23:28:38.0245 0x8b6c  WacomPen - ok
23:28:38.0255 0x8b6c  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\Windows\system32\WalletService.dll
23:28:38.0274 0x8b6c  WalletService - ok
23:28:38.0278 0x8b6c  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
23:28:38.0295 0x8b6c  wanarp - ok
23:28:38.0297 0x8b6c  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:28:38.0314 0x8b6c  wanarpv6 - ok
23:28:38.0337 0x8b6c  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\Windows\system32\wbengine.exe
23:28:38.0378 0x8b6c  wbengine - ok
23:28:38.0396 0x8b6c  [ 4D5CDE84068F3D4613C3C17CFEA4515D, 2F011CE35AAAD8BA7AD61E1FBDAC225A3C1B06EFE89CAE2FCC65E92BF4AB1CC0 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:28:38.0424 0x8b6c  WbioSrvc - ok
23:28:38.0430 0x8b6c  [ 923200B78F5284D674A3712204D0FEFA, 4B00785D2E9D12052C2C8E80C568606E0148AA230285D4018A0A603E16224CEE ] wcifs           C:\Windows\system32\drivers\wcifs.sys
23:28:38.0437 0x8b6c  wcifs - ok
23:28:38.0451 0x8b6c  [ 9DDD15FCE0BE61F25C20CC7E2A96B77C, 072E6B3D86CD4F4A55305986E3848A47B7E8000FF5AEFE8A206FD4F7BE958872 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
23:28:38.0477 0x8b6c  Wcmsvc - ok
23:28:38.0487 0x8b6c  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:28:38.0504 0x8b6c  wcncsvc - ok
23:28:38.0508 0x8b6c  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\Windows\system32\drivers\wcnfs.sys
23:28:38.0517 0x8b6c  wcnfs - ok
23:28:38.0520 0x8b6c  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
23:28:38.0527 0x8b6c  WdBoot - ok
23:28:38.0543 0x8b6c  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:28:38.0561 0x8b6c  Wdf01000 - ok
23:28:38.0568 0x8b6c  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
23:28:38.0579 0x8b6c  WdFilter - ok
23:28:38.0583 0x8b6c  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:28:38.0596 0x8b6c  WdiServiceHost - ok
23:28:38.0600 0x8b6c  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:28:38.0613 0x8b6c  WdiSystemHost - ok
23:28:38.0626 0x8b6c  [ BF45B43BA47D0FA769CE5AFBF7104F01, CBEEC0E915162BEBFCD2CA9EF72C02E82AFAB2A016F1750A7982975A94599CF6 ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
23:28:38.0650 0x8b6c  wdiwifi - ok
23:28:38.0655 0x8b6c  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
23:28:38.0663 0x8b6c  WdNisDrv - ok
23:28:38.0664 0x8b6c  WdNisSvc - ok
23:28:38.0670 0x8b6c  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\Windows\System32\webclnt.dll
23:28:38.0687 0x8b6c  WebClient - ok
23:28:38.0693 0x8b6c  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:28:38.0706 0x8b6c  Wecsvc - ok
23:28:38.0710 0x8b6c  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
23:28:38.0720 0x8b6c  WEPHOSTSVC - ok
23:28:38.0724 0x8b6c  [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:28:38.0736 0x8b6c  wercplsupport - ok
23:28:38.0741 0x8b6c  [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc          C:\Windows\System32\WerSvc.dll
23:28:38.0753 0x8b6c  WerSvc - ok
23:28:38.0764 0x8b6c  [ 4D64719B4819CA22A046EC32809BBD98, 0ABD6C7D039E57F5637E843388FA8D52072237061EB75C7CDEBC9E13A6C8F06E ] WFDSConMgrSvc   C:\Windows\System32\wfdsconmgrsvc.dll
23:28:38.0785 0x8b6c  WFDSConMgrSvc - ok
23:28:38.0790 0x8b6c  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
23:28:38.0798 0x8b6c  WFPLWFS - ok
23:28:38.0802 0x8b6c  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\Windows\System32\wiarpc.dll
23:28:38.0814 0x8b6c  WiaRpc - ok
23:28:38.0817 0x8b6c  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:28:38.0823 0x8b6c  WIMMount - ok
23:28:38.0824 0x8b6c  WinDefend - ok
23:28:38.0830 0x8b6c  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
23:28:38.0837 0x8b6c  WindowsTrustedRT - ok
23:28:38.0839 0x8b6c  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
23:28:38.0847 0x8b6c  WindowsTrustedRTProxy - ok
23:28:38.0861 0x8b6c  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
23:28:38.0883 0x8b6c  WinHttpAutoProxySvc - ok
23:28:38.0887 0x8b6c  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\Windows\System32\drivers\winmad.sys
23:28:38.0893 0x8b6c  WinMad - ok
23:28:38.0902 0x8b6c  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:28:38.0921 0x8b6c  Winmgmt - ok
23:28:38.0927 0x8b6c  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\Windows\system32\drivers\winnat.sys
23:28:38.0938 0x8b6c  WinNat - ok
23:28:38.0977 0x8b6c  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:28:39.0051 0x8b6c  WinRM - ok
23:28:39.0058 0x8b6c  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
23:28:39.0068 0x8b6c  WINUSB - ok
23:28:39.0071 0x8b6c  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
23:28:39.0079 0x8b6c  WinVerbs - ok
23:28:39.0093 0x8b6c  [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc           C:\Windows\system32\flightsettings.dll
23:28:39.0115 0x8b6c  wisvc - ok
23:28:39.0152 0x8b6c  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\Windows\System32\wlansvc.dll
23:28:39.0219 0x8b6c  WlanSvc - ok
23:28:39.0255 0x8b6c  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\Windows\system32\wlidsvc.dll
23:28:39.0310 0x8b6c  wlidsvc - ok
23:28:39.0332 0x8b6c  [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc         C:\Windows\System32\lpasvc.dll
23:28:39.0373 0x8b6c  wlpasvc - ok
23:28:39.0378 0x8b6c  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
23:28:39.0387 0x8b6c  WmiAcpi - ok
23:28:39.0395 0x8b6c  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:28:39.0413 0x8b6c  wmiApSrv - ok
23:28:39.0415 0x8b6c  WMPNetworkSvc - ok
23:28:39.0421 0x8b6c  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\Windows\system32\drivers\Wof.sys
23:28:39.0430 0x8b6c  Wof - ok
23:28:39.0460 0x8b6c  [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
23:28:39.0507 0x8b6c  workfolderssvc - ok
23:28:39.0513 0x8b6c  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:28:39.0524 0x8b6c  WPDBusEnum - ok
23:28:39.0527 0x8b6c  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
23:28:39.0533 0x8b6c  WpdUpFltr - ok
23:28:39.0539 0x8b6c  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\Windows\system32\WpnService.dll
23:28:39.0555 0x8b6c  WpnService - ok
23:28:39.0559 0x8b6c  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\Windows\System32\WpnUserService.dll
23:28:39.0569 0x8b6c  WpnUserService - ok
23:28:39.0574 0x8b6c  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:28:39.0588 0x8b6c  ws2ifsl - ok
23:28:39.0593 0x8b6c  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\Windows\System32\wscsvc.dll
23:28:39.0606 0x8b6c  wscsvc - ok
23:28:39.0609 0x8b6c  WSearch - ok
23:28:39.0648 0x8b6c  [ 359A4FC47628C0E66894B80C97932C71, 2E4A70754619285184BA605800A9ACBB0658E7EC005271652BD465A34015B990 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:28:39.0707 0x8b6c  wuauserv - ok
23:28:39.0713 0x8b6c  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:28:39.0723 0x8b6c  WudfPf - ok
23:28:39.0729 0x8b6c  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
23:28:39.0741 0x8b6c  WUDFRd - ok
23:28:39.0746 0x8b6c  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:28:39.0757 0x8b6c  wudfsvc - ok
23:28:39.0763 0x8b6c  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
23:28:39.0776 0x8b6c  WUDFWpdFs - ok
23:28:39.0798 0x8b6c  [ B0C56930417D00E44B3FDBF6FC282943, 837776DBB83184015E7B0C5821E914325E39A8CF51497A95389B33C1E995C55E ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:28:39.0837 0x8b6c  WwanSvc - ok
23:28:39.0845 0x8b6c  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\Windows\System32\xbgmsvc.dll
23:28:39.0857 0x8b6c  xbgm - ok
23:28:39.0876 0x8b6c  [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
23:28:39.0907 0x8b6c  XblAuthManager - ok
23:28:39.0928 0x8b6c  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\Windows\System32\XblGameSave.dll
23:28:39.0961 0x8b6c  XblGameSave - ok
23:28:39.0968 0x8b6c  [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
23:28:39.0982 0x8b6c  xboxgip - ok
23:28:39.0985 0x8b6c  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\Windows\System32\XboxGipSvc.dll
23:28:39.0994 0x8b6c  XboxGipSvc - ok
23:28:40.0013 0x8b6c  [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
23:28:40.0045 0x8b6c  XboxNetApiSvc - ok
23:28:40.0047 0x8b6c  xhunter1 - ok
23:28:40.0051 0x8b6c  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
23:28:40.0059 0x8b6c  xinputhid - ok
23:28:40.0061 0x8b6c  ================ Scan global ===============================
23:28:40.0064 0x8b6c  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\Windows\system32\basesrv.dll
23:28:40.0068 0x8b6c  [ 981EC77511EBFE8AE5731C08A194A685, DBA05F38AB2536BF6BAC2103843CBAA46E601D9DCF4B72628CAA13F8E37DDB9D ] C:\Windows\system32\winsrv.dll
23:28:40.0072 0x8b6c  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\Windows\system32\sxssrv.dll
23:28:40.0083 0x8b6c  [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\Windows\system32\services.exe
23:28:40.0089 0x8b6c  [ Global ] - ok
23:28:40.0090 0x8b6c  ================ Scan MBR ==================================
23:28:40.0091 0x8b6c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:28:40.0106 0x8b6c  \Device\Harddisk0\DR0 - ok
23:28:40.0108 0x8b6c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:28:40.0130 0x8b6c  \Device\Harddisk1\DR1 - ok
23:28:40.0130 0x8b6c  ================ Scan VBR ==================================
23:28:40.0131 0x8b6c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
23:28:40.0131 0x8b6c  \Device\Harddisk0\DR0\Partition1 - ok
23:28:40.0133 0x8b6c  [ A2F60A604B43F97351351D5BD3D733DA ] \Device\Harddisk0\DR0\Partition2
23:28:40.0133 0x8b6c  \Device\Harddisk0\DR0\Partition2 - ok
23:28:40.0135 0x8b6c  [ B68767BE629024F99C02C50A64A1166D ] \Device\Harddisk1\DR1\Partition1
23:28:40.0136 0x8b6c  \Device\Harddisk1\DR1\Partition1 - ok
23:28:40.0137 0x8b6c  [ BC36EB795B9C005815BA84E907CB127A ] \Device\Harddisk1\DR1\Partition2
23:28:40.0138 0x8b6c  \Device\Harddisk1\DR1\Partition2 - ok
23:28:40.0139 0x8b6c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition3
23:28:40.0139 0x8b6c  \Device\Harddisk1\DR1\Partition3 - ok
23:28:40.0141 0x8b6c  [ 86B5B7C43C265FE1E57F6B51F402F79F ] \Device\Harddisk1\DR1\Partition4
23:28:40.0142 0x8b6c  \Device\Harddisk1\DR1\Partition4 - ok
23:28:40.0142 0x8b6c  ================ Scan generic autorun ======================
23:28:40.0143 0x8b6c  SecurityHealth - ok
23:28:40.0160 0x8b6c  [ 26765B5C617F2BC199C29FA5643F6177, A871D14CB830D7B13D9C3A451E1448D66D28CEECB08DDD6E7075B58A1AB1779C ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
23:28:40.0177 0x8b6c  avgnt - ok
23:28:40.0181 0x8b6c  [ 36828A828CEAA19A0FEA14C8723DC60C, 005627B96A08AC88BE3813DCB73228D8668A8270021D824FFC5EEA26C29027FA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
23:28:40.0187 0x8b6c  Avira SystrayStartTrigger - ok
23:28:40.0502 0x8b6c  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:28:40.0788 0x8b6c  OneDriveSetup - ok
23:28:41.0122 0x8b6c  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:28:41.0422 0x8b6c  OneDriveSetup - ok
23:28:41.0460 0x8b6c  [ C5D30E88C97825CF0652B60C42F103AD, D605DC9021021714BDA36EF48C335F85C77F85474A21B6E5258270E1703B8DC8 ] C:\Users\Christoph\AppData\Local\Microsoft\OneDrive\OneDrive.exe
23:28:41.0486 0x8b6c  OneDrive - ok
23:28:41.0494 0x8b6c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.28.21 ), 0x41000 ( enabled : updated )
23:28:41.0494 0x8b6c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
23:28:41.0494 0x8b6c  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x60000 ( disabled : updated )
23:28:41.0496 0x8b6c  Win FW state via NFP2: enabled ( trusted )
23:28:41.0669 0x8b6c  ============================================================
23:28:41.0669 0x8b6c  Scan finished
23:28:41.0669 0x8b6c  ============================================================
23:28:41.0678 0x8b98  Detected object count: 0
23:28:41.0678 0x8b98  Actual detected object count: 0
         

FRST.txt 1
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
durchgeführt von Christoph (Administrator) auf DESKTOP-50MUQLP (18-07-2017 23:54:21)
Gestartet von C:\Users\Christoph\Desktop
Geladene Profile: Christoph &  (Verfügbare Profile: Christoph)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-07-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
GroupPolicy: Beschränkung <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1b8f203d-030c-4788-89c0-c634807a762b}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default [2017-07-18]
CHR Extension: (Google Präsentationen) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-07]
CHR Extension: (Google Docs) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-07]
CHR Extension: (Google Drive) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-07]
CHR Extension: (YouTube) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-07]
CHR Extension: (Google Tabellen) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-07]
CHR Extension: (Google Docs Offline) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-07]
CHR Extension: (AdBlock) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-08]
CHR Extension: (Sword Art Online 03 - 1920x1080) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiifanipcbimdhcjlepnolpifdpkbhdh [2017-07-08]
CHR Extension: (Disconnect) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2017-07-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-07]
CHR Extension: (Google Mail) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-07]
CHR Extension: (Chrome Media Router) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-07-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [60920 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [167504 2017-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [164824 2017-07-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-07-04] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188352 2017-07-14] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-07-16] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-16] (Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2017-03-18] (Realtek Semiconductor Corporation                           )
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 sshid; C:\Windows\System32\drivers\sshid.sys [45896 2017-05-10] (SteelSeries ApS)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-18 23:54 - 2017-07-18 23:54 - 00010901 _____ C:\Users\Christoph\Desktop\FRST.txt
2017-07-18 23:53 - 2017-07-18 23:53 - 02382336 _____ (Farbar) C:\Users\Christoph\Desktop\FRST64.exe
2017-07-18 23:16 - 2017-07-18 23:51 - 00517164 _____ C:\TDSSKiller.3.1.0.15_18.07.2017_23.16.58_log.txt
2017-07-18 23:13 - 2017-07-18 23:16 - 00517130 _____ C:\TDSSKiller.3.1.0.15_18.07.2017_23.13.50_log.txt
2017-07-18 23:13 - 2017-07-18 23:13 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Christoph\Desktop\tdsskiller.exe
2017-07-18 23:13 - 2017-07-18 23:13 - 00000562 _____ C:\TDSSKiller.3.1.0.15_18.07.2017_23.13.35_log.txt
2017-07-17 01:59 - 2017-07-17 01:59 - 00000000 ____D C:\Users\Christoph\Documents\League of Legends
2017-07-17 01:59 - 2017-07-17 01:59 - 00000000 ____D C:\Users\Christoph\AppData\Local\CEF
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files\MSBuild
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-07-17 01:50 - 2017-02-10 11:26 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:26 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:26 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-07-17 01:50 - 2017-02-10 11:21 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:21 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:21 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2017-07-17 01:49 - 2017-07-17 01:49 - 00000000 ____D C:\ProgramData\Riot Games
2017-07-17 01:49 - 2017-07-17 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-07-17 01:49 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-07-17 01:49 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-07-17 01:49 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-07-17 01:47 - 2017-07-17 01:48 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Riot Games
2017-07-17 01:47 - 2017-07-17 01:47 - 31876824 _____ (Riot Games) C:\Users\Christoph\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe
2017-07-15 20:20 - 2017-07-15 20:20 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Macromedia
2017-07-14 17:48 - 2017-07-14 17:53 - 00001424 _____ C:\Users\Christoph\Downloads\Malware.txt
2017-07-14 17:03 - 2017-07-14 17:03 - 00019515 _____ C:\Users\Christoph\Downloads\Addition.txt
2017-07-14 17:02 - 2017-07-18 23:54 - 00000000 ____D C:\FRST
2017-07-14 17:02 - 2017-07-14 17:34 - 00126703 _____ C:\Users\Christoph\Downloads\FRST.txt
2017-07-14 16:59 - 2017-07-14 16:59 - 02435584 _____ (Farbar) C:\Users\Christoph\Downloads\FRST64.exe
2017-07-14 16:33 - 2017-07-14 18:27 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2017-07-14 04:35 - 2017-07-14 04:38 - 330909696 _____ C:\Users\Christoph\Downloads\kav_rescue_10.iso
2017-07-14 04:16 - 2017-07-14 04:16 - 00001209 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-07-14 04:15 - 2017-07-14 04:15 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-14 04:14 - 2017-07-14 04:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-14 04:14 - 2017-07-14 04:15 - 00000000 ____D C:\ProgramData\Avira
2017-07-14 04:14 - 2017-07-14 04:14 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Avira
2017-07-14 04:14 - 2017-07-04 13:28 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2017-07-14 03:49 - 2017-07-14 04:17 - 00188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-14 03:48 - 2017-07-16 05:22 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-14 03:48 - 2017-07-16 05:22 - 00045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-14 03:48 - 2017-07-14 04:30 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-14 03:48 - 2017-07-14 04:17 - 00101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-14 03:48 - 2017-07-14 03:51 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-14 03:48 - 2017-07-14 03:48 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-14 03:48 - 2017-07-14 03:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-14 03:48 - 2017-07-14 03:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-14 03:48 - 2017-07-14 03:48 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-14 03:22 - 2017-07-14 03:20 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-07-12 11:31 - 2017-07-07 09:13 - 00554392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2017-07-12 11:31 - 2017-07-07 09:13 - 00336320 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2017-07-12 11:31 - 2017-07-07 08:57 - 00626528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-07-12 11:31 - 2017-07-07 08:57 - 00125344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-07-12 11:31 - 2017-07-07 08:39 - 01839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-07-12 11:31 - 2017-07-07 08:39 - 00096128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-07-12 11:31 - 2017-07-07 08:37 - 02259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-07-12 11:31 - 2017-07-07 08:31 - 05820984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-07-12 11:31 - 2017-07-07 08:31 - 01518088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-07-12 11:31 - 2017-07-07 08:31 - 00129184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-07-12 11:31 - 2017-07-07 08:30 - 02165752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-12 11:31 - 2017-07-07 08:30 - 00949920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2017-07-12 11:31 - 2017-07-07 08:30 - 00750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-07-12 11:31 - 2017-07-07 08:29 - 00349600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-12 11:31 - 2017-07-07 08:29 - 00123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll
2017-07-12 11:31 - 2017-07-07 08:27 - 06759512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 20373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 01529384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 01195240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 00988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-07-12 11:31 - 2017-07-07 08:25 - 00035232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininitext.dll
2017-07-12 11:31 - 2017-07-07 08:24 - 01517472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 11:31 - 2017-07-07 08:23 - 00583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-07-12 11:31 - 2017-07-07 08:14 - 02956800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-07-12 11:31 - 2017-07-07 08:14 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-07-12 11:31 - 2017-07-07 08:14 - 00790016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-07-12 11:31 - 2017-07-07 08:13 - 13839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 11:31 - 2017-07-07 08:12 - 02199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 11:31 - 2017-07-07 08:10 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-07-12 11:31 - 2017-07-07 08:10 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapprovp.dll
2017-07-12 11:31 - 2017-07-07 08:09 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-07-12 11:31 - 2017-07-07 08:07 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2017-07-12 11:31 - 2017-07-07 08:06 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 06728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 05719040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 05961216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 00506368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 00394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-07-12 11:31 - 2017-07-07 08:03 - 06123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-07-12 11:31 - 2017-07-07 08:03 - 00636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-07-12 11:31 - 2017-07-07 08:03 - 00446464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-07-12 11:31 - 2017-07-07 08:02 - 00952832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2017-07-12 11:31 - 2017-07-07 08:01 - 02859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 07596544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 05225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 02588160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 01565184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 01019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 04417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 01494016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 01355264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 00787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 04559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 02782720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 02298368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 11:31 - 2017-07-07 07:55 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2017-07-12 11:31 - 2017-07-07 07:55 - 00329216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-07-12 11:31 - 2017-07-07 07:53 - 01301504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-12 11:31 - 2017-07-07 07:53 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-12 11:31 - 2017-06-20 08:06 - 00279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-07-12 11:31 - 2017-06-20 07:34 - 00192416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-07-12 11:31 - 2017-06-20 07:15 - 00455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2017-07-12 11:31 - 2017-06-20 07:13 - 00787712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-12 11:31 - 2017-06-20 07:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2017-07-12 11:31 - 2017-06-20 07:09 - 00406032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2017-07-12 11:31 - 2017-06-20 07:08 - 04469840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-07-12 11:31 - 2017-06-20 07:07 - 02475136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-07-12 11:31 - 2017-06-20 07:07 - 00346016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 11:31 - 2017-06-20 07:07 - 00138656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 11:31 - 2017-06-20 07:06 - 00754592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-07-12 11:31 - 2017-06-20 07:06 - 00278944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
         


Alt 18.07.2017, 23:02   #6
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



FRST.txt 2

Code:
ATTFilter
2017-07-12 11:31 - 2017-06-20 07:05 - 00438096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 11:31 - 2017-06-20 07:05 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-12 11:31 - 2017-06-20 07:04 - 02330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 01178528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 01077496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 00181656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 00049656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2017-07-12 11:31 - 2017-06-20 07:03 - 05806048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-07-12 11:31 - 2017-06-20 07:03 - 00864240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-07-12 11:31 - 2017-06-20 07:03 - 00443728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2017-07-12 11:31 - 2017-06-20 07:02 - 03377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-12 11:31 - 2017-06-20 07:02 - 01121928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2017-07-12 11:31 - 2017-06-20 07:02 - 00354400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-07-12 11:31 - 2017-06-20 07:01 - 00176032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-07-12 11:31 - 2017-06-20 07:00 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-12 11:31 - 2017-06-20 06:49 - 00899072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2017-07-12 11:31 - 2017-06-20 06:49 - 00331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-07-12 11:31 - 2017-06-20 06:46 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 11:31 - 2017-06-20 06:45 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ClipboardServer.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certca.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00734208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-07-12 11:31 - 2017-06-20 06:41 - 00646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00433152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 11:31 - 2017-06-20 06:40 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 02814464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 02671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 00969728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2017-07-12 11:31 - 2017-06-20 06:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-12 11:31 - 2017-06-20 06:38 - 01451008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2017-07-12 11:31 - 2017-06-20 06:38 - 01285120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2017-07-12 11:31 - 2017-06-20 06:38 - 01171968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-07-12 11:31 - 2017-06-20 06:38 - 00648192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 11:31 - 2017-06-20 06:38 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-07-12 11:31 - 2017-06-20 06:36 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-07-12 11:31 - 2017-06-20 06:35 - 02679296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2017-07-12 11:31 - 2017-06-20 06:35 - 02132480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-12 11:31 - 2017-06-20 06:35 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 04056576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 02750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 02211328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 01492480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-07-12 11:31 - 2017-06-20 06:31 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-07-12 11:31 - 2017-06-20 06:30 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2017-07-12 11:31 - 2017-06-20 06:30 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-12 11:31 - 2017-06-20 06:30 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-07-12 11:31 - 2017-06-20 06:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2017-07-12 11:30 - 2017-07-07 16:00 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2017-07-12 11:30 - 2017-07-07 09:27 - 01147288 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-07-12 11:30 - 2017-07-07 09:27 - 01024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-07-12 11:30 - 2017-07-07 09:27 - 00965024 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2017-07-12 11:30 - 2017-07-07 09:27 - 00821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-07-12 11:30 - 2017-07-07 09:27 - 00750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-07-12 11:30 - 2017-07-07 09:26 - 01065104 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-07-12 11:30 - 2017-07-07 09:25 - 00899824 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-07-12 11:30 - 2017-07-07 09:24 - 00117664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2017-07-12 11:30 - 2017-07-07 09:23 - 02399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-07-12 11:30 - 2017-07-07 09:22 - 08318880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-07-12 11:30 - 2017-07-07 09:22 - 01186464 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-07-12 11:30 - 2017-07-07 09:22 - 00119384 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-07-12 11:30 - 2017-07-07 09:21 - 32688336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2017-07-12 11:30 - 2017-07-07 09:21 - 02969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-07-12 11:30 - 2017-07-07 09:20 - 02021680 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-07-12 11:30 - 2017-07-07 09:20 - 00923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-07-12 11:30 - 2017-07-07 09:20 - 00519584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-12 11:30 - 2017-07-07 09:20 - 00382368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-07-12 11:30 - 2017-07-07 09:17 - 01017760 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2017-07-12 11:30 - 2017-07-07 09:15 - 02444696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-12 11:30 - 2017-07-07 09:14 - 07325584 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-07-12 11:30 - 2017-07-07 09:14 - 05477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 11:30 - 2017-07-07 09:14 - 01760264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-07-12 11:30 - 2017-07-07 09:14 - 01171032 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2017-07-12 11:30 - 2017-07-07 09:13 - 00872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-07-12 11:30 - 2017-07-07 09:13 - 00147800 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll
2017-07-12 11:30 - 2017-07-07 09:12 - 00411040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-12 11:30 - 2017-07-07 09:12 - 00318232 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-07-12 11:30 - 2017-07-07 09:12 - 00228256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-12 11:30 - 2017-07-07 09:11 - 07904784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:30 - 2017-07-07 09:11 - 00094624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 21353208 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 01670496 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 01337848 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 01325968 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 00372128 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 00254168 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-07-12 11:30 - 2017-07-07 09:09 - 00041376 _____ (Microsoft Corporation) C:\Windows\system32\wininitext.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 02229152 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01854880 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01693600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01458584 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01100704 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00992672 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00848280 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00846752 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2017-07-12 11:30 - 2017-07-07 09:08 - 00844704 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00774560 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00699808 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00672672 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00506776 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00399264 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2017-07-12 11:30 - 2017-07-07 09:07 - 01106848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-12 11:30 - 2017-07-07 09:07 - 00058488 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-12 11:30 - 2017-07-07 08:40 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-07-12 11:30 - 2017-07-07 08:37 - 31652264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 11:30 - 2017-07-07 08:37 - 01339352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 03670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-07-12 11:30 - 2017-07-07 08:27 - 01640448 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\PerceptionSimulationExtensions.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00360960 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-07-12 11:30 - 2017-07-07 08:26 - 17364992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-07-12 11:30 - 2017-07-07 08:25 - 02199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 11:30 - 2017-07-07 08:24 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\eapprovp.dll
2017-07-12 11:30 - 2017-07-07 08:22 - 07931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-07-12 11:30 - 2017-07-07 08:22 - 00520704 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-07-12 11:30 - 2017-07-07 08:21 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2017-07-12 11:30 - 2017-07-07 08:21 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-07-12 11:30 - 2017-07-07 08:20 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-12 11:30 - 2017-07-07 08:20 - 08331264 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-07-12 11:30 - 2017-07-07 08:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 07149056 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 07336448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 01878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 01260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-07-12 11:30 - 2017-07-07 08:17 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00536064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2017-07-12 11:30 - 2017-07-07 08:16 - 12786176 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-12 11:30 - 2017-07-07 08:16 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-07-12 11:30 - 2017-07-07 08:16 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-07-12 11:30 - 2017-07-07 08:15 - 08238080 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-07-12 11:30 - 2017-07-07 08:15 - 00922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 08211968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 03784704 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2017-07-12 11:30 - 2017-07-07 08:14 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-07-12 11:30 - 2017-07-07 08:13 - 05892096 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-07-12 11:30 - 2017-07-07 08:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 04730880 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 03307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 02499584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 02055168 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-07-12 11:30 - 2017-07-07 08:12 - 01713664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01420800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01305088 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01142272 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 00706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-07-12 11:30 - 2017-07-07 08:11 - 03139584 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 02829824 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 02649600 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 02177024 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 00986112 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-07-12 11:30 - 2017-07-07 08:10 - 05557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-07-12 11:30 - 2017-07-07 08:10 - 04707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-12 11:30 - 2017-07-07 08:10 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-12 11:30 - 2017-07-07 08:09 - 20504576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-07-12 11:30 - 2017-07-07 08:08 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-12 11:30 - 2017-07-07 08:07 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-07-12 11:30 - 2017-07-07 08:07 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-07-12 11:30 - 2017-07-07 08:07 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-07-12 11:30 - 2017-07-07 08:06 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-07-12 11:30 - 2017-07-07 08:06 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\sensrsvc.dll
2017-07-12 11:30 - 2017-07-07 08:05 - 19335168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-12 11:30 - 2017-07-07 08:05 - 11870720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-12 11:30 - 2017-07-07 08:05 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-12 11:30 - 2017-07-07 08:04 - 01703424 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-12 11:30 - 2017-07-07 08:04 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-12 11:30 - 2017-07-07 08:04 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-07-12 11:30 - 2017-07-07 08:02 - 00508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2017-07-12 11:30 - 2017-07-07 08:01 - 06287360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-07-12 11:30 - 2017-07-07 07:59 - 03656704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-12 11:30 - 2017-07-02 00:52 - 00031932 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-07-12 11:30 - 2017-06-20 08:18 - 01564576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-12 11:30 - 2017-06-20 08:18 - 00096672 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-12 11:30 - 2017-06-20 08:17 - 00629152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00544160 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00334240 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00136096 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00034720 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-07-12 11:30 - 2017-06-20 08:16 - 01214880 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-12 11:30 - 2017-06-20 08:16 - 00335776 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-07-12 11:30 - 2017-06-20 08:15 - 00233376 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-12 11:30 - 2017-06-20 08:11 - 01395152 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-07-12 11:30 - 2017-06-20 08:11 - 00411992 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2017-07-12 11:30 - 2017-06-20 08:10 - 02327456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-12 11:30 - 2017-06-20 08:10 - 01930320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-07-12 11:30 - 2017-06-20 08:08 - 01242528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-07-12 11:30 - 2017-06-20 08:05 - 01057832 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-07-12 11:30 - 2017-06-20 08:04 - 04847424 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-07-12 11:30 - 2017-06-20 08:04 - 00472728 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2017-07-12 11:30 - 2017-06-20 08:03 - 00820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-07-12 11:30 - 2017-06-20 08:03 - 00179608 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-07-12 11:30 - 2017-06-20 08:03 - 00102312 _____ (Microsoft Corporation) C:\Windows\system32\CredentialUIBroker.exe
2017-07-12 11:30 - 2017-06-20 08:02 - 02645688 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-12 11:30 - 2017-06-20 08:02 - 01055648 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-07-12 11:30 - 2017-06-20 08:02 - 00426912 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-07-12 11:30 - 2017-06-20 08:00 - 00558920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-07-12 11:30 - 2017-06-20 08:00 - 00255904 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2017-07-12 11:30 - 2017-06-20 08:00 - 00142752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2017-07-12 11:30 - 2017-06-20 07:59 - 06554928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-07-12 11:30 - 2017-06-20 07:59 - 01220072 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2017-07-12 11:30 - 2017-06-20 07:59 - 01054280 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-07-12 11:30 - 2017-06-20 07:59 - 00583304 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-07-12 11:30 - 2017-06-20 07:59 - 00467504 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2017-07-12 11:30 - 2017-06-20 07:58 - 00833160 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2017-07-12 11:30 - 2017-06-20 07:58 - 00406072 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-07-12 11:30 - 2017-06-20 07:58 - 00203168 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-07-12 11:30 - 2017-06-20 07:57 - 02681760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-12 11:30 - 2017-06-20 07:57 - 00204192 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-07-12 11:30 - 2017-06-20 07:16 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2017-07-12 11:30 - 2017-06-20 07:16 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-07-12 11:30 - 2017-06-20 07:15 - 01620368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-07-12 11:30 - 2017-06-20 07:14 - 01150784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-07-12 11:30 - 2017-06-20 07:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys
2017-07-12 11:30 - 2017-06-20 07:13 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 11:30 - 2017-06-20 07:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2017-07-12 11:30 - 2017-06-20 07:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgr.dll
2017-07-12 11:30 - 2017-06-20 07:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2017-07-12 11:30 - 2017-06-20 07:12 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-07-12 11:30 - 2017-06-20 07:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2017-07-12 11:30 - 2017-06-20 07:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 11:30 - 2017-06-20 07:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-07-12 11:30 - 2017-06-20 07:11 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-07-12 11:30 - 2017-06-20 07:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00555008 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgrSvc.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2017-07-12 11:30 - 2017-06-20 07:09 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\ClipboardServer.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00791040 _____ (Microsoft Corporation) C:\Windows\system32\certca.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\LockHostingFramework.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00386560 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2017-07-12 11:30 - 2017-06-20 07:07 - 00823296 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2017-07-12 11:30 - 2017-06-20 07:07 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00411136 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00847872 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 04447744 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 01468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00873472 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2017-07-12 11:30 - 2017-06-20 07:05 - 00687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-07-12 11:30 - 2017-06-20 07:05 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-07-12 11:30 - 2017-06-20 07:05 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 01818624 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 01425920 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-07-12 11:30 - 2017-06-20 07:04 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00899072 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2017-07-12 11:30 - 2017-06-20 07:03 - 02077184 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-12 11:30 - 2017-06-20 07:03 - 01396224 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinAUG.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 04536320 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 04396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 03803136 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 03332096 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 01076736 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 00809984 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 00397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2017-07-12 11:30 - 2017-06-20 07:00 - 03057664 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-07-12 11:30 - 2017-06-20 07:00 - 02171392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-07-12 11:30 - 2017-06-20 06:59 - 02938880 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2017-07-12 11:30 - 2017-06-20 06:59 - 01674240 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-07-12 11:30 - 2017-06-20 06:59 - 01357824 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-07-12 11:30 - 2017-06-20 06:58 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-07-12 11:30 - 2017-06-20 06:57 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2017-07-12 11:30 - 2017-06-20 06:57 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll
2017-07-12 11:30 - 2017-06-20 06:56 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-07-12 11:30 - 2017-06-20 06:56 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2017-07-12 11:30 - 2017-06-20 06:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2017-07-12 11:30 - 2017-06-20 06:54 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\DmApiSetExtImplDesktop.dll
2017-07-12 11:30 - 2017-06-20 06:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-12 11:30 - 2017-06-20 06:43 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2017-07-12 11:30 - 2017-06-20 06:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-07-12 11:30 - 2017-06-20 06:43 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-12 11:30 - 2017-06-20 06:42 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-12 11:30 - 2017-06-20 06:42 - 00266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-12 11:30 - 2017-06-20 06:38 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-12 11:30 - 2017-06-20 06:37 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-08 19:55 - 2017-07-08 19:55 - 00000628 __RSH C:\ProgramData\ntuser.pol
2017-07-08 08:46 - 2017-07-08 08:46 - 00000000 ____D C:\Users\Christoph\AppData\Local\PeerDistRepub
2017-07-07 18:52 - 2017-07-07 18:52 - 00000000 ____D C:\Users\Christoph\Documents\BnS
2017-07-07 18:52 - 2017-07-07 18:52 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\NVIDIA
2017-07-07 15:58 - 2017-07-07 15:58 - 00002303 _____ C:\Users\Public\Desktop\Blade & Soul.lnk
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\NCWest
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-07-07 15:58 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-07-07 15:58 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-07-07 15:58 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-07-07 15:58 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2017-07-07 15:58 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2017-07-07 15:58 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2017-07-07 15:58 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2017-07-07 15:58 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2017-07-07 15:58 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2017-07-07 15:58 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2017-07-07 15:58 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2017-07-07 15:58 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-07-07 15:58 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-07-07 15:58 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2017-07-07 15:58 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2017-07-07 15:58 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2017-07-07 15:58 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2017-07-07 15:58 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2017-07-07 15:57 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2017-07-07 15:57 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-07-07 15:57 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2017-07-07 15:57 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2017-07-07 15:57 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2017-07-07 15:57 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2017-07-07 15:57 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2017-07-07 15:57 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-07-07 15:57 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2017-07-07 15:57 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2017-07-07 15:57 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2017-07-07 15:57 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2017-07-07 15:57 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2017-07-07 15:57 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2017-07-07 15:57 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2017-07-07 15:57 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2017-07-07 15:57 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-07-07 15:57 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-07-07 15:57 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2017-07-07 15:57 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-07-07 15:57 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2017-07-07 15:57 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2017-07-07 15:57 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2017-07-07 15:57 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2017-07-07 15:57 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2017-07-07 15:57 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2017-07-07 15:57 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2017-07-07 15:57 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2017-07-07 15:57 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2017-07-07 15:57 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2017-07-07 15:57 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2017-07-07 15:57 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2017-07-07 15:57 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2017-07-07 15:57 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2017-07-07 15:57 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2017-07-07 15:57 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2017-07-07 15:57 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-07-07 15:57 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-07-07 15:57 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-07-07 15:57 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-07-07 15:57 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-07-07 15:57 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-07-07 15:57 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2017-07-07 15:57 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2017-07-07 15:57 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2017-07-07 15:57 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2017-07-07 15:57 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-07-07 15:57 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-07-07 15:57 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-07-07 15:57 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2017-07-07 15:57 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2017-07-07 15:57 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2017-07-07 15:57 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2017-07-07 15:57 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2017-07-07 15:57 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2017-07-07 15:57 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-07-07 15:57 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2017-07-07 15:57 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2017-07-07 06:45 - 2017-07-07 06:53 - 00000000 ____D C:\Users\Christoph\AppData\Local\Google
2017-07-07 06:45 - 2017-07-07 06:45 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-07 06:45 - 2017-07-07 06:45 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-07 06:45 - 2017-07-07 06:45 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-07 06:45 - 2017-07-07 06:45 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-07 06:45 - 2017-07-07 06:45 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-06 19:29 - 2017-07-06 18:30 - 00000000 ____D C:\Windows\Panther
2017-07-06 18:58 - 2017-07-12 11:32 - 00000000 ____D C:\Windows\system32\MRT
2017-07-06 18:58 - 2017-07-12 11:31 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-06 18:58 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-07-06 18:58 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-07-06 18:58 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2017-07-06 18:58 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-07-06 18:58 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-07-06 18:58 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2017-07-06 18:58 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capauthz.dll
2017-07-06 18:58 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2017-07-06 18:58 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2017-07-06 18:58 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-07-06 18:58 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-07-06 18:58 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-07-06 18:58 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-06 18:58 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-06 18:58 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devicengccredprov.dll
2017-07-06 18:58 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-07-06 18:58 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-06 18:58 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-07-06 18:58 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-07-06 18:58 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-07-06 18:58 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-06 18:58 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-07-06 18:58 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-07-06 18:58 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-07-06 18:58 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-06 18:58 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-07-06 18:58 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-07-06 18:58 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-07-06 18:58 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-07-06 18:58 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-07-06 18:58 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2017-07-06 18:58 - 2017-05-20 10:26 - 00059904 _____ C:\Windows\SysWOW64\xboxgipsynthetic.dll
2017-07-06 18:58 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-07-06 18:58 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSMDesktopProvider.dll
2017-07-06 18:58 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-06 18:58 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2017-07-06 18:58 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2017-07-06 18:58 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DictationManager.dll
2017-07-06 18:58 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2017-07-06 18:58 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-07-06 18:58 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
2017-07-06 18:58 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-07-06 18:58 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-07-06 18:58 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-07-06 18:58 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2017-07-06 18:58 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-07-06 18:58 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-07-06 18:58 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-07-06 18:58 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSM.dll
2017-07-06 18:58 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RstrtMgr.dll
2017-07-06 18:58 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-07-06 18:58 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-07-06 18:58 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-07-06 18:58 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-07-06 18:58 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-07-06 18:58 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2017-07-06 18:58 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthSSO.dll
2017-07-06 18:58 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys
2017-07-06 18:58 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2017-07-06 18:58 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSaveExt.dll
2017-07-06 18:58 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe
2017-07-06 18:58 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2017-07-06 18:58 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-07-06 18:58 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-07-06 18:58 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-07-06 18:58 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-07-06 18:58 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-07-06 18:58 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2017-07-06 18:58 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-07-06 18:58 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2017-07-06 18:58 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-07-06 18:58 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2017-07-06 18:58 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2017-07-06 18:58 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2017-07-06 18:58 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2017-07-06 18:58 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2017-07-06 18:58 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Preview.dll
2017-07-06 18:58 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2017-07-06 18:58 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll
2017-07-06 18:58 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2017-07-06 18:58 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaserver.exe
2017-07-06 18:58 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2017-07-06 18:58 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll
2017-07-06 18:58 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2017-07-06 18:58 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-07-06 18:58 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-07-06 18:58 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2017-07-06 18:58 - 2017-04-01 02:28 - 00354360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-07-06 18:58 - 2017-04-01 02:04 - 00364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-07-06 18:58 - 2017-04-01 02:02 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-06 18:58 - 2017-04-01 02:01 - 00429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-07-06 18:58 - 2017-04-01 01:58 - 01506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-07-06 18:58 - 2017-04-01 01:56 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-07-06 18:58 - 2017-04-01 01:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-07-06 18:58 - 2017-04-01 01:52 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-07-06 18:57 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-07-06 18:57 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-07-06 18:57 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-07-06 18:57 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\Windows\system32\capauthz.dll
2017-07-06 18:57 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-07-06 18:57 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2017-07-06 18:57 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-07-06 18:57 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-06 18:57 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCredentialDeployment.exe
2017-07-06 18:57 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-06 18:57 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\devicengccredprov.dll
2017-07-06 18:57 - 2017-06-03 11:07 - 00778240 _____ C:\Windows\system32\MBR2GPT.EXE
2017-07-06 18:57 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2017-07-06 18:57 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-07-06 18:57 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-07-06 18:57 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2017-07-06 18:57 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-07-06 18:57 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-07-06 18:57 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-07-06 18:57 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-07-06 18:57 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2017-07-06 18:57 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2017-07-06 18:57 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-07-06 18:57 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-07-06 18:57 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-07-06 18:57 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-07-06 18:57 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2017-07-06 18:57 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2017-07-06 18:57 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-07-06 18:57 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-07-06 18:57 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-07-06 18:57 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-07-06 18:57 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-07-06 18:57 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-07-06 18:57 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-07-06 18:57 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-07-06 18:57 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-07-06 18:57 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-07-06 18:57 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-07-06 18:57 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\winsrvext.dll
2017-07-06 18:57 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys
2017-07-06 18:57 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2017-07-06 18:57 - 2017-05-20 08:08 - 00086016 _____ C:\Windows\system32\xboxgipsynthetic.dll
2017-07-06 18:57 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-07-06 18:57 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\Windows\system32\NPSMDesktopProvider.dll
2017-07-06 18:57 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.SharedPC.AccountManager.dll
2017-07-06 18:57 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2017-07-06 18:57 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\DictationManager.dll
2017-07-06 18:57 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Display.dll
2017-07-06 18:57 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2017-07-06 18:57 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\embeddedmodesvc.dll
2017-07-06 18:57 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\Windows\system32\XboxNetApiSvc.dll
2017-07-06 18:57 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2017-07-06 18:57 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2017-07-06 18:57 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2017-07-06 18:57 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2017-07-06 18:57 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2017-07-06 18:57 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2017-07-06 18:57 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-07-06 18:57 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-07-06 18:57 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-07-06 18:57 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2017-07-06 18:57 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2017-07-06 18:57 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-07-06 18:57 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2017-07-06 18:57 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-07-06 18:57 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\NPSM.dll
2017-07-06 18:57 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-07-06 18:57 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-07-06 18:57 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2017-07-06 18:57 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll
2017-07-06 18:57 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-07-06 18:57 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-07-06 18:57 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-07-06 18:57 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-07-06 18:57 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-07-06 18:57 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-06 18:57 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-06 18:57 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2017-07-06 18:57 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2017-07-06 18:57 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-06 18:57 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-07-06 18:57 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-07-06 18:57 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-07-06 18:57 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-07-06 18:57 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-07-06 18:57 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-07-06 18:57 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2017-07-06 18:57 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2017-07-06 18:57 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2017-07-06 18:57 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2017-07-06 18:57 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2017-07-06 18:57 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-07-06 18:57 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2017-07-06 18:57 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-07-06 18:57 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-07-06 18:57 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-07-06 18:57 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-07-06 18:57 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2017-07-06 18:57 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2017-07-06 18:57 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2017-07-06 18:57 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2017-07-06 18:57 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2017-07-06 18:57 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\mmgaserver.exe
2017-07-06 18:57 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-07-06 18:57 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-07-06 18:57 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-07-06 18:57 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2017-07-06 18:57 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2017-07-06 18:57 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2017-07-06 18:57 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-07-06 18:57 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-06 18:57 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-07-06 18:57 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2017-07-06 18:57 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2017-07-06 18:57 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-06 18:57 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-07-06 18:57 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-07-06 18:57 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-07-06 18:57 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2017-07-06 18:57 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-06 18:57 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-06 18:57 - 2017-04-01 02:52 - 00409504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-06 18:57 - 2017-04-01 01:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2017-07-06 18:57 - 2017-04-01 01:55 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2017-07-06 18:57 - 2017-04-01 01:50 - 01657344 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-07-06 18:57 - 2017-04-01 01:50 - 01605632 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-07-06 18:57 - 2017-04-01 01:45 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-07-06 18:57 - 2017-04-01 01:44 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-07-06 18:51 - 2017-07-06 18:51 - 00000000 ____D C:\Users\Christoph\AppData\Local\Comms
2017-07-06 18:40 - 2017-07-06 18:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-07-06 18:40 - 2017-07-06 18:40 - 00000000 ____D C:\ProgramData\USOShared
2017-07-06 18:39 - 2017-07-18 13:01 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-06 18:39 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-06 18:39 - 2017-05-19 18:07 - 00521816 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-07-06 18:39 - 2017-05-01 22:52 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-07-06 18:39 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-07-06 18:39 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-07-06 18:39 - 2017-04-25 23:11 - 07944687 _____ C:\Windows\system32\nvcoproc.bin
2017-07-06 18:39 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-07-06 18:39 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-07-06 18:39 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-07-06 18:39 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-07-06 18:38 - 2017-07-14 04:15 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-06 18:37 - 2017-07-06 18:37 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Skype
2017-07-06 18:37 - 2017-07-06 18:37 - 00000000 ____D C:\Users\Christoph\AppData\Local\MicrosoftEdge
2017-07-06 18:36 - 2017-07-15 14:44 - 02278176 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-06 18:36 - 2017-07-06 18:37 - 00003298 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-06 18:36 - 2017-07-06 18:37 - 00002395 _____ C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-06 18:36 - 2017-07-06 18:37 - 00000000 ___RD C:\Users\Christoph\OneDrive
2017-07-06 18:36 - 2017-07-06 18:36 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-06 18:35 - 2017-07-12 23:01 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-06 18:35 - 2017-07-06 19:41 - 00000000 ____D C:\Users\Christoph\AppData\Local\Packages
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Adobe
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\VirtualStore
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\TileDataLayer
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\Publishers
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\ConnectedDevicesPlatform
2017-07-06 18:34 - 2017-07-17 12:57 - 00000000 ____D C:\Users\Christoph
2017-07-06 18:34 - 2017-07-06 18:34 - 00000020 ___SH C:\Users\Christoph\ntuser.ini
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Vorlagen
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Startmenü
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Netzwerkumgebung
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Lokale Einstellungen
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Eigene Dateien
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Druckumgebung
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Documents\Eigene Videos
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Documents\Eigene Musik
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Documents\Eigene Bilder
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\AppData\Local\Verlauf
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\AppData\Local\Anwendungsdaten
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Anwendungsdaten
2017-07-06 18:33 - 2017-07-06 18:33 - 00000000 ____D C:\Windows\CSC
2017-07-06 18:33 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Vorlagen
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Startmenü
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Dokumente
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Dokumente und Einstellungen
2017-07-06 18:30 - 2017-07-15 14:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-06 18:30 - 2017-07-06 18:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-07-06 18:29 - 2017-07-18 12:52 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-06 18:29 - 2017-07-12 22:57 - 00217120 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-06 18:29 - 2017-07-06 18:29 - 00000000 ____D C:\Windows\ServiceProfiles

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-18 23:18 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-18 23:18 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\AppReadiness
2017-07-17 23:33 - 2017-03-18 22:51 - 00000000 ____D C:\Windows\CbsTemp
2017-07-17 01:50 - 2017-03-20 06:41 - 01081232 _____ C:\Windows\system32\perfh007.dat
2017-07-17 01:50 - 2017-03-20 06:41 - 00242542 _____ C:\Windows\system32\perfc007.dat
2017-07-17 01:50 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-07-17 01:50 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\MUI
2017-07-17 01:50 - 2017-03-18 23:01 - 00000000 ____D C:\Windows\INF
2017-07-14 14:31 - 2017-03-18 13:40 - 00786432 _____ C:\Windows\system32\config\BBI
2017-07-13 23:31 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\rescache
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___SD C:\Windows\system32\F12
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\oobe
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\migwiz
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\ShellExperiences
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-08 06:43 - 2017-03-18 23:03 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-07-07 06:45 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\appcompat
2017-07-06 19:29 - 2017-03-18 23:03 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\Provisioning
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-07-06 19:01 - 2017-03-18 13:40 - 00000000 ____D C:\Windows\system32\Dism
2017-07-06 18:40 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-07-06 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\Help
2017-07-06 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2017-07-06 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\spool
2017-07-06 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-07-06 18:31 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-06 18:31 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-07-06 18:30 - 2017-03-20 06:43 - 00000000 ____D C:\Windows\HoloShell
2017-07-06 18:30 - 2017-03-18 23:03 - 00000000 ___RD C:\Windows\PrintDialog
2017-07-06 18:30 - 2017-03-18 23:03 - 00000000 ___RD C:\Windows\MiracastView
2017-07-06 18:30 - 2017-03-18 13:40 - 00032768 _____ C:\Windows\system32\config\ELAM
2017-07-06 18:30 - 2017-03-18 13:40 - 00000000 ____D C:\Windows\system32\Sysprep
2017-06-30 16:47 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:47 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Einige Dateien in TEMP:
====================
2017-07-07 18:52 - 2017-07-18 10:10 - 0000088 _____ () C:\Users\Christoph\AppData\Local\Temp\266506078ac6d39ec955152eb3f5d00c.dll
2017-07-07 18:52 - 2017-07-18 12:58 - 0000000 _____ () C:\Users\Christoph\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll
2017-07-14 03:27 - 2017-07-14 03:27 - 0000000 ____D () C:\Users\Christoph\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-16 18:32

==================== Ende von FRST.txt ============================
         

Alt 18.07.2017, 23:03   #7
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2017
durchgeführt von Christoph (18-07-2017 23:54:41)
Gestartet von C:\Users\Christoph\Desktop
Windows 10 Pro Version 1703 (X64) (2017-07-06 16:31:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1995552849-4031116117-681190137-500 - Administrator - Disabled)
Christoph (S-1-5-21-1995552849-4031116117-681190137-1001 - Administrator - Enabled) => C:\Users\Christoph
DefaultAccount (S-1-5-21-1995552849-4031116117-681190137-503 - Limited - Disabled)
Gast (S-1-5-21-1995552849-4031116117-681190137-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Blade & Soul (HKLM-x32\...\{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1995552849-4031116117-681190137-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1995552849-4031116117-681190137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07162017052226520\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1995552849-4031116117-681190137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07172017025751394\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1995552849-4031116117-681190137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07182017025739224\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-04] (Avira Operations GmbH & Co. KG)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {24A57E97-BBED-40EC-9B65-194640448BA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-07] (Google Inc.)
Task: {73A55F35-FF27-4E3C-97B4-C49834CB8504} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-07] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-17 23:25 - 2017-07-17 23:25 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-17 23:25 - 2017-07-17 23:25 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-17 23:25 - 2017-07-17 23:25 - 43573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-17 23:25 - 2017-07-17 23:25 - 02435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-07 06:45 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-07-07 06:45 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 23:03 - 2017-03-18 23:01 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07162017052226488\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07172017025751358\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07182017025739177\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07162017052226502\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07172017025751380\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07182017025739203\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1995552849-4031116117-681190137-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1995552849-4031116117-681190137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07162017052226520\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1995552849-4031116117-681190137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07172017025751394\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1995552849-4031116117-681190137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07182017025739224\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A4B6EA15-DC13-47E8-83EB-6F7BBE25EE55}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

14-07-2017 20:01:50 Geplanter Prüfpunkt
17-07-2017 01:48:50 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/14/2017 03:31:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.8.652, Zeitstempel: 0x55070df3
Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.8.652, Zeitstempel: 0x5507092a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000528b
ID des fehlerhaften Prozesses: 0xf9c
Startzeit der fehlerhaften Anwendung: 0x01d2fc40ec3b8881
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Avira\AntiVir Desktop\AVSCPLR.DLL
Berichtskennung: 0329fde4-e729-406d-b939-0807ebd60a25
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/12/2017 11:32:11 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (07/08/2017 07:07:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-50MUQLP)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/06/2017 07:25:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-50MUQLP)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/06/2017 06:59:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (07/06/2017 06:33:19 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Windows Defender-Status auf SECURITY_PRODUCT_STATE_ON.

Error: (07/06/2017 06:33:19 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Windows Defender-Status auf SECURITY_PRODUCT_STATE_ON.

Error: (07/06/2017 06:31:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x8024402C
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1


Systemfehler:
=============
Error: (07/18/2017 10:10:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (07/17/2017 11:38:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (07/17/2017 10:05:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (07/17/2017 02:05:43 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/16/2017 03:06:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (07/15/2017 04:32:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (07/15/2017 04:26:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/15/2017 02:38:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/15/2017 02:38:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎07.‎2017 um 05:09:54 unerwartet heruntergefahren.

Error: (07/15/2017 02:38:39 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256845190016


CodeIntegrity:
===================================
  Date: 2017-07-18 10:10:08.022
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-17 23:38:46.425
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-17 10:05:05.836
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-16 15:06:11.546
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-15 16:32:10.150
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-14 20:37:57.840
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-14 00:10:50.441
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-13 11:14:57.897
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-12 23:25:30.368
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-12 11:32:04.213
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 16303.05 MB
Verfügbarer physikalischer RAM: 12622.44 MB
Summe virtueller Speicher: 18735.05 MB
Verfügbarer virtueller Speicher: 14548.79 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.33 GB) (Free:172.7 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.39 GB) (Free:929.54 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 6DDE38CD)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 18.07.2017, 23:25   #8
M-K-D-B
/// TB-Ausbilder
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



Servus,





Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Tracing Schlüssel
    • Prefetch Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 3
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.




Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die zwei neuen Logdateien von FRST.

Alt 19.07.2017, 00:02   #9
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



ADwCleaner
Code:
ATTFilter
# AdwCleaner 7.0.0.0 - Logfile created on Tue Jul 18 22:52:45 2017
# Updated on 2017/17/07 by Malwarebytes 
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [944 B] - [2017/7/18 22:52:26]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
         

Mbam
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 19.07.17
Scan-Zeit: 00:54
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2394
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.483)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-50MUQLP\Christoph

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 347653
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 0 Min., 40 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         

FRST.txt1

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
durchgeführt von Christoph (Administrator) auf DESKTOP-50MUQLP (19-07-2017 00:58:12)
Gestartet von C:\Users\Christoph\Desktop
Geladene Profile: Christoph &  (Verfügbare Profile: Christoph)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-07-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1b8f203d-030c-4788-89c0-c634807a762b}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default [2017-07-19]
CHR Extension: (Google Präsentationen) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-07]
CHR Extension: (Google Docs) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-07]
CHR Extension: (Google Drive) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-07]
CHR Extension: (YouTube) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-07]
CHR Extension: (Google Tabellen) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-07]
CHR Extension: (Google Docs Offline) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-07]
CHR Extension: (AdBlock) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-08]
CHR Extension: (Sword Art Online 03 - 1920x1080) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiifanipcbimdhcjlepnolpifdpkbhdh [2017-07-08]
CHR Extension: (Disconnect) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2017-07-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-07]
CHR Extension: (Google Mail) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-07]
CHR Extension: (Chrome Media Router) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-07-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [60920 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [167504 2017-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [164824 2017-07-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-07-04] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188352 2017-07-14] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-07-19] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-19] (Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2017-03-18] (Realtek Semiconductor Corporation                           )
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 sshid; C:\Windows\System32\drivers\sshid.sys [45896 2017-05-10] (SteelSeries ApS)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-19 00:58 - 2017-07-19 00:58 - 02382336 _____ (Farbar) C:\Users\Christoph\Desktop\FRST64.exe
2017-07-19 00:55 - 2017-07-19 00:55 - 00001413 _____ C:\Users\Christoph\Desktop\mbam2.txt
2017-07-19 00:55 - 2017-07-19 00:55 - 00001412 _____ C:\Users\Christoph\Desktop\mbam.txt
2017-07-19 00:50 - 2017-07-19 00:52 - 00000000 ____D C:\AdwCleaner
2017-07-19 00:43 - 2017-07-19 00:43 - 08162248 _____ (Malwarebytes) C:\Users\Christoph\Desktop\adwcleaner_7.0.0.0.exe
2017-07-18 23:54 - 2017-07-19 00:58 - 00009973 _____ C:\Users\Christoph\Desktop\FRST.txt
2017-07-18 23:54 - 2017-07-18 23:54 - 00024243 _____ C:\Users\Christoph\Desktop\Addition.txt
2017-07-18 23:16 - 2017-07-18 23:51 - 00517164 _____ C:\TDSSKiller.3.1.0.15_18.07.2017_23.16.58_log.txt
2017-07-18 23:13 - 2017-07-18 23:16 - 00517130 _____ C:\TDSSKiller.3.1.0.15_18.07.2017_23.13.50_log.txt
2017-07-18 23:13 - 2017-07-18 23:13 - 00000562 _____ C:\TDSSKiller.3.1.0.15_18.07.2017_23.13.35_log.txt
2017-07-17 01:59 - 2017-07-17 01:59 - 00000000 ____D C:\Users\Christoph\Documents\League of Legends
2017-07-17 01:59 - 2017-07-17 01:59 - 00000000 ____D C:\Users\Christoph\AppData\Local\CEF
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files\MSBuild
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-07-17 01:50 - 2017-02-10 11:26 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:26 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:26 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-07-17 01:50 - 2017-02-10 11:21 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:21 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:21 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2017-07-17 01:49 - 2017-07-17 01:49 - 00000000 ____D C:\ProgramData\Riot Games
2017-07-17 01:49 - 2017-07-17 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-07-17 01:49 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-07-17 01:49 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-07-17 01:49 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-07-17 01:47 - 2017-07-17 01:48 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Riot Games
2017-07-17 01:47 - 2017-07-17 01:47 - 31876824 _____ (Riot Games) C:\Users\Christoph\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe
2017-07-15 20:20 - 2017-07-15 20:20 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Macromedia
2017-07-14 17:48 - 2017-07-14 17:53 - 00001424 _____ C:\Users\Christoph\Downloads\Malware.txt
2017-07-14 17:03 - 2017-07-14 17:03 - 00019515 _____ C:\Users\Christoph\Downloads\Addition.txt
2017-07-14 17:02 - 2017-07-19 00:58 - 00000000 ____D C:\FRST
2017-07-14 17:02 - 2017-07-14 17:34 - 00126703 _____ C:\Users\Christoph\Downloads\FRST.txt
2017-07-14 16:59 - 2017-07-14 16:59 - 02435584 _____ (Farbar) C:\Users\Christoph\Downloads\FRST64.exe
2017-07-14 16:33 - 2017-07-14 18:27 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2017-07-14 04:35 - 2017-07-14 04:38 - 330909696 _____ C:\Users\Christoph\Downloads\kav_rescue_10.iso
2017-07-14 04:16 - 2017-07-14 04:16 - 00001209 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-07-14 04:15 - 2017-07-14 04:15 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-14 04:14 - 2017-07-14 04:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-14 04:14 - 2017-07-14 04:15 - 00000000 ____D C:\ProgramData\Avira
2017-07-14 04:14 - 2017-07-14 04:14 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Avira
2017-07-14 04:14 - 2017-07-04 13:28 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2017-07-14 03:49 - 2017-07-14 04:17 - 00188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-14 03:48 - 2017-07-19 00:53 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-14 03:48 - 2017-07-19 00:53 - 00045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-14 03:48 - 2017-07-14 04:30 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-14 03:48 - 2017-07-14 04:17 - 00101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-14 03:48 - 2017-07-14 03:51 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-14 03:48 - 2017-07-14 03:48 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-14 03:48 - 2017-07-14 03:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-14 03:48 - 2017-07-14 03:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-14 03:48 - 2017-07-14 03:48 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-14 03:22 - 2017-07-14 03:20 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-07-12 11:31 - 2017-07-07 09:13 - 00554392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2017-07-12 11:31 - 2017-07-07 09:13 - 00336320 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2017-07-12 11:31 - 2017-07-07 08:57 - 00626528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-07-12 11:31 - 2017-07-07 08:57 - 00125344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-07-12 11:31 - 2017-07-07 08:39 - 01839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-07-12 11:31 - 2017-07-07 08:39 - 00096128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-07-12 11:31 - 2017-07-07 08:37 - 02259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-07-12 11:31 - 2017-07-07 08:31 - 05820984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-07-12 11:31 - 2017-07-07 08:31 - 01518088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-07-12 11:31 - 2017-07-07 08:31 - 00129184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-07-12 11:31 - 2017-07-07 08:30 - 02165752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-12 11:31 - 2017-07-07 08:30 - 00949920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2017-07-12 11:31 - 2017-07-07 08:30 - 00750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-07-12 11:31 - 2017-07-07 08:29 - 00349600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-12 11:31 - 2017-07-07 08:29 - 00123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll
2017-07-12 11:31 - 2017-07-07 08:27 - 06759512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 20373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 01529384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 01195240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 00988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-07-12 11:31 - 2017-07-07 08:25 - 00035232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininitext.dll
2017-07-12 11:31 - 2017-07-07 08:24 - 01517472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 11:31 - 2017-07-07 08:23 - 00583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-07-12 11:31 - 2017-07-07 08:14 - 02956800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-07-12 11:31 - 2017-07-07 08:14 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-07-12 11:31 - 2017-07-07 08:14 - 00790016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-07-12 11:31 - 2017-07-07 08:13 - 13839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 11:31 - 2017-07-07 08:12 - 02199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 11:31 - 2017-07-07 08:10 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-07-12 11:31 - 2017-07-07 08:10 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapprovp.dll
2017-07-12 11:31 - 2017-07-07 08:09 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-07-12 11:31 - 2017-07-07 08:07 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2017-07-12 11:31 - 2017-07-07 08:06 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 06728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 05719040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 05961216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 00506368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 00394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-07-12 11:31 - 2017-07-07 08:03 - 06123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-07-12 11:31 - 2017-07-07 08:03 - 00636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-07-12 11:31 - 2017-07-07 08:03 - 00446464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-07-12 11:31 - 2017-07-07 08:02 - 00952832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2017-07-12 11:31 - 2017-07-07 08:01 - 02859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 07596544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 05225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 02588160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 01565184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 01019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 04417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 01494016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 01355264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 00787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 04559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 02782720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 02298368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 11:31 - 2017-07-07 07:55 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2017-07-12 11:31 - 2017-07-07 07:55 - 00329216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-07-12 11:31 - 2017-07-07 07:53 - 01301504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-12 11:31 - 2017-07-07 07:53 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-12 11:31 - 2017-06-20 08:06 - 00279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-07-12 11:31 - 2017-06-20 07:34 - 00192416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-07-12 11:31 - 2017-06-20 07:15 - 00455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2017-07-12 11:31 - 2017-06-20 07:13 - 00787712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-12 11:31 - 2017-06-20 07:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2017-07-12 11:31 - 2017-06-20 07:09 - 00406032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2017-07-12 11:31 - 2017-06-20 07:08 - 04469840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-07-12 11:31 - 2017-06-20 07:07 - 02475136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-07-12 11:31 - 2017-06-20 07:07 - 00346016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 11:31 - 2017-06-20 07:07 - 00138656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 11:31 - 2017-06-20 07:06 - 00754592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-07-12 11:31 - 2017-06-20 07:06 - 00278944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-07-12 11:31 - 2017-06-20 07:05 - 00438096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 11:31 - 2017-06-20 07:05 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-12 11:31 - 2017-06-20 07:04 - 02330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 01178528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 01077496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 00181656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 00049656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2017-07-12 11:31 - 2017-06-20 07:03 - 05806048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-07-12 11:31 - 2017-06-20 07:03 - 00864240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-07-12 11:31 - 2017-06-20 07:03 - 00443728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2017-07-12 11:31 - 2017-06-20 07:02 - 03377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-12 11:31 - 2017-06-20 07:02 - 01121928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2017-07-12 11:31 - 2017-06-20 07:02 - 00354400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-07-12 11:31 - 2017-06-20 07:01 - 00176032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-07-12 11:31 - 2017-06-20 07:00 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-12 11:31 - 2017-06-20 06:49 - 00899072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2017-07-12 11:31 - 2017-06-20 06:49 - 00331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-07-12 11:31 - 2017-06-20 06:46 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 11:31 - 2017-06-20 06:45 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ClipboardServer.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certca.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00734208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-07-12 11:31 - 2017-06-20 06:41 - 00646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00433152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 11:31 - 2017-06-20 06:40 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 02814464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 02671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 00969728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2017-07-12 11:31 - 2017-06-20 06:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-12 11:31 - 2017-06-20 06:38 - 01451008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2017-07-12 11:31 - 2017-06-20 06:38 - 01285120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2017-07-12 11:31 - 2017-06-20 06:38 - 01171968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-07-12 11:31 - 2017-06-20 06:38 - 00648192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 11:31 - 2017-06-20 06:38 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-07-12 11:31 - 2017-06-20 06:36 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-07-12 11:31 - 2017-06-20 06:35 - 02679296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2017-07-12 11:31 - 2017-06-20 06:35 - 02132480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-12 11:31 - 2017-06-20 06:35 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 04056576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 02750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 02211328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 01492480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-07-12 11:31 - 2017-06-20 06:31 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-07-12 11:31 - 2017-06-20 06:30 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2017-07-12 11:31 - 2017-06-20 06:30 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-12 11:31 - 2017-06-20 06:30 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-07-12 11:31 - 2017-06-20 06:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2017-07-12 11:30 - 2017-07-07 16:00 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2017-07-12 11:30 - 2017-07-07 09:27 - 01147288 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-07-12 11:30 - 2017-07-07 09:27 - 01024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-07-12 11:30 - 2017-07-07 09:27 - 00965024 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2017-07-12 11:30 - 2017-07-07 09:27 - 00821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-07-12 11:30 - 2017-07-07 09:27 - 00750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-07-12 11:30 - 2017-07-07 09:26 - 01065104 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-07-12 11:30 - 2017-07-07 09:25 - 00899824 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-07-12 11:30 - 2017-07-07 09:24 - 00117664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2017-07-12 11:30 - 2017-07-07 09:23 - 02399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-07-12 11:30 - 2017-07-07 09:22 - 08318880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-07-12 11:30 - 2017-07-07 09:22 - 01186464 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-07-12 11:30 - 2017-07-07 09:22 - 00119384 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-07-12 11:30 - 2017-07-07 09:21 - 32688336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2017-07-12 11:30 - 2017-07-07 09:21 - 02969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-07-12 11:30 - 2017-07-07 09:20 - 02021680 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-07-12 11:30 - 2017-07-07 09:20 - 00923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-07-12 11:30 - 2017-07-07 09:20 - 00519584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-12 11:30 - 2017-07-07 09:20 - 00382368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-07-12 11:30 - 2017-07-07 09:17 - 01017760 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2017-07-12 11:30 - 2017-07-07 09:15 - 02444696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-12 11:30 - 2017-07-07 09:14 - 07325584 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-07-12 11:30 - 2017-07-07 09:14 - 05477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 11:30 - 2017-07-07 09:14 - 01760264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-07-12 11:30 - 2017-07-07 09:14 - 01171032 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2017-07-12 11:30 - 2017-07-07 09:13 - 00872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-07-12 11:30 - 2017-07-07 09:13 - 00147800 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll
2017-07-12 11:30 - 2017-07-07 09:12 - 00411040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-12 11:30 - 2017-07-07 09:12 - 00318232 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-07-12 11:30 - 2017-07-07 09:12 - 00228256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-12 11:30 - 2017-07-07 09:11 - 07904784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:30 - 2017-07-07 09:11 - 00094624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 21353208 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 01670496 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 01337848 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 01325968 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 00372128 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 00254168 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-07-12 11:30 - 2017-07-07 09:09 - 00041376 _____ (Microsoft Corporation) C:\Windows\system32\wininitext.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 02229152 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01854880 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01693600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01458584 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01100704 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00992672 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00848280 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00846752 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2017-07-12 11:30 - 2017-07-07 09:08 - 00844704 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00774560 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00699808 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00672672 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00506776 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00399264 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2017-07-12 11:30 - 2017-07-07 09:07 - 01106848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-12 11:30 - 2017-07-07 09:07 - 00058488 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-12 11:30 - 2017-07-07 08:40 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-07-12 11:30 - 2017-07-07 08:37 - 31652264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 11:30 - 2017-07-07 08:37 - 01339352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 03670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-07-12 11:30 - 2017-07-07 08:27 - 01640448 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\PerceptionSimulationExtensions.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00360960 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-07-12 11:30 - 2017-07-07 08:26 - 17364992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-07-12 11:30 - 2017-07-07 08:25 - 02199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 11:30 - 2017-07-07 08:24 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\eapprovp.dll
2017-07-12 11:30 - 2017-07-07 08:22 - 07931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-07-12 11:30 - 2017-07-07 08:22 - 00520704 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-07-12 11:30 - 2017-07-07 08:21 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2017-07-12 11:30 - 2017-07-07 08:21 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-07-12 11:30 - 2017-07-07 08:20 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-12 11:30 - 2017-07-07 08:20 - 08331264 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-07-12 11:30 - 2017-07-07 08:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 07149056 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 07336448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 01878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 01260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-07-12 11:30 - 2017-07-07 08:17 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00536064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2017-07-12 11:30 - 2017-07-07 08:16 - 12786176 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-12 11:30 - 2017-07-07 08:16 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-07-12 11:30 - 2017-07-07 08:16 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-07-12 11:30 - 2017-07-07 08:15 - 08238080 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-07-12 11:30 - 2017-07-07 08:15 - 00922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 08211968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 03784704 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2017-07-12 11:30 - 2017-07-07 08:14 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-07-12 11:30 - 2017-07-07 08:13 - 05892096 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-07-12 11:30 - 2017-07-07 08:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 04730880 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 03307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 02499584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 02055168 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-07-12 11:30 - 2017-07-07 08:12 - 01713664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01420800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01305088 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01142272 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 00706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-07-12 11:30 - 2017-07-07 08:11 - 03139584 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 02829824 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 02649600 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 02177024 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 00986112 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-07-12 11:30 - 2017-07-07 08:10 - 05557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-07-12 11:30 - 2017-07-07 08:10 - 04707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-12 11:30 - 2017-07-07 08:10 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-12 11:30 - 2017-07-07 08:09 - 20504576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-07-12 11:30 - 2017-07-07 08:08 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-12 11:30 - 2017-07-07 08:07 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-07-12 11:30 - 2017-07-07 08:07 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-07-12 11:30 - 2017-07-07 08:07 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-07-12 11:30 - 2017-07-07 08:06 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-07-12 11:30 - 2017-07-07 08:06 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\sensrsvc.dll
2017-07-12 11:30 - 2017-07-07 08:05 - 19335168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-12 11:30 - 2017-07-07 08:05 - 11870720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-12 11:30 - 2017-07-07 08:05 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-12 11:30 - 2017-07-07 08:04 - 01703424 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-12 11:30 - 2017-07-07 08:04 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-12 11:30 - 2017-07-07 08:04 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-07-12 11:30 - 2017-07-07 08:02 - 00508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2017-07-12 11:30 - 2017-07-07 08:01 - 06287360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-07-12 11:30 - 2017-07-07 07:59 - 03656704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-12 11:30 - 2017-07-02 00:52 - 00031932 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-07-12 11:30 - 2017-06-20 08:18 - 01564576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-12 11:30 - 2017-06-20 08:18 - 00096672 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-12 11:30 - 2017-06-20 08:17 - 00629152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00544160 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00334240 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00136096 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00034720 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-07-12 11:30 - 2017-06-20 08:16 - 01214880 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-12 11:30 - 2017-06-20 08:16 - 00335776 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-07-12 11:30 - 2017-06-20 08:15 - 00233376 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-12 11:30 - 2017-06-20 08:11 - 01395152 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-07-12 11:30 - 2017-06-20 08:11 - 00411992 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2017-07-12 11:30 - 2017-06-20 08:10 - 02327456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-12 11:30 - 2017-06-20 08:10 - 01930320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-07-12 11:30 - 2017-06-20 08:08 - 01242528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-07-12 11:30 - 2017-06-20 08:05 - 01057832 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-07-12 11:30 - 2017-06-20 08:04 - 04847424 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-07-12 11:30 - 2017-06-20 08:04 - 00472728 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2017-07-12 11:30 - 2017-06-20 08:03 - 00820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-07-12 11:30 - 2017-06-20 08:03 - 00179608 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-07-12 11:30 - 2017-06-20 08:03 - 00102312 _____ (Microsoft Corporation) C:\Windows\system32\CredentialUIBroker.exe
2017-07-12 11:30 - 2017-06-20 08:02 - 02645688 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-12 11:30 - 2017-06-20 08:02 - 01055648 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-07-12 11:30 - 2017-06-20 08:02 - 00426912 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-07-12 11:30 - 2017-06-20 08:00 - 00558920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-07-12 11:30 - 2017-06-20 08:00 - 00255904 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2017-07-12 11:30 - 2017-06-20 08:00 - 00142752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2017-07-12 11:30 - 2017-06-20 07:59 - 06554928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-07-12 11:30 - 2017-06-20 07:59 - 01220072 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2017-07-12 11:30 - 2017-06-20 07:59 - 01054280 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-07-12 11:30 - 2017-06-20 07:59 - 00583304 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-07-12 11:30 - 2017-06-20 07:59 - 00467504 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2017-07-12 11:30 - 2017-06-20 07:58 - 00833160 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2017-07-12 11:30 - 2017-06-20 07:58 - 00406072 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-07-12 11:30 - 2017-06-20 07:58 - 00203168 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-07-12 11:30 - 2017-06-20 07:57 - 02681760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-12 11:30 - 2017-06-20 07:57 - 00204192 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-07-12 11:30 - 2017-06-20 07:16 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2017-07-12 11:30 - 2017-06-20 07:16 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-07-12 11:30 - 2017-06-20 07:15 - 01620368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-07-12 11:30 - 2017-06-20 07:14 - 01150784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-07-12 11:30 - 2017-06-20 07:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys
2017-07-12 11:30 - 2017-06-20 07:13 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 11:30 - 2017-06-20 07:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2017-07-12 11:30 - 2017-06-20 07:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgr.dll
2017-07-12 11:30 - 2017-06-20 07:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2017-07-12 11:30 - 2017-06-20 07:12 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-07-12 11:30 - 2017-06-20 07:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2017-07-12 11:30 - 2017-06-20 07:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 11:30 - 2017-06-20 07:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-07-12 11:30 - 2017-06-20 07:11 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-07-12 11:30 - 2017-06-20 07:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00555008 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgrSvc.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2017-07-12 11:30 - 2017-06-20 07:09 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\ClipboardServer.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00791040 _____ (Microsoft Corporation) C:\Windows\system32\certca.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\LockHostingFramework.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00386560 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2017-07-12 11:30 - 2017-06-20 07:07 - 00823296 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2017-07-12 11:30 - 2017-06-20 07:07 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00411136 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00847872 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 04447744 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 01468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00873472 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2017-07-12 11:30 - 2017-06-20 07:05 - 00687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-07-12 11:30 - 2017-06-20 07:05 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-07-12 11:30 - 2017-06-20 07:05 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 01818624 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 01425920 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-07-12 11:30 - 2017-06-20 07:04 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00899072 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2017-07-12 11:30 - 2017-06-20 07:03 - 02077184 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-12 11:30 - 2017-06-20 07:03 - 01396224 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinAUG.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 04536320 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 04396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 03803136 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 03332096 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 01076736 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 00809984 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 00397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
         

Alt 19.07.2017, 00:04   #10
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



FRST.txt 2
Code:
ATTFilter
2017-07-12 11:30 - 2017-06-20 07:00 - 03057664 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-07-12 11:30 - 2017-06-20 07:00 - 02171392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-07-12 11:30 - 2017-06-20 06:59 - 02938880 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2017-07-12 11:30 - 2017-06-20 06:59 - 01674240 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-07-12 11:30 - 2017-06-20 06:59 - 01357824 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-07-12 11:30 - 2017-06-20 06:58 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-07-12 11:30 - 2017-06-20 06:57 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2017-07-12 11:30 - 2017-06-20 06:57 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll
2017-07-12 11:30 - 2017-06-20 06:56 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-07-12 11:30 - 2017-06-20 06:56 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2017-07-12 11:30 - 2017-06-20 06:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2017-07-12 11:30 - 2017-06-20 06:54 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\DmApiSetExtImplDesktop.dll
2017-07-12 11:30 - 2017-06-20 06:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-12 11:30 - 2017-06-20 06:43 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2017-07-12 11:30 - 2017-06-20 06:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-07-12 11:30 - 2017-06-20 06:43 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-12 11:30 - 2017-06-20 06:42 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-12 11:30 - 2017-06-20 06:42 - 00266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-12 11:30 - 2017-06-20 06:38 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-12 11:30 - 2017-06-20 06:37 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-08 19:55 - 2017-07-19 00:52 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-07-08 08:46 - 2017-07-08 08:46 - 00000000 ____D C:\Users\Christoph\AppData\Local\PeerDistRepub
2017-07-07 18:52 - 2017-07-07 18:52 - 00000000 ____D C:\Users\Christoph\Documents\BnS
2017-07-07 18:52 - 2017-07-07 18:52 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\NVIDIA
2017-07-07 15:58 - 2017-07-07 15:58 - 00002303 _____ C:\Users\Public\Desktop\Blade & Soul.lnk
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\NCWest
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-07-07 15:58 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-07-07 15:58 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-07-07 15:58 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-07-07 15:58 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2017-07-07 15:58 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2017-07-07 15:58 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2017-07-07 15:58 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2017-07-07 15:58 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2017-07-07 15:58 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2017-07-07 15:58 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2017-07-07 15:58 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2017-07-07 15:58 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-07-07 15:58 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-07-07 15:58 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2017-07-07 15:58 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2017-07-07 15:58 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2017-07-07 15:58 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2017-07-07 15:58 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2017-07-07 15:57 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2017-07-07 15:57 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-07-07 15:57 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2017-07-07 15:57 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2017-07-07 15:57 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2017-07-07 15:57 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2017-07-07 15:57 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2017-07-07 15:57 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-07-07 15:57 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2017-07-07 15:57 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2017-07-07 15:57 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2017-07-07 15:57 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2017-07-07 15:57 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2017-07-07 15:57 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2017-07-07 15:57 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2017-07-07 15:57 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2017-07-07 15:57 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-07-07 15:57 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-07-07 15:57 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2017-07-07 15:57 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-07-07 15:57 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2017-07-07 15:57 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2017-07-07 15:57 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2017-07-07 15:57 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2017-07-07 15:57 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2017-07-07 15:57 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2017-07-07 15:57 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2017-07-07 15:57 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2017-07-07 15:57 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2017-07-07 15:57 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2017-07-07 15:57 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2017-07-07 15:57 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2017-07-07 15:57 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2017-07-07 15:57 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2017-07-07 15:57 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2017-07-07 15:57 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2017-07-07 15:57 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-07-07 15:57 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-07-07 15:57 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-07-07 15:57 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-07-07 15:57 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-07-07 15:57 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-07-07 15:57 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2017-07-07 15:57 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2017-07-07 15:57 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2017-07-07 15:57 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2017-07-07 15:57 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-07-07 15:57 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-07-07 15:57 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-07-07 15:57 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2017-07-07 15:57 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2017-07-07 15:57 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2017-07-07 15:57 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2017-07-07 15:57 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2017-07-07 15:57 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2017-07-07 15:57 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-07-07 15:57 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2017-07-07 15:57 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2017-07-07 06:45 - 2017-07-07 06:53 - 00000000 ____D C:\Users\Christoph\AppData\Local\Google
2017-07-07 06:45 - 2017-07-07 06:45 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-07 06:45 - 2017-07-07 06:45 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-07 06:45 - 2017-07-07 06:45 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-07 06:45 - 2017-07-07 06:45 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-07 06:45 - 2017-07-07 06:45 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-06 19:29 - 2017-07-06 18:30 - 00000000 ____D C:\Windows\Panther
2017-07-06 18:58 - 2017-07-12 11:32 - 00000000 ____D C:\Windows\system32\MRT
2017-07-06 18:58 - 2017-07-12 11:31 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-06 18:58 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-07-06 18:58 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-07-06 18:58 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2017-07-06 18:58 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-07-06 18:58 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-07-06 18:58 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2017-07-06 18:58 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capauthz.dll
2017-07-06 18:58 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2017-07-06 18:58 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2017-07-06 18:58 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-07-06 18:58 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-07-06 18:58 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-07-06 18:58 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-06 18:58 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-06 18:58 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devicengccredprov.dll
2017-07-06 18:58 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-07-06 18:58 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-06 18:58 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-07-06 18:58 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-07-06 18:58 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-07-06 18:58 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-06 18:58 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-07-06 18:58 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-07-06 18:58 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-07-06 18:58 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-06 18:58 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-07-06 18:58 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-07-06 18:58 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-07-06 18:58 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-07-06 18:58 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-07-06 18:58 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2017-07-06 18:58 - 2017-05-20 10:26 - 00059904 _____ C:\Windows\SysWOW64\xboxgipsynthetic.dll
2017-07-06 18:58 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-07-06 18:58 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSMDesktopProvider.dll
2017-07-06 18:58 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-06 18:58 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2017-07-06 18:58 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2017-07-06 18:58 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DictationManager.dll
2017-07-06 18:58 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2017-07-06 18:58 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-07-06 18:58 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
2017-07-06 18:58 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-07-06 18:58 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-07-06 18:58 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-07-06 18:58 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2017-07-06 18:58 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-07-06 18:58 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-07-06 18:58 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-07-06 18:58 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSM.dll
2017-07-06 18:58 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RstrtMgr.dll
2017-07-06 18:58 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-07-06 18:58 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-07-06 18:58 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-07-06 18:58 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-07-06 18:58 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-07-06 18:58 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2017-07-06 18:58 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthSSO.dll
2017-07-06 18:58 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys
2017-07-06 18:58 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2017-07-06 18:58 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSaveExt.dll
2017-07-06 18:58 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe
2017-07-06 18:58 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2017-07-06 18:58 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-07-06 18:58 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-07-06 18:58 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-07-06 18:58 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-07-06 18:58 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-07-06 18:58 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2017-07-06 18:58 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-07-06 18:58 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2017-07-06 18:58 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-07-06 18:58 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2017-07-06 18:58 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2017-07-06 18:58 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2017-07-06 18:58 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2017-07-06 18:58 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2017-07-06 18:58 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Preview.dll
2017-07-06 18:58 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2017-07-06 18:58 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll
2017-07-06 18:58 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2017-07-06 18:58 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaserver.exe
2017-07-06 18:58 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2017-07-06 18:58 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll
2017-07-06 18:58 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2017-07-06 18:58 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-07-06 18:58 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-07-06 18:58 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2017-07-06 18:58 - 2017-04-01 02:28 - 00354360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-07-06 18:58 - 2017-04-01 02:04 - 00364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-07-06 18:58 - 2017-04-01 02:02 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-06 18:58 - 2017-04-01 02:01 - 00429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-07-06 18:58 - 2017-04-01 01:58 - 01506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-07-06 18:58 - 2017-04-01 01:56 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-07-06 18:58 - 2017-04-01 01:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-07-06 18:58 - 2017-04-01 01:52 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-07-06 18:57 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-07-06 18:57 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-07-06 18:57 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-07-06 18:57 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\Windows\system32\capauthz.dll
2017-07-06 18:57 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-07-06 18:57 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2017-07-06 18:57 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-07-06 18:57 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-06 18:57 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCredentialDeployment.exe
2017-07-06 18:57 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-06 18:57 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\devicengccredprov.dll
2017-07-06 18:57 - 2017-06-03 11:07 - 00778240 _____ C:\Windows\system32\MBR2GPT.EXE
2017-07-06 18:57 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2017-07-06 18:57 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-07-06 18:57 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-07-06 18:57 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2017-07-06 18:57 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-07-06 18:57 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-07-06 18:57 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-07-06 18:57 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-07-06 18:57 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2017-07-06 18:57 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2017-07-06 18:57 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-07-06 18:57 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-07-06 18:57 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-07-06 18:57 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-07-06 18:57 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2017-07-06 18:57 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2017-07-06 18:57 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-07-06 18:57 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-07-06 18:57 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-07-06 18:57 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-07-06 18:57 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-07-06 18:57 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-07-06 18:57 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-07-06 18:57 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-07-06 18:57 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-07-06 18:57 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-07-06 18:57 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-07-06 18:57 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\winsrvext.dll
2017-07-06 18:57 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys
2017-07-06 18:57 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2017-07-06 18:57 - 2017-05-20 08:08 - 00086016 _____ C:\Windows\system32\xboxgipsynthetic.dll
2017-07-06 18:57 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-07-06 18:57 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\Windows\system32\NPSMDesktopProvider.dll
2017-07-06 18:57 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.SharedPC.AccountManager.dll
2017-07-06 18:57 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2017-07-06 18:57 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\DictationManager.dll
2017-07-06 18:57 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Display.dll
2017-07-06 18:57 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2017-07-06 18:57 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\embeddedmodesvc.dll
2017-07-06 18:57 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\Windows\system32\XboxNetApiSvc.dll
2017-07-06 18:57 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2017-07-06 18:57 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2017-07-06 18:57 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2017-07-06 18:57 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2017-07-06 18:57 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2017-07-06 18:57 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2017-07-06 18:57 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-07-06 18:57 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-07-06 18:57 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-07-06 18:57 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2017-07-06 18:57 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2017-07-06 18:57 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-07-06 18:57 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2017-07-06 18:57 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-07-06 18:57 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\NPSM.dll
2017-07-06 18:57 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-07-06 18:57 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-07-06 18:57 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2017-07-06 18:57 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll
2017-07-06 18:57 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-07-06 18:57 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-07-06 18:57 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-07-06 18:57 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-07-06 18:57 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-07-06 18:57 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-06 18:57 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-06 18:57 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2017-07-06 18:57 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2017-07-06 18:57 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-06 18:57 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-07-06 18:57 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-07-06 18:57 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-07-06 18:57 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-07-06 18:57 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-07-06 18:57 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-07-06 18:57 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2017-07-06 18:57 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2017-07-06 18:57 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2017-07-06 18:57 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2017-07-06 18:57 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2017-07-06 18:57 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-07-06 18:57 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2017-07-06 18:57 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-07-06 18:57 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-07-06 18:57 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-07-06 18:57 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-07-06 18:57 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2017-07-06 18:57 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2017-07-06 18:57 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2017-07-06 18:57 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2017-07-06 18:57 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2017-07-06 18:57 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\mmgaserver.exe
2017-07-06 18:57 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-07-06 18:57 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-07-06 18:57 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-07-06 18:57 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2017-07-06 18:57 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2017-07-06 18:57 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2017-07-06 18:57 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-07-06 18:57 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-06 18:57 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-07-06 18:57 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2017-07-06 18:57 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2017-07-06 18:57 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-06 18:57 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-07-06 18:57 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-07-06 18:57 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-07-06 18:57 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2017-07-06 18:57 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-06 18:57 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-06 18:57 - 2017-04-01 02:52 - 00409504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-06 18:57 - 2017-04-01 01:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2017-07-06 18:57 - 2017-04-01 01:55 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2017-07-06 18:57 - 2017-04-01 01:50 - 01657344 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-07-06 18:57 - 2017-04-01 01:50 - 01605632 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-07-06 18:57 - 2017-04-01 01:45 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-07-06 18:57 - 2017-04-01 01:44 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-07-06 18:51 - 2017-07-06 18:51 - 00000000 ____D C:\Users\Christoph\AppData\Local\Comms
2017-07-06 18:40 - 2017-07-06 18:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-07-06 18:40 - 2017-07-06 18:40 - 00000000 ____D C:\ProgramData\USOShared
2017-07-06 18:39 - 2017-07-19 00:53 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-06 18:39 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-06 18:39 - 2017-05-19 18:07 - 00521816 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-07-06 18:39 - 2017-05-01 22:52 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-07-06 18:39 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-07-06 18:39 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-07-06 18:39 - 2017-04-25 23:11 - 07944687 _____ C:\Windows\system32\nvcoproc.bin
2017-07-06 18:39 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-07-06 18:39 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-07-06 18:39 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-07-06 18:39 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-07-06 18:38 - 2017-07-14 04:15 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-06 18:37 - 2017-07-06 18:37 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Skype
2017-07-06 18:37 - 2017-07-06 18:37 - 00000000 ____D C:\Users\Christoph\AppData\Local\MicrosoftEdge
2017-07-06 18:36 - 2017-07-19 00:57 - 02428324 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-06 18:36 - 2017-07-06 18:37 - 00003298 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-06 18:36 - 2017-07-06 18:37 - 00002395 _____ C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-06 18:36 - 2017-07-06 18:37 - 00000000 ___RD C:\Users\Christoph\OneDrive
2017-07-06 18:36 - 2017-07-06 18:36 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-06 18:35 - 2017-07-12 23:01 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-06 18:35 - 2017-07-06 19:41 - 00000000 ____D C:\Users\Christoph\AppData\Local\Packages
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Adobe
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\VirtualStore
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\TileDataLayer
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\Publishers
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\ConnectedDevicesPlatform
2017-07-06 18:34 - 2017-07-17 12:57 - 00000000 ____D C:\Users\Christoph
2017-07-06 18:34 - 2017-07-06 18:34 - 00000020 ___SH C:\Users\Christoph\ntuser.ini
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Vorlagen
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Startmenü
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Netzwerkumgebung
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Lokale Einstellungen
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Eigene Dateien
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Druckumgebung
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Documents\Eigene Videos
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Documents\Eigene Musik
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Documents\Eigene Bilder
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\AppData\Local\Verlauf
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\AppData\Local\Anwendungsdaten
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Anwendungsdaten
2017-07-06 18:33 - 2017-07-06 18:33 - 00000000 ____D C:\Windows\CSC
2017-07-06 18:33 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Vorlagen
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Startmenü
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Dokumente
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Dokumente und Einstellungen
2017-07-06 18:30 - 2017-07-19 00:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-06 18:30 - 2017-07-06 18:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-07-06 18:29 - 2017-07-18 12:52 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-06 18:29 - 2017-07-12 22:57 - 00217120 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-06 18:29 - 2017-07-06 18:29 - 00000000 ____D C:\Windows\ServiceProfiles

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-19 00:57 - 2017-03-20 06:41 - 01112608 _____ C:\Windows\system32\perfh007.dat
2017-07-19 00:57 - 2017-03-20 06:41 - 00251578 _____ C:\Windows\system32\perfc007.dat
2017-07-19 00:53 - 2017-03-18 13:40 - 00786432 _____ C:\Windows\system32\config\BBI
2017-07-18 23:18 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-18 23:18 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\AppReadiness
2017-07-17 23:33 - 2017-03-18 22:51 - 00000000 ____D C:\Windows\CbsTemp
2017-07-17 01:50 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-07-17 01:50 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\MUI
2017-07-17 01:50 - 2017-03-18 23:01 - 00000000 ____D C:\Windows\INF
2017-07-13 23:31 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\rescache
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___SD C:\Windows\system32\F12
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\oobe
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\migwiz
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\ShellExperiences
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-07 06:45 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\appcompat
2017-07-06 19:29 - 2017-03-18 23:03 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\Provisioning
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-07-06 19:01 - 2017-03-18 13:40 - 00000000 ____D C:\Windows\system32\Dism
2017-07-06 18:40 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-07-06 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\Help
2017-07-06 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2017-07-06 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\spool
2017-07-06 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-07-06 18:31 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-06 18:31 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-07-06 18:30 - 2017-03-20 06:43 - 00000000 ____D C:\Windows\HoloShell
2017-07-06 18:30 - 2017-03-18 23:03 - 00000000 ___RD C:\Windows\PrintDialog
2017-07-06 18:30 - 2017-03-18 23:03 - 00000000 ___RD C:\Windows\MiracastView
2017-07-06 18:30 - 2017-03-18 13:40 - 00032768 _____ C:\Windows\system32\config\ELAM
2017-07-06 18:30 - 2017-03-18 13:40 - 00000000 ____D C:\Windows\system32\Sysprep
2017-06-30 16:47 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:47 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Einige Dateien in TEMP:
====================
2017-07-07 18:52 - 2017-07-19 00:21 - 0000019 _____ () C:\Users\Christoph\AppData\Local\Temp\266506078ac6d39ec955152eb3f5d00c.dll
2017-07-07 18:52 - 2017-07-19 00:46 - 0000000 _____ () C:\Users\Christoph\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll
2017-07-14 03:27 - 2017-07-14 03:27 - 0000000 ____D () C:\Users\Christoph\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-16 18:32

==================== Ende von FRST.txt ============================
         
Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2017
durchgeführt von Christoph (19-07-2017 00:58:36)
Gestartet von C:\Users\Christoph\Desktop
Windows 10 Pro Version 1703 (X64) (2017-07-06 16:31:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1995552849-4031116117-681190137-500 - Administrator - Disabled)
Christoph (S-1-5-21-1995552849-4031116117-681190137-1001 - Administrator - Enabled) => C:\Users\Christoph
DefaultAccount (S-1-5-21-1995552849-4031116117-681190137-503 - Limited - Disabled)
Gast (S-1-5-21-1995552849-4031116117-681190137-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Blade & Soul (HKLM-x32\...\{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1995552849-4031116117-681190137-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1995552849-4031116117-681190137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07192017005425317\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-04] (Avira Operations GmbH & Co. KG)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {24A57E97-BBED-40EC-9B65-194640448BA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-07] (Google Inc.)
Task: {73A55F35-FF27-4E3C-97B4-C49834CB8504} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-07] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-17 23:25 - 2017-07-17 23:25 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-17 23:25 - 2017-07-17 23:25 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-17 23:25 - 2017-07-17 23:25 - 43573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-17 23:25 - 2017-07-17 23:25 - 02435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 23:03 - 2017-03-18 23:01 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07192017005425285\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07192017005425302\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1995552849-4031116117-681190137-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1995552849-4031116117-681190137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07192017005425317\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{20659881-D8B9-4390-8770-AEA97072B1AC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{F12B876C-3ED5-43E6-87C5-BC555DFB4DEC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

14-07-2017 20:01:50 Geplanter Prüfpunkt
17-07-2017 01:48:50 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/14/2017 03:31:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.8.652, Zeitstempel: 0x55070df3
Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.8.652, Zeitstempel: 0x5507092a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000528b
ID des fehlerhaften Prozesses: 0xf9c
Startzeit der fehlerhaften Anwendung: 0x01d2fc40ec3b8881
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Avira\AntiVir Desktop\AVSCPLR.DLL
Berichtskennung: 0329fde4-e729-406d-b939-0807ebd60a25
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/12/2017 11:32:11 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (07/08/2017 07:07:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-50MUQLP)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/06/2017 07:25:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-50MUQLP)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/06/2017 06:59:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (07/06/2017 06:33:19 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Windows Defender-Status auf SECURITY_PRODUCT_STATE_ON.

Error: (07/06/2017 06:33:19 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Windows Defender-Status auf SECURITY_PRODUCT_STATE_ON.

Error: (07/06/2017 06:31:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x8024402C
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1


Systemfehler:
=============
Error: (07/19/2017 12:53:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/19/2017 12:52:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/19/2017 12:52:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/19/2017 12:52:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/19/2017 12:47:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/19/2017 12:21:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (07/19/2017 12:18:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/18/2017 10:10:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (07/17/2017 11:38:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (07/17/2017 10:05:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.


CodeIntegrity:
===================================
  Date: 2017-07-19 00:21:45.347
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-18 10:10:08.022
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-17 23:38:46.425
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-17 10:05:05.836
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-16 15:06:11.546
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-15 16:32:10.150
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-14 20:37:57.840
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-14 00:10:50.441
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-13 11:14:57.897
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-12 23:25:30.368
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 14%
Installierter physikalischer RAM: 16303.05 MB
Verfügbarer physikalischer RAM: 13929.14 MB
Summe virtueller Speicher: 18735.05 MB
Verfügbarer virtueller Speicher: 16286.49 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.33 GB) (Free:172.19 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.39 GB) (Free:929.54 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 6DDE38CD)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 19.07.2017, 09:01   #11
M-K-D-B
/// TB-Ausbilder
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



Servus,



wir kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.





Schritt 1
  • Kopiere den Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    CloseProcesses:
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.





Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.







Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

Alt 19.07.2017, 23:42   #12
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



FRST-fix

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2017
durchgeführt von Christoph (20-07-2017 00:10:57) Run:2
Gestartet von C:\Users\Christoph\Desktop
Geladene Profile: Christoph (Verfügbare Profile: Christoph)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5265512 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => -908755 B
Edge => 0 B
Chrome => 12710091 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 818 B
NetworkService => 0 B
Christoph => 20792 B

RecycleBin => 1266 B
EmptyTemp: => 22.6 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 00:10:58 ====
         


hitmanpro
Code:
ATTFilter
HitmanPro 3.7.20.286
www.hitmanpro.com

   Computer name . . . . : DESKTOP-50MUQLP
   Windows . . . . . . . : 10.0.0.15063.X64/8
   User name . . . . . . : DESKTOP-50MUQLP\Christoph
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-07-20 00:13:52
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 7s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 2

   Objects scanned . . . : 1.336.893
   Files scanned . . . . : 16.575
   Remnants scanned  . . : 264.099 files / 1.056.219 keys

Suspicious files ____________________________________________________________

   C:\Users\Christoph\Desktop\FRST64.exe
      Size . . . . . . . : 2.382.336 bytes
      Age  . . . . . . . : 1.0 days (2017-07-19 00:58:05)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 70CEDEBEB419B734436F839E9301CB8664D74E57A3FC8C419E27112FDDE006CD
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Christoph\Downloads\FRST64.exe
      Size . . . . . . . : 2.435.584 bytes
      Age  . . . . . . . : 5.3 days (2017-07-14 16:59:58)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4DAD5793331E5929780EF1DC79EB48F6D393490F347B632DAA7E5D53C50E5495
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -1.4s C:\Users\Christoph\Downloads\FRST64.exe
          2.4s C:\Users\Christoph\AppData\Local\Packages\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy\AC\Microsoft\
          2.4s C:\Users\Christoph\AppData\Local\Packages\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy\AC\Microsoft\Windows\
          2.4s C:\Users\Christoph\AppData\Local\Packages\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy\AC\Temp\NVIDIA Corporation\
          2.4s C:\Users\Christoph\AppData\Local\Packages\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy\AC\Temp\NVIDIA Corporation\NV_Cache\
          2.6s C:\Users\Christoph\AppData\Local\Packages\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy\AC\Temp\NVIDIA Corporation\NV_Cache\8df45857cdb2bfa66e99093a28831104_fce8395c8fd8a999_cdfd07f37ead1173_0_0.toc
          2.6s C:\Users\Christoph\AppData\Local\Packages\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy\AC\Temp\NVIDIA Corporation\NV_Cache\8df45857cdb2bfa66e99093a28831104_fce8395c8fd8a999_cdfd07f37ead1173_0_0.bin
         


ESET
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5914586b4fa3714ca26e84d213ffa2d1
# end=init
# utc_time=2017-07-19 10:16:33
# local_time=2017-07-20 12:16:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 34113
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5914586b4fa3714ca26e84d213ffa2d1
# end=updated
# utc_time=2017-07-19 10:18:20
# local_time=2017-07-20 12:18:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5914586b4fa3714ca26e84d213ffa2d1
# engine=34113
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-07-19 10:35:28
# local_time=2017-07-20 12:35:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 96 42342 1336014 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 10636724 0 0
# scanned=186535
# found=0
# cleaned=0
# scan_time=1027
         
Additon

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2017
durchgeführt von Christoph (20-07-2017 00:40:40)
Gestartet von C:\Users\Christoph\Desktop
Windows 10 Pro Version 1703 (X64) (2017-07-06 16:31:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1995552849-4031116117-681190137-500 - Administrator - Disabled)
Christoph (S-1-5-21-1995552849-4031116117-681190137-1001 - Administrator - Enabled) => C:\Users\Christoph
DefaultAccount (S-1-5-21-1995552849-4031116117-681190137-503 - Limited - Disabled)
Gast (S-1-5-21-1995552849-4031116117-681190137-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Blade & Soul (HKLM-x32\...\{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
League of Legends (HKLM-x32\...\{C56877FD-6BEB-4717-81B3-1254FA1FD7FC}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1995552849-4031116117-681190137-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA 3D Vision Treiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-04] (Avira Operations GmbH & Co. KG)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {24A57E97-BBED-40EC-9B65-194640448BA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-07] (Google Inc.)
Task: {73A55F35-FF27-4E3C-97B4-C49834CB8504} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-07] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-17 23:25 - 2017-07-17 23:25 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-17 23:25 - 2017-07-17 23:25 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-17 23:25 - 2017-07-17 23:25 - 43573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-17 23:25 - 2017-07-17 23:25 - 02435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-07 06:45 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-07-07 06:45 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-07-07 16:59 - 2017-07-07 16:59 - 54762496 _____ () C:\Program Files (x86)\NCSOFT\BnS\bin64\libcef.dll
2017-07-07 16:14 - 2017-07-07 16:14 - 02285056 _____ () C:\Program Files (x86)\NCSOFT\BnS\bin64\pathengine_x64.dll
2017-07-07 16:07 - 2017-07-07 16:07 - 02182656 _____ () C:\Program Files (x86)\NCSOFT\BnS\bin64\XmlReader_cl64.dll
2017-07-07 16:07 - 2017-07-07 16:07 - 00488800 _____ () C:\Program Files (x86)\NCSOFT\BnS\bin64\physxcudart64_20.dll
2017-07-07 16:14 - 2017-07-07 16:14 - 00334336 _____ () C:\Program Files (x86)\NCSOFT\BnS\bin64\OpenAL64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 23:03 - 2017-03-18 23:01 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1995552849-4031116117-681190137-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{20659881-D8B9-4390-8770-AEA97072B1AC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{F12B876C-3ED5-43E6-87C5-BC555DFB4DEC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Wiederherstellungspunkte =========================

14-07-2017 20:01:50 Geplanter Prüfpunkt
17-07-2017 01:48:50 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/20/2017 12:37:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (07/20/2017 12:37:10 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (07/20/2017 12:37:06 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (07/20/2017 12:17:13 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (07/20/2017 12:17:08 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (07/20/2017 12:16:31 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Christoph\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (07/20/2017 12:16:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Christoph\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (07/20/2017 12:16:18 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\christoph\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (07/20/2017 12:16:16 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Christoph\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.

Error: (07/19/2017 01:08:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x59079e96
Name des fehlerhaften Moduls: NvXDCore.dll_unloaded, Version: 8.17.13.8205, Zeitstempel: 0x59079dd9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000c1951
ID des fehlerhaften Prozesses: 0x6ac
Startzeit der fehlerhaften Anwendung: 0x01d30018a7829d12
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: NvXDCore.dll
Berichtskennung: 1a6c6964-6efc-4f80-84e5-023f224abf89
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (07/20/2017 12:31:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "xhunter1" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (07/20/2017 12:18:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/20/2017 12:18:13 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CHRIST~1\AppData\Local\Temp\ehdrv.sys

Error: (07/20/2017 12:18:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/20/2017 12:18:12 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CHRIST~1\AppData\Local\Temp\ehdrv.sys

Error: (07/20/2017 12:18:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/20/2017 12:18:12 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CHRIST~1\AppData\Local\Temp\ehdrv.sys

Error: (07/20/2017 12:17:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/20/2017 12:17:15 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CHRIST~1\AppData\Local\Temp\ehdrv.sys

Error: (07/20/2017 12:17:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.


CodeIntegrity:
===================================
  Date: 2017-07-20 00:31:44.791
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 10:52:03.164
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 01:06:34.410
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-19 00:21:45.347
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-18 10:10:08.022
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-17 23:38:46.425
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-17 10:05:05.836
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-16 15:06:11.546
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-15 16:32:10.150
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-07-14 20:37:57.840
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 16303.05 MB
Verfügbarer physikalischer RAM: 8407.11 MB
Summe virtueller Speicher: 18735.05 MB
Verfügbarer virtueller Speicher: 10998.41 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.33 GB) (Free:172.95 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.39 GB) (Free:929.54 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 6DDE38CD)

Partition: GPT.

==================== Ende von Addition.txt ============================
         


FRST.txt 1
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
durchgeführt von Christoph (Administrator) auf DESKTOP-50MUQLP (20-07-2017 00:40:22)
Gestartet von C:\Users\Christoph\Desktop
Geladene Profile: Christoph (Verfügbare Profile: Christoph)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NCSOFT Corporation) C:\Program Files (x86)\NCWest\NCLauncher\NCLauncherR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NCsoft) C:\Program Files (x86)\NCSOFT\BnS\bin64\Client.exe
(Wellbia.com Co., Ltd.) C:\Program Files (x86)\NCSOFT\BnS\bin64\XignCode\xcoronahost.xem
(Wellbia.com) C:\Program Files (x86)\NCSOFT\BnS\bin64\XignCode\xxd-0.xem
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-07-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1b8f203d-030c-4788-89c0-c634807a762b}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default [2017-07-20]
CHR Extension: (Google Präsentationen) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-07]
CHR Extension: (Google Docs) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-07]
CHR Extension: (Google Drive) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-07]
CHR Extension: (YouTube) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-07]
CHR Extension: (Google Tabellen) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-07]
CHR Extension: (Google Docs Offline) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-07]
CHR Extension: (AdBlock) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-20]
CHR Extension: (Sword Art Online 03 - 1920x1080) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiifanipcbimdhcjlepnolpifdpkbhdh [2017-07-08]
CHR Extension: (Disconnect) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2017-07-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-07]
CHR Extension: (Google Mail) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-07]
CHR Extension: (Chrome Media Router) - C:\Users\Christoph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-07-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [60920 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [167504 2017-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [164824 2017-07-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-07-04] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2017-07-04] (Avira Operations GmbH & Co. KG)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188352 2017-07-14] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-07-19] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-19] (Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2017-03-18] (Realtek Semiconductor Corporation                           )
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 sshid; C:\Windows\System32\drivers\sshid.sys [45896 2017-05-10] (SteelSeries ApS)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-20 00:40 - 2017-07-20 00:40 - 00010699 _____ C:\Users\Christoph\Desktop\FRST.txt
2017-07-20 00:16 - 2017-07-20 00:16 - 02870984 _____ (ESET) C:\Users\Christoph\Desktop\esetsmartinstaller_deu.exe
2017-07-20 00:16 - 2017-07-20 00:16 - 00000000 ____D C:\Program Files (x86)\ESET
2017-07-20 00:13 - 2017-07-20 00:15 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-20 00:13 - 2017-07-20 00:13 - 00000000 ____D C:\Program Files\HitmanPro
2017-07-20 00:12 - 2017-07-20 00:12 - 11584088 _____ (SurfRight B.V.) C:\Users\Christoph\Desktop\HitmanPro_x64.exe
2017-07-20 00:08 - 2017-07-20 00:10 - 00001144 _____ C:\Users\Christoph\Desktop\Fixlog.txt
2017-07-19 00:58 - 2017-07-19 00:58 - 02382336 _____ (Farbar) C:\Users\Christoph\Desktop\FRST64.exe
2017-07-19 00:55 - 2017-07-19 00:55 - 00001413 _____ C:\Users\Christoph\Desktop\mbam2.txt
2017-07-19 00:55 - 2017-07-19 00:55 - 00001412 _____ C:\Users\Christoph\Desktop\mbam.txt
2017-07-19 00:50 - 2017-07-19 00:52 - 00000000 ____D C:\AdwCleaner
2017-07-19 00:43 - 2017-07-19 00:43 - 08162248 _____ (Malwarebytes) C:\Users\Christoph\Desktop\adwcleaner_7.0.0.0.exe
2017-07-18 23:16 - 2017-07-18 23:51 - 00517164 _____ C:\TDSSKiller.3.1.0.15_18.07.2017_23.16.58_log.txt
2017-07-18 23:13 - 2017-07-18 23:16 - 00517130 _____ C:\TDSSKiller.3.1.0.15_18.07.2017_23.13.50_log.txt
2017-07-18 23:13 - 2017-07-18 23:13 - 00000562 _____ C:\TDSSKiller.3.1.0.15_18.07.2017_23.13.35_log.txt
2017-07-17 01:59 - 2017-07-17 01:59 - 00000000 ____D C:\Users\Christoph\Documents\League of Legends
2017-07-17 01:59 - 2017-07-17 01:59 - 00000000 ____D C:\Users\Christoph\AppData\Local\CEF
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files\MSBuild
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-07-17 01:50 - 2017-07-17 01:50 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-07-17 01:50 - 2017-02-10 11:26 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:26 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:26 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-07-17 01:50 - 2017-02-10 11:21 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:21 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-17 01:50 - 2017-02-10 11:21 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2017-07-17 01:49 - 2017-07-17 01:49 - 00000000 ____D C:\ProgramData\Riot Games
2017-07-17 01:49 - 2017-07-17 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-07-17 01:49 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-07-17 01:49 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-07-17 01:49 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-07-17 01:47 - 2017-07-17 01:48 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Riot Games
2017-07-17 01:47 - 2017-07-17 01:47 - 31876824 _____ (Riot Games) C:\Users\Christoph\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe
2017-07-15 20:20 - 2017-07-15 20:20 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Macromedia
2017-07-14 17:48 - 2017-07-14 17:53 - 00001424 _____ C:\Users\Christoph\Downloads\Malware.txt
2017-07-14 17:03 - 2017-07-14 17:03 - 00019515 _____ C:\Users\Christoph\Downloads\Addition.txt
2017-07-14 17:02 - 2017-07-20 00:40 - 00000000 ____D C:\FRST
2017-07-14 17:02 - 2017-07-14 17:34 - 00126703 _____ C:\Users\Christoph\Downloads\FRST.txt
2017-07-14 16:59 - 2017-07-14 16:59 - 02435584 _____ (Farbar) C:\Users\Christoph\Downloads\FRST64.exe
2017-07-14 16:33 - 2017-07-14 18:27 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2017-07-14 04:35 - 2017-07-14 04:38 - 330909696 _____ C:\Users\Christoph\Downloads\kav_rescue_10.iso
2017-07-14 04:16 - 2017-07-14 04:16 - 00001209 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-07-14 04:15 - 2017-07-14 04:15 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-14 04:14 - 2017-07-14 04:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-14 04:14 - 2017-07-14 04:15 - 00000000 ____D C:\ProgramData\Avira
2017-07-14 04:14 - 2017-07-14 04:14 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Avira
2017-07-14 04:14 - 2017-07-04 13:28 - 00167504 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00164824 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00060920 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2017-07-14 04:14 - 2017-07-04 13:28 - 00038048 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2017-07-14 03:49 - 2017-07-14 04:17 - 00188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-07-14 03:48 - 2017-07-19 00:53 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-14 03:48 - 2017-07-19 00:53 - 00045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-07-14 03:48 - 2017-07-14 04:30 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-07-14 03:48 - 2017-07-14 04:17 - 00101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-07-14 03:48 - 2017-07-14 03:51 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-07-14 03:48 - 2017-07-14 03:48 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-14 03:48 - 2017-07-14 03:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-14 03:48 - 2017-07-14 03:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-14 03:48 - 2017-07-14 03:48 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-14 03:22 - 2017-07-14 03:20 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-07-12 11:31 - 2017-07-07 09:13 - 00554392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2017-07-12 11:31 - 2017-07-07 09:13 - 00336320 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2017-07-12 11:31 - 2017-07-07 08:57 - 00626528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-07-12 11:31 - 2017-07-07 08:57 - 00125344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-07-12 11:31 - 2017-07-07 08:39 - 01839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-07-12 11:31 - 2017-07-07 08:39 - 00096128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-07-12 11:31 - 2017-07-07 08:37 - 02259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-07-12 11:31 - 2017-07-07 08:31 - 05820984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-07-12 11:31 - 2017-07-07 08:31 - 01518088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-07-12 11:31 - 2017-07-07 08:31 - 00129184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-07-12 11:31 - 2017-07-07 08:30 - 02165752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-12 11:31 - 2017-07-07 08:30 - 00949920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2017-07-12 11:31 - 2017-07-07 08:30 - 00750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-07-12 11:31 - 2017-07-07 08:29 - 00349600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-12 11:31 - 2017-07-07 08:29 - 00123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll
2017-07-12 11:31 - 2017-07-07 08:27 - 06759512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 20373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 01529384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 01195240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-07-12 11:31 - 2017-07-07 08:26 - 00988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-07-12 11:31 - 2017-07-07 08:25 - 00035232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininitext.dll
2017-07-12 11:31 - 2017-07-07 08:24 - 01517472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 11:31 - 2017-07-07 08:23 - 00583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-07-12 11:31 - 2017-07-07 08:14 - 02956800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-07-12 11:31 - 2017-07-07 08:14 - 01448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-07-12 11:31 - 2017-07-07 08:14 - 00790016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-07-12 11:31 - 2017-07-07 08:13 - 13839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 11:31 - 2017-07-07 08:12 - 02199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 11:31 - 2017-07-07 08:10 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-07-12 11:31 - 2017-07-07 08:10 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapprovp.dll
2017-07-12 11:31 - 2017-07-07 08:09 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-07-12 11:31 - 2017-07-07 08:07 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2017-07-12 11:31 - 2017-07-07 08:06 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 06728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 05719040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-07-12 11:31 - 2017-07-07 08:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 05961216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 00506368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-12 11:31 - 2017-07-07 08:04 - 00394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-07-12 11:31 - 2017-07-07 08:03 - 06123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-07-12 11:31 - 2017-07-07 08:03 - 00636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-07-12 11:31 - 2017-07-07 08:03 - 00446464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-07-12 11:31 - 2017-07-07 08:02 - 00952832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2017-07-12 11:31 - 2017-07-07 08:01 - 02859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 07596544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 05225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 02588160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 01565184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-07-12 11:31 - 2017-07-07 08:00 - 01019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 04417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 01494016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 01355264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-07-12 11:31 - 2017-07-07 07:59 - 00787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 04559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 02782720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 02298368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-07-12 11:31 - 2017-07-07 07:58 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 11:31 - 2017-07-07 07:55 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2017-07-12 11:31 - 2017-07-07 07:55 - 00329216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-07-12 11:31 - 2017-07-07 07:53 - 01301504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-12 11:31 - 2017-07-07 07:53 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-12 11:31 - 2017-06-20 08:06 - 00279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-07-12 11:31 - 2017-06-20 07:34 - 00192416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-07-12 11:31 - 2017-06-20 07:15 - 00455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2017-07-12 11:31 - 2017-06-20 07:13 - 00787712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-12 11:31 - 2017-06-20 07:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2017-07-12 11:31 - 2017-06-20 07:09 - 00406032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2017-07-12 11:31 - 2017-06-20 07:08 - 04469840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-07-12 11:31 - 2017-06-20 07:07 - 02475136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-07-12 11:31 - 2017-06-20 07:07 - 00346016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 11:31 - 2017-06-20 07:07 - 00138656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 11:31 - 2017-06-20 07:06 - 00754592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-07-12 11:31 - 2017-06-20 07:06 - 00278944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-07-12 11:31 - 2017-06-20 07:05 - 00438096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 11:31 - 2017-06-20 07:05 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-12 11:31 - 2017-06-20 07:04 - 02330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 01178528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 01077496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 00181656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-07-12 11:31 - 2017-06-20 07:04 - 00049656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2017-07-12 11:31 - 2017-06-20 07:03 - 05806048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-07-12 11:31 - 2017-06-20 07:03 - 00864240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-07-12 11:31 - 2017-06-20 07:03 - 00443728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2017-07-12 11:31 - 2017-06-20 07:02 - 03377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-12 11:31 - 2017-06-20 07:02 - 01121928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2017-07-12 11:31 - 2017-06-20 07:02 - 00354400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-07-12 11:31 - 2017-06-20 07:01 - 00176032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-07-12 11:31 - 2017-06-20 07:00 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-12 11:31 - 2017-06-20 06:49 - 00899072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2017-07-12 11:31 - 2017-06-20 06:49 - 00331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-07-12 11:31 - 2017-06-20 06:46 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 11:31 - 2017-06-20 06:45 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ClipboardServer.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-07-12 11:31 - 2017-06-20 06:43 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certca.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00387584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-07-12 11:31 - 2017-06-20 06:42 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00734208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2017-07-12 11:31 - 2017-06-20 06:41 - 00646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00433152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 11:31 - 2017-06-20 06:41 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 11:31 - 2017-06-20 06:40 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-07-12 11:31 - 2017-06-20 06:40 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 02814464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 02671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 00969728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2017-07-12 11:31 - 2017-06-20 06:39 - 00471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2017-07-12 11:31 - 2017-06-20 06:39 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-12 11:31 - 2017-06-20 06:38 - 01451008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2017-07-12 11:31 - 2017-06-20 06:38 - 01285120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2017-07-12 11:31 - 2017-06-20 06:38 - 01171968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-07-12 11:31 - 2017-06-20 06:38 - 00648192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 11:31 - 2017-06-20 06:38 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-07-12 11:31 - 2017-06-20 06:36 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-07-12 11:31 - 2017-06-20 06:35 - 02679296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2017-07-12 11:31 - 2017-06-20 06:35 - 02132480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-12 11:31 - 2017-06-20 06:35 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 04056576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 02750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 02211328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 01492480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 11:31 - 2017-06-20 06:34 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-07-12 11:31 - 2017-06-20 06:31 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-07-12 11:31 - 2017-06-20 06:30 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2017-07-12 11:31 - 2017-06-20 06:30 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-12 11:31 - 2017-06-20 06:30 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-07-12 11:31 - 2017-06-20 06:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2017-07-12 11:30 - 2017-07-07 16:00 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2017-07-12 11:30 - 2017-07-07 09:27 - 01147288 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-07-12 11:30 - 2017-07-07 09:27 - 01024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-07-12 11:30 - 2017-07-07 09:27 - 00965024 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2017-07-12 11:30 - 2017-07-07 09:27 - 00821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-07-12 11:30 - 2017-07-07 09:27 - 00750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-07-12 11:30 - 2017-07-07 09:26 - 01065104 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-07-12 11:30 - 2017-07-07 09:25 - 00899824 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-07-12 11:30 - 2017-07-07 09:24 - 00117664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2017-07-12 11:30 - 2017-07-07 09:23 - 02399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-07-12 11:30 - 2017-07-07 09:22 - 08318880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-07-12 11:30 - 2017-07-07 09:22 - 01186464 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-07-12 11:30 - 2017-07-07 09:22 - 00119384 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-07-12 11:30 - 2017-07-07 09:21 - 32688336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll
2017-07-12 11:30 - 2017-07-07 09:21 - 02969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-07-12 11:30 - 2017-07-07 09:20 - 02021680 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-07-12 11:30 - 2017-07-07 09:20 - 00923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-07-12 11:30 - 2017-07-07 09:20 - 00519584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-12 11:30 - 2017-07-07 09:20 - 00382368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-07-12 11:30 - 2017-07-07 09:17 - 01017760 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2017-07-12 11:30 - 2017-07-07 09:15 - 02444696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-12 11:30 - 2017-07-07 09:14 - 07325584 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-07-12 11:30 - 2017-07-07 09:14 - 05477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 11:30 - 2017-07-07 09:14 - 01760264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-07-12 11:30 - 2017-07-07 09:14 - 01171032 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2017-07-12 11:30 - 2017-07-07 09:13 - 00872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-07-12 11:30 - 2017-07-07 09:13 - 00147800 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll
2017-07-12 11:30 - 2017-07-07 09:12 - 00411040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-12 11:30 - 2017-07-07 09:12 - 00318232 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-07-12 11:30 - 2017-07-07 09:12 - 00228256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-12 11:30 - 2017-07-07 09:11 - 07904784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:30 - 2017-07-07 09:11 - 00094624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 21353208 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 01670496 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 01337848 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 01325968 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 00372128 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-07-12 11:30 - 2017-07-07 09:10 - 00254168 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-07-12 11:30 - 2017-07-07 09:09 - 00041376 _____ (Microsoft Corporation) C:\Windows\system32\wininitext.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 02229152 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01854880 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01693600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01458584 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 01100704 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00992672 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00848280 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00846752 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2017-07-12 11:30 - 2017-07-07 09:08 - 00844704 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00774560 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00699808 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00672672 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00506776 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2017-07-12 11:30 - 2017-07-07 09:08 - 00399264 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2017-07-12 11:30 - 2017-07-07 09:07 - 01106848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-12 11:30 - 2017-07-07 09:07 - 00058488 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-12 11:30 - 2017-07-07 08:40 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-07-12 11:30 - 2017-07-07 08:37 - 31652264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 11:30 - 2017-07-07 08:37 - 01339352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 03670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-07-12 11:30 - 2017-07-07 08:27 - 01640448 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\PerceptionSimulationExtensions.dll
2017-07-12 11:30 - 2017-07-07 08:27 - 00360960 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-07-12 11:30 - 2017-07-07 08:26 - 17364992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-07-12 11:30 - 2017-07-07 08:25 - 02199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 11:30 - 2017-07-07 08:24 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-12 11:30 - 2017-07-07 08:23 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\eapprovp.dll
2017-07-12 11:30 - 2017-07-07 08:22 - 07931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-07-12 11:30 - 2017-07-07 08:22 - 00520704 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-07-12 11:30 - 2017-07-07 08:21 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2017-07-12 11:30 - 2017-07-07 08:21 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-07-12 11:30 - 2017-07-07 08:20 - 23681536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-12 11:30 - 2017-07-07 08:20 - 08331264 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-07-12 11:30 - 2017-07-07 08:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 07149056 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-07-12 11:30 - 2017-07-07 08:19 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 07336448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-12 11:30 - 2017-07-07 08:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 01878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 01260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-07-12 11:30 - 2017-07-07 08:17 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00536064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-07-12 11:30 - 2017-07-07 08:17 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2017-07-12 11:30 - 2017-07-07 08:16 - 12786176 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-12 11:30 - 2017-07-07 08:16 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-07-12 11:30 - 2017-07-07 08:16 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-07-12 11:30 - 2017-07-07 08:15 - 08238080 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-07-12 11:30 - 2017-07-07 08:15 - 00922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 08211968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 03784704 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-12 11:30 - 2017-07-07 08:14 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2017-07-12 11:30 - 2017-07-07 08:14 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-07-12 11:30 - 2017-07-07 08:13 - 05892096 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-07-12 11:30 - 2017-07-07 08:13 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 04730880 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 03307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 02499584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 02055168 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-07-12 11:30 - 2017-07-07 08:12 - 01713664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01420800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01305088 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 01142272 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-07-12 11:30 - 2017-07-07 08:12 - 00706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-07-12 11:30 - 2017-07-07 08:11 - 03139584 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 02829824 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 02649600 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 02177024 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 00986112 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-12 11:30 - 2017-07-07 08:11 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-07-12 11:30 - 2017-07-07 08:10 - 05557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-07-12 11:30 - 2017-07-07 08:10 - 04707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-12 11:30 - 2017-07-07 08:10 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-12 11:30 - 2017-07-07 08:09 - 20504576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-07-12 11:30 - 2017-07-07 08:08 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-12 11:30 - 2017-07-07 08:07 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-07-12 11:30 - 2017-07-07 08:07 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-07-12 11:30 - 2017-07-07 08:07 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-07-12 11:30 - 2017-07-07 08:06 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-07-12 11:30 - 2017-07-07 08:06 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\sensrsvc.dll
2017-07-12 11:30 - 2017-07-07 08:05 - 19335168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-12 11:30 - 2017-07-07 08:05 - 11870720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-12 11:30 - 2017-07-07 08:05 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-12 11:30 - 2017-07-07 08:04 - 01703424 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-12 11:30 - 2017-07-07 08:04 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-12 11:30 - 2017-07-07 08:04 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-07-12 11:30 - 2017-07-07 08:02 - 00508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2017-07-12 11:30 - 2017-07-07 08:01 - 06287360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-07-12 11:30 - 2017-07-07 07:59 - 03656704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-12 11:30 - 2017-07-02 00:52 - 00031932 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-07-12 11:30 - 2017-06-20 08:18 - 01564576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-12 11:30 - 2017-06-20 08:18 - 00096672 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-12 11:30 - 2017-06-20 08:17 - 00629152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00544160 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00334240 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00136096 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-12 11:30 - 2017-06-20 08:17 - 00034720 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-07-12 11:30 - 2017-06-20 08:16 - 01214880 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-12 11:30 - 2017-06-20 08:16 - 00335776 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-07-12 11:30 - 2017-06-20 08:15 - 00233376 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-12 11:30 - 2017-06-20 08:11 - 01395152 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-07-12 11:30 - 2017-06-20 08:11 - 00411992 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2017-07-12 11:30 - 2017-06-20 08:10 - 02327456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-12 11:30 - 2017-06-20 08:10 - 01930320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-07-12 11:30 - 2017-06-20 08:08 - 01242528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-07-12 11:30 - 2017-06-20 08:05 - 01057832 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-07-12 11:30 - 2017-06-20 08:04 - 04847424 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-07-12 11:30 - 2017-06-20 08:04 - 00472728 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2017-07-12 11:30 - 2017-06-20 08:03 - 00820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-07-12 11:30 - 2017-06-20 08:03 - 00179608 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll
2017-07-12 11:30 - 2017-06-20 08:03 - 00102312 _____ (Microsoft Corporation) C:\Windows\system32\CredentialUIBroker.exe
2017-07-12 11:30 - 2017-06-20 08:02 - 02645688 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-12 11:30 - 2017-06-20 08:02 - 01055648 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-07-12 11:30 - 2017-06-20 08:02 - 00426912 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-07-12 11:30 - 2017-06-20 08:00 - 00558920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-07-12 11:30 - 2017-06-20 08:00 - 00255904 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2017-07-12 11:30 - 2017-06-20 08:00 - 00142752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2017-07-12 11:30 - 2017-06-20 07:59 - 06554928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-07-12 11:30 - 2017-06-20 07:59 - 01220072 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2017-07-12 11:30 - 2017-06-20 07:59 - 01054280 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-07-12 11:30 - 2017-06-20 07:59 - 00583304 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-07-12 11:30 - 2017-06-20 07:59 - 00467504 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2017-07-12 11:30 - 2017-06-20 07:58 - 00833160 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2017-07-12 11:30 - 2017-06-20 07:58 - 00406072 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-07-12 11:30 - 2017-06-20 07:58 - 00203168 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2017-07-12 11:30 - 2017-06-20 07:57 - 02681760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-12 11:30 - 2017-06-20 07:57 - 00204192 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-07-12 11:30 - 2017-06-20 07:16 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2017-07-12 11:30 - 2017-06-20 07:16 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-07-12 11:30 - 2017-06-20 07:15 - 01620368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-07-12 11:30 - 2017-06-20 07:14 - 01150784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-07-12 11:30 - 2017-06-20 07:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys
2017-07-12 11:30 - 2017-06-20 07:13 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 11:30 - 2017-06-20 07:13 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2017-07-12 11:30 - 2017-06-20 07:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgr.dll
2017-07-12 11:30 - 2017-06-20 07:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModelOOBE.exe
2017-07-12 11:30 - 2017-06-20 07:12 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-07-12 11:30 - 2017-06-20 07:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2017-07-12 11:30 - 2017-06-20 07:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 11:30 - 2017-06-20 07:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-07-12 11:30 - 2017-06-20 07:11 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-07-12 11:30 - 2017-06-20 07:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2017-07-12 11:30 - 2017-06-20 07:10 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00555008 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgrSvc.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2017-07-12 11:30 - 2017-06-20 07:09 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\ClipboardServer.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2017-07-12 11:30 - 2017-06-20 07:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00791040 _____ (Microsoft Corporation) C:\Windows\system32\certca.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\LockHostingFramework.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00386560 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-12 11:30 - 2017-06-20 07:08 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2017-07-12 11:30 - 2017-06-20 07:07 - 00823296 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2017-07-12 11:30 - 2017-06-20 07:07 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2017-07-12 11:30 - 2017-06-20 07:07 - 00411136 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00847872 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-07-12 11:30 - 2017-06-20 07:06 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 04447744 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
         

Alt 19.07.2017, 23:44   #13
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



FRST.txt 2

Code:
ATTFilter
2017-07-12 11:30 - 2017-06-20 07:05 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 01468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00873472 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2017-07-12 11:30 - 2017-06-20 07:05 - 00687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-07-12 11:30 - 2017-06-20 07:05 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2017-07-12 11:30 - 2017-06-20 07:05 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-07-12 11:30 - 2017-06-20 07:05 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 01818624 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 01425920 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-07-12 11:30 - 2017-06-20 07:04 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00899072 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-07-12 11:30 - 2017-06-20 07:04 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2017-07-12 11:30 - 2017-06-20 07:03 - 02077184 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-12 11:30 - 2017-06-20 07:03 - 01396224 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-07-12 11:30 - 2017-06-20 07:02 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinAUG.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 04536320 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 04396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 03803136 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 03332096 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 01076736 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 00809984 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-07-12 11:30 - 2017-06-20 07:01 - 00397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2017-07-12 11:30 - 2017-06-20 07:00 - 03057664 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-07-12 11:30 - 2017-06-20 07:00 - 02171392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-07-12 11:30 - 2017-06-20 06:59 - 02938880 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2017-07-12 11:30 - 2017-06-20 06:59 - 01674240 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-07-12 11:30 - 2017-06-20 06:59 - 01357824 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-07-12 11:30 - 2017-06-20 06:58 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-07-12 11:30 - 2017-06-20 06:57 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2017-07-12 11:30 - 2017-06-20 06:57 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll
2017-07-12 11:30 - 2017-06-20 06:56 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-07-12 11:30 - 2017-06-20 06:56 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2017-07-12 11:30 - 2017-06-20 06:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2017-07-12 11:30 - 2017-06-20 06:54 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\DmApiSetExtImplDesktop.dll
2017-07-12 11:30 - 2017-06-20 06:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-12 11:30 - 2017-06-20 06:43 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2017-07-12 11:30 - 2017-06-20 06:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-07-12 11:30 - 2017-06-20 06:43 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-12 11:30 - 2017-06-20 06:42 - 00338432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-12 11:30 - 2017-06-20 06:42 - 00266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-12 11:30 - 2017-06-20 06:38 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-12 11:30 - 2017-06-20 06:37 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-08 19:55 - 2017-07-19 00:52 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-07-08 08:46 - 2017-07-08 08:46 - 00000000 ____D C:\Users\Christoph\AppData\Local\PeerDistRepub
2017-07-07 18:52 - 2017-07-07 18:52 - 00000000 ____D C:\Users\Christoph\Documents\BnS
2017-07-07 18:52 - 2017-07-07 18:52 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\NVIDIA
2017-07-07 15:58 - 2017-07-07 15:58 - 00002303 _____ C:\Users\Public\Desktop\Blade & Soul.lnk
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\NCWest
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2017-07-07 15:58 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2017-07-07 15:58 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2017-07-07 15:58 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-07-07 15:58 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2017-07-07 15:58 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2017-07-07 15:58 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2017-07-07 15:58 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2017-07-07 15:58 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2017-07-07 15:58 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-07-07 15:58 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-07-07 15:58 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-07-07 15:58 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-07-07 15:58 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-07-07 15:58 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-07-07 15:58 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2017-07-07 15:58 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2017-07-07 15:58 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2017-07-07 15:58 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2017-07-07 15:58 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2017-07-07 15:58 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2017-07-07 15:58 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2017-07-07 15:58 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2017-07-07 15:58 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-07-07 15:58 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-07-07 15:58 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2017-07-07 15:58 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2017-07-07 15:58 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2017-07-07 15:58 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2017-07-07 15:58 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2017-07-07 15:58 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2017-07-07 15:57 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2017-07-07 15:57 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2017-07-07 15:57 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-07-07 15:57 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2017-07-07 15:57 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2017-07-07 15:57 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2017-07-07 15:57 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2017-07-07 15:57 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2017-07-07 15:57 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2017-07-07 15:57 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-07-07 15:57 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2017-07-07 15:57 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2017-07-07 15:57 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2017-07-07 15:57 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2017-07-07 15:57 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2017-07-07 15:57 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2017-07-07 15:57 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2017-07-07 15:57 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2017-07-07 15:57 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2017-07-07 15:57 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2017-07-07 15:57 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-07-07 15:57 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-07-07 15:57 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2017-07-07 15:57 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2017-07-07 15:57 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-07-07 15:57 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2017-07-07 15:57 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2017-07-07 15:57 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2017-07-07 15:57 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2017-07-07 15:57 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2017-07-07 15:57 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2017-07-07 15:57 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2017-07-07 15:57 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2017-07-07 15:57 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2017-07-07 15:57 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2017-07-07 15:57 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2017-07-07 15:57 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2017-07-07 15:57 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2017-07-07 15:57 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2017-07-07 15:57 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2017-07-07 15:57 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2017-07-07 15:57 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2017-07-07 15:57 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-07-07 15:57 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-07-07 15:57 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-07-07 15:57 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-07-07 15:57 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-07-07 15:57 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-07-07 15:57 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2017-07-07 15:57 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2017-07-07 15:57 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2017-07-07 15:57 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2017-07-07 15:57 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-07-07 15:57 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-07-07 15:57 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-07-07 15:57 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2017-07-07 15:57 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2017-07-07 15:57 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2017-07-07 15:57 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2017-07-07 15:57 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2017-07-07 15:57 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2017-07-07 15:57 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-07-07 15:57 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2017-07-07 15:57 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2017-07-07 06:45 - 2017-07-07 06:53 - 00000000 ____D C:\Users\Christoph\AppData\Local\Google
2017-07-07 06:45 - 2017-07-07 06:45 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-07 06:45 - 2017-07-07 06:45 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-07 06:45 - 2017-07-07 06:45 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-07 06:45 - 2017-07-07 06:45 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-07 06:45 - 2017-07-07 06:45 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-06 19:29 - 2017-07-06 18:30 - 00000000 ____D C:\Windows\Panther
2017-07-06 18:58 - 2017-07-12 11:32 - 00000000 ____D C:\Windows\system32\MRT
2017-07-06 18:58 - 2017-07-12 11:31 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-06 18:58 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-07-06 18:58 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-07-06 18:58 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2017-07-06 18:58 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-07-06 18:58 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-07-06 18:58 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2017-07-06 18:58 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capauthz.dll
2017-07-06 18:58 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2017-07-06 18:58 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2017-07-06 18:58 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-07-06 18:58 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-07-06 18:58 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-07-06 18:58 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-07-06 18:58 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-06 18:58 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-06 18:58 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devicengccredprov.dll
2017-07-06 18:58 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-07-06 18:58 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-06 18:58 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-07-06 18:58 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-07-06 18:58 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-07-06 18:58 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-06 18:58 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-07-06 18:58 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-07-06 18:58 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-07-06 18:58 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-06 18:58 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-07-06 18:58 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-07-06 18:58 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-07-06 18:58 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-07-06 18:58 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-07-06 18:58 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2017-07-06 18:58 - 2017-05-20 10:26 - 00059904 _____ C:\Windows\SysWOW64\xboxgipsynthetic.dll
2017-07-06 18:58 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-07-06 18:58 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSMDesktopProvider.dll
2017-07-06 18:58 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-06 18:58 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2017-07-06 18:58 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2017-07-06 18:58 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DictationManager.dll
2017-07-06 18:58 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2017-07-06 18:58 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-07-06 18:58 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
2017-07-06 18:58 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-07-06 18:58 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-07-06 18:58 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-07-06 18:58 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2017-07-06 18:58 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-07-06 18:58 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-07-06 18:58 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-07-06 18:58 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSM.dll
2017-07-06 18:58 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RstrtMgr.dll
2017-07-06 18:58 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-07-06 18:58 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-07-06 18:58 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-07-06 18:58 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-07-06 18:58 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-07-06 18:58 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2017-07-06 18:58 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthSSO.dll
2017-07-06 18:58 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys
2017-07-06 18:58 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2017-07-06 18:58 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSaveExt.dll
2017-07-06 18:58 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe
2017-07-06 18:58 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2017-07-06 18:58 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-07-06 18:58 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-07-06 18:58 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-07-06 18:58 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-07-06 18:58 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-07-06 18:58 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2017-07-06 18:58 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-07-06 18:58 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2017-07-06 18:58 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-07-06 18:58 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2017-07-06 18:58 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2017-07-06 18:58 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2017-07-06 18:58 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2017-07-06 18:58 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2017-07-06 18:58 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Preview.dll
2017-07-06 18:58 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2017-07-06 18:58 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll
2017-07-06 18:58 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2017-07-06 18:58 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaserver.exe
2017-07-06 18:58 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2017-07-06 18:58 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll
2017-07-06 18:58 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2017-07-06 18:58 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-07-06 18:58 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-07-06 18:58 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2017-07-06 18:58 - 2017-04-01 02:28 - 00354360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2017-07-06 18:58 - 2017-04-01 02:04 - 00364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-07-06 18:58 - 2017-04-01 02:02 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-06 18:58 - 2017-04-01 02:01 - 00429568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-07-06 18:58 - 2017-04-01 01:58 - 01506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-07-06 18:58 - 2017-04-01 01:56 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-07-06 18:58 - 2017-04-01 01:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-07-06 18:58 - 2017-04-01 01:52 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-07-06 18:57 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-07-06 18:57 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-07-06 18:57 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-07-06 18:57 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\Windows\system32\capauthz.dll
2017-07-06 18:57 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-07-06 18:57 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2017-07-06 18:57 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-07-06 18:57 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-06 18:57 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCredentialDeployment.exe
2017-07-06 18:57 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-06 18:57 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\devicengccredprov.dll
2017-07-06 18:57 - 2017-06-03 11:07 - 00778240 _____ C:\Windows\system32\MBR2GPT.EXE
2017-07-06 18:57 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2017-07-06 18:57 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-07-06 18:57 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-07-06 18:57 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2017-07-06 18:57 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-07-06 18:57 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-07-06 18:57 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-07-06 18:57 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-07-06 18:57 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2017-07-06 18:57 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2017-07-06 18:57 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-07-06 18:57 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-07-06 18:57 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-07-06 18:57 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-07-06 18:57 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2017-07-06 18:57 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2017-07-06 18:57 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-07-06 18:57 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-07-06 18:57 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-07-06 18:57 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-07-06 18:57 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-07-06 18:57 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-07-06 18:57 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-07-06 18:57 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-07-06 18:57 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-07-06 18:57 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-07-06 18:57 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-07-06 18:57 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\winsrvext.dll
2017-07-06 18:57 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys
2017-07-06 18:57 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2017-07-06 18:57 - 2017-05-20 08:08 - 00086016 _____ C:\Windows\system32\xboxgipsynthetic.dll
2017-07-06 18:57 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-07-06 18:57 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\Windows\system32\NPSMDesktopProvider.dll
2017-07-06 18:57 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.SharedPC.AccountManager.dll
2017-07-06 18:57 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2017-07-06 18:57 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\DictationManager.dll
2017-07-06 18:57 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Display.dll
2017-07-06 18:57 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2017-07-06 18:57 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-07-06 18:57 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\embeddedmodesvc.dll
2017-07-06 18:57 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\Windows\system32\XboxNetApiSvc.dll
2017-07-06 18:57 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2017-07-06 18:57 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2017-07-06 18:57 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2017-07-06 18:57 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2017-07-06 18:57 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2017-07-06 18:57 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2017-07-06 18:57 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-07-06 18:57 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-07-06 18:57 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-07-06 18:57 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2017-07-06 18:57 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2017-07-06 18:57 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-07-06 18:57 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2017-07-06 18:57 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-07-06 18:57 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\NPSM.dll
2017-07-06 18:57 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-07-06 18:57 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-07-06 18:57 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2017-07-06 18:57 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll
2017-07-06 18:57 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-07-06 18:57 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-07-06 18:57 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-07-06 18:57 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-07-06 18:57 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-07-06 18:57 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-06 18:57 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-06 18:57 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2017-07-06 18:57 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2017-07-06 18:57 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-06 18:57 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-07-06 18:57 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-07-06 18:57 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-07-06 18:57 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-07-06 18:57 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.ps.dll
2017-07-06 18:57 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-07-06 18:57 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2017-07-06 18:57 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2017-07-06 18:57 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2017-07-06 18:57 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2017-07-06 18:57 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2017-07-06 18:57 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-07-06 18:57 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2017-07-06 18:57 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-07-06 18:57 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-07-06 18:57 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-07-06 18:57 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-07-06 18:57 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2017-07-06 18:57 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2017-07-06 18:57 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2017-07-06 18:57 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2017-07-06 18:57 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2017-07-06 18:57 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\mmgaserver.exe
2017-07-06 18:57 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-07-06 18:57 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-07-06 18:57 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-07-06 18:57 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2017-07-06 18:57 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2017-07-06 18:57 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2017-07-06 18:57 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-07-06 18:57 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-06 18:57 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-07-06 18:57 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2017-07-06 18:57 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2017-07-06 18:57 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-06 18:57 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-07-06 18:57 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-07-06 18:57 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-07-06 18:57 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2017-07-06 18:57 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-06 18:57 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-06 18:57 - 2017-04-01 02:52 - 00409504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-06 18:57 - 2017-04-01 01:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2017-07-06 18:57 - 2017-04-01 01:55 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2017-07-06 18:57 - 2017-04-01 01:50 - 01657344 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-07-06 18:57 - 2017-04-01 01:50 - 01605632 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-07-06 18:57 - 2017-04-01 01:45 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-07-06 18:57 - 2017-04-01 01:44 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-07-06 18:51 - 2017-07-06 18:51 - 00000000 ____D C:\Users\Christoph\AppData\Local\Comms
2017-07-06 18:40 - 2017-07-06 18:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-07-06 18:40 - 2017-07-06 18:40 - 00000000 ____D C:\ProgramData\USOShared
2017-07-06 18:39 - 2017-07-20 00:11 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-06 18:39 - 2017-07-07 15:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-07-06 18:39 - 2017-07-06 18:39 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-06 18:39 - 2017-05-19 18:07 - 00521816 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-07-06 18:39 - 2017-05-01 22:52 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-07-06 18:39 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-07-06 18:39 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-07-06 18:39 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-07-06 18:39 - 2017-04-25 23:11 - 07944687 _____ C:\Windows\system32\nvcoproc.bin
2017-07-06 18:39 - 2017-03-10 23:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-07-06 18:39 - 2017-03-10 23:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-07-06 18:39 - 2017-03-10 23:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-07-06 18:39 - 2017-03-10 23:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-07-06 18:38 - 2017-07-14 04:15 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-06 18:37 - 2017-07-06 18:37 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Skype
2017-07-06 18:37 - 2017-07-06 18:37 - 00000000 ____D C:\Users\Christoph\AppData\Local\MicrosoftEdge
2017-07-06 18:36 - 2017-07-20 00:16 - 02457514 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-06 18:36 - 2017-07-06 18:37 - 00003298 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-06 18:36 - 2017-07-06 18:37 - 00002395 _____ C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-06 18:36 - 2017-07-06 18:37 - 00000000 ___RD C:\Users\Christoph\OneDrive
2017-07-06 18:36 - 2017-07-06 18:36 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-06 18:35 - 2017-07-12 23:01 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-06 18:35 - 2017-07-06 19:41 - 00000000 ____D C:\Users\Christoph\AppData\Local\Packages
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Roaming\Adobe
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\VirtualStore
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\TileDataLayer
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\Publishers
2017-07-06 18:35 - 2017-07-06 18:35 - 00000000 ____D C:\Users\Christoph\AppData\Local\ConnectedDevicesPlatform
2017-07-06 18:34 - 2017-07-17 12:57 - 00000000 ____D C:\Users\Christoph
2017-07-06 18:34 - 2017-07-06 18:34 - 00000020 ___SH C:\Users\Christoph\ntuser.ini
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Vorlagen
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Startmenü
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Netzwerkumgebung
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Lokale Einstellungen
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Eigene Dateien
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Druckumgebung
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Documents\Eigene Videos
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Documents\Eigene Musik
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Documents\Eigene Bilder
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\AppData\Local\Verlauf
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\AppData\Local\Anwendungsdaten
2017-07-06 18:34 - 2017-07-06 18:34 - 00000000 _SHDL C:\Users\Christoph\Anwendungsdaten
2017-07-06 18:33 - 2017-07-06 18:33 - 00000000 ____D C:\Windows\CSC
2017-07-06 18:33 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Vorlagen
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Startmenü
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Dokumente
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-07-06 18:31 - 2017-07-06 18:31 - 00000000 _SHDL C:\Dokumente und Einstellungen
2017-07-06 18:30 - 2017-07-20 00:11 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-06 18:30 - 2017-07-06 18:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-07-06 18:29 - 2017-07-18 12:52 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-07-06 18:29 - 2017-07-12 22:57 - 00217120 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-06 18:29 - 2017-07-06 18:29 - 00000000 ____D C:\Windows\ServiceProfiles

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-20 00:16 - 2017-03-20 06:41 - 01128296 _____ C:\Windows\system32\perfh007.dat
2017-07-20 00:16 - 2017-03-20 06:41 - 00256096 _____ C:\Windows\system32\perfc007.dat
2017-07-20 00:12 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-20 00:12 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\AppReadiness
2017-07-20 00:11 - 2017-03-18 13:40 - 00786432 _____ C:\Windows\system32\config\BBI
2017-07-17 23:33 - 2017-03-18 22:51 - 00000000 ____D C:\Windows\CbsTemp
2017-07-17 01:50 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\SysWOW64\MUI
2017-07-17 01:50 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\MUI
2017-07-17 01:50 - 2017-03-18 23:01 - 00000000 ____D C:\Windows\INF
2017-07-13 23:31 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\rescache
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___SD C:\Windows\system32\F12
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\oobe
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\migwiz
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\ShellExperiences
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 13:03 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-07 06:45 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\appcompat
2017-07-06 19:29 - 2017-03-18 23:03 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\Provisioning
2017-07-06 19:01 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-07-06 19:01 - 2017-03-18 13:40 - 00000000 ____D C:\Windows\system32\Dism
2017-07-06 18:40 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-07-06 18:39 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\Help
2017-07-06 18:34 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2017-07-06 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\spool
2017-07-06 18:33 - 2017-03-18 23:03 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-07-06 18:31 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-06 18:31 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-07-06 18:30 - 2017-03-20 06:43 - 00000000 ____D C:\Windows\HoloShell
2017-07-06 18:30 - 2017-03-18 23:03 - 00000000 ___RD C:\Windows\PrintDialog
2017-07-06 18:30 - 2017-03-18 23:03 - 00000000 ___RD C:\Windows\MiracastView
2017-07-06 18:30 - 2017-03-18 13:40 - 00032768 _____ C:\Windows\system32\config\ELAM
2017-07-06 18:30 - 2017-03-18 13:40 - 00000000 ____D C:\Windows\system32\Sysprep
2017-06-30 16:47 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:47 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Einige Dateien in TEMP:
====================
2017-07-20 00:31 - 2017-07-20 00:31 - 0000088 _____ () C:\Users\Christoph\AppData\Local\Temp\266506078ac6d39ec955152eb3f5d00c.dll
2017-07-20 00:31 - 2017-07-20 00:39 - 0000000 _____ () C:\Users\Christoph\AppData\Local\Temp\3fc1552ba19ee3472398342b0fadfa41.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-16 18:32

==================== Ende von FRST.txt ============================
         
Hmm... Probleme hatte ich so ja nicht. War mir nur nicht sicher ob mein Rechner infiziert wurde.
Wobei heute Mittag als ich herunterfahren wollte, ist er automatisch neu gestartet. Mehrmals probiert. Einmal über Power-Schalter aus gemacht und an, dann ging das normale herunterfahren auch wieder. War nur komisch.

Alt 20.07.2017, 19:45   #14
M-K-D-B
/// TB-Ausbilder
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



Servus,






Reste entfernen
  • Kopiere den Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    CloseProcesses:
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!







Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...
Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.

Hinweise:
Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Cleanup
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
  • Starte deinen Rechner zum Abschluss neu auf.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen.






Virenscanner + Firewall
Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware.

Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird)

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen.
Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms.





Absicherungen
Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren.
Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen.

Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:

Optionale Browsererweiterungen
  • Adblock Plus oder uBlock Origin (Firefox - Chrome) - können Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren
  • NoScript - verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden.





Grundsätzliches
  • Ändere regelmäßig deine Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems. Genaueres dazu findest du unten im Lesestoff zu Backups.
  • Lade keine Software von Chip, Softonic, SourceForge oder VLC.de. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Lade Software von einem sauberen Portal wie oder direkt beim jeweiligen Hersteller / Entwickler.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne die Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten bis nicht belegbar. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht.
    Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.





Lesestoff:
Backup-/Image-Tools

Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), ansonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor "Verschlüsselungstrojanern" zu schützen.

Du solltest dich für eines der folgenden Programmen entscheiden und damit regelmäßig deine Daten sichern.

Option 1 - Drivesnapshot
Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64

Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe
Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe

Screenshots:
http://www.drivesnapshot.de/images/startup.png
http://www.drivesnapshot.de/images/save3.png




Option 2 - Seagate DiscWizard
Seagate DiscWizard - Download - Filepony

Screenshots:
http://filepony.de/screenshot/seagate_discwizard5.jpg
http://filepony.de/screenshot/seagate_discwizard4.png
http://filepony.de/screenshot/seagate_discwizard3.jpg




Option 3 - Acronis TrueImage WD Edition
Acronis True Image WD Edition - Download - Filepony

Screenshots:
http://filepony.de/screenshot/acroni...d_edition1.jpg
http://filepony.de/screenshot/acroni...d_edition2.jpg


Alt 21.07.2017, 01:31   #15
Chemani
 
Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Standard

Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2017
durchgeführt von Christoph (21-07-2017 02:25:15) Run:4
Gestartet von C:\Users\Christoph\Desktop
Geladene Profile: Christoph (Verfügbare Profile: Christoph)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5303457 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 12755484 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Christoph => 23246 B

RecycleBin => 0 B
EmptyTemp: => 23.5 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 02:25:16 ====
         
Ich werde jetzt noch die restlichen Schritte durchgehen und schauen was ich evtl. ändern sollte.
Kann also, wenn der letzte Log ok ist geschlossen werden. Vielen lieben Dank!

Antwort

Themen zu Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted
.dll, antivirus, avira, cpu, defender, explorer, fehlalarm, firewall, geld, helper, infiziert, internet, internet explorer, kaspersky, lizenz, neu, nvidia, opera, programme, registry, scan, software, tr/crypt.xpack.gen, windows, windowsapps, wmi



Ähnliche Themen: Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted


  1. Trojaner tr/crypt.xpack.gen3, Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 30.06.2015 (13)
  2. Trojaner tr/crypt.xpack.gen3, Windows Vista
    Alles rund um Windows - 16.06.2015 (1)
  3. TR/Crypt.XPACK.Gen3, Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (14)
  4. C:\WINDOWS\system32\MRT.exe = TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 06.06.2013 (24)
  5. TR/Crypt.XPACK.Gen, TR/Sirefef.BV.2, TR/Crypt.XPACK.Gen3, TR/PSW.Karagany.A.73
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (2)
  6. tr/crypt.xpack.gen3 in c:\windows\temp
    Log-Analyse und Auswertung - 02.06.2011 (11)
  7. W32/Induc.A, TR/Dropper.Gen, TR/Crypt.ZPACK.Gen, TR/Crypt.XPACK.Gen3 gefunden - wie entfernen
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (5)
  8. infizierung: TR/Crypt.XPACK.Gen3" in C:/Windows/Temp/...
    Mülltonne - 18.10.2010 (1)
  9. TR/Crypt.XPACK.Gen3 und TR/Dropper.Gen in C:\Windows\Temp\
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (4)
  10. TR/crypt.xpack.gen3 in Vista im Ordner c:\windows\temp\TMP....
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (8)
  11. TR/Crypt.XPACK.Gen3 - nach formatierung von C: TR/Crypt.XPACK.Gen2 gefunden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (9)
  12. TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (4)
  13. 'TR/Crypt.XPACK.Gen3' in C:\WINDOWS\Temp\TMP24.tmp
    Plagegeister aller Art und deren Bekämpfung - 09.10.2010 (1)
  14. Massenweise Viren werden in Windows/Temp erstellt (Tr/Crypt.xpack.Gen3+TR/Crypt.Pepn.Gen und andere)
    Plagegeister aller Art und deren Bekämpfung - 08.10.2010 (6)
  15. Problem mit TR/Crypt.XPACK.Gen3 auf Windows-XP !
    Plagegeister aller Art und deren Bekämpfung - 07.10.2010 (14)
  16. Befall mit TR/Crypt.XPACK.Gen und TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 21.09.2010 (23)
  17. TR/Crypt.XPACK.Gen und HIDDENEXT/Crypted
    Log-Analyse und Auswertung - 07.03.2009 (5)

Zum Thema Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted - Guten Abend zusammen, weiß gar nicht wie ich anfangen soll. Ich versuche mich kurz zu fassen. Möchte aber auch keine eventuell wichtigen Informationen auslassen. Ich spiele ein Online-Spiel (Blade&Soul) wo - Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted...
Archiv
Du betrachtest: Windows 10 Pro: TR/Crypt.XPACK.Gen3, TR/Crypt.XPACK.Gen, HIDDENEXT/Crypted auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.