| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-ThreadsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
14.05.2018, 14:55
| #1 |
 |  Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Und hier noch das vom FRST-Tool (hab das unter Admin noch mal frisch gemacht) FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12.05.2018
durchgeführt von Admin (Administrator) auf ADMIN-PC (14-05-2018 15:46:59)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin & marelro & (Verfügbare Profile: Admin & marelro & DefaultAppPool)
Platform: Windows 10 Pro Version 1709 16299.431 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Everything\Everything.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Scirocco Consultants Inc.) C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe
(Nextcloud GmbH) C:\Program Files (x86)\Nextcloud\nextcloud.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ESET spol. s r.o.) C:\Users\marelro\Downloads\esetonlinescanner_deu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Everything\Everything.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kerish Products) C:\Program Files (x86)\Kerish Doctor\KerishDoctor.exe
(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Scirocco Consultants Inc.) C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe
(Bartels Media GmbH) C:\Program Files (x86)\WordExpander\WordExpander.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe
() C:\Program Files\Everything\Everything.exe
(ESET spol. s r.o.) C:\Users\Admin\Downloads\Downloads\esetonlinescanner_deu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-12] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-05-04] (Dropbox, Inc.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4596904 2016-08-12] (Fitbit, Inc.)
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2014-10-24] (Sony Corporation)
HKLM-x32\...\Run: [GDataUsbProtection] => C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe [1412216 2014-09-05] (G Data Software AG)
HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2862312 2018-01-26] (1und1 Mail und Media GmbH)
HKLM-x32\...\RunOnce: [MailCheck IE Update] => C:\Program Files (x86)\Common Files\1&1 Mail & Media GmbH\MailCheck IE\Update\nsl117E.tmp\WEB.DE_MailCheck_IE_Update_2.7.2.0.exe [4173464 2018-04-28] (1&1 Mail & Media GmbH)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\Run: [TakeABreak] => C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe [925696 2012-08-01] (Scirocco Consultants Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\Run: [WordExpander] => C:\Program Files (x86)\WordExpander\WordExpander.exe [488448 2011-12-22] (Bartels Media GmbH)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4596904 2016-08-12] (Fitbit, Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\Run: [TakeABreak] => C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe [925696 2012-08-01] (Scirocco Consultants Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\Run: [WordExpander] => C:\Program Files (x86)\WordExpander\WordExpander.exe [488448 2011-12-22] (Bartels Media GmbH)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4596904 2016-08-12] (Fitbit, Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\Run: [TakeABreak] => C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe [925696 2012-08-01] (Scirocco Consultants Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\Run: [Nextcloud] => C:\Program Files (x86)\Nextcloud\nextcloud.exe [4604806 2017-11-20] (Nextcloud GmbH)
HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\Run: [TakeABreak] => C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe [925696 2012-08-01] (Scirocco Consultants Inc.)
HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\Run: [Nextcloud] => C:\Program Files (x86)\Nextcloud\nextcloud.exe [4604806 2017-11-20] (Nextcloud GmbH)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154057347\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b103b51a-61bb-4ebc-8364-f2d3e4cd28dc}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/tb/ie_startpage
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.web.de/tb/ie_startpage
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-2369424989-362787197-3549092213-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/?gws_rd=ssl
HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> DefaultScope {A1ACEAB6-04F0-4803-84F8-34D36B6FCB18} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> {1B6BEA53-C67C-4329-9F0F-DE874680E198} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> {4C3472AE-5D40-4315-A00E-D6113A4E0557} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> {A1ACEAB6-04F0-4803-84F8-34D36B6FCB18} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> {B4DD821A-7DA5-423C-B77D-FCAAFDD916A4} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> DefaultScope {A1ACEAB6-04F0-4803-84F8-34D36B6FCB18} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> {1B6BEA53-C67C-4329-9F0F-DE874680E198} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> {4C3472AE-5D40-4315-A00E-D6113A4E0557} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> {A1ACEAB6-04F0-4803-84F8-34D36B6FCB18} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> {B4DD821A-7DA5-423C-B77D-FCAAFDD916A4} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004 -> {6B866410-DBD1-477F-BB59-E3134350240B} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004 -> {6D3AC202-51B6-4E51-B36E-7D9F54D5C5D9} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004 -> {BE151D4D-A751-49F8-92B5-3C488857D889} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004 -> {D0D3503D-8EA8-4906-A1CA-4789D163BFF8} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949 -> {6B866410-DBD1-477F-BB59-E3134350240B} URL = hxxps://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949 -> {6D3AC202-51B6-4E51-B36E-7D9F54D5C5D9} URL = hxxps://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949 -> {BE151D4D-A751-49F8-92B5-3C488857D889} URL = hxxps://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949 -> {D0D3503D-8EA8-4906-A1CA-4789D163BFF8} URL = hxxps://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-15] (Oracle Corporation)
BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-04-30] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-15] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-30] (Microsoft Corporation)
BHO-x32: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-04-30] (Microsoft Corporation)
Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Toolbar: HKLM-x32 - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Toolbar: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Toolbar: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331 -> WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2018-01-26] (1und1 Mail und Media GmbH)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2369424989-362787197-3549092213-1000 -> hxxp://go.web.de/tb/ie_startpage
FireFox:
========
FF DefaultProfile: 9xuu7j7s.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default [2018-05-14]
FF Homepage: Mozilla\Firefox\Profiles\9xuu7j7s.default -> www.google.de
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2017-07-05]
FF Extension: (Textmarker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\Extensions\textMarker@underFlyingBirches.org.xpi [2018-05-13]
FF Extension: (uMatrix) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\Extensions\uMatrix@raymondhill.net.xpi [2018-05-10]
FF Extension: (Avast Online Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\Extensions\wrc@avast.com.xpi [2017-10-06]
FF Extension: (Video DownloadHelper) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-04-15]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\searchplugins\google-lavasoft.xml [2016-11-19]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\KompoZer\Profiles\6meji5zn.default [2017-04-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-11] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-15] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-11] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-25] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2014-10-24] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2018-05-14]
CHR Extension: (Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-18]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-18]
CHR Extension: (Full Page Screen Capture) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2018-05-14]
CHR Extension: (Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-18]
CHR Extension: (Plus for Trello (time track, reports, scrum)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjjpophepkbhejnglcmkdnncmaanojkf [2018-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-14]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-02] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-12] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-12] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8566448 2018-04-26] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-05-04] (Dropbox, Inc.)
R2 Everything; C:\Program Files\Everything\Everything.exe [2197608 2017-06-07] ()
S2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5911720 2016-08-12] (Fitbit, Inc.) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-10] (Microsoft Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2014-04-25] (Sony Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WEBDE_MailCheck_Update; C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Update.exe [593128 2018-01-26] (Pixality Computersysteme GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-05-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-10] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-10] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-10] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-10] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [234560 2018-05-12] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-05-12] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159120 2018-05-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111360 2018-05-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-05-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-05-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-05-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-05-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381552 2018-05-12] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-15] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
R3 GDKBBlocker; C:\WINDOWS\system32\drivers\GDKBBlocker64.sys [30720 2018-04-07] (G Data Software AG)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-11-23] (REALiX(tm))
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2017-05-17] (Highresolution Enterprises [www.highrez.co.uk])
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-05-14] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-05-14] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-05-14] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-14] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-05-14] (Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-29] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [828688 2018-04-15] (IDRIX)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-05-14 15:46 - 2018-05-14 15:47 - 000035161 _____ C:\Users\Admin\Desktop\FRST.txt
2018-05-14 15:41 - 2018-05-14 15:41 - 000001981 _____ C:\Users\Admin\Desktop\MBAM_Bericht_vom_1305.txt
2018-05-14 15:40 - 2018-05-14 15:40 - 000103648 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-05-14 15:40 - 2018-05-14 15:40 - 000011783 _____ C:\Users\Admin\Desktop\MBAM_Bericht_vom1205.txt
2018-05-14 15:39 - 2018-05-14 15:39 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-14 15:39 - 2018-05-14 15:39 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-05-14 15:39 - 2018-05-14 15:39 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-05-14 15:39 - 2018-05-14 15:39 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-05-14 14:09 - 2018-05-14 14:10 - 000094313 _____ C:\Users\marelro\Downloads\FRST.txt
2018-05-14 14:08 - 2018-05-14 15:46 - 000000000 ____D C:\FRST
2018-05-14 13:07 - 2018-05-14 13:07 - 002404864 _____ (Farbar) C:\Users\marelro\Downloads\FRST64.exe
2018-05-14 00:33 - 2018-05-14 00:34 - 002404864 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2018-05-13 22:28 - 2018-05-13 22:28 - 000000648 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1000.job
2018-05-13 22:28 - 2018-05-13 22:28 - 000000552 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1000.job
2018-05-13 21:50 - 2018-05-14 14:10 - 000063877 _____ C:\Users\marelro\Downloads\Addition.txt
2018-05-13 16:58 - 2018-05-13 16:58 - 000000000 ____D C:\Users\marelro\AppData\Local\ESET
2018-05-13 16:58 - 2018-05-13 16:58 - 000000000 ____D C:\Users\Admin\AppData\Local\ESET
2018-05-13 16:56 - 2018-05-13 16:56 - 006974584 _____ (ESET spol. s r.o.) C:\Users\marelro\Downloads\esetonlinescanner_deu.exe
2018-05-12 18:19 - 2018-05-01 23:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-12 18:19 - 2018-05-01 23:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-12 18:12 - 2018-05-12 18:12 - 000001249 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2018-05-12 18:12 - 2018-05-12 18:12 - 000000000 ____D C:\Users\Default\AppData\Roaming\Foxit Software
2018-05-12 18:12 - 2018-05-12 18:12 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Foxit Software
2018-05-12 13:49 - 2018-05-12 13:49 - 000001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-12 13:49 - 2018-05-12 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-12 13:49 - 2018-05-12 13:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-12 13:49 - 2018-05-12 13:49 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-12 13:49 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-05-12 13:48 - 2018-05-12 13:48 - 075086152 _____ (Malwarebytes ) C:\Users\marelro\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.365-1.0.5068.exe
2018-05-12 01:58 - 2018-05-12 01:58 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-05-12 01:51 - 2018-05-12 01:50 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000381552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000159120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000111360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-05-12 01:51 - 2018-05-12 01:50 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-05-12 01:51 - 2018-03-10 06:54 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-05-12 01:51 - 2018-03-10 06:54 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-05-12 01:51 - 2018-03-10 06:54 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-05-12 01:51 - 2018-03-10 06:54 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-05-12 01:50 - 2018-05-12 01:50 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-05-11 07:31 - 2018-05-11 07:31 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-11 07:31 - 2018-05-11 07:31 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-11 07:31 - 2018-05-11 07:31 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-11 07:31 - 2018-05-11 07:31 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-11 07:29 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-11 07:29 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-11 07:29 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-11 07:29 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-11 07:29 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-11 07:29 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-11 07:29 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-11 07:29 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-11 07:29 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-11 07:29 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-11 07:29 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-11 07:29 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-11 07:29 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-11 07:29 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-11 07:29 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-11 07:29 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-11 07:29 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-11 07:29 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-11 07:29 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-11 07:29 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-11 07:29 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-11 07:29 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-11 07:29 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-11 07:29 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-11 07:29 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-11 07:29 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-11 07:29 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-11 07:29 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-11 07:29 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-11 07:29 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-11 07:29 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-11 07:29 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-11 07:29 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-11 07:29 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-11 07:29 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-11 07:29 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-11 07:29 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-11 07:29 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-11 07:29 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-11 07:29 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-11 07:29 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-11 07:29 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-11 07:29 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-11 07:29 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-11 07:29 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-11 07:29 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-11 07:29 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-11 07:29 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-11 07:29 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-11 07:29 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-11 07:29 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-11 07:29 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-11 07:29 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-11 07:29 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-11 07:29 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-11 07:29 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-11 07:29 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-11 07:29 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-11 07:29 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-11 07:29 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-11 07:29 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-11 07:29 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-11 07:29 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-11 07:29 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-11 07:29 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-11 07:29 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-11 07:29 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-11 07:29 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-11 07:29 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-11 07:29 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-11 07:29 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-11 07:29 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-11 07:29 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-11 07:29 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-11 07:29 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-11 07:29 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-11 07:29 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-11 07:29 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-11 07:29 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-11 07:29 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-11 07:29 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-11 07:29 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-11 07:29 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-11 07:29 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-11 07:29 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-11 07:29 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-11 07:29 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-11 07:29 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-11 07:29 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-11 07:29 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-11 07:29 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-11 07:29 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-11 07:29 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-11 07:29 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-11 07:29 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-11 07:29 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-11 07:29 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-11 07:29 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-11 07:29 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-11 07:29 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-11 07:29 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-11 07:29 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-11 07:29 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-11 07:29 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-11 07:29 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-11 07:29 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-11 07:29 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-11 07:29 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-11 07:29 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-11 07:29 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-11 07:29 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-11 07:29 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-11 07:29 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-11 07:29 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-11 07:29 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-11 07:29 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-11 07:29 - 2018-04-15 22:00 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-05-11 07:28 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-11 07:28 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-11 07:28 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-11 07:28 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-11 07:28 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-11 07:28 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-11 07:28 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-11 07:28 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-11 07:28 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-11 07:28 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-11 07:28 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-11 07:28 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-11 07:28 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-11 07:28 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-11 07:28 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-11 07:28 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-11 07:28 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-11 07:28 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-11 07:28 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-11 07:28 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-11 07:28 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-11 07:28 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-11 07:28 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-11 07:28 - 2018-05-03 09:36 - 000397728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-05-11 07:28 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-11 07:28 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-11 07:28 - 2018-05-03 09:35 - 001628064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-05-11 07:28 - 2018-05-03 09:35 - 000831392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-05-11 07:28 - 2018-05-03 09:35 - 000645536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-05-11 07:28 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-11 07:28 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-11 07:28 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-11 07:28 - 2018-05-03 09:32 - 000744864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-05-11 07:28 - 2018-05-03 09:32 - 000670104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-05-11 07:28 - 2018-05-03 09:32 - 000231328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-05-11 07:28 - 2018-05-03 09:31 - 001420704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-05-11 07:28 - 2018-05-03 09:30 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-05-11 07:28 - 2018-05-03 09:30 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-05-11 07:28 - 2018-05-03 09:30 - 000813984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-05-11 07:28 - 2018-05-03 09:30 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-05-11 07:28 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-11 07:28 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-11 07:28 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-11 07:28 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-11 07:28 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-11 07:28 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-11 07:28 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-11 07:28 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-11 07:28 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-11 07:28 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-11 07:28 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-11 07:28 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-11 07:28 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-11 07:28 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-11 07:28 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-11 07:28 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-11 07:28 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-11 07:28 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-11 07:28 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-11 07:28 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-11 07:28 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-11 07:28 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-11 07:28 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-11 07:28 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-11 07:28 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-11 07:28 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-11 07:28 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-11 07:28 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-11 07:28 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-11 07:28 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-11 07:28 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-11 07:28 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-11 07:28 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-11 07:28 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-11 07:28 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-11 07:28 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-11 07:28 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-11 07:28 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-11 07:28 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-11 07:28 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-11 07:28 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-11 07:28 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-11 07:28 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-11 07:28 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-11 07:28 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-11 07:28 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-11 07:28 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-11 07:28 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-11 07:28 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-11 07:28 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-11 07:28 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-11 07:28 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-11 07:28 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-11 07:28 - 2018-04-15 23:36 - 002376088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2018-05-11 07:28 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-11 07:28 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-11 07:28 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-11 07:28 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-11 07:28 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-11 07:28 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-11 07:28 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-11 07:28 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-11 07:28 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-11 07:28 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-11 07:28 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-11 07:28 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-11 07:28 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-11 07:28 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-11 07:28 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-11 07:28 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-11 07:28 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-11 07:28 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-11 07:28 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-11 07:28 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-11 07:28 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-11 07:28 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-11 07:28 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-11 07:28 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-11 07:28 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-11 07:28 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-11 07:28 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-11 07:28 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-11 07:28 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-11 07:28 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-11 07:28 - 2018-04-15 22:33 - 001623960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2018-05-11 07:28 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-11 07:28 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-11 07:28 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-11 07:28 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-11 07:28 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-11 07:28 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-11 07:28 - 2018-04-15 22:12 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-11 07:28 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-11 07:28 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-11 07:28 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-11 07:28 - 2018-04-15 22:08 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-11 07:28 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-11 07:28 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-11 07:28 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-11 07:28 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-11 07:28 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-11 07:28 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-11 07:28 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-11 07:28 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-11 07:28 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-11 07:28 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-11 07:28 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-11 07:28 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-11 07:28 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-11 07:28 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-11 07:28 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-11 07:28 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-11 07:28 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-11 07:28 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-11 07:28 - 2017-11-26 15:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-11 06:49 - 2018-05-12 18:17 - 000000660 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1004.job
2018-05-11 06:49 - 2018-05-12 18:17 - 000000564 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1004.job
2018-05-09 11:58 - 2018-05-12 14:08 - 000000600 _____ C:\Users\marelro\AppData\Roaming\winscp.rnd
2018-05-09 05:47 - 2018-05-09 05:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-05-08 23:42 - 2018-05-08 23:42 - 000000600 _____ C:\Users\Admin\AppData\Roaming\winscp.rnd
2018-05-08 23:35 - 2018-05-08 23:35 - 000001158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2018-05-08 23:35 - 2018-05-08 23:35 - 000001146 _____ C:\Users\Public\Desktop\WinSCP.lnk
2018-05-08 23:35 - 2018-05-08 23:35 - 000000000 ____D C:\Program Files (x86)\WinSCP
2018-05-08 23:32 - 2018-05-08 23:33 - 009649448 _____ (Martin Prikryl ) C:\Users\marelro\Downloads\WinSCP-5.13.1-Setup.exe
2018-05-08 06:39 - 2018-05-08 06:39 - 000006226 _____ C:\Users\marelro\AppData\Local\recently-used.xbel
2018-05-06 13:20 - 2018-05-06 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck
2018-05-06 13:20 - 2018-05-06 13:20 - 000000000 ____D C:\Program Files\WEB.DE MailCheck
2018-05-06 13:20 - 2018-05-06 13:20 - 000000000 ____D C:\Program Files (x86)\WEB.DE MailCheck
2018-05-04 20:06 - 2018-05-04 20:06 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-05-04 20:06 - 2018-05-04 20:06 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-05-04 20:06 - 2018-05-04 20:06 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-05-04 20:06 - 2018-05-04 20:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-05-02 18:46 - 2018-05-14 15:32 - 000000000 ____D C:\Users\marelro\Nextcloud
2018-05-02 18:37 - 2018-05-13 16:53 - 000000000 ____D C:\Users\marelro\AppData\Local\Nextcloud
2018-05-02 18:37 - 2018-05-02 18:37 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nextcloud.lnk
2018-05-02 18:37 - 2018-05-02 18:37 - 000001088 _____ C:\Users\Public\Desktop\Nextcloud.lnk
2018-05-02 18:31 - 2018-05-02 18:37 - 000000000 ____D C:\Program Files (x86)\Nextcloud
2018-05-02 18:31 - 2018-05-02 18:31 - 039993464 _____ (Nextcloud GmbH) C:\Users\marelro\Downloads\Nextcloud-2.3.3.1-setup.exe
2018-04-28 09:12 - 2018-05-11 22:34 - 000004628 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-04-28 09:12 - 2018-04-28 09:12 - 000000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2018-04-28 09:12 - 2018-04-28 09:12 - 000000000 ____D C:\Users\Default\AppData\Local\Adobe
2018-04-28 09:12 - 2018-04-28 09:12 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
2018-04-28 09:12 - 2018-04-28 09:12 - 000000000 ____D C:\Users\Default User\AppData\Local\Adobe
2018-04-28 09:12 - 2018-04-28 09:12 - 000000000 ____D C:\Macromedia
2018-04-25 11:00 - 2018-04-25 11:00 - 000000000 ____D C:\Users\marelro\AppData\Local\AVAST Software
2018-04-18 14:04 - 2018-04-28 16:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-04-17 05:48 - 2018-05-04 21:38 - 000000000 ____D C:\Users\marelro\AppData\Local\CrashDumps
2018-04-15 20:51 - 2018-04-15 20:52 - 2147483648 _____ C:\Users\marelro\Documents\MARELRO_VC
2018-04-15 20:21 - 2018-04-15 20:21 - 000000000 ____D C:\Users\marelro\AppData\Roaming\VeraCrypt
2018-04-15 20:15 - 2018-04-15 20:15 - 000828688 _____ (IDRIX) C:\WINDOWS\system32\Drivers\veracrypt.sys
2018-04-15 20:15 - 2018-04-15 20:15 - 000000888 _____ C:\Users\Public\Desktop\VeraCrypt.lnk
2018-04-15 20:14 - 2018-04-15 20:15 - 000000000 ____D C:\Program Files\VeraCrypt
2018-04-15 20:12 - 2018-04-15 20:12 - 000003670 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2018-04-15 20:12 - 2018-04-15 20:12 - 000003546 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2018-04-15 20:12 - 2018-04-15 20:12 - 000002574 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-04-15 20:12 - 2018-04-15 20:12 - 000002539 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-04-15 20:12 - 2018-04-15 20:12 - 000000000 ____D C:\Users\Admin\AppData\Local\AVAST Software
2018-04-15 20:12 - 2018-04-15 20:12 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-04-15 15:03 - 2018-04-15 15:03 - 000001326 _____ C:\Users\Admin\Desktop\Oxynger KeyShield.lnk
2018-04-15 15:03 - 2018-04-15 15:03 - 000000000 ____D C:\Users\marelro\AppData\Roaming\Oxynger
2018-04-15 15:03 - 2018-04-15 15:03 - 000000000 ____D C:\ProgramData\Oxynger
2018-04-15 15:03 - 2018-04-15 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oxynger KeyShield
2018-04-15 15:03 - 2018-04-15 15:03 - 000000000 ____D C:\Program Files (x86)\Oxynger
2018-04-15 15:02 - 2018-04-15 15:03 - 002518347 _____ (Oxynger Technologies ) C:\Users\marelro\Downloads\Oxynger_KeyShield_Setup.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-05-14 14:11 - 2017-12-02 14:17 - 000000000 ____D C:\Users\marelro\AppData\Roaming\Everything
2018-05-14 14:05 - 2016-11-20 19:39 - 000000000 ____D C:\temp
2018-05-14 12:43 - 2017-12-10 09:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-14 11:28 - 2017-12-02 13:41 - 000000000 ____D C:\Users\marelro\AppData\LocalLow\Mozilla
2018-05-14 02:32 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-14 00:51 - 2016-11-21 13:31 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2018-05-14 00:47 - 2017-02-22 09:23 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Everything
2018-05-14 00:47 - 2016-07-27 12:14 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2018-05-14 00:36 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-13 22:47 - 2017-09-02 16:40 - 000000000 ____D C:\Users\Admin\AppData\Local\Everything
2018-05-13 22:28 - 2017-12-10 09:43 - 000003802 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1000
2018-05-13 22:28 - 2017-12-10 09:43 - 000003706 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1000
2018-05-13 22:28 - 2017-10-24 11:19 - 000000000 ____D C:\Users\Admin\AppData\Local\GoToMeeting
2018-05-13 16:52 - 2017-12-02 22:39 - 000000000 ____D C:\Users\marelro\AppData\Local\Everything
2018-05-13 16:24 - 2017-12-02 13:47 - 000000000 ____D C:\Users\marelro\AppData\Roaming\Skype
2018-05-13 07:48 - 2017-12-10 09:22 - 003500870 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-13 07:48 - 2017-09-30 16:34 - 001646736 _____ C:\WINDOWS\system32\perfh007.dat
2018-05-13 07:48 - 2017-09-30 16:34 - 000416040 _____ C:\WINDOWS\system32\perfc007.dat
2018-05-13 07:44 - 2017-12-10 09:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-13 07:44 - 2016-11-19 22:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-05-13 07:43 - 2017-09-29 10:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-05-13 07:43 - 2017-05-17 20:30 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-05-12 21:46 - 2017-12-02 17:40 - 000000000 ____D C:\Users\marelro\AppData\Roaming\TV-Browser
2018-05-12 21:10 - 2017-12-10 09:55 - 000000000 ___RD C:\Users\Admin\3D Objects
2018-05-12 21:10 - 2016-04-27 07:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-12 18:23 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-12 18:20 - 2017-12-10 09:47 - 000000000 ___RD C:\Users\marelro\3D Objects
2018-05-12 18:19 - 2016-11-18 11:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-05-12 18:18 - 2017-12-10 09:19 - 000498816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-12 18:17 - 2017-08-26 08:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-12 18:17 - 2015-06-23 20:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-12 18:14 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-12 18:14 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-12 18:14 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-12 18:12 - 2018-01-08 21:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2018-05-12 18:00 - 2015-06-23 20:20 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-12 17:54 - 2017-12-10 09:28 - 000000000 ____D C:\Users\marelro\AppData\Local\Packages
2018-05-12 14:03 - 2017-04-26 19:00 - 000000000 ____D C:\Program Files (x86)\iolo
2018-05-11 22:55 - 2016-11-20 22:06 - 000008002 _____ C:\WINDOWS\BRRBCOM.INI
2018-05-11 22:36 - 2017-10-16 12:17 - 000000000 ____D C:\Users\Admin\Desktop\Avada_Full_Package
2018-05-11 22:34 - 2016-11-19 22:19 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2018-05-11 22:33 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-11 22:33 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-11 18:03 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-11 07:47 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-11 07:41 - 2015-06-23 21:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-11 07:38 - 2017-10-11 06:27 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-11 07:38 - 2015-06-23 21:22 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-11 07:28 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-11 06:49 - 2018-03-17 21:08 - 000003818 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1004
2018-05-11 06:49 - 2018-03-17 21:08 - 000003722 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1004
2018-05-11 06:49 - 2018-03-17 21:08 - 000000000 ____D C:\Users\marelro\AppData\Local\GoToMeeting
2018-05-09 05:48 - 2016-11-18 11:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-05-08 09:42 - 2017-12-04 23:09 - 000000000 __SHD C:\Users\marelro\AppData\Roaming\.#
2018-05-08 08:39 - 2017-12-02 21:25 - 000000000 ____D C:\Users\marelro\Documents\MailStore Home
2018-05-08 08:39 - 2017-11-25 14:03 - 000000000 ____D C:\ProgramData\firebird
2018-05-08 06:44 - 2017-12-13 16:35 - 000000000 ____D C:\Users\marelro\.gimp-2.8
2018-05-07 19:13 - 2017-12-02 22:23 - 000000000 ____D C:\Users\marelro\AppData\Roaming\FileZilla
2018-05-07 12:57 - 2017-12-07 22:39 - 000000000 ____D C:\Users\marelro\AppData\Roaming\vlc
2018-05-05 05:49 - 2017-12-10 10:23 - 000000600 _____ C:\Users\marelro\AppData\Local\PUTTY.RND
2018-05-03 13:25 - 2017-12-13 16:38 - 000000000 ____D C:\Users\marelro\AppData\Local\gtk-2.0
2018-05-02 18:46 - 2017-12-10 09:27 - 000000000 ____D C:\Users\marelro
2018-05-02 08:36 - 2018-03-22 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2018-05-02 05:45 - 2016-11-18 09:33 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-02 05:45 - 2016-11-18 09:33 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-01 19:09 - 2018-03-28 13:00 - 000000000 ____D C:\Users\marelro\Documents\Steuer
2018-05-01 19:08 - 2018-02-26 18:46 - 000000000 ____D C:\Users\marelro\AppData\Local\Buhl
2018-04-28 09:39 - 2017-11-25 14:24 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2018-04-28 09:39 - 2017-11-25 14:24 - 000001097 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2018-04-28 09:39 - 2016-07-27 13:46 - 000000958 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-04-25 11:05 - 2017-12-02 17:44 - 000000000 ___RD C:\Users\marelro\Dropbox
2018-04-25 10:56 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-04-25 10:55 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-04-25 10:55 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-20 08:15 - 2017-02-21 18:20 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-04-20 08:15 - 2016-07-27 12:14 - 000000000 ____D C:\ProgramData\Skype
2018-04-15 20:16 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-15 20:13 - 2016-11-18 11:44 - 000000000 ___RD C:\Dropbox
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2018-05-08 23:42 - 2018-05-08 23:42 - 000000600 _____ () C:\Users\Admin\AppData\Roaming\winscp.rnd
2006-12-11 20:13 - 2006-12-11 20:13 - 000097336 _____ (Un4seen Developments) C:\Users\Admin\AppData\Local\bass.dll
2006-12-11 20:13 - 2006-12-11 20:13 - 000013872 _____ (Un4seen Developments) C:\Users\Admin\AppData\Local\basscd.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 000102912 _____ (Albert L Faber) C:\Users\Admin\AppData\Local\CDRip.dll
2007-08-13 18:46 - 2007-08-13 18:46 - 000155136 _____ () C:\Users\Admin\AppData\Local\lame_enc.dll
2007-01-18 22:09 - 2007-01-18 22:09 - 000623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Admin\AppData\Local\No23 Recorder.exe
2005-08-23 23:34 - 2005-08-23 23:34 - 000029184 _____ () C:\Users\Admin\AppData\Local\no23xwrapper.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 000015872 _____ () C:\Users\Admin\AppData\Local\ogg.dll
2017-10-27 17:45 - 2017-12-10 11:31 - 000000600 _____ () C:\Users\Admin\AppData\Local\PUTTY.RND
2017-11-11 01:21 - 2017-11-11 01:21 - 000001434 _____ () C:\Users\Admin\AppData\Local\RecConfig.xml
2017-11-12 21:33 - 2017-11-12 21:33 - 000027498 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-06-24 07:03 - 2015-06-24 07:03 - 000007605 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2006-10-26 02:06 - 2006-10-26 02:06 - 000143872 _____ () C:\Users\Admin\AppData\Local\vorbis.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 000064000 _____ () C:\Users\Admin\AppData\Local\vorbisenc.dll
2006-10-26 02:06 - 2006-10-26 02:06 - 000019456 _____ () C:\Users\Admin\AppData\Local\vorbisfile.dll
Einige Dateien in TEMP:
====================
2018-01-08 21:20 - 2017-10-18 20:55 - 003729984 _____ (Foxit Corporation) C:\Users\Admin\AppData\Local\Temp\FoxitUpdater.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-05-11 09:08
==================== Ende von FRST.txt ============================
|
|
14.05.2018, 14:58
| #2 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Das mit dem Chip-Installer hab ich nach etwas Lesen hier mittlerweile auch mitbekommen. Leider zu spät. Gehe ab jetzt immer zu filepony (Ich habe das mit dem Chocolatey auch gesehen, aber mich noch nicht getraut. Vielleicht, wenn ich wieder etwas bessere Nerven hab.
__________________Hier die Addition von FRST: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12.05.2018
durchgeführt von Admin (14-05-2018 15:48:15)
Gestartet von C:\Users\Admin\Desktop
Windows 10 Pro Version 1709 16299.431 (X64) (2017-12-10 07:45:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Admin (S-1-5-21-2369424989-362787197-3549092213-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2369424989-362787197-3549092213-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2369424989-362787197-3549092213-503 - Limited - Disabled)
Gast (S-1-5-21-2369424989-362787197-3549092213-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2369424989-362787197-3549092213-1003 - Limited - Enabled)
marelro (S-1-5-21-2369424989-362787197-3549092213-1004 - Limited - Enabled) => C:\Users\marelro
WDAGUtilityAccount (S-1-5-21-2369424989-362787197-3549092213-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.7 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
Amazon Kindle (HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
Amazon Kindle (HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
Amazon Kindle (HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{17992A33-06A9-9191-B613-86018E3A017E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: - )
AppLogLibSetup (HKLM-x32\...\{7C40ADB8-AD6E-4CDF-94A1-06ACDC99F90F}) (Version: 1.0.2.0 - Brother Industries Ltd.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.13.0 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 65.0.412.162 - AVAST Software)
Brackets (HKLM-x32\...\{9E1DE4E6-DA6C-46E9-9EF2-15189E534511}) (Version: 1.11 - brackets.io)
BrLauncher (HKLM-x32\...\{9483AB22-92AA-4161-9E79-DE77B71949DA}) (Version: 1.1.6.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{E9A086F3-E0CB-4E91-AABE-586D99788BC3}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{8281F578-2B02-4E98-956F-64E5D60D761B}) (Version: 1.1.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{F98C83EC-0334-4F4E-8AC0-211DAC81ED35}) (Version: 1.0.5.2 - Brother Industries Ltd.) Hidden
BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{1BAE50D4-5F2A-4E34-BD81-B4555109F7C2}) (Version: 4.2.3.1 - Brother Insutries Ltd.) Hidden
ConvertHelper 3.2a1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
DeviceDetect (HKLM-x32\...\{0B226409-96A6-47F0-84D8-89223B6F9479}) (Version: 1.0.3.4 - Brother Industries Ltd.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 49.4.68 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Everything 1.4.1.877 (x64) (HKLM\...\Everything) (Version: 1.4.1.877 (x64) - David Carpenter)
FileZilla Client 3.31.0 (HKLM-x32\...\FileZilla Client) (Version: 3.31.0 - Tim Kosse)
Fitbit Connect (HKLM-x32\...\{3EEEE6FF-206D-47AC-B51D-20086090424A}) (Version: 2.0.1.6782 - Fitbit Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.)
G DATA USB KEYBOARD GUARD (HKLM-x32\...\{D8CBD59F-B29D-4E38-9D66-DEAEAB473FA9}) (Version: 1.1.0.4 - G DATA Software AG)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
GmailDefaultMaker (HKLM-x32\...\97F743A4-2B02-43DD-8B95-B4DDC413190A) (Version: 2.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
GoTo Opener (HKLM-x32\...\{351B54B2-1AFC-42A7-A8C0-9E05C26F0D1E}) (Version: 1.0.470 - LogMeIn, Inc.)
GoToMeeting 8.27.0.8789 (HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\GoToMeeting) (Version: 8.27.0.8789 - LogMeIn, Inc.)
GoToMeeting 8.27.0.8789 (HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\GoToMeeting) (Version: 8.27.0.8789 - LogMeIn, Inc.)
GoToMeeting 8.27.0.8789 (HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\GoToMeeting) (Version: 8.27.0.8789 - LogMeIn, Inc.)
GoToMeeting 8.27.0.8789 (HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\GoToMeeting) (Version: 8.27.0.8789 - LogMeIn, Inc.)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Jacquie Lawson Seaside Calendar (HKLM-x32\...\{81F01C43-2866-7192-F0B4-5D1B83D2011A}) (Version: 1.0.5 - Microcourt Limited) Hidden
Jacquie Lawson Seaside Calendar (HKLM-x32\...\com.jacquielawson.seaside2016) (Version: 1.0.5 - Microcourt Limited)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Jutoh 2.62 (HKLM-x32\...\Jutoh_is1) (Version: 2.62 - Anthemion Software Ltd.)
Kerish Doctor 2018 (HKLM-x32\...\{EF70A54F-E09E-4570-8F21-C7674CDDB5B6}_is1) (Version: 4.65 - Kerish Products)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LibreOffice 5.4.1.2 (HKLM\...\{C16F4B36-C5D5-4B14-B9A9-9ECA3C35C22A}) (Version: 5.4.1.2 - The Document Foundation)
MailStore Home 10.2.3.12921 (HKLM-x32\...\MailStore Home_universal1) (Version: 10.2.3.12921 - MailStore Software GmbH)
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.9226.2126 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0 (x64 en-US)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.0.6697 - Mozilla)
Mozilla Thunderbird 52.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.7.0 (x86 de)) (Version: 52.7.0 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
Nextcloud (HKLM-x32\...\Nextcloud) (Version: 2.3.3.1 - Nextcloud GmbH)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9226.2126 - Microsoft Corporation) Hidden
Oxynger KeyShield 1.1.0 (HKLM-x32\...\{100C4513-F98A-47E0-AEA0-A67B636D8F7A}_is1) (Version: 1.1.0 - Oxynger Technologies)
PC-FAXReceive (HKLM-x32\...\{8DB92891-74BB-464E-BCF8-6D6A9C2132AC}) (Version: 1.3.8.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{4D52CAB8-06E6-4511-B29C-E2F36B52AE12}) (Version: 1.0.4.5 - Brother Industries Ltd.) Hidden
Reader for PC (HKLM-x32\...\{D279DFB7-97A3-439D-8BE9-95D8AFA68562}) (Version: 2.4.01.10241 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{B6CE4633-EA3F-4856-9BCC-9B8702E076FE}) (Version: 3.8.0.0 - Brother Industries Ltd.) Hidden
Saola Animate (HKLM\...\{C609AB2B-39B6-4B3D-9C6B-8F136126658D}_is1) (Version: 1.1.0 - Atomi Systems, Inc.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scirocco Take a Break 3.1 (HKLM\...\{87764DE1-E730-4234-86A8-E8C60E8DFC6E}) (Version: 3.1 - Scirocco)
Scrivener (HKLM-x32\...\Scrivener 1970) (Version: 1970 - Literature and Latte)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 5.0.0.0 - ASCOMP Software GmbH)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
Steuer 2016 (HKLM-x32\...\{284354A5-0D3A-4065-A997-C21762D0160E}) (Version: 24.00.1375 - Buhl Data Service GmbH)
Steuer 2017 (HKLM-x32\...\{595F1685-D937-4E8D-ACED-DB6F09C945C0}) (Version: 25.00.1359 - Buhl Data Service GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
The 5 Bucks a Day Action Enforcer (HKLM-x32\...\The 5 Bucks a Day Action Enforcer_is1) (Version: - Dennis Becker d.b.a. MDM Sports)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TV-Browser 3.4.4 (HKLM-x32\...\tvbrowser) (Version: 3.4.4 - TV-Browser Team)
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
VdhCoApp 1.0.7 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.22 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.2 - VideoLAN)
WEB.DE MailCheck für Windows (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.7.1.0 - 1&1 Mail & Media GmbH)
WEB.DE Suche (HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\1&1 Mail & Media GmbH Search) (Version: 0.8.0.0 - 1&1 Mail & Media GmbH)
WEB.DE Suche (HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\1&1 Mail & Media GmbH Search) (Version: 0.8.0.0 - 1&1 Mail & Media GmbH)
WEB.DE Suche (HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\1&1 Mail & Media GmbH Search) (Version: 0.8.0.0 - 1&1 Mail & Media GmbH)
WEB.DE Suche (HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\1&1 Mail & Media GmbH Search) (Version: 0.8.0.0 - 1&1 Mail & Media GmbH)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
WinSCP 5.13.1 (HKLM-x32\...\winscp3_is1) (Version: 5.13.1 - Martin Prikryl)
WordExpander (HKLM-x32\...\{F76E834B-64B3-42B2-A2F5-EF254ED651E0}) (Version: 1.5.15 - Bartels Media GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331_Classes\CLSID\{9B7F8E54-2CD5-43A9-A106-79A12EB4EBA3}\InprocServer32 -> C:\Users\Admin\AppData\Local\1&1 Mail & Media GmbH\WEB.DE Suche\Application\WEB.DE_Suche_Proxy.dll (1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1000_Classes\CLSID\{9B7F8E54-2CD5-43A9-A106-79A12EB4EBA3}\InprocServer32 -> C:\Users\Admin\AppData\Local\1&1 Mail & Media GmbH\WEB.DE Suche\Application\WEB.DE_Suche_Proxy.dll (1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\marelro\AppData\Local\GoToMeeting\8569\G2MOutlookAddin64.dll (LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949_Classes\CLSID\{9B7F8E54-2CD5-43A9-A106-79A12EB4EBA3}\InprocServer32 -> C:\Users\marelro\AppData\Local\1&1 Mail & Media GmbH\WEB.DE Suche\Application\WEB.DE_Suche_Proxy.dll (1und1 Mail und Media GmbH)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1004_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\marelro\AppData\Local\GoToMeeting\8569\G2MOutlookAddin64.dll (LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2369424989-362787197-3549092213-1004_Classes\CLSID\{9B7F8E54-2CD5-43A9-A106-79A12EB4EBA3}\InprocServer32 -> C:\Users\marelro\AppData\Local\1&1 Mail & Media GmbH\WEB.DE Suche\Application\WEB.DE_Suche_Proxy.dll (1und1 Mail und Media GmbH)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2017-11-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2017-11-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2017-11-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2017-11-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\Nextcloud\shellext\OCOverlays_x64.dll [2017-11-17] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1-x32: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers3: [OCContextMenuHandler] -> {841A0AAD-AA11-4B50-84D9-7F8E727D77D7} => C:\Program Files (x86)\Nextcloud\shellext\OCContextMenu_x64.dll [2017-11-17] (ownCloud Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Keine Datei
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-12] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [Secure Eraser] -> {2A8DEC8D-934E-4FF8-825A-05A800047649} => C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll [2016-02-03] ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {019AE14B-7E2F-411D-9878-230D34982797} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {070F1C63-1F24-4926-8B14-65A13E6933BF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {14A42D47-6BBC-461D-B3CA-81DFC6929F45} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-18] (Dropbox, Inc.)
Task: {14EE1F9C-5723-4853-8DF2-6799D6EC559B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D956C91-AFAA-4C8E-87D7-F4D625B83FCB} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {280C2DAB-8FF6-4F04-B936-81707BD61F79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-18] (Google Inc.)
Task: {2A380370-33A8-43F5-8D27-EFD435CC4DDC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3358A7D6-7CE8-4CB7-9120-ED9534297101} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-26] (Microsoft Corporation)
Task: {35151705-20FF-44C8-9F34-2426806459B4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {3E125E18-1699-40B5-B0DF-0F13CCA16867} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4460FF10-9507-4AD1-BF02-7B89BE0544ED} - System32\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1000 => C:\Users\Admin\AppData\Local\GoToMeeting\8789\g2mupdate.exe [2018-05-13] (LogMeIn, Inc.)
Task: {449AD1E6-6A85-4DD5-8B85-848DC369BBD6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {457C00AB-C0B2-4870-9FC4-D2C9E983062C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {4616C919-F2C4-4258-A056-F6D09B3C2F53} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-11] (Microsoft Corporation)
Task: {46E4DE95-D61E-4232-AD7C-3662726BBE69} - System32\Tasks\Kerish Doctor => C:\Program Files (x86)\Kerish Doctor\KerishDoctor.exe [2018-02-19] (Kerish Products)
Task: {47EAEE8E-7264-444C-AB87-20D977794601} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {4AA4E9C6-74EB-4DBE-AB2D-FA08C4AF0033} - System32\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1004 => C:\Users\marelro\AppData\Local\GoToMeeting\8789\g2mupload.exe [2018-05-11] (LogMeIn, Inc.)
Task: {4CB9EE4D-D2C2-4774-8066-D5FAEBB6FECE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D5C814C-25F9-4811-9C1C-A6B9F583B1A5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4DC537AF-DBEC-44FD-9361-54480A7BB542} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {4FC57133-DB4D-42CC-A756-6E1C6A6CBB9E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5148C9EE-D59E-4AB1-B85D-81F568D9FFA9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {5ECE578D-3A79-4FE5-847C-4FE52F53102F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67158049-CFC7-49B0-8492-D1E46B76D0BD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6CA6B899-9BD4-4A8D-B176-45B7E80C4019} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-15] (AVAST Software)
Task: {7095EAE4-71BA-4751-9E37-8B1CEA37D33B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73DA72A6-D7AC-4489-928D-BFA983D4C1BE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {761546E0-6CE9-46B5-9C5F-F6FE0BFD4C3A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7690F380-941B-4358-9DB7-1DADA7A42771} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-11] (Microsoft Corporation)
Task: {78482A3C-3693-482B-8A07-8694FECE2B24} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7AB93357-DF04-4C8D-90D7-4BA989888E40} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-11] (Microsoft Corporation)
Task: {8C4C6280-3BAE-40F5-BC68-3F1D5F543EAB} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9050CC34-9BC0-428F-95A4-17592412DEB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-11] (Adobe Systems Incorporated)
Task: {9556C1EB-9476-40A1-B494-03AD0AA20A8C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {984734FE-26FB-408C-AAD8-BD6BE57A17B7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9A309903-5EE3-4B7C-BE54-F5A22B959C31} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9F3EC7F2-42F7-4A7E-82B3-4839A1791735} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9F9AAF5D-9186-42DE-A833-8FA16E747E5F} - System32\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1000 => C:\Users\Admin\AppData\Local\GoToMeeting\8789\g2mupload.exe [2018-05-13] (LogMeIn, Inc.)
Task: {A013544B-0C72-4EE5-B899-E545677DE491} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {A1734CA6-9A4B-4298-9F04-1D6ED41C3142} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A371A7EE-B909-40BA-A8D7-1CF1DBE7919F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A5C17909-1248-4107-83A7-6ED14C9E4596} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ADB4B16A-947B-4745-9D1D-3AA951B9159A} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {AF3D95D6-AB51-4D14-A2D8-4BE28FDFC4B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-11] (Microsoft Corporation)
Task: {B046C7E1-B518-4CFA-878F-38C46C6A9F07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B2F92FC5-E2FC-4CD3-A42E-3F5201C4E3AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {BBB3F7AF-AE68-42A9-809E-18B54FCEE3B9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-15] (AVAST Software)
Task: {BC658A1F-59A4-40E9-9180-98DB34CB481E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-26] (Microsoft Corporation)
Task: {C1BC032D-BA94-41AA-84BA-9C88754FEB53} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C30F0124-353E-4E6F-AF8F-0F0C7C8F84D2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CE76B8D5-331F-4558-80B9-DF0CED310152} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {CEE6CE1F-CECA-40E4-A435-154AC3AC969E} - System32\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1004 => C:\Users\marelro\AppData\Local\GoToMeeting\8789\g2mupdate.exe [2018-05-11] (LogMeIn, Inc.)
Task: {D1AFB502-1E48-4166-9EAC-9606506C3A0F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D2953084-6AC1-4CD5-BED0-28D8795D36E7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D786D55D-E812-49FE-AC50-26848FC3D491} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB50DEBA-FB1C-49AD-9B23-95251D976F22} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-04-24] (AVAST Software)
Task: {DB515BF4-B75B-41FA-81A1-A7A1383F6AFE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-18] (Dropbox, Inc.)
Task: {DF7D8DE3-183C-43A9-B956-6AADFE6E144A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E3763D9B-B295-4481-99EC-F2E0C084EC04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-18] (Google Inc.)
Task: {EB5335CD-2EC9-4923-AA12-1E98FB1C145B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-12] (AVAST Software)
Task: {FEBB576B-044A-4109-850A-C4065A2B92EC} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1000.job => C:\Users\Admin\AppData\Local\GoToMeeting\8789\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2369424989-362787197-3549092213-1004.job => C:\Users\marelro\AppData\Local\GoToMeeting\8789\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1000.job => C:\Users\Admin\AppData\Local\GoToMeeting\8789\g2mupload.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2369424989-362787197-3549092213-1004.job => C:\Users\marelro\AppData\Local\GoToMeeting\8789\g2mupload.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-02-22 09:23 - 2017-06-07 03:42 - 002197608 _____ () C:\Program Files\Everything\Everything.exe
2016-11-20 22:06 - 2005-04-22 14:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-12-04 14:57 - 2016-02-03 12:33 - 000566440 _____ () C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll
2018-02-23 11:44 - 2018-02-23 11:44 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-11-17 20:46 - 2017-11-17 20:46 - 000061952 _____ () C:\Program Files (x86)\Nextcloud\shellext\OCUtil_x64.dll
2018-03-14 07:06 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 07:06 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-16 06:55 - 2018-03-16 06:55 - 000173568 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-03-09 06:57 - 2018-03-09 06:57 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-22 06:48 - 2018-03-22 06:48 - 004330496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-03-16 06:55 - 2018-03-16 06:55 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-03-27 14:22 - 2018-03-27 14:22 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-27 14:22 - 2018-03-27 14:22 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-27 14:22 - 2018-03-27 14:22 - 022050304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-27 14:22 - 2018-03-27 14:22 - 002584576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-02 05:45 - 2018-04-26 05:14 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libglesv2.dll
2018-05-02 05:45 - 2018-04-26 05:14 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libegl.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 000477696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-03-02 06:50 - 2018-03-02 06:51 - 059575808 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 13:28 - 2017-10-05 13:29 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-02-19 11:42 - 2018-02-19 11:43 - 000010240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 003741184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-14 11:45 - 2017-12-14 11:45 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 015986688 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-03-02 06:50 - 2018-03-02 06:50 - 003592704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-03-02 06:50 - 2018-03-02 06:50 - 003231232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 001369088 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-02-19 11:34 - 2018-02-19 11:36 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-02 06:50 - 2018-03-02 06:50 - 000094208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-02-19 11:42 - 2018-02-19 11:43 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 000628736 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-03-02 06:50 - 2018-03-02 06:51 - 000152064 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-12 13:49 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-05-12 13:49 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-03-10 06:54 - 2018-03-10 06:54 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-12 01:50 - 2018-05-12 01:50 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-11-20 11:32 - 2017-11-20 11:32 - 002475167 _____ () C:\Program Files (x86)\Nextcloud\libnextcloudsync.dll
2017-01-15 00:59 - 2017-01-15 00:59 - 000097898 _____ () C:\Program Files (x86)\Nextcloud\libgcc_s_sjlj-1.dll
2017-01-15 00:59 - 2017-01-15 00:59 - 001304790 _____ () C:\Program Files (x86)\Nextcloud\libstdc++-6.dll
2017-01-15 02:33 - 2017-01-15 02:33 - 000045475 _____ () C:\Program Files (x86)\Nextcloud\libqt5keychain.dll
2017-11-20 11:31 - 2017-11-20 11:31 - 001531702 _____ () C:\Program Files (x86)\Nextcloud\libocsync.dll
2017-01-15 00:33 - 2017-01-15 00:33 - 000085026 _____ () C:\Program Files (x86)\Nextcloud\zlib1.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 000151691 _____ () C:\Program Files (x86)\Nextcloud\libpcre16-0.dll
2017-01-15 01:27 - 2017-01-15 01:27 - 000362986 _____ () C:\Program Files (x86)\Nextcloud\libharfbuzz-0.dll
2017-01-15 00:36 - 2017-01-15 00:36 - 000207141 _____ () C:\Program Files (x86)\Nextcloud\libpng16-16.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 002449109 _____ () C:\Program Files (x86)\Nextcloud\icui18n56.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 001418957 _____ () C:\Program Files (x86)\Nextcloud\icuuc56.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 000351164 _____ () C:\Program Files (x86)\Nextcloud\libjpeg-8.dll
2017-01-15 00:47 - 2017-01-15 00:47 - 000339690 _____ () C:\Program Files (x86)\Nextcloud\libwebp-5.dll
2017-01-15 00:36 - 2017-01-15 00:36 - 001174014 _____ () C:\Program Files (x86)\Nextcloud\libxml2-2.dll
2017-01-15 01:31 - 2017-01-15 01:31 - 000231124 _____ () C:\Program Files (x86)\Nextcloud\libxslt-1.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 000486390 _____ () C:\Program Files (x86)\Nextcloud\libfreetype-6.dll
2017-01-15 00:37 - 2017-01-15 00:37 - 000710321 _____ () C:\Program Files (x86)\Nextcloud\libsqlite3-0.dll
2017-01-15 00:35 - 2017-01-15 00:35 - 025058941 _____ () C:\Program Files (x86)\Nextcloud\icudata56.dll
2018-05-09 05:47 - 2018-05-04 20:06 - 000863048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-05-09 05:47 - 2018-05-04 20:06 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-09 05:47 - 2018-05-04 20:04 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 001845600 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-05-09 05:47 - 2018-05-04 20:06 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-05-09 05:47 - 2018-05-04 20:04 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-05-09 05:47 - 2018-05-04 20:06 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-05-09 05:47 - 2018-05-04 20:04 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000028000 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-05-09 05:47 - 2018-05-04 20:04 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-05-09 05:47 - 2018-05-04 20:06 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-05-09 05:47 - 2018-05-04 20:07 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-05-09 05:47 - 2018-05-04 20:06 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-05-09 05:47 - 2018-05-04 20:09 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-05-09 05:47 - 2018-05-04 20:07 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-09 05:47 - 2018-05-04 20:09 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-05-09 05:47 - 2018-05-04 20:08 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-09 05:47 - 2018-05-04 20:09 - 000087904 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2018-05-09 05:47 - 2018-05-04 20:09 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-05-09 05:47 - 2018-05-04 20:08 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2009-02-27 17:38 - 2009-02-27 17:38 - 000139264 _____ () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-12-11 18:40 - 2014-12-11 18:40 - 040622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2014-10-24 21:34 - 2014-10-24 21:34 - 000880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2014-04-25 21:46 - 2014-04-25 21:46 - 000798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2014-10-24 21:35 - 2014-10-24 21:35 - 000178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2018-03-25 18:21 - 2018-03-25 18:21 - 001452728 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\ClientTelemetry.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\Users\Admin\Desktop\Zwischenablage_leeren - Verknüpfung.lnk:com.dropbox.attributes [168]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1004\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056181\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056265\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-2369424989-362787197-3549092213-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2369424989-362787197-3549092213-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056949\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154057347\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-2369424989-362787197-3549092213-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2369424989-362787197-3549092213-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142018154056331\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{230F31D0-34E5-427A-B8CD-53D1C1D81C59}] => (Allow) C:\Program Files\ATOMI\Saola\Saola.exe
FirewallRules: [{41AF9295-9238-4924-901C-805AB961CCD8}] => (Allow) C:\Program Files\ATOMI\Saola\Saola.exe
FirewallRules: [{4BFE2807-708D-4892-B255-3BD11F009D6F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3F148A02-3B81-4E22-B5B4-28B386853A3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DC67CDEA-BCF4-4C40-9B65-5F771B4F735F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A9A772FB-0DAB-4501-9833-A275A0CE5A9D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D12E56A3-ECCA-4E4D-BAA8-CF77214D2F84}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{948A3620-C9C0-4DA5-A298-0C2C69D6ABD7}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{0855C81F-FE3C-4332-BB32-76F266C5F498}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{B7BEEC23-DD44-416F-A302-B343D44EBE9F}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{639CC35E-23A7-4FD1-BBF2-12DC4C7A97DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E2FAC1B9-0EBF-4B50-B48B-51726B35CFCD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D0C60283-25B7-423C-8847-0B12E689513F}] => (Allow) LPort=54925
FirewallRules: [{20EE77C4-6D10-4F59-AB6D-767B9305B7EB}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe
FirewallRules: [{36BA6630-2E8D-4D1F-9B42-C43A4FA18719}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe
FirewallRules: [{045D5592-4798-4842-A26B-B94AC08B6F36}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{29DDD13D-A7AF-4801-9951-C28FF011250D}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe
FirewallRules: [UDP Query User{FB5791D3-ACD6-4B4B-8362-629B0B89A590}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe
FirewallRules: [TCP Query User{9490CBC0-F5AD-4D78-B1EB-DFD94FF16BCA}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{A0A0E456-F129-4937-BC77-79EED6DDD993}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{73BD4B44-B00B-479A-B3BF-2B5E30AE04A8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{99F336F5-DE14-4DAE-8D0B-491CFC6524AE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D9687763-30B3-4C5C-B56E-2DBBBD7A13D5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9577080C-BC63-4804-AA5B-C7DF799451E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6F8D1994-F175-4A04-8AA3-B35FD84F71F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{16D4F0D4-82E8-4E42-92FE-837A52961724}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{62A88FB8-DC6C-4D7D-A936-56DE51C78E92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{83EDE131-8043-4255-A782-8E23689A612A}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{F19632EE-2689-477C-B964-F955970D2A49}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FCBB0E96-5CCA-4DC4-A07F-3787D6AE8F0D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F5619C14-3FC7-4FE2-B86D-87800DF8C2E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BBE478C1-3FDF-4F5D-81B3-46CF27575FF2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
02-05-2018 13:02:00 Geplanter Prüfpunkt
11-05-2018 07:27:26 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/14/2018 03:17:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 02:17:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 01:17:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 12:17:04 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 11:17:03 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 10:17:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 09:17:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (05/14/2018 08:17:04 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Avast Update Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Systemfehler:
=============
Error: (05/14/2018 03:36:50 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\Admin" (SID: S-1-5-21-2369424989-362787197-3549092213-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 01:08:22 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\Admin" (SID: S-1-5-21-2369424989-362787197-3549092213-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 01:08:10 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\Admin" (SID: S-1-5-21-2369424989-362787197-3549092213-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 11:29:18 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\Admin" (SID: S-1-5-21-2369424989-362787197-3549092213-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
und der APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
im Anwendungscontainer "Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 10:16:12 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\marelro" (SID: S-1-5-21-2369424989-362787197-3549092213-1004) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
und der APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
im Anwendungscontainer "Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 08:33:24 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\marelro" (SID: S-1-5-21-2369424989-362787197-3549092213-1004) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 04:15:33 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\marelro" (SID: S-1-5-21-2369424989-362787197-3549092213-1004) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
und der APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
im Anwendungscontainer "Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/14/2018 01:39:37 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Admin-PC\Admin" (SID: S-1-5-21-2369424989-362787197-3549092213-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
und der APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
im Anwendungscontainer "Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2018-05-14 15:39:40.166
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-05-14 15:39:40.144
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-05-13 16:13:45.762
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-05-13 16:13:44.625
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-05-13 16:13:26.942
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-05-13 16:13:20.282
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-05-13 16:13:11.261
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-05-13 16:13:09.163
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 15300.85 MB
Verfügbarer physikalischer RAM: 7881.02 MB
Summe virtueller Speicher: 30660.85 MB
Verfügbarer virtueller Speicher: 21328.76 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1862.35 GB) (Free:1473.64 GB) NTFS
Drive e: (INTENSO) (Removable) (Total:3.76 GB) (Free:3.65 GB) FAT32
\\?\Volume{8e2248e4-8b96-4b88-af73-b94874c5d56f}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32
\\?\Volume{d954de04-9cd7-41f9-ae3e-485e909ef75c}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: F1D57B10)
Partition: GPT.
========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: EF2425A0)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
14.05.2018, 14:50
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-ThreadsZitat:
 Lesestoff:chip.de / CHIP-Installer Keine Downloads mehr von CHIP.de! Die verarschen ihre Kunden aus reiner Profitgier. Siehe auch http://www.trojaner-board.de/168364-...mpfehlung.html und CHIP-Installer - was ist das? - Anleitungen Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
14.05.2018, 20:32
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-ThreadsLesestoff:Google Chrome Offensichtlich nutzt du den Browser Chrome von Google. Von der Verwendung dieses Browsers muss man aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren, falls es noch installiert ist. Bitte auch Avast deinstallieren. Wir deinstallieren dann am besten auch gleich weiteren unnötigen oder veralteten Krempel. Falls du unbedingt ein Programm aus der u.g. Liste braucht, dann lass es drauf gib aber kurz ne Info welches und warum. Avast können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.05.2018, 08:36
| #5 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Hallo Cosinus. Wichtige Frage: Muss ich nicht bei dem ESET Onlinescan noch auf "Alle säubern" klicken? (Das habe ich bisher noch nicht gemacht, nur den PC mit diesem Auswahlbild immer angelassen). Nach dem Lesen des von dir verlinkten Artikels über Avast bin ich geradezu entsetzt! Wenn man dann bedenkt, dass jetzt wg. der DSGVO viele sich sowas installieren, um konformer zu sein. Ansonsten bin ich gerade dabei, alles zu deinstallieren, was du genannt hast. Ein Wort zu Chrome: Ich hatte den aus 2 Gründen: a) Für die Fernverbindung zu der Firma, bei der ich angestellt war, sollte ich den nutzen (bin ich seit 1. Mai nicht mehr dort angestellt, also entfällt der Grund jetzt) b) Ich habe Firefox eigentlich als Lieblingsbrowser, allerdings hatte ich da UMatrix installiert, nur hat sich gezeigt, dass trotz aller Geduld beim schrittweisen Freigeben (zu Versuchsgründen bis zu 30 Mal und mehr) ich oft immer noch nicht z. B. ein Video anschauen konnte oder ein Bestellknopf gar nicht zu sehen war), darum war es dann oft leichter, auf Chrome auszuweichen - natürlich nur bei bekannten Seiten wie z.B. bekannte Radiosender (mein Mann hört manchmal Vorträge und es tut sich dann nichts, wenn er auf den Playbutton drückt) Ich werde UMatrix dann vermutlich wieder deinstallieren, um Firefox ohne zu nutzen - oder gibt es ein anderes Add-On, das nicht ganz so schwer zu verstehen/handeln ist? PS: Ich habe gesehen, dass ich hier als offline angezeigt wurde, obwohl ich beim Anmelden ein Häkchen gesetzt habe um angemeldet zu bleiben. Nur um zu sagen, ich hatte da irgendwas nicht im Griff, ich hab die ganze Zeit immer davorgehockt, um zu sehen, wie es weitergeht. Auch deinen Post von gestern abend erst heute morgen gesehen. Nur damit es nicht als mangelndes Interesse rüberkommt! |
|
15.05.2018, 09:18
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Nein du sollst die Anweisungen umsetzen, die ich geschrieben habe! Das mit ESET ist erstmal völlig wumpe! Und das Thema mit dem Browser sollte jetzt nicht ausufern, deinstalliere Chrome einfach und fertig! Hast du jetzt alles deinstalliert was ich aufgelistet habe?
__________________ --> Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads |
|
15.05.2018, 10:17
| #7 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Jetzt ist alles aus deiner Liste weg, einschließlich Avast. |
|
15.05.2018, 11:03
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads gut  Schädlinge suchen mit Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.05.2018, 11:29
| #9 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Geht leider nicht. Ich bin auf deinen Link gegangen (Filepony) und wollte den Killer downloaden, aber da erscheint jetzt leider: Error: JavaScript must be enabled. Was muss ich jetzt tun? |
|
15.05.2018, 12:25
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Ich weiß nicht wie man so helfen soll. Du schreibst nicht welchen Browser du und wieso du da JavaScript deaktiviert hast! Hast du Google Chrome jetzt weggeschmissen und hast Firefox?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.05.2018, 17:28
| #11 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Chrome ist weggeschmissen, Firefox war ja schon da, aber UMatrix war schuld (manchmal verstehe ich nicht, was vorgeht, ich dachte, ich hätte das schon deaktiviert, vielleicht fehlte Neustart oder es war im anderen Benutzer). Jedenfalls konnte ich es jetzt machen, hier der Report: Code:
ATTFilter 13:43:33.0613 0x42b0 TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
13:43:33.0613 0x42b0 UEFI system
13:43:41.0267 0x42b0 ============================================================
13:43:41.0267 0x42b0 Current date / time: 2018/05/15 13:43:41.0267
13:43:41.0267 0x42b0 SystemInfo:
13:43:41.0267 0x42b0
13:43:41.0267 0x42b0 OS Version: 10.0.16299 ServicePack: 0.0
13:43:41.0267 0x42b0 Product type: Workstation
13:43:41.0267 0x42b0 ComputerName: ADMIN-PC
13:43:41.0267 0x42b0 UserName: Admin
13:43:41.0267 0x42b0 Windows directory: C:\WINDOWS
13:43:41.0267 0x42b0 System windows directory: C:\WINDOWS
13:43:41.0267 0x42b0 Running under WOW64
13:43:41.0267 0x42b0 Processor architecture: Intel x64
13:43:41.0267 0x42b0 Number of processors: 4
13:43:41.0267 0x42b0 Page size: 0x1000
13:43:41.0267 0x42b0 Boot type: Normal boot
13:43:41.0267 0x42b0 CodeIntegrityOptions = 0x00000001
13:43:41.0267 0x42b0 ============================================================
13:43:41.0398 0x42b0 KLMD registered as C:\WINDOWS\system32\drivers\14207980.sys
13:43:41.0398 0x42b0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 16299.431, osProperties = 0x19
13:43:41.0630 0x42b0 System UUID: {F66CCC29-EBCD-4FF2-DBF0-881DBBAC2659}
13:43:41.0930 0x42b0 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:43:41.0946 0x42b0 ============================================================
13:43:41.0946 0x42b0 \Device\Harddisk0\DR0:
13:43:41.0946 0x42b0 GPT partitions:
13:43:41.0946 0x42b0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {90AA063D-C55B-4908-85A3-5482F8ABE539}, Name: , StartLBA 0x22, BlocksNum 0x40000
13:43:41.0946 0x42b0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8E2248E4-8B96-4B88-AF73-B94874C5D56F}, Name: , StartLBA 0x40800, BlocksNum 0x32000
13:43:41.0946 0x42b0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4B2C6D20-D15F-43DF-AFF3-316267C20FD2}, Name: , StartLBA 0x72800, BlocksNum 0xE8CB5000
13:43:41.0946 0x42b0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D954DE04-9CD7-41F9-AE3E-485E909EF75C}, Name: , StartLBA 0xE8D27800, BlocksNum 0xE1000
13:43:41.0946 0x42b0 MBR partitions:
13:43:41.0946 0x42b0 ============================================================
13:43:41.0964 0x42b0 C: <-> \Device\Harddisk0\DR0\Partition3
13:43:41.0964 0x42b0 ============================================================
13:43:41.0964 0x42b0 Initialize success
13:43:41.0964 0x42b0 ============================================================
13:44:37.0256 0x4390 ============================================================
13:44:37.0256 0x4390 Scan started
13:44:37.0256 0x4390 Mode: Manual; SigCheck; TDLFS;
13:44:37.0256 0x4390 ============================================================
13:44:37.0256 0x4390 KSN ping started
13:44:37.0378 0x4390 KSN ping finished: true
13:44:39.0585 0x4390 ================ Scan system memory ========================
13:44:39.0585 0x4390 System memory - ok
13:44:39.0585 0x4390 ================ Scan services =============================
13:44:39.0747 0x4390 [ 08312DEEF0D3F8647AA53AD90A69094E, E32620323E7EDD3CAB5B04B9E37DDE7CA87B45C2CB17520D69D03C17E1D5F65A ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
13:44:39.0901 0x4390 1394ohci - ok
13:44:39.0916 0x4390 [ 645009E711BBF117CCEE917A03FB0CDD, B531951443D961C08428CB0F77F57D9F33C37C0637F919A9DA9DB5DA18479F70 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
13:44:39.0947 0x4390 3ware - ok
13:44:39.0965 0x4390 ACPI - ok
13:44:39.0985 0x4390 [ 44EA35A4B397898A83BF1B9B4B8DAE35, 023E3BC5CE47518269A812F156EFF1BD4CB14F1F5DD3FCC317DE046A519E20CE ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
13:44:40.0016 0x4390 AcpiDev - ok
13:44:40.0047 0x4390 [ 91D113A1532B8AB1E25B7DE5AB3C2F83, 43134DB92D522FCF537FFA8E829021F43BDD90006D7F096BA483DA1DAD3D1CC3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
13:44:40.0069 0x4390 acpiex - ok
13:44:40.0101 0x4390 [ 620BB2682BA625DF037072D89F44F6EE, A1A72F663C75DC65B1BA278CD7F43FAE6D1BDAE2F3F1D8269F508DECB555FFF9 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
13:44:40.0185 0x4390 acpipagr - ok
13:44:40.0217 0x4390 [ B9805A3C479390CEAEA5AEF5E4A90A2E, D9256734BC46EA43133873BDDE56B9A3597F74CFE82500FFB374A8EE6293ADD3 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
13:44:40.0270 0x4390 AcpiPmi - ok
13:44:40.0270 0x4390 [ ABD4EB55C661143B015BD0B9B47B235C, 5F109BA04010E634D547E86AF67659EA06BD05FCF78A493DB190790C4D7E13EA ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
13:44:40.0301 0x4390 acpitime - ok
13:44:40.0348 0x4390 [ 8C58BD711FAD5F11E8CFDBC5CED973A5, 340FCD2C492009D5D7732FBF94198C4767125A77E0C71BB20E5CB2BDA5AB57CF ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:44:40.0386 0x4390 ADP80XX - ok
13:44:40.0417 0x4390 AFD - ok
13:44:40.0417 0x4390 ahcache - ok
13:44:40.0433 0x4390 [ 84FFB4AC2BA923364DF13F73751E05D1, EBD054282D93F290408A2343C0CBF98CEF7619A8252DC04E15322E51505D45AF ] AJRouter C:\WINDOWS\System32\AJRouter.dll
13:44:40.0471 0x4390 AJRouter - ok
13:44:40.0502 0x4390 [ 084101AB03969D8ED00D5FFBE5F4C3DF, 6425FA16F0CBF5F3008780095364830EBF1F073BD5109764FE9E88245AFB9367 ] ALG C:\WINDOWS\System32\alg.exe
13:44:40.0549 0x4390 ALG - ok
13:44:40.0571 0x4390 [ 4F71E68642D55BF30EB8B1382BEC5F02, 6B925F1047E3AA68FA87F5551C35B860360D5636F77AE8B06155450EB113E063 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
13:44:40.0633 0x4390 AMD External Events Utility - ok
13:44:40.0686 0x4390 AMD FUEL Service - ok
13:44:40.0702 0x4390 AmdK8 - ok
13:44:40.0787 0x4390 amdkmdag - ok
13:44:40.0834 0x4390 [ D888CD6CF06C0E577371ED737D67E6AE, 1161D4D493861F0CEE8EAAB2A4DB8B3E134C3479022AFCC8C2802CF0F3EE08D3 ] amdkmdap C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys
13:44:40.0871 0x4390 amdkmdap - ok
13:44:40.0871 0x4390 AmdPPM - ok
13:44:40.0903 0x4390 [ F1C16AABA27E9E153AEC7BD2AB853F30, 7CFDBD218E6C161747A21BBACC78BF1061F2427ED1247F1AE0879BE155C504E7 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
13:44:40.0918 0x4390 amdsata - ok
13:44:40.0934 0x4390 [ C834D0F1ECB8473E9E6D18EE1BCEECB2, C9B7B9279F96DE4DA1EE096B6463591B3A718F87CD75E544C5A07C3639D1F188 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
13:44:40.0969 0x4390 amdsbs - ok
13:44:40.0971 0x4390 [ 49203D2FFE30CBB36BE66A0E70F3D954, E5B5A3B3B4A8FF03B5C902642C776CECD554CA1DB25419111EDA83602986CCCE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
13:44:40.0987 0x4390 amdxata - ok
13:44:41.0002 0x4390 [ 033D09CD953C40B4AFBA9DCB1D1DFB8E, 629BE54E64C8B3FFE9F52820F6BF2802D50F719F63A621C998865FFD61C9F84E ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys
13:44:41.0018 0x4390 amd_sata - ok
13:44:41.0034 0x4390 [ F32F762E54137925E185E5FDA5F73826, A9CC747C0886628F8A5145FBE09FFCA6B5E4EFC0F4457E4824E004A329DFC765 ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys
13:44:41.0049 0x4390 amd_xata - ok
13:44:41.0049 0x4390 [ 10378ADFA7F832B68616C3B8C6470DBB, 4738F81C40BF3B75612E983AC0DADCA8B4A7D3A5B3FBB5058B93D421A32979AC ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:44:41.0068 0x4390 AODDriver4.3 - ok
13:44:41.0119 0x4390 [ 4EB4D11F563FBEBDE8DE4E74B8851715, 0F6FF3C5C999990501277AAC5A33DF8194CEE6975347C2D1D2319BB86D54867C ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
13:44:41.0187 0x4390 AppHostSvc - ok
13:44:41.0202 0x4390 AppID - ok
13:44:41.0234 0x4390 AppIDSvc - ok
13:44:41.0234 0x4390 Appinfo - ok
13:44:41.0271 0x4390 [ 1E085E2302D568F0CE041732B3E887B0, 0D2A3675FDD04C800B302C84A43F233F0217EB4B1AD44B11AADDB0D5D8FA0DB2 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
13:44:41.0334 0x4390 applockerfltr - ok
13:44:41.0372 0x4390 [ 043786FF3A1B6A066613E0B166F28F07, CB248FA46D3798487A543344095F8EC5ACD8A4A5B9FCC7C374CAFE9DB04C6281 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:44:41.0434 0x4390 AppMgmt - ok
13:44:41.0503 0x4390 [ 1D123729F547EEDFBE3F510346848C38, B170860348FBAC054203A7B858866A12944D7046C01BA3A14AC0860D8C288770 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
13:44:41.0550 0x4390 AppReadiness - ok
13:44:41.0572 0x4390 AppVClient - ok
13:44:41.0635 0x4390 [ 05B19AD776D80FF0FADB44608896C16F, B7DDDF06C0E525774DA3AE3EA718E0CCC2D6C27F7430103B578859FAAAF2941F ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
13:44:41.0650 0x4390 AppvStrm - ok
13:44:41.0688 0x4390 [ 3EA678F2C70083FB1588772FE7FAFFE1, 8B236563E285352DE9DC056DC87872412D3A756E82DA9D0191931A19714B4078 ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
13:44:41.0704 0x4390 AppvVemgr - ok
13:44:41.0772 0x4390 [ ADD72B1FFE20B37A13A5A861724ECA05, D48515E1CF9B6317031B1151AEB8C7042D5FD63ABAD755749FE4660979F4E20B ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
13:44:41.0819 0x4390 AppvVfs - ok
13:44:41.0835 0x4390 AppXSvc - ok
13:44:41.0850 0x4390 [ B42C83DE28776B80DBA1310C56DD4F74, 8E017B73D5AD644EC1D46BC1DC2CAF465A6793E2AD6DC35A2E3AB907E7719C40 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
13:44:41.0873 0x4390 arcsas - ok
13:44:41.0951 0x4390 [ 9CDC69DDFDC91DC628F7515809329798, 2D202B3992A834A04C81834B0AC39E8B953410A24B929CB97D81F9CB546296D4 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:44:42.0004 0x4390 aspnet_state - ok
13:44:42.0035 0x4390 [ 0D51FFDAE7C906C308369EAB87358304, 684E0405D82C67285FA1586426EA6792BBE796524C10DD24C2AF48FEF4E3D92E ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
13:44:42.0089 0x4390 AssignedAccessManagerSvc - ok
13:44:42.0120 0x4390 [ C2151380227CD1F7DDA2401C1F151367, 0E76DCD69CAB960DC65942269081436A9DDA255E908E71A29E72DFCFC5CDCC7C ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
13:44:42.0171 0x4390 AsyncMac - ok
13:44:42.0205 0x4390 [ 6191B9B2EE0E8CB957C683B9B341CC86, E60ACC6E9C6E90F2E1DA0DE220C890B50887FD97E7884F8F4301FF2C9A2F408A ] atapi C:\WINDOWS\system32\drivers\atapi.sys
13:44:42.0220 0x4390 atapi - ok
13:44:42.0251 0x4390 [ 555757DC434423B4B2A680204C05F43E, 46793679C435A4BE9358ECA4BF2C789854210E2DF291D2143790D43972B7BA6B ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
13:44:42.0289 0x4390 AtiHDAudioService - ok
13:44:42.0305 0x4390 AudioEndpointBuilder - ok
13:44:42.0320 0x4390 Audiosrv - ok
13:44:42.0351 0x4390 [ 947FF5992E26AFD4CAA34506678B70BC, 0B125EDBD6E740375E45AAA465DC83740F5CD43A55CDA404F7A81F37EE3BC57C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
13:44:42.0405 0x4390 AxInstSV - ok
13:44:42.0436 0x4390 [ A921805C1ED3253DF48FCA4D724173EB, 7DB6A13228812550F066C76273ECA6B3FC12E7CC98C245D16B5A13FBCF6A509D ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
13:44:42.0452 0x4390 b06bdrv - ok
13:44:42.0474 0x4390 bam - ok
13:44:42.0505 0x4390 [ 2A7267AA15E508F6D05A5B562F1FD1CE, 7070123619A3F08864844FF89C9DEA1D4ED48D05D2B93E305774BE715583DD51 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:44:42.0573 0x4390 BasicDisplay - ok
13:44:42.0590 0x4390 BasicRender - ok
13:44:42.0605 0x4390 [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
13:44:42.0621 0x4390 bcmfn2 - ok
13:44:42.0637 0x4390 [ 72963E0676003016B431306A6F4951BF, 3442A7C1AC1EE8E68F15C78CEBAC237D7535F834AA13F8BB602645DD183A73D3 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
13:44:42.0690 0x4390 BDESVC - ok
13:44:42.0705 0x4390 Beep - ok
13:44:42.0721 0x4390 BFE - ok
13:44:42.0721 0x4390 BITS - ok
13:44:42.0721 0x4390 bowser - ok
13:44:42.0736 0x4390 BrokerInfrastructure - ok
13:44:42.0752 0x4390 [ 2BA1BED8E8168C301522AC7CFBFA2141, 07000BEF5ABCF7795B474B69B1113F7EE5C22CF0F8CAF4A3D5D872B0D452CDD0 ] Browser C:\WINDOWS\System32\browser.dll
13:44:42.0805 0x4390 Browser - ok
13:44:42.0890 0x4390 [ C4CF61CFEA5FEFC23A7DC6C3275642D1, 271F3DEB0CC6828BD894DC9462D30C4D440A96E1D82927C92CCD8A99D48FA14D ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
13:44:42.0937 0x4390 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:44:43.0074 0x4390 Detect skipped due to KSN trusted
13:44:43.0074 0x4390 BrYNSvc - ok
13:44:43.0090 0x4390 [ A4863B7B1F0DB513D6E34547BACC211A, 41E74A60721CCBE0A4D487B3EE01BAC3108D9BA819BF58A64E963478C43828E9 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:44:43.0152 0x4390 BthAvrcpTg - ok
13:44:43.0174 0x4390 [ 9C9EE272C11252C651C5DE6A1AC1EDAA, DED378E894FA07B75F2E93490075879A50879CACACCF09F3F9EF37EDFA159233 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
13:44:43.0206 0x4390 BthHFEnum - ok
13:44:43.0237 0x4390 [ 69734E386826ED857C889330F35B4D9C, F0804D41D4BA6C9022B70D5092C4F14128D33F66C5D85DE10115A37C36927B70 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
13:44:43.0274 0x4390 bthhfhid - ok
13:44:43.0306 0x4390 [ BC58294295CBAD6637A526470305B5EA, FAA1A1C85D418B063D8A6E93558BA74D766081268354D63E28D372BD55D523DD ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
13:44:43.0353 0x4390 BthHFSrv - ok
13:44:43.0374 0x4390 [ A94AFAEA86F5F792BB4ECA095B231464, 588256D53CD50B8299FCABF624E8EF29761B16DE1999896DC647FBF8E2BAEA68 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
13:44:43.0421 0x4390 BTHMODEM - ok
13:44:43.0474 0x4390 [ 572BCA61B7E026E057AF7DF456AC7E0B, CA35DCC02BFE2D34C40449E47F0C8BA4AD709F01A952B9354332560CE72A1E4F ] bthserv C:\WINDOWS\system32\bthserv.dll
13:44:43.0506 0x4390 bthserv - ok
13:44:43.0553 0x4390 [ 39E7437FC59CDD7A303ABD514E462E8B, 9DCACFC12090BA03E3DD8E0EFE02382E3D42B528BDF6DD77318CAFACBA9EBA09 ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys
13:44:43.0571 0x4390 bttflt - ok
13:44:43.0575 0x4390 [ 522888590B0C19BC8128119060AE7901, 9C979FD442E7B189FD156BD5E5E4A3D10FDABB3C38094B9C67A702103D39B00F ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
13:44:43.0621 0x4390 buttonconverter - ok
13:44:43.0653 0x4390 [ 2AB01CE5E233A6FBA3E91BD57772AA4B, DC241810B774BCE651B525885480F05D15AE0E623D53E4CB02562A8424C067E2 ] CAD C:\WINDOWS\System32\drivers\CAD.sys
13:44:43.0674 0x4390 CAD - ok
13:44:43.0690 0x4390 camsvc - ok
13:44:43.0706 0x4390 [ F6F97879F53AD57194C6BC8272FD73EA, C11CB040CC64ABC0A6EAD6D6985659896FBB5911D2E10B6584E0F90FE6813C57 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
13:44:43.0753 0x4390 CapImg - ok
13:44:43.0772 0x4390 [ 9E82A95D77AC78C84BA75FF896B060BF, 87905E55724ADE5149D3BBC2DB76A7275580DE204BB561B8E1FCD631DEF3D9F9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:44:43.0806 0x4390 cdfs - ok
13:44:43.0875 0x4390 [ 147CEBE0C5F7A80135C54715521AD9E1, 99ACF25165C0C17822B0FC06F662848CA0DFAD51B3E3B440005C2E033BFE4840 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
13:44:43.0937 0x4390 CDPSvc - ok
13:44:43.0968 0x4390 CDPUserSvc - ok
13:44:44.0022 0x4390 [ 6D83565C1652E80447EDEA6947FA89D7, A84A3EA45304A9E3F53DA9F4CB9F2D9FF8A2AD69A36AEA366D35A2F5C9FDF851 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
13:44:44.0053 0x4390 cdrom - ok
13:44:44.0075 0x4390 CertPropSvc - ok
13:44:44.0106 0x4390 [ D81954CE5E016FD716EDDB2B2FD9BA58, C47FF6D6527605238EF46E9BDF4544E2B2F4F9C5BCE13881F569F996541D7FF7 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
13:44:44.0122 0x4390 cht4iscsi - ok
13:44:44.0175 0x4390 [ F9A8570805807FFD66488F0A858E1308, 5D8363C5EEB7B92CFA219C466D04D8C625CACAFBDEA5857C5C9FA0C391AC2FEB ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
13:44:44.0238 0x4390 cht4vbd - ok
13:44:44.0275 0x4390 [ 9798D58461706930190F1F2F6BF21D80, BD7552297A636E19F5D544BDBF3490DA544E76002F62B227FA5BDA7A11760040 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
13:44:44.0306 0x4390 circlass - ok
13:44:44.0322 0x4390 CldFlt - ok
13:44:44.0338 0x4390 CLFS - ok
13:44:44.0606 0x4390 [ A78E02F198A89C477C08C8C3442A2E00, 8C79387C4828F2D5CDC5874DE31F84D56E716F5D6C4FD5DC5EAAC29D30BA7F3D ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
13:44:44.0800 0x4390 ClickToRunSvc - ok
13:44:44.0825 0x4390 ClipSVC - ok
13:44:44.0841 0x4390 [ 2BA3BA38B5A6A667B0EAEC477276707B, 80AD05C5C7E0398EB7320A82878700C6588B7411F3DEA02E5784CA599CB548C2 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
13:44:44.0872 0x4390 CmBatt - ok
13:44:44.0888 0x4390 CNG - ok
13:44:44.0903 0x4390 [ C65AF00EF12A1755E7CA370B0C71935D, C03315A5B999EB9AA5B5F1F000BD8A1C68DFC151B23AA2F29F69F7129407AA11 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
13:44:44.0925 0x4390 cnghwassist - ok
13:44:45.0003 0x4390 [ A50300498D56B2448F3593D25478D508, 841D66D4AB9749EE64802611157A9AAED1117B6B2C411B3DA272CE439E69AE45 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys
13:44:45.0041 0x4390 CompositeBus - ok
13:44:45.0041 0x4390 COMSysApp - ok
13:44:45.0072 0x4390 [ 65602B0DB49199647FECB2D1212147BE, DC25D2DED7C31B4691B61FC69BB12E50CA5EDA9705339CCC82BE145EFD6D47C5 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
13:44:45.0088 0x4390 condrv - ok
13:44:45.0104 0x4390 CoreMessagingRegistrar - ok
13:44:45.0141 0x4390 [ D64EF74FC6DA47EC2E460076F299E77D, 1F77E9F777FA6996222DE45B3AB2C01CD94C80A4A7F5CA092DDF1F18D74F93AA ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
13:44:45.0226 0x4390 CryptSvc - ok
13:44:45.0257 0x4390 [ 0AAC6E3138AB83C466281642D1A48F15, 31AEBAE422BFDC9EBE0B8CBAEE5ABAA27E8EA47387D4A24C91A3CE92EF7E0C92 ] CSC C:\WINDOWS\system32\drivers\csc.sys
13:44:45.0304 0x4390 CSC - ok
13:44:45.0357 0x4390 [ 9D4FA712339A09110809A4CC270AF4F0, 6403633EB0061CE3E4665E7A757EB697FD47DEE540EEDEC035CC13184FC62947 ] CscService C:\WINDOWS\System32\cscsvc.dll
13:44:45.0404 0x4390 CscService - ok
13:44:45.0442 0x4390 [ 72BE43ABD786E86AAE7EA2193201E100, A013CF10AA4158082B5D0D7F885969C5C92710A6084E57E9DDBDA84420D97367 ] dam C:\WINDOWS\system32\drivers\dam.sys
13:44:45.0458 0x4390 dam - ok
13:44:45.0489 0x4390 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
13:44:45.0505 0x4390 dbupdate - ok
13:44:45.0505 0x4390 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
13:44:45.0526 0x4390 dbupdatem - ok
13:44:45.0557 0x4390 [ A372348F144404D45771926C7FE29DA9, 7992207CC2FD07ACB7A5F151E274646E02EACCD23C5516E30E66DC3A7584BCFA ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe
13:44:45.0573 0x4390 DbxSvc - ok
13:44:45.0626 0x4390 [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:44:45.0689 0x4390 DcomLaunch - ok
13:44:45.0704 0x4390 [ F7FB921F438C3566CEC55657EA4E7D9C, 17FA956E3B89F9B6C154975E7E1AAFB204F5EDEACC14A8424827DE13440A9299 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
13:44:45.0758 0x4390 defragsvc - ok
13:44:45.0805 0x4390 [ B5F9123D6537856EA698386ABA27A232, C60DD499254B4A3741ECE71AF1685763BD6A6F828F879D54E175A6198C89ABF0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:44:45.0874 0x4390 DeviceAssociationService - ok
13:44:45.0890 0x4390 [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
13:44:45.0927 0x4390 DeviceInstall - ok
13:44:45.0958 0x4390 [ A19F51A044B62C994144ED87A7A5A887, 91ECE0E067E138817CD46A876B2D28CB47A2CCBE9C924EA91A1966FDF69AF7DF ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
13:44:46.0027 0x4390 DevicesFlowUserSvc - ok
13:44:46.0105 0x4390 [ 0D2A4CA81D1F7B5E5FBFE1E4F60246B8, EF425C2FB1191720F9B53EB26EC904F53851D296B222E20B0733615575D4B7E5 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
13:44:46.0127 0x4390 DevQueryBroker - ok
13:44:46.0142 0x4390 Dfsc - ok
13:44:46.0158 0x4390 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
13:44:46.0174 0x4390 dg_ssudbus - ok
13:44:46.0223 0x4390 Dhcp - ok
13:44:46.0274 0x4390 diagnosticshub.standardcollector.service - ok
13:44:46.0305 0x4390 [ E2BF09B816393AF73EDCB8ECF9BBDB2D, DBDFFC2450E4EC684DD59383799ACF1D207B0882C301B8D562FB76307AFCC553 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
13:44:46.0343 0x4390 diagsvc - ok
13:44:46.0358 0x4390 DiagTrack - ok
13:44:46.0358 0x4390 Disk - ok
13:44:46.0374 0x4390 DmEnrollmentSvc - ok
13:44:46.0374 0x4390 dmvsc - ok
13:44:46.0405 0x4390 [ 10E72E3315305461D3F0C7560AE98CA5, 702B5C056DB6B4E337231BBEA48E106FA95F26B48CDE91857305E4C6E4EE6A12 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
13:44:46.0443 0x4390 dmwappushservice - ok
13:44:46.0490 0x4390 Dnscache - ok
13:44:46.0490 0x4390 dot3svc - ok
13:44:46.0543 0x4390 [ 6D8971C942FEE43A0AB6B3192534AFB4, 44D437DD32E1FDD7922B352CA6C19C83C1ADD825FB704B8E07BEF01E866E2B99 ] DPS C:\WINDOWS\system32\dps.dll
13:44:46.0558 0x4390 DPS - ok
13:44:46.0590 0x4390 [ F4800922F4ABA619585CE320A72E6389, CA83BCAA8B37F303E89598F8C93B201A3F000A09F4A9963E370D7E59BD79D448 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
13:44:46.0605 0x4390 drmkaud - ok
13:44:46.0627 0x4390 DsmSvc - ok
13:44:46.0627 0x4390 DsSvc - ok
13:44:46.0643 0x4390 DusmSvc - ok
13:44:46.0643 0x4390 DXGKrnl - ok
13:44:46.0674 0x4390 [ FA94398748930D840FE35A44F1D225A7, E2D48460413904AAFB50E18A24471157D2A235F5CCDF89EE49BB139D1CA3B9F6 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
13:44:46.0706 0x4390 Eaphost - ok
13:44:46.0806 0x4390 [ C99D40C97841E0A7F0F90B8629593A97, 2DE7FB6E3CD7B06079C2B05D8C10AD0EDF187684ED1DE5BEE98FAB9A4B331824 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
13:44:46.0906 0x4390 ebdrv - ok
13:44:46.0975 0x4390 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] EFS C:\WINDOWS\System32\lsass.exe
13:44:47.0006 0x4390 EFS - ok
13:44:47.0025 0x4390 [ 260BBD6B1ED06298E509B452354EDB91, CF794D5AC62C6DBF356BC717910FD2B106A8BD90C3C03BA43859FD876F8820BC ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
13:44:47.0028 0x4390 EhStorClass - ok
13:44:47.0075 0x4390 [ F3BEBDC1B9DBA32F183079EAE6244837, 5DE0DA8D2A13BFA852355619C6DE5AC2FDFAB314A619A4F209842581E4D82DE1 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:44:47.0090 0x4390 EhStorTcgDrv - ok
13:44:47.0126 0x4390 [ A75880A9192B9DA69F46867B06276746, 53856262A5BD4BE93CB45D1F43B87F45CB01C02B7D94231CF05346B9BDF1F18D ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
13:44:47.0159 0x4390 embeddedmode - ok
13:44:47.0175 0x4390 EntAppSvc - ok
13:44:47.0190 0x4390 [ 1B63CA857FD03FD0A5A1379F2996784F, 9EE5205DCFADAFC62D36528087FA4E023F7E48FF0D2A8333D8A6111AE09D21B8 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
13:44:47.0206 0x4390 ErrDev - ok
13:44:47.0244 0x4390 [ 1E01F509048BEF78831AC89401B172BD, 34558F56D9AEA8527B84B2BE2A752D181A5D825622EB4B90D454F6D4F971BFED ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
13:44:47.0259 0x4390 ESProtectionDriver - ok
13:44:47.0291 0x4390 [ 6A5FA501A2D96001391FF3CBA32935AB, 018DB01ADE957A1A1FF5B168A2EC0EFEF8BFBE036079791FDF0C6AA6C12295BA ] EventSystem C:\WINDOWS\system32\es.dll
13:44:47.0328 0x4390 EventSystem - ok
13:44:47.0406 0x4390 [ 2C9DB41BE3DBB47427B6D64114893AB4, 2ACEC9B1BF97912F00300208A46B955719A0A0C55F14C6CF325625E9F1A60AE5 ] Everything C:\Program Files\Everything\Everything.exe
13:44:47.0460 0x4390 Everything - ok
13:44:47.0491 0x4390 [ F1ACA42D448E3986565EA54275EEEA65, C85101D6E7A2204FD73AAACD972F610B6A4BCF7EB7512412FD34660DCB5E8C5C ] exfat C:\WINDOWS\system32\drivers\exfat.sys
13:44:47.0529 0x4390 exfat - ok
13:44:47.0560 0x4390 [ 0AF4B36754A6EAE794EE4398E219A9E1, A818763D7AE6E7F4BC57294BB4D80FE9E04387BB3EBE8A6088D2AF746FF548A6 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
13:44:47.0576 0x4390 fastfat - ok
13:44:47.0629 0x4390 [ B1A38C0D977D8738779CA3EFEBDFCA8C, EDD852EF89AFBDDBBBE002E6675EAFCC46742B6136EB22428C84D737C6229FEA ] Fax C:\WINDOWS\system32\fxssvc.exe
13:44:47.0707 0x4390 Fax - ok
13:44:47.0729 0x4390 [ 7CD8426A33F06EB72BFEC51F7C264AF8, 4FDD5F6A8BDF25D965CE52132DD0EA77D335C1C5F77A7758F3F6E22DFC12BDF5 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
13:44:47.0761 0x4390 fdc - ok
13:44:47.0776 0x4390 [ 21EB16C5DDFBC19DEBE9EEC10EA423FB, 514327DA987793AFE1DFB4F2C0F033C349432E6F1F6AACBAE23E24E63EFA51B9 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
13:44:47.0823 0x4390 fdPHost - ok
13:44:47.0845 0x4390 [ 57F98EFE6CB82AE5400BA99C705AF45C, 7AB83C7AF4CA49BFC2976FB707B251C181279B7E16EBDD43AD0E1A4AB8C4DFC9 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
13:44:47.0877 0x4390 FDResPub - ok
13:44:47.0925 0x4390 [ 02F93E4B9EC2821B6670208044FF5332, 2D947C8AE51E749029B3180751E4486E27A19471A7A98087076103D307B5CE64 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
13:44:47.0946 0x4390 fhsvc - ok
13:44:47.0977 0x4390 [ DE51BBBCF358188F9736F031546F9908, E2B80DF63C039663085FA9D63F3F30736EC20C49BC678CBD7D7C7231107C3635 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
13:44:48.0008 0x4390 FileCrypt - ok
13:44:48.0030 0x4390 [ 822F664952B0F8D11BB6BD2F11779602, B7E9908A305942194E64E834819186CBBF9DD4469B300DCC8D31E1E5674D6600 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
13:44:48.0046 0x4390 FileInfo - ok
13:44:48.0061 0x4390 [ 5A4935682A0D47A4EAC4BE3C2ACF74D6, 0DCF2E7928D11F49EBF906233894E81CFFE938ADFCA802CE0207CA58B4A02AAD ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
13:44:48.0108 0x4390 Filetrace - ok
13:44:48.0309 0x4390 [ 829C871A17CA8DBA0C7A53A0AC8EA185, 8B0AEA1DFB28C7D376B1ADA19686C1E07C535BB64175442DE041ED89C04F51B8 ] Fitbit Connect C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
13:44:48.0546 0x4390 Fitbit Connect - detected UnsignedFile.Multi.Generic ( 1 )
13:44:48.0694 0x4390 Detect skipped due to KSN trusted
13:44:48.0694 0x4390 Fitbit Connect - ok
13:44:48.0731 0x4390 [ 60641F22D1D38EAD197C25F0339C9712, 110ACEADAE92C384C80356C9DE88E3A94141881E8544DB65736875FFA2716F68 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
13:44:48.0763 0x4390 flpydisk - ok
13:44:48.0778 0x4390 FltMgr - ok
13:44:48.0809 0x4390 FontCache - ok
13:44:48.0909 0x4390 FontCache3.0.0.0 - ok
13:44:48.0931 0x4390 FrameServer - ok
13:44:48.0947 0x4390 FsDepends - ok
13:44:48.0962 0x4390 Fs_Rec - ok
13:44:48.0978 0x4390 fvevol - ok
13:44:49.0009 0x4390 [ 3F6F2BEF3880C4CC9A381EE227DA0BBD, 26E7BD7DB254125904911B1E751710C645C770AAB089442678D7ACFC2CDEDB0E ] GDKBBlocker C:\WINDOWS\system32\drivers\GDKBBlocker64.sys
13:44:49.0009 0x4390 GDKBBlocker - ok
13:44:49.0047 0x4390 gencounter - ok
13:44:49.0078 0x4390 [ 8B34E3F794F652082D7E8AF112F71681, C6CFA239BDF46827BFC89DC9A9BF45B0EBCE3EF1BB7DCA33980A632E549B37F5 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
13:44:49.0131 0x4390 genericusbfn - ok
13:44:49.0146 0x4390 [ 127C23F4720C8902A3AB0FEE12205317, E3BF55D81B04572D11B41CDA2DB4509FD252561EB29ED22CC6F616E856E3D86E ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:44:49.0162 0x4390 GPIOClx0101 - ok
13:44:49.0177 0x4390 gpsvc - ok
13:44:49.0177 0x4390 GpuEnergyDrv - ok
13:44:49.0209 0x4390 [ 141904F0581468B39B579EA33CA57549, 1D947A6079CED7840B0FF4720C36D873F5A69EA6C94E4C15ADF1A7C0CD0CD0EA ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
13:44:49.0246 0x4390 GraphicsPerfSvc - ok
13:44:49.0262 0x4390 [ 99A34FD1F6431A10D8C3BB50E170D0F2, 14BFF99BBF9ED53D3A157B096CDE0394824260021BA96E1F2C7B1CFB598DD850 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
13:44:49.0293 0x4390 HDAudBus - ok
13:44:49.0293 0x4390 [ 2443FC6EEB9CF092B62127D867901B02, ABD5E907FF066B95C5697C4E470B4EA19976DEC90C8159B963A82EDA218AB114 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
13:44:49.0309 0x4390 HidBatt - ok
13:44:49.0347 0x4390 [ 205043CDC16ADE85E252DD54AE925161, F377F046EFEE53C7786AF15C0BB5BADE36511427575A712B0098A883F3715DB3 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
13:44:49.0378 0x4390 HidBth - ok
13:44:49.0394 0x4390 [ B521DDDC9038C066B1B957BF063A531A, C5FE68FB22C28C4D06A0792FD5AC9A1F0EC01EF26E1D37B9DF05F22D8B7DFF8C ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
13:44:49.0431 0x4390 hidi2c - ok
13:44:49.0447 0x4390 [ 5AC0EBFA76E93273A806176D3178E986, 679BFEFF9F4172EBB14A6C2E8381F54FBDC9E8705E8B0F306723DDF48B6E5143 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
13:44:49.0463 0x4390 hidinterrupt - ok
13:44:49.0494 0x4390 [ 366AC0E05EBF5D5C375F65CD8BC7F0DF, A6B751864E33EBB5DE2E09403A8C26E72DD5510F3A380FA502393FC11A14A433 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
13:44:49.0531 0x4390 HidIr - ok
13:44:49.0562 0x4390 [ 75F4CCB7FF03603E91DD0C7FF83DAABF, 10508A6C36163C9D40C16A47AB4CA8C03C89BB7795690818E5C562E3FF828D5B ] hidserv C:\WINDOWS\system32\hidserv.dll
13:44:49.0594 0x4390 hidserv - ok
13:44:49.0647 0x4390 [ 7CB54D02746024648FCE184FC3F941FF, 6C7B8E6AD3C05D66868D0268C9C8183021AB241E576184FAD0BD50ED4E18E9ED ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
13:44:49.0709 0x4390 HidUsb - ok
13:44:49.0709 0x4390 HomeGroupListener - ok
13:44:49.0763 0x4390 [ 24C900B7296AA9867FB761A5801AFBD1, 4A765E905D0F7C4B450A28FB85F413F4EAD2B53240E804FA531626ABB0518381 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:44:49.0847 0x4390 HomeGroupProvider - ok
13:44:49.0878 0x4390 [ 835FB95D85D362057A72D21A48C2C7F8, 06A57F9E459E52DAA7B27F232DBC1E0ED0E04759D34AF3E15A645D11DFDD6A58 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
13:44:49.0894 0x4390 HpSAMD - ok
13:44:49.0910 0x4390 HTTP - ok
13:44:49.0930 0x4390 HvHost - ok
13:44:49.0932 0x4390 hvservice - ok
13:44:50.0010 0x4390 [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS
13:44:50.0032 0x4390 HWiNFO32 - ok
13:44:50.0063 0x4390 [ 3737FE486929AFC48F1D10677B698E52, 9E8792F3A494AE3E7CDA65E93B561B6FFFB9C781606F5863D524DDD24CFEB9C3 ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
13:44:50.0110 0x4390 HwNClx0101 - ok
13:44:50.0130 0x4390 [ 3C65EBF7F1BFD98426C355D66876ECEE, CA1DC462C4D96176C81EF3448238B76B4CDA3C521533973B281359D7F436B8A5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
13:44:50.0132 0x4390 hwpolicy - ok
13:44:50.0163 0x4390 hyperkbd - ok
13:44:50.0163 0x4390 HyperVideo - ok
13:44:50.0194 0x4390 [ 56FF074E50F9042FD2856AB3418F4B18, 239C9BF23DE2E36FD7112C425CDF18F29B751D75EF3551AEFB048FAD2B0A55E2 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
13:44:50.0210 0x4390 i8042prt - ok
13:44:50.0232 0x4390 [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
13:44:50.0263 0x4390 iagpio - ok
13:44:50.0279 0x4390 [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
13:44:50.0310 0x4390 iai2c - ok
13:44:50.0332 0x4390 [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
13:44:50.0363 0x4390 iaLPSS2i_GPIO2 - ok
13:44:50.0394 0x4390 [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
13:44:50.0432 0x4390 iaLPSS2i_GPIO2_BXT_P - ok
13:44:50.0447 0x4390 [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
13:44:50.0479 0x4390 iaLPSS2i_I2C - ok
13:44:50.0510 0x4390 [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
13:44:50.0532 0x4390 iaLPSS2i_I2C_BXT_P - ok
13:44:50.0547 0x4390 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:44:50.0578 0x4390 iaLPSSi_GPIO - ok
13:44:50.0610 0x4390 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:44:50.0648 0x4390 iaLPSSi_I2C - ok
13:44:50.0694 0x4390 [ 435883A27A376B125BD4DF888417C85F, 091F9285FCF1D5605D03CB68C062A2DE6FF2D705FF43E983A8A7B5DFA0872A96 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
13:44:50.0732 0x4390 iaStorAV - ok
13:44:50.0748 0x4390 [ 7118E4390C4ACDE61E280CE52BCAF44E, 11123C1555344A191283187BF1F4A8D731E29EE27C7A7A7916873E8D2E95D978 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
13:44:50.0779 0x4390 iaStorV - ok
13:44:50.0810 0x4390 [ 9DBE8C359ABACE1BE1BBAB687D114506, D2E5CB2BFC42627C1BB38A68F925DD534AEFFF9354AFD184005EC338E8E6B232 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
13:44:50.0832 0x4390 ibbus - ok
13:44:50.0864 0x4390 icssvc - ok
13:44:50.0879 0x4390 IKEEXT - ok
13:44:50.0895 0x4390 [ 42CAF6216A6E516DC56BA319ACC7EEC5, DF60FF41F06D1101E4A81F7416DB5A34D7BA885CBA874BC15AD43FB4080F2958 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
13:44:50.0963 0x4390 IndirectKmd - ok
13:44:50.0995 0x4390 [ 9321A61A25C7961D9F36852ECAA86F55, F8965FDCE668692C3785AFA3559159F9A18287BC0D53ABB21902895A8ECF221B ] inpoutx64 C:\WINDOWS\system32\Drivers\inpoutx64.sys
13:44:51.0010 0x4390 inpoutx64 - ok
13:44:51.0033 0x4390 InstallService - ok
13:44:51.0180 0x4390 [ E3FEE528E5E232BB173E07E5AA29406A, AC0E6862CEC92933C64EA716D81598247A8BCDB346FCE3780C6083D80F07FA3F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:44:51.0296 0x4390 IntcAzAudAddService - ok
13:44:51.0349 0x4390 [ 40943C1CD031ACE06A8374AD56B9E5EA, 05E5AD4330F272C421A8726E9E6555115D8717DC5AFDE3CC1DB53A3D7518BF62 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
13:44:51.0364 0x4390 intelide - ok
13:44:51.0396 0x4390 [ 327D9CCF5492543AEF3979F9EEAD02BE, 1C6CD9ECB785D022A38DF683FACCA737469BF72E42365CD6DB8C2675F2ED1F1C ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
13:44:51.0411 0x4390 intelpep - ok
13:44:51.0433 0x4390 intelppm - ok
13:44:51.0449 0x4390 [ 8387E90B551B9B7F32EDC69909591E9E, 7086B6F2B728D7C46F0A1E7E4F81B3D33C25BD5F8A2A4ECEBA55F8C68F164500 ] invdimm C:\WINDOWS\System32\drivers\invdimm.sys
13:44:51.0480 0x4390 invdimm - ok
13:44:51.0531 0x4390 [ E207078E0E1BB3524277DB9077E4148E, 309320950095AF83DCBE08BFDD4BFE4EBADBF48CA255871A6B37BAAA7B4A5B38 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
13:44:51.0534 0x4390 iorate - ok
13:44:51.0565 0x4390 [ FD8F64B7B345E539F2EA7F72846F83B4, 95F232BC2454D68F1A154C9BD8FCCF60D36F5424B798661D6F1DD8E052ED0D04 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:44:51.0596 0x4390 IpFilterDriver - ok
13:44:51.0632 0x4390 iphlpsvc - ok
13:44:51.0650 0x4390 [ 8AAB863E72A4F9C578FED2EE3541545B, B3278B790DF9F77F8FDDBECAD22E0D2E080D74B8E61EFF112055478B3B0B2329 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:44:51.0665 0x4390 IPMIDRV - ok
13:44:51.0696 0x4390 [ 7BEC2AF23F586EFF0DB4DBF4331B0C70, D02506CAB19AD1D3ABBB35FCC569ED613EB9D6828E9BC0389EC8A8DFC548334B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
13:44:51.0749 0x4390 IPNAT - ok
13:44:51.0765 0x4390 [ 35A54F19E703D4FE5919F812F6CC5D0A, B0AC1C97D115F57390BD2B4F9114429CF1729EB8D658B3EAEC8ECF28A24369F7 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
13:44:51.0812 0x4390 IPT - ok
13:44:51.0849 0x4390 [ F6C47021C41F721B628161B64D7DECB9, 625227F18518098C00AF2C6F4EE5D96711D26080459AD2C9F7CF2A5778DEF191 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
13:44:51.0881 0x4390 IpxlatCfgSvc - ok
13:44:51.0881 0x4390 irda - ok
13:44:51.0912 0x4390 [ F88664A2A82DDA456180FFF95A771765, 004BBC715FE6EC0D4D2CAE978EA64C6CEA130EE10C356B7FACF0C98B51E8AECB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
13:44:51.0934 0x4390 IRENUM - ok
13:44:51.0965 0x4390 [ 4F500A0171606B0E37964694140FCA16, 6E29A7348395EE3EB85E2BA97E581FBF605CE1BA4651F5848976AD293CC797E3 ] irmon C:\WINDOWS\System32\irmon.dll
13:44:51.0996 0x4390 irmon - ok
13:44:52.0012 0x4390 isapnp - ok
13:44:52.0033 0x4390 iScsiPrt - ok
13:44:52.0033 0x4390 [ E320F986BBE0CD9324EA0A193EBF29B1, 9B4C7F1493377CE532361F88A0C88798F24E7EFB093DA2F0A6CB1575B9E3535C ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
13:44:52.0049 0x4390 kbdclass - ok
13:44:52.0080 0x4390 [ AFF5DDCC1A79217C9526FF5E01A69E89, 2BCD49DD8DD977B97521465B981332CA8FA8D16AB45B45993C87647FA3E9DAF0 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
13:44:52.0133 0x4390 kbdhid - ok
13:44:52.0149 0x4390 [ 916E62AF3386F7A74603E5C545F6FF2D, C5CA784F60B8CA3DE0672A816DCE14F1AD6B6783A5E6B556ED7C91337F65144F ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
13:44:52.0180 0x4390 kdnic - ok
13:44:52.0249 0x4390 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] KeyIso C:\WINDOWS\system32\lsass.exe
13:44:52.0280 0x4390 KeyIso - ok
13:44:52.0280 0x4390 KSecDD - ok
13:44:52.0296 0x4390 KSecPkg - ok
13:44:52.0332 0x4390 [ DD8C4726127CFE313233372D70787C37, 2420616FEEFC08A3F47420193A3A592D4AC5D2C817D27E5B7E4FD64153751AFB ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
13:44:52.0365 0x4390 ksthunk - ok
13:44:52.0396 0x4390 [ 6EAF246BC12DB548AC65A4CEFB14B547, F1487051FE459DB5A751DA2A6FF1E552F92226933AF8C037FA7D660B049896A3 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
13:44:52.0433 0x4390 KtmRm - ok
13:44:52.0449 0x4390 LanmanServer - ok
13:44:52.0449 0x4390 LanmanWorkstation - ok
13:44:52.0496 0x4390 [ D81931EF9914A135F9ECF409DC826266, 8BA15C12B374DE555CB7D3CDFDDC42FE583625A9C29BCCDDEB432223E4DEEB2D ] lfsvc C:\WINDOWS\System32\lfsvc.dll
13:44:52.0549 0x4390 lfsvc - ok
13:44:52.0565 0x4390 LicenseManager - ok
13:44:52.0580 0x4390 lltdio - ok
13:44:52.0612 0x4390 [ 48199253D7F6119F88294F8845F0808D, 85C014250C14425BEFF2D8B2CCF6A29D9A5DA329ECD00F1E6D4F8DB809194FAC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
13:44:52.0681 0x4390 lltdsvc - ok
13:44:52.0712 0x4390 [ DCF6F1AA7A51CC08FED089363F83316E, C80FB26A6172510F3AD5E4D636AA49AD5D931FB47BECD9E8507F781D88917710 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
13:44:52.0796 0x4390 lmhosts - ok
13:44:52.0812 0x4390 [ 20048BEE892138A745B1C23EBB0E069F, B526035CE839BADA6ABC0A0CBFFDFA5267F4EB668AE201871E61E0011518843E ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
13:44:52.0832 0x4390 LSI_SAS - ok
13:44:52.0850 0x4390 [ 9EAB16572B576979D585DDEDB12417CD, 97C37DFEA309E27E4AC50D1F4C7C3D1FB9661E0DEBB442D620D8E460F9FC9966 ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
13:44:52.0865 0x4390 LSI_SAS2i - ok
13:44:52.0881 0x4390 [ 3B7B359C0870317106DF3438D4FF491D, 5EDF767D79EF49210DD3BCC00D7629600DD522B29A2B9A9D7805076ECDCBFD1D ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
13:44:52.0897 0x4390 LSI_SAS3i - ok
13:44:52.0912 0x4390 [ 2DE03BA338A4B0ACDB416A30F1C7D56F, CF2218EA8C67CC13893B286B0904F28FBFE5AA818CC3AD1C77120B7B6E80031F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
13:44:52.0934 0x4390 LSI_SSS - ok
13:44:52.0950 0x4390 LSM - ok
13:44:52.0966 0x4390 luafv - ok
13:44:52.0997 0x4390 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] lvrs64 C:\WINDOWS\system32\DRIVERS\lvrs64.sys
13:44:53.0013 0x4390 lvrs64 - ok
13:44:53.0166 0x4390 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
13:44:53.0282 0x4390 LVUVC64 - ok
13:44:53.0334 0x4390 [ 3520DE00ABC5EFF0DBAFD41129AD970F, 821F9D9AAA6D8B08BEBFB76DAE5A8CCFB598789510A93D3DD4F149A39EE5D6B5 ] MapsBroker C:\WINDOWS\System32\moshost.dll
13:44:53.0382 0x4390 MapsBroker - ok
13:44:53.0397 0x4390 [ BF56CB9D02DEE8CA9CBA50220BE16F15, C6380ED59AD7B9CC9451A24808E193454CF15D90A2C1DAF22FBD3380B150F96F ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
13:44:53.0435 0x4390 mausbhost - ok
13:44:53.0451 0x4390 [ 01BDEE1FFF6D2216797DFEE4ABD937D9, ED247E6F87ECA39A7D479CA7E386D85CE8B2978164E4E9876196176F393E1235 ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
13:44:53.0466 0x4390 mausbip - ok
13:44:53.0498 0x4390 [ 0B4A62420642B842DF8656DBFF663B0C, ACB7961ECA32A50FCBD51B194488DDF40E610C2384EDFD06235AE427BCB80C96 ] MBAMChameleon C:\WINDOWS\System32\Drivers\MbamChameleon.sys
13:44:53.0513 0x4390 MBAMChameleon - ok
13:44:53.0535 0x4390 [ 30531264292DBC7507AA1FF4123F1F39, AD27317BFAB1D5C1B332000DF51336424B4B80AF725392EB4A0FE53DC0695C41 ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
13:44:53.0551 0x4390 MBAMFarflt - ok
13:44:53.0566 0x4390 [ 0987B4BB03FA1F3C0C7D37347B707D4E, EDEA667695A680B955F42024AD349A9B795A2365C59312EDCC3FE5BF362F59E6 ] MBAMProtection C:\WINDOWS\system32\DRIVERS\mbam.sys
13:44:53.0582 0x4390 MBAMProtection - ok
13:44:53.0798 0x4390 [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
13:44:53.0967 0x4390 MBAMService - ok
13:44:54.0036 0x4390 [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
13:44:54.0051 0x4390 MBAMSwissArmy - ok
13:44:54.0083 0x4390 [ A2814DB0A52A490AE674AD06ECBDC4CF, D3FA7326AFBC7A5A94F7A4AEC84A51ACAB89179D7CAF0CB5F2AF3794E6DBA7F5 ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
13:44:54.0098 0x4390 MBAMWebProtection - ok
13:44:54.0136 0x4390 [ C7B8B5053D646CBD30BE1BA6B487D396, E3864D4CE619D67E284C64A4EAA8843FB49BC2B8CC8659F4C4B89DB6701468CB ] megasas C:\WINDOWS\system32\drivers\megasas.sys
13:44:54.0152 0x4390 megasas - ok
13:44:54.0183 0x4390 [ EB8ED3204499DDB2D3BA094A4563EE3E, A5D0095D575B241CA66CAD86280170803E7042F51D3654FCB03D7EA2347E261B ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
13:44:54.0198 0x4390 megasas2i - ok
13:44:54.0214 0x4390 [ F1C1D4E752DE1D58295040E5BE8813AF, 4DE17C5FCE63AFD545B16FA16A38F7395F29155FE165E7B21BC028CCD2A4B18E ] megasr C:\WINDOWS\system32\drivers\megasr.sys
13:44:54.0252 0x4390 megasr - ok
13:44:54.0267 0x4390 [ 4965456A1B4B3039E4B9AB233F5E9B1E, 3C303FE2BF9B38D73D005EA673C9500731125D793F4C77130F9BA8D745579591 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
13:44:54.0299 0x4390 MessagingService - ok
13:44:54.0352 0x4390 [ 16B078D1089FEA98710C9D07C152DCEE, A42C28E12F1BB21E907C1308447AD63DDF8FA5B2734A199A6EBE3824F3D1235C ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
13:44:54.0399 0x4390 mlx4_bus - ok
13:44:54.0415 0x4390 [ 20C57CE47B1A877C48A4B68E9A4E21FA, 35F98286F0665C5E06914F04F174476FBB41823564EDC55E351FCE211E2C765F ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
13:44:54.0436 0x4390 MMCSS - ok
13:44:54.0483 0x4390 [ A4467A5C080318F0CCCF5ED463821F8B, C8ECD63245B19807BAA92C3F3F87643A2F6B178395ABB15BD54D9DE68CC1A09B ] Modem C:\WINDOWS\system32\drivers\modem.sys
13:44:54.0514 0x4390 Modem - ok
13:44:54.0537 0x4390 [ 78BE85C1F1C7F3AF6C87BCE127007D5A, 5D5229FBCDC855BFF9BA3247BF4EF8E22764CFC1EC974FD5AB2D9E6293EF15A1 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
13:44:54.0583 0x4390 monitor - ok
13:44:54.0583 0x4390 [ 8E262B34A8BD184B4B3025AA8C396B00, B48AB637A92894318DC0A33CE55519D8FBD7B31177FA3C4CA33D8609D4FC0058 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
13:44:54.0599 0x4390 mouclass - ok
13:44:54.0615 0x4390 [ C094A555F148495EA130D3BBC5232D5E, 32E823C20FED94DB23F72F67DF1A2C043CA6179A543F3BD24FCB5500BA00A37C ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
13:44:54.0652 0x4390 mouhid - ok
13:44:54.0668 0x4390 mountmgr - ok
13:44:54.0737 0x4390 [ DD48D3A79DD8895C02423ACD052ABCF1, 32B2FDA907EDF8635B7099D61C22B0AEA54884ABDFF95608E8B93D3DAAEC458B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:44:54.0753 0x4390 MozillaMaintenance - ok
13:44:54.0784 0x4390 [ F36E4074C66DD31855A8D79EF0AE8066, 01C01B3EAEFADBCDACA5BE7CB2AA199667786C1AD637CF6792BF715242BEFEAD ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
13:44:54.0800 0x4390 mpsdrv - ok
13:44:54.0815 0x4390 MpsSvc - ok
13:44:54.0837 0x4390 MQAC - ok
13:44:54.0868 0x4390 [ 215D672CB71987CD98EB2298EFB84DDC, 7E23C36DBB7C80556560E1DECE5E8F5D3D422F3D1FFE9CEA511A0BCD9D69D304 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
13:44:54.0915 0x4390 MRxDAV - ok
13:44:54.0937 0x4390 mrxsmb - ok
13:44:54.0937 0x4390 mrxsmb20 - ok
13:44:54.0952 0x4390 [ 167408B38458ECAE545C57527BC99024, CB699B6C6F5B6DCDE85F8F0E40DD31B8066600A0833E5CD99ADE31DEC516B34F ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
13:44:54.0999 0x4390 MsBridge - ok
13:44:55.0015 0x4390 [ D5778559A0F34EE0BF0457293C6B5F4F, 73C0829F641F62CBFC0523ED54D94121E3A694ECCF148DBF4A5743631BADB714 ] MSDTC C:\WINDOWS\System32\msdtc.exe
13:44:55.0053 0x4390 MSDTC - ok
13:44:55.0068 0x4390 Msfs - ok
13:44:55.0084 0x4390 [ 6DDDFCAB646BBBCFC583135C4430E10F, 5EFD3F4F84EBEEC58914D5CC89622D69F2DBDFB7EB9AD8D9A0868127187FD673 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:44:55.0100 0x4390 msgpiowin32 - ok
13:44:55.0115 0x4390 [ 01C6A86BEA8279E557A5056148F068BF, 42983A61654F51515AC6DD64A68D319883FD02B3EC575F7EA7A907576866F0AF ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:44:55.0137 0x4390 mshidkmdf - ok
13:44:55.0153 0x4390 [ F65ABC7DE945047147F17330F79732CB, 050C64D7284D767C951E94EFBA579D0E066C36CA1899A2C64CEA41A34B8E9EF2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
13:44:55.0184 0x4390 mshidumdf - ok
13:44:55.0216 0x4390 [ 05B23012427801E710BDD12720B9020B, 48FB22CFDF61AAE4221B3B23E539C08083289FB0CB5ABF249700DDF968C7250A ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
13:44:55.0238 0x4390 msisadrv - ok
13:44:55.0269 0x4390 [ 21B88DF67507BD4DFF8A5487074BB31F, 5F2E1FB6227873DCA97D1BE6271E900AFA6BCE54D765C9BDBA07B74FC87B147B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
13:44:55.0300 0x4390 MSiSCSI - ok
13:44:55.0316 0x4390 msiserver - ok
13:44:55.0316 0x4390 MSKSSRV - ok
13:44:55.0338 0x4390 [ C3F5EA6B9041A30B4F11BE2E7863E487, 07324A9D81D30A173D3F369AA1A304AD7713C7CCF9909C6427718F0F90CE49C9 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
13:44:55.0385 0x4390 MsLldp - ok
13:44:55.0400 0x4390 [ 6F1422468DF5B12D87EF1B7956429721, 8533FFF07ED28A31376A4AEB83597F22D11D99D19A75053D1F64548D6379087E ] MSMQ C:\WINDOWS\system32\mqsvc.exe
13:44:55.0453 0x4390 MSMQ - ok
13:44:55.0485 0x4390 [ 601D666820F0408B896791D19BE6D258, DD6BA3962A6D387D9F06B6D7006DBB2BF46D84A8FA91C628DA9D96117F14F4F0 ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys
13:44:55.0516 0x4390 MSPCLOCK - ok
13:44:55.0538 0x4390 [ 46E61FBA0097E48E5628C74A3F72233A, 21BD64041781085A7873ADA34C3648FBBBED386A071C69F21D98F2A0C3120DC6 ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys
13:44:55.0569 0x4390 MSPQM - ok
13:44:55.0569 0x4390 MsRPC - ok
13:44:55.0601 0x4390 [ 29DC5DFDF305E73A40AB13D102736EEA, 3F17F1841E5BD266962D106342CE811497E46C3EBCD9A6CDF5B4FB4B8D64DE21 ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
13:44:55.0633 0x4390 MsSecFlt - ok
13:44:55.0638 0x4390 [ CBD56E0B55FB3672BA80382EC2F8835C, 1956E9B20A363B715C2111138D2085AA28FEDA7A82228CB4D8CE7ACC578E4DDB ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
13:44:55.0654 0x4390 mssmbios - ok
13:44:55.0670 0x4390 [ 5734B2A36D3BB13A638E5305EEEC582D, 613D559ED892EC4ABDF80F2435892895677F97902E699BE30283C150ABA49877 ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys
13:44:55.0685 0x4390 MSTEE - ok
13:44:55.0701 0x4390 [ 85270E0DC6907C6B99F72A36F17AED34, 58C0BBF9CC9E42266C8AF9AB9FEC77442F96C7C6D0DFCFAAB763DAD30B1B7939 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
13:44:55.0716 0x4390 MTConfig - ok
13:44:55.0716 0x4390 Mup - ok
13:44:55.0739 0x4390 [ 3C57FF3BCF496D24C39C2198158864BB, 8671DF39AE5DD83033EC70BF8A502ED027B33B90FFC28AC2C79EC8F2F9128C14 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
13:44:55.0754 0x4390 mvumis - ok
13:44:55.0770 0x4390 NativeWifiP - ok
13:44:55.0785 0x4390 NaturalAuthentication - ok
13:44:55.0817 0x4390 [ FBA9F5B9F59A665F248F70B905EDCE14, D2C1795192809F6413E080A9ADC949A4D99D0FC6BE668870127161474FF40596 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
13:44:55.0870 0x4390 NcaSvc - ok
13:44:55.0870 0x4390 NcbService - ok
13:44:55.0901 0x4390 [ 3C7E074AE41D8DFB41A9E65904D8BF43, 34890591FDCEC035D3BB021DB035A4728C415A70F55D88F21E39073040C912AB ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
13:44:55.0917 0x4390 NcdAutoSetup - ok
13:44:55.0939 0x4390 [ 77B047B109CE758A017F58FAE5038D0D, 8E9E4ED5128C506B696FD5F0E8AD0D11FF53B5DD2F88860FF8F60307A7E08DEA ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
13:44:55.0955 0x4390 ndfltr - ok
13:44:55.0955 0x4390 NDIS - ok
13:44:55.0986 0x4390 [ 067AE5BA349CC35AF8975D22DC483DDF, FEC185ECDA27041506DF74528AA65B32FEBB06E32A55C8F7BA161A755C6659CF ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
13:44:56.0017 0x4390 NdisCap - ok
13:44:56.0039 0x4390 [ 6FC4D7EB5D38CFB7966405036116F065, B3E9083ABE7AD797FA54FB1308AA57D49C9B7BA662B09607666B23777F6167C8 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
13:44:56.0071 0x4390 NdisImPlatform - ok
13:44:56.0102 0x4390 [ ED7CC4E16B76B2603C9F827188EA63B4, A6E739D219F50866051A08867844BDA878D6FEA33E91DEAC1948A55CDC5BEB9F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:44:56.0155 0x4390 NdisTapi - ok
13:44:56.0155 0x4390 Ndisuio - ok
13:44:56.0171 0x4390 [ DC1D26D62F40B7552BCF49D92774F0C5, 3DD7CE2AD578101EFF8C1448800A1317F01893AF6E559C4DCCD9F6ACE4B027E4 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:44:56.0187 0x4390 NdisVirtualBus - ok
13:44:56.0202 0x4390 [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
13:44:56.0240 0x4390 NdisWan - ok
13:44:56.0255 0x4390 [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:44:56.0271 0x4390 ndiswanlegacy - ok
13:44:56.0287 0x4390 ndproxy - ok
13:44:56.0318 0x4390 [ A791792DC412CCD83DA0AF6871682552, FE1A30A6D1501463CF8AAC3AD8CE114ACFEDD38CF9BD6B2247B84E41D74A9E6B ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
13:44:56.0340 0x4390 Ndu - ok
13:44:56.0355 0x4390 [ BE79982A50AC88BC0765F3AFECFCB596, 1E7CACB1095C3F1D10766E15B31DEE195C1E6954D4E7ADA141CA4C15EE3DA445 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
13:44:56.0386 0x4390 NetAdapterCx - ok
13:44:56.0402 0x4390 NetBIOS - ok
13:44:56.0418 0x4390 NetBT - ok
13:44:56.0439 0x4390 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] Netlogon C:\WINDOWS\system32\lsass.exe
13:44:56.0455 0x4390 Netlogon - ok
13:44:56.0486 0x4390 [ 94BC40F88309B0B7DFE68B2C2BB15EB6, 7E485F6A3F0B1C34C59D1F36EDE05ED9724E23FF63EA273910A02D8177905D9B ] Netman C:\WINDOWS\System32\netman.dll
13:44:56.0539 0x4390 Netman - ok
13:44:56.0655 0x4390 [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:44:56.0702 0x4390 NetMsmqActivator - ok
13:44:56.0702 0x4390 [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:44:56.0717 0x4390 NetPipeActivator - ok
13:44:56.0770 0x4390 [ 79ED54CA41486399361778D533E55A99, 17467C0C0D4D099DC7BF2BDE46086AF4AFC28895C62A35AA6A3906C19418AA32 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
13:44:56.0839 0x4390 netprofm - ok
13:44:56.0855 0x4390 NetSetupSvc - ok
13:44:56.0870 0x4390 [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:44:56.0901 0x4390 NetTcpActivator - ok
13:44:56.0917 0x4390 [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:44:56.0938 0x4390 NetTcpPortSharing - ok
13:44:56.0939 0x4390 netvsc - ok
13:44:56.0970 0x4390 [ E27ACE78CA1BDF4FBBF3323D6E9AFCDB, 7930C172AD493E39712A0F4B1AF4ADFB4ABD499B00FEEA2E1D5C9E5A26105EFC ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
13:44:57.0017 0x4390 NgcCtnrSvc - ok
13:44:57.0071 0x4390 [ A557C92583E81CA97D2C0F2467E7C2F9, F78B07DB33253142C6CB2DE1BFA1C54EB7CB5D64C94C9B73182C7D49314061EF ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
13:44:57.0140 0x4390 NgcSvc - ok
13:44:57.0155 0x4390 NlaSvc - ok
13:44:57.0155 0x4390 Npfs - ok
13:44:57.0171 0x4390 [ 5CB8082E51DE7D19042F0FF8C517CB0D, C0C5389E097D520018C346ECBF8AF9928FB44D9AD7B0EFD2D44E910214580A1A ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
13:44:57.0187 0x4390 npsvctrig - ok
13:44:57.0202 0x4390 nsi - ok
13:44:57.0202 0x4390 nsiproxy - ok
13:44:57.0202 0x4390 NTFS - ok
13:44:57.0218 0x4390 Null - ok
13:44:57.0240 0x4390 [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\WINDOWS\system32\drivers\nusb3hub.sys
13:44:57.0287 0x4390 nusb3hub - ok
13:44:57.0302 0x4390 [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\WINDOWS\system32\drivers\nusb3xhc.sys
13:44:57.0371 0x4390 nusb3xhc - ok
13:44:57.0403 0x4390 [ 532F27A2B62D70C327E763F035AED6C1, 9FB6C8040D48384BC72A2021EAD7D48B5E876731849FBA68338EC3562E7CB659 ] nvdimmn C:\WINDOWS\System32\drivers\nvdimmn.sys
13:44:57.0441 0x4390 nvdimmn - ok
13:44:57.0456 0x4390 [ 7E04652EB1A476BC0A72ECDC613AF0C5, F356C5F7B1C30253F4F8A3E45AAA8C82940DBE1F208D81043D7D89EE54355890 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
13:44:57.0472 0x4390 nvraid - ok
13:44:57.0487 0x4390 [ 880B3E874914DAEF97119876543AE117, E41A633F5C2519438FCA0A85F134061224C39AB82EE61F3B80043E21985A80D7 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
13:44:57.0519 0x4390 nvstor - ok
13:44:57.0536 0x4390 OneSyncSvc - ok
13:44:57.0636 0x4390 [ 27F958F36ED7757D8579E7028DC2B5D3, F99336B951CE5DC89C6B16F37ABC29C3F511E784874B21B97042023EA816D468 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:44:57.0657 0x4390 ose - ok
13:44:57.0672 0x4390 p2pimsvc - ok
13:44:57.0672 0x4390 p2psvc - ok
13:44:57.0688 0x4390 [ 2E07EC2C1622F5E7B535D62DCD61F3AB, 5FECA3CD9AF531E59B1A0FE04AE8BA22F3C929EB6AA5B2171C88A788AFAA8115 ] Parport C:\WINDOWS\System32\drivers\parport.sys
13:44:57.0719 0x4390 Parport - ok
13:44:57.0719 0x4390 partmgr - ok
13:44:57.0741 0x4390 PcaSvc - ok
13:44:57.0757 0x4390 pci - ok
13:44:57.0788 0x4390 [ E5AF806815ED797086629741F29E4156, 1AD39A8DD564807EE11775C1C69129184A28B7AC4ED66E47CBE657C9215986C4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
13:44:57.0804 0x4390 pciide - ok
13:44:57.0819 0x4390 [ 2A631D447B988AFBE847CBAA8E5CC298, 65D52E0E7F16EFFF8926E4FF97B42ABB2C5F1125FB13F521143712E3F9028FE7 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
13:44:57.0842 0x4390 pcmcia - ok
13:44:57.0857 0x4390 pcw - ok
13:44:57.0873 0x4390 [ 1796112EB89559910BC18865A29C8894, 3EDACF3FDFB4164C1F07BAE7ABCA4E8DC5DBADE11C73F18546E5FE2A10CCDEA8 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
13:44:57.0888 0x4390 pdc - ok
13:44:57.0904 0x4390 PEAUTH - ok
13:44:57.0920 0x4390 PeerDistSvc - ok
13:44:57.0942 0x4390 [ 35FD028E4323018202C0B7D115FD3AEF, CA0CA9EF7A6496EBD35C775D0BD9CC814B07391B69C83938C90926D316A336FD ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
13:44:57.0957 0x4390 percsas2i - ok
13:44:57.0973 0x4390 [ F9F3D8BE9BC9241CC726197261362AC4, 0AF0EBD551B3C079C7A5EA568A171B43F822C4AD0177A8135FBF315813108535 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
13:44:57.0989 0x4390 percsas3i - ok
13:44:58.0038 0x4390 PerfHost - ok
13:44:58.0042 0x4390 PhoneSvc - ok
13:44:58.0058 0x4390 PimIndexMaintenanceSvc - ok
13:44:58.0120 0x4390 [ 73B5A132EBF3A8075A7C68DFBB4DE719, 847FC2A2B4C1C65BFEFBBF90C2EB99378E2FDE469425F141BC75D1874F94658C ] pla C:\WINDOWS\system32\pla.dll
13:44:58.0205 0x4390 pla - ok
13:44:58.0242 0x4390 [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
13:44:58.0258 0x4390 PlugPlay - ok
13:44:58.0289 0x4390 [ 36D43EA5517F3F4AAAC8EE061C957EF1, 970CBE8F689C26C384B8F4E6D0C68BB07434C4776B497E310A603A896AED05E0 ] pmem C:\WINDOWS\System32\drivers\pmem.sys
13:44:58.0321 0x4390 pmem - ok
13:44:58.0343 0x4390 [ 59048555B59FD69287CFAB6022B5CC86, 733D3F1DBF75D6A5A015E6F849216E1954813F86E5D3B05B4AF0E9FD523FC646 ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
13:44:58.0374 0x4390 PNPMEM - ok
13:44:58.0405 0x4390 [ 7815D5EEE3624640150B1365EB2E98C5, 2E45B211F40510554E5BDA876E53497FA4A8465A152F77CF38CAD38CC6F47C8A ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
13:44:58.0474 0x4390 PNRPAutoReg - ok
13:44:58.0474 0x4390 PNRPsvc - ok
13:44:58.0538 0x4390 [ E1BCA08929D806A087D90BC11C6020E8, F9FE2E761F0F00C4A0C221D25069348185C75CA350DDD1407A6401220227A9F6 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
13:44:58.0590 0x4390 PolicyAgent - ok
13:44:58.0605 0x4390 Power - ok
13:44:58.0605 0x4390 PptpMiniport - ok
13:44:58.0759 0x4390 [ FAA5FBD37C00DE72573F9BF6B6E64BAD, AEF599C9D47ED197FAC54326E99114AD7EAA107A0248C77997D353A7B5C06FBB ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:44:58.0875 0x4390 PrintNotify - ok
13:44:58.0922 0x4390 [ 8803D4F36F1CB2E2203F5EB59571E89C, 0C83A8706CDB7400CCAB145211793B8C6153D30CA50843A5E3980536F2A38C11 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
13:44:58.0960 0x4390 PrintWorkflowUserSvc - ok
13:44:58.0991 0x4390 Processor - ok
13:44:59.0006 0x4390 ProfSvc - ok
13:44:59.0044 0x4390 [ 5818FE76C3C6AE0CA723EBE483BF447F, 613E1FE02FA52A6EF4B1E5C56F0108D493B1E97F799CF409A6697A5D5112C8B3 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
13:44:59.0075 0x4390 Psched - ok
13:44:59.0091 0x4390 PushToInstall - ok
13:44:59.0106 0x4390 [ 034BA34ADFA10F9D7E4989273DDABA33, 8763D28817A64F0D82B61EBA1FA54D7E0C97E66FA3F359C1A681740E1AF680C2 ] QWAVE C:\WINDOWS\system32\qwave.dll
13:44:59.0159 0x4390 QWAVE - ok
13:44:59.0175 0x4390 [ 16F9A6B593B52EB18F7ECB9D251BDF7A, 5DD26B91DF51A07097A893F3537F94FE2CD1F9D132B0994451E922CE1359516B ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
13:44:59.0206 0x4390 QWAVEdrv - ok
13:44:59.0222 0x4390 [ 13600C467512147E99052806F2C1307A, 705257F42FA3502113958A295E0E0FED9C6A35DB6214099360606E792F69B1C6 ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys
13:44:59.0244 0x4390 Ramdisk - ok
13:44:59.0244 0x4390 RasAcd - ok
13:44:59.0291 0x4390 [ ED0EE10911C16AD8B21B9003C90E968F, CFB280D14F629E87BBBDA83841E4B3DD8866FB8382FF17D3E807BBFBBC3BAC1A ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
13:44:59.0307 0x4390 RasAgileVpn - ok
13:44:59.0338 0x4390 RasAuto - ok
13:44:59.0360 0x4390 [ E0220BB6580D34001D4D1D133052DAA4, F350A34E7592673B7B77F907E7D7ACFC50C6099A4874C1D870BD0E089D8EF668 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
13:44:59.0391 0x4390 Rasl2tp - ok
13:44:59.0406 0x4390 RasMan - ok
13:44:59.0422 0x4390 [ 12EE1D92F4E5FAE4B6F65195A2016CE5, C62E9EBD4FE642248C36BB2C9BD7B1C1C09E8A33D4B4AA39DD32F9FD1FE86081 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:44:59.0460 0x4390 RasPppoe - ok
13:44:59.0491 0x4390 [ 91CE469015979E5B3C3DBC2C41A476E8, 45D7EA66311126E370B4E082F7E8507399AC594AB6F7CD5A45C9F09658FD7E19 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
13:44:59.0507 0x4390 RasSstp - ok
13:44:59.0507 0x4390 rdbss - ok
13:44:59.0522 0x4390 rdpbus - ok
13:44:59.0522 0x4390 RDPDR - ok
13:44:59.0560 0x4390 [ 4D1A63ACEC42A88E52AFC4E84A8CE9EE, 37789428D78273EB09F3613BC72DF5D5E9210D4650CC4D9F9DD413DB4A20B6F2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:44:59.0576 0x4390 RdpVideoMiniport - ok
13:44:59.0591 0x4390 rdyboost - ok
13:44:59.0645 0x4390 [ FB0577F6BC9E07549CEACF5224327499, 7AD01A641C3A8735C05C7EFDF3730D7A385A241306E3AD01B088D7329FF319E0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
13:44:59.0707 0x4390 ReFS - ok
13:44:59.0745 0x4390 [ 4136BCA61BCDCC79DCE145F9CB639CD6, 58D49C41532A31F6F2112317BB60D80D34A4D29CAABBF11BAD9C45FD8B812F93 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
13:44:59.0776 0x4390 ReFSv1 - ok
13:44:59.0823 0x4390 [ 16884710EB4898CB49B18609EEE34C6C, CEC4850825D81969BE269A4DC23DF54F6E2346AADE40D95E91B512412D4BD358 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:44:59.0908 0x4390 RemoteAccess - ok
13:44:59.0923 0x4390 [ 9D82CD53B622A85A10B4DA8F4724A8E4, 0D4DDDF7C8D90CB19A86EA531205BAF19BA2335DBD10CD9F006C969CE9735223 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:44:59.0977 0x4390 RemoteRegistry - ok
13:44:59.0992 0x4390 RetailDemo - ok
13:45:00.0008 0x4390 [ BBC228CA2F96B784B01FE7F1C5E3CFBB, AF24D0B4093F9CCE88C5BCB94944BCD6D36B890AD8544AF0CD7814B8D4F73A7A ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
13:45:00.0041 0x4390 rhproxy - ok
13:45:00.0045 0x4390 [ 665A51DE515A2E8B0BDB3D6917D47DD9, F5BF28900F55CB17016E64775B9A5B64D16E2A5898F4D5A7ABE26639932B2C63 ] RmSvc C:\WINDOWS\System32\RMapi.dll
13:45:00.0077 0x4390 RmSvc - ok
13:45:00.0108 0x4390 [ D0F6698E56F0157EA72F2D754C6FD555, A93DEECB1D84E5AC2C1E2D3D54BA118774E6F77996BEC7BCB6C758B6D04D1920 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
13:45:00.0177 0x4390 RpcEptMapper - ok
13:45:00.0193 0x4390 [ EB65907BD63871669C54D5E5BAE4DD34, 9A429C4B416913D65728A40890FC3C69465C4C77C2D313007BDF24EA5F4E1400 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:45:00.0239 0x4390 RpcLocator - ok
13:45:00.0293 0x4390 [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:45:00.0346 0x4390 RpcSs - ok
13:45:00.0393 0x4390 [ 27B80E5766B114621980F82FB78E912A, D7986FB32AFA2F376FBAA5EFAC18F5E699BAF97AD0C92A0B787E1CAF77465CFD ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
13:45:00.0424 0x4390 rspndr - ok
13:45:00.0478 0x4390 [ 6969DAC0C978A78E63DE59C6D5E2421C, 424DB0E2C185294D2C6646F53A83FC4A232939622B557845DF2E3F73BFC355AB ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
13:45:00.0509 0x4390 rt640x64 - ok
13:45:00.0594 0x4390 [ 0EFEA63C76021BA0BF4B83BF8DB827C4, 2578CE7BDD45053ECF38E07954CCDDBCC6F10EF72D23CD2F627BC8ECB8CFEF35 ] RTL8167 C:\WINDOWS\system32\DRIVERS\Rt64win7.sys
13:45:00.0625 0x4390 RTL8167 - ok
13:45:00.0647 0x4390 s3cap - ok
13:45:00.0710 0x4390 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] SamSs C:\WINDOWS\system32\lsass.exe
13:45:00.0747 0x4390 SamSs - ok
13:45:00.0779 0x4390 [ 324FA3C337EB54B43448F7B08444DC8D, 6AC6E84EBE169400D5CE140C7DC7F527D1A8F5B642593870AD7D1B193C21C7A3 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
13:45:00.0794 0x4390 sbp2port - ok
13:45:00.0810 0x4390 SCardSvr - ok
13:45:00.0826 0x4390 ScDeviceEnum - ok
13:45:00.0863 0x4390 [ 62A33CE69DB508BCEC63F4D3BFF400CE, 914FF18959025C71923558898F95B8113EE49930144A0B19FC06C5C043A171B4 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:45:00.0910 0x4390 scfilter - ok
13:45:00.0926 0x4390 Schedule - ok
13:45:00.0948 0x4390 [ 7B057373146CC4E5A1F1DA665EA55DC7, 48F1C276F99D4E135A261DDEFE2D813430DEFF6BA30FCBFFB102EA40EAD9434A ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
13:45:00.0963 0x4390 scmbus - ok
13:45:00.0979 0x4390 SCPolicySvc - ok
13:45:00.0979 0x4390 sdbus - ok
13:45:01.0010 0x4390 [ 6D3853838864886B4F10B074282772E0, 50855299C5D7FBE0E45EE6288EA1B824215D3E3693F24F1AD2BB2F2E27F6150D ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
13:45:01.0026 0x4390 SDFRd - ok
13:45:01.0048 0x4390 [ 368180051766E4289E3D47AF21F2668C, AD1E675A990684F131F09E61988525102CDEDA0817A20F188FE9D2A428216BC2 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
13:45:01.0095 0x4390 SDRSVC - ok
13:45:01.0126 0x4390 sdstor - ok
13:45:01.0148 0x4390 [ 0356C85312D78F4C7F33C74B6000BB93, 378018A0ABDF65506B471F091DEF6A8E1D2E719BEBA843595C550E3151C9E6D6 ] seclogon C:\WINDOWS\system32\seclogon.dll
13:45:01.0179 0x4390 seclogon - ok
13:45:01.0195 0x4390 SecurityHealthService - ok
13:45:01.0226 0x4390 SEMgrSvc - ok
13:45:01.0248 0x4390 [ 62EDAD383010E037C4D3846C7C021A00, CF2C5D97B4B8C472242A1DCC1CB97A081BFDA41F5708CA78DC9B5041C9B747D9 ] SENS C:\WINDOWS\System32\sens.dll
13:45:01.0295 0x4390 SENS - ok
13:45:01.0326 0x4390 Sense - ok
13:45:01.0364 0x4390 [ DDBBE9A08C79D3BB50D6053507F7777D, CA67D6FFCF63F38AAA320276F0AB96F87F6431907D2BC138E7EEE4530BE88AF1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
13:45:01.0446 0x4390 SensorDataService - ok
13:45:01.0463 0x4390 SensorService - ok
13:45:01.0479 0x4390 SensrSvc - ok
13:45:01.0510 0x4390 [ 75A27472AFD009255DBDE52038E3BDB5, 95C31B86D77D73B340901D3BD9798A9E3171D4D3F3D4632FBE3F6AE2B49A17C7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
13:45:01.0525 0x4390 SerCx - ok
13:45:01.0548 0x4390 [ 84005F54308109A022413D628E966412, 6828A10DF28053C159E93BDD7A62A5517E7037DC302D0EEED55BF07B48E0A202 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
13:45:01.0564 0x4390 SerCx2 - ok
13:45:01.0579 0x4390 [ 40384793F74CFFA45BCC38DF65E978EC, FA68F18573CA92703A3442BB4BC5135C42520BA7D2C3E4B872115C02EE0A719E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
13:45:01.0643 0x4390 Serenum - ok
13:45:01.0648 0x4390 [ 699470AD24D67908991A777716A352FD, 6155D9785DF9A9346B715798A2C4A0F9B90D2AF725E710F127E06155272B406E ] Serial C:\WINDOWS\System32\drivers\serial.sys
13:45:01.0679 0x4390 Serial - ok
13:45:01.0679 0x4390 [ 92453F065F52A8EF0328A926B2C9502F, 11CF98993B00B4850C30528F0922BF392B8DE085AD84D17721964D543A41D64D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
13:45:01.0726 0x4390 sermouse - ok
13:45:01.0726 0x4390 SessionEnv - ok
13:45:01.0748 0x4390 [ 1D8920C40F19B5FBA5F4897779840AD1, 9B1DAFD92963118ACEA411224AA65C841D57D29F6F1EB69A58AB32BC5FEB1592 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
13:45:01.0779 0x4390 sfloppy - ok
13:45:01.0810 0x4390 SharedAccess - ok
13:45:01.0848 0x4390 [ 63377493508564288721EF5421A216F5, 8D8F2CAD3608AE47AFEAA60C51E288EA622EC85B1CAA330CD226CA7A49F0F8E3 ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
13:45:01.0948 0x4390 SharedRealitySvc - ok
13:45:02.0011 0x4390 [ 887458A234108B5B69038299BE7FAD88, B25780E36FCA373141EC129EC878AC0C2D560DFF62FEE3DFE332256C1FCDF579 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:45:02.0080 0x4390 ShellHWDetection - ok
13:45:02.0111 0x4390 [ 5ED18BE9FE76540A0596BB41C91719C6, 54B52E6EC059F48D2A4FEDC9D2B7B391A605F63CFC29C46A9FC5BA936EF3A72D ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
13:45:02.0164 0x4390 shpamsvc - ok
13:45:02.0196 0x4390 [ A871F9CC9CF388DC7193D22EF8D8C8DF, D9E915F85E4FD993B04162B7D30BE6F230DD5464BBD75AE173255E59BA777067 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:45:02.0211 0x4390 SiSRaid2 - ok
13:45:02.0227 0x4390 [ D30FC341550CC364880950152AE8B1C5, BCCEB920C8DBCE061A62B0B7C91DA2981312DE9A8EC2D7398AE6009148603C77 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
13:45:02.0249 0x4390 SiSRaid4 - ok
13:45:02.0280 0x4390 [ 9CA6E573757C76A515EFD6DD795A3A1E, E7F87EF70545ABA33171A5783439E6E7874A2CAEE0C7ECF384023FBDCD967743 ] smphost C:\WINDOWS\System32\smphost.dll
13:45:02.0349 0x4390 smphost - ok
13:45:02.0365 0x4390 SmsRouter - ok
13:45:02.0411 0x4390 [ FDADDEC855034107E5FAD708B4E2424D, 1E3A07E0F67E23F32E046F516608D78299BA66BC647F6A6A240C77245FE3A7FF ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
13:45:02.0449 0x4390 SNMPTRAP - ok
13:45:02.0496 0x4390 [ 3BB48F7E33C2B76184DDF233000C09CD, D1AAE5B0425047CA0C2D376D3E59324D35A90DF9074CD442DFD0ED6E434D3C84 ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
13:45:02.0527 0x4390 Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic ( 1 )
13:45:02.0665 0x4390 Detect skipped due to KSN trusted
13:45:02.0665 0x4390 Sony SCSI Helper Service - ok
13:45:02.0665 0x4390 spaceport - ok
13:45:02.0680 0x4390 [ CCECE7E96B4F7B0E9F0FC82F6DADA917, 4C20D74971C7A822C51429BE960F85016B03166E05D43B29F5D290F413006C18 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
13:45:02.0696 0x4390 SpatialGraphFilter - ok
13:45:02.0711 0x4390 [ 545507AF670BC88B89200A118513ED9A, 1450D29E678F26B317D55BBF41E603296C5FBA54F956801D3E796808FFDCC0AD ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
13:45:02.0727 0x4390 SpbCx - ok
13:45:02.0749 0x4390 spectrum - ok
13:45:02.0765 0x4390 Spooler - ok
13:45:02.0796 0x4390 sppsvc - ok
13:45:02.0812 0x4390 srv - ok
13:45:02.0812 0x4390 srv2 - ok
13:45:02.0827 0x4390 srvnet - ok
13:45:02.0865 0x4390 SSDPSRV - ok
13:45:02.0881 0x4390 [ 3BEF5FAC7F3DA3E25B80CC41B5060616, CAAB3CAF150F564964471F494F583014E5EF842BC4761A64B708842C4425753B ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
13:45:02.0912 0x4390 SstpSvc - ok
13:45:02.0928 0x4390 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
13:45:02.0950 0x4390 ssudmdm - ok
13:45:02.0966 0x4390 StateRepository - ok
13:45:02.0981 0x4390 [ 162A805E13B3C0DD06AE8B6FC1900156, 43782D9136596365B87E7DF2046CC28C2AF9EC014308E1458E0315F7F6463B44 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
13:45:02.0997 0x4390 stexstor - ok
13:45:03.0028 0x4390 [ 0690CE515A295BD101415C7E411C43F3, 42E382EAFD2E5733805E26147BE74DF437E6E654ACDDE1DB42DB0D114B02ADE3 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
13:45:03.0066 0x4390 StillCam - ok
13:45:03.0097 0x4390 [ 3B3F5D6BB8A6A6F3630194A471989069, 0A5D586A1866113B94F5F11571506E133F64640DB38BEEDBE5489ED10314FA31 ] stisvc C:\WINDOWS\System32\wiaservc.dll
13:45:03.0150 0x4390 stisvc - ok
13:45:03.0150 0x4390 storahci - ok
13:45:03.0182 0x4390 storflt - ok
13:45:03.0182 0x4390 stornvme - ok
13:45:03.0197 0x4390 storqosflt - ok
13:45:03.0197 0x4390 StorSvc - ok
13:45:03.0213 0x4390 storufs - ok
13:45:03.0213 0x4390 storvsc - ok
13:45:03.0229 0x4390 [ 587854AF01CABE83A62D81FFEEBCD6AA, 99103FCCFE18DA0EA0121A10BCB7DEB833DE2A5C4CB8BD70E4983C2274D469E6 ] svsvc C:\WINDOWS\system32\svsvc.dll
13:45:03.0282 0x4390 svsvc - ok
13:45:03.0297 0x4390 [ 027B27E4B9DB3931D64159B81BD915A0, B30BD828748205642529B6E528D12B16F86CA4F06F60C2C2E89AD7A97EB06B49 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
13:45:03.0313 0x4390 swenum - ok
13:45:03.0329 0x4390 [ E0915F9B3C154FEF700C34A8E613B945, 172205D9DF0ABCC1F2B9484BA75A637BC0899CB42BFA5F0352B9C8E0CD6DDDA3 ] swprv C:\WINDOWS\System32\swprv.dll
13:45:03.0382 0x4390 swprv - ok
13:45:03.0398 0x4390 Synth3dVsc - ok
13:45:03.0413 0x4390 SysMain - ok
13:45:03.0429 0x4390 SystemEventsBroker - ok
13:45:03.0451 0x4390 [ 73F6476EE9F5448838B2883E0B710CD7, 0C2362C92A5CF8EBE428FC7C0399A8B6812CA42DD11D8669CB23FB10AC7B52AA ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:45:03.0498 0x4390 TabletInputService - ok
13:45:03.0547 0x4390 [ AC1AA61B04116E540C5AFD18F11F2697, D5ACC296853911E2C9A5E7B0B6F36AC4FA6B49417CB456D153427BCFD944C195 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:45:03.0583 0x4390 TapiSrv - ok
13:45:03.0583 0x4390 Tcpip - ok
13:45:03.0583 0x4390 Tcpip6 - ok
13:45:03.0598 0x4390 [ 74A1BF4093FA7B7D6C9366A39911A78E, E60694303A608EBFEAA5C581B312A212BC7081A4D67234F003917FA6E6A05F84 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
13:45:03.0630 0x4390 tcpipreg - ok
13:45:03.0646 0x4390 tdx - ok
13:45:03.0932 0x4390 [ 0000341F01739F6877363D0064BF2376, 95F2274E26AA16D5B6233879882FCD6DF0A9E11F11EB033ACCC7B88D9E95B4DD ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
13:45:04.0172 0x4390 TeamViewer - ok
13:45:04.0218 0x4390 [ B4B68E1DB59456419D9E49645729502A, A741EDEBCF5E8141BCC8867D5A62024425656432B6E6B0A0131B1B4AB878744E ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
13:45:04.0233 0x4390 terminpt - ok
13:45:04.0318 0x4390 [ 96037700AEE1B4D5A6FFC62861E4FF8C, E2E4D23525389C13126401215541F5625258DA18372CB5C98D0B95123A86ACFB ] TermService C:\WINDOWS\System32\termsrv.dll
13:45:04.0402 0x4390 TermService - ok
13:45:04.0418 0x4390 [ E0F78207F33D6C10CBFB23E873837C87, 55D4411A4070AFE81E576989D67DC411BAE39D9B90697E7646F07716EABE8EC1 ] Themes C:\WINDOWS\system32\themeservice.dll
13:45:04.0465 0x4390 Themes - ok
13:45:04.0480 0x4390 [ B52BA61AB8E4BAA83EA86BAB312EE6ED, D9A9D17FD222A67CA1906A422055718269929F0B33C7417F7D1F9447FD424683 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
13:45:04.0549 0x4390 TieringEngineService - ok
13:45:04.0603 0x4390 [ BC834B233125DBB321B809972F2E270E, 7085FAF5BC5E37E81E30345E984887E2D3F7657F87A23C0C1C0A4DFCD558BA55 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:45:04.0650 0x4390 tiledatamodelsvc - ok
13:45:04.0702 0x4390 TimeBrokerSvc - ok
13:45:04.0734 0x4390 TokenBroker - ok
13:45:04.0749 0x4390 TPM - ok
13:45:04.0781 0x4390 [ 39187852984778424A0EFD6B01FAB272, 2E7F7AEE8BAB1C6D8B880C28222EFFB721CFDA3B39215BB065088E396581ADA9 ] TrkWks C:\WINDOWS\System32\trkwks.dll
13:45:04.0818 0x4390 TrkWks - ok
13:45:04.0865 0x4390 TrustedInstaller - ok
13:45:04.0898 0x4390 [ 8D811209E34358EAD3FD8E40F657E59C, 1A40ED03C03C4FD87EBD166C0D87356F5036F04FBC1F9A600E92E2125B117DFE ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
13:45:04.0950 0x4390 tsusbflt - ok
13:45:04.0981 0x4390 [ 68DE1735FB020AE8948BD7B60F2EBD3B, 198EFA09C3FB57CD7C11F1AB91491E8FB8093F12DACE1B1AF1BDE50EBCD8EB43 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:45:05.0003 0x4390 TsUsbGD - ok
13:45:05.0050 0x4390 [ 32230D3F06B0874DFB727028CA4F6348, 8F50B556C38F736AAB8160912F0A3917BCA6396555D0DCB7A65B7FF0A8225416 ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
13:45:05.0100 0x4390 tsusbhub - ok
13:45:05.0135 0x4390 [ ACD39B0E5CFDA7B1AB7DF33FC5CC0E46, 89FE50DE5037770D568BA025A7EB06B5FAEA39A1EB97910319B942B02EFD14E5 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
13:45:05.0166 0x4390 tunnel - ok
13:45:05.0182 0x4390 [ D5E68FCEDE15214BDB5D986D5B50E0BF, D2FA040B4BF4424928ABFB0B8CCA768C8DC9BE3DA86A3C61B1CEE1A2C543FADC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
13:45:05.0235 0x4390 tzautoupdate - ok
13:45:05.0266 0x4390 [ 04FC2C7F73AE58BF0DD674164E28A6DF, 513E98D6838008B6F97E895BCD639679276AD6A7F7E789A6F3D4E9F9781CA78A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
13:45:05.0282 0x4390 UASPStor - ok
13:45:05.0304 0x4390 UcmCx0101 - ok
13:45:05.0320 0x4390 [ 950A3E42167904CAB9AA64863C31CEB5, FC31C3177EDA9FFD2CE51EB2B1E696E50FFB378973C3C001EE29265FED249353 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
13:45:05.0366 0x4390 UcmTcpciCx0101 - ok
13:45:05.0366 0x4390 UcmUcsi - ok
13:45:05.0403 0x4390 [ E6E91B3980A495D2A9D28A09580EA993, B4987D875A8AA176818C115844388EE64054411689B014ADEAC18164D02F6AE8 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
13:45:05.0419 0x4390 Ucx01000 - ok
13:45:05.0435 0x4390 [ DACA289DFFA7658C04FEF6DCFA2AA9CE, 7BD32B5F395A8675D4B2BDCA75530F2FFA64ED87B2B67FDA08EF709A4EA15553 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
13:45:05.0451 0x4390 UdeCx - ok
13:45:05.0482 0x4390 [ 12383D410AEF99AD6979A8EFD3D61888, 376929794A2A8B05DDB2EE93E58A3C3DA19855F5CBC8B29E208E28BF95970355 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
13:45:05.0520 0x4390 udfs - ok
13:45:05.0520 0x4390 [ AB7FE51D818B6059C2F56FA62268CCAC, D8412F13BFE0B96E0A9CCB5E25A567A66AE24983564D76954AA76DAF0A52726E ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
13:45:05.0535 0x4390 UEFI - ok
13:45:05.0567 0x4390 [ A6134CA92B545353EEB0420F36D39F1C, 2F100FC25ACF16948C9B95A7FAA5336B7C8E3CB571196B04D5DB8308D8C6C491 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
13:45:05.0582 0x4390 UevAgentDriver - ok
13:45:05.0635 0x4390 [ 8899E490269C7634368B4FE6E77CFE8D, ADDA7FD2DE1C94F9F91DA9C248DEF1D253B807FB07549EF14774C5D0001C5B3D ] UevAgentService C:\WINDOWS\system32\AgentService.exe
13:45:05.0704 0x4390 UevAgentService - ok
13:45:05.0751 0x4390 [ 58447F28E697A93521DD20530A8D50ED, BC166B829BA28DAEB8B113D5575D6A11BF81716B38797396496F4D2C2E537F23 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
13:45:05.0799 0x4390 Ufx01000 - ok
13:45:05.0836 0x4390 [ 69ED2D00A7787D9D84E6C90CE0B02B2D, 55B137766D72BF5FFF645E8E76248FD15367DFDF7FFDABB9A9ECC27FD7555DD3 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
13:45:05.0851 0x4390 UfxChipidea - ok
13:45:05.0867 0x4390 [ F061EC57330FBC597A4E7298BE667780, 0C32162782BAE9912373CA40A67567BAEF185173E033579C4833A91C11D83E2E ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
13:45:05.0883 0x4390 ufxsynopsys - ok
13:45:05.0920 0x4390 [ B26729B378282F72241859C13326E3E8, 859398D02E301B8C79078DB43E3BF9691EBA52DD0717868E27D2D6EF918098DD ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
13:45:06.0001 0x4390 UI0Detect - ok
13:45:06.0004 0x4390 [ D40BCED160D332005AF612E1228825E6, 72B7B89A3ED1D6846D004D9BDCAAF8F1D488C21A93A926FE158217B529B55157 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
13:45:06.0036 0x4390 umbus - ok
13:45:06.0083 0x4390 [ 64CF24D7B1FA4975C52A31BF4C82EB73, 2F803884A417F2DD39A155D20EAA4D61D494E41B0F98760810EC5193B84DD425 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
13:45:06.0105 0x4390 UmPass - ok
13:45:06.0136 0x4390 [ E6B6BDA0412D3C56275E662A5A1937FD, CB971073A34CF3FA184B8E41308A14CFD5E22F48B01109E7531DF013EB5E05E7 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
13:45:06.0204 0x4390 UmRdpService - ok
13:45:06.0236 0x4390 UnistoreSvc - ok
13:45:06.0283 0x4390 [ D2931E3F67A990328DE5CE7E43F4467C, 06BA872FB07CFDD14813963A06E01F225EFDF58A63D6B0A5AEF7872C7126DF54 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:45:06.0337 0x4390 upnphost - ok
13:45:06.0352 0x4390 [ ACE4C3B4C7D17B154FFC5BBE5F7A9835, C330123EE9BF90518CCB7DA923ED32C0CFA9319C886D9ECA65E3B84E743CB145 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
13:45:06.0368 0x4390 UrsChipidea - ok
13:45:06.0368 0x4390 UrsCx01000 - ok
13:45:06.0400 0x4390 [ EB738F830D3E7EA62A218F101EF91FD4, 35B05845497448C0721377F0EDD7624A4043D0C6E91C5C1CB96853F2D3B16457 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
13:45:06.0405 0x4390 UrsSynopsys - ok
13:45:06.0421 0x4390 [ 51A397ECC1AB2BD54C935E74A9543330, E242B84CC96485ECCAECCE6F37AAA2A57087C27228A2B3BE6CFF7163BBF22B8D ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
13:45:06.0452 0x4390 usbaudio - ok
13:45:06.0468 0x4390 [ B43E28E5CF868517EEC0923AB2BC366B, 01817474AFBC2199387F30F708DDD9458FB156EA4AECC8C3E2EBBCBF7A2BA857 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
13:45:06.0483 0x4390 usbccgp - ok
13:45:06.0521 0x4390 [ 1080D80B5F6D249F23BAE1C0C36233A4, 8EB810282DACCE101D4B5F70FEB450204359537098215DED1DBFF9E14B6F86D0 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
13:45:06.0552 0x4390 usbcir - ok
13:45:06.0552 0x4390 [ EE162DA2C92026A5B96ED89737975AA8, A26E58C7BEE9B6F0F692A2649F258384E55523A64889E3B7D8EFD6D77753E243 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
13:45:06.0584 0x4390 usbehci - ok
13:45:06.0605 0x4390 [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys
13:45:06.0621 0x4390 usbfilter - ok
13:45:06.0637 0x4390 [ C27FEE9758E3BEDE4D48B5EDBE1122CF, 64F7215ADCA3DC1E2D8EF3E6C3579529605DF8F7A2161FB04B19182C828E54D6 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
13:45:06.0668 0x4390 usbhub - ok
13:45:06.0684 0x4390 USBHUB3 - ok
13:45:06.0684 0x4390 [ 44B954306BB2B311E070EDA276FECAB1, 8F3C1FC07E2B8059E41AF3BD1CC03C67770B4FB403D79171CA075874721BBCAB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
13:45:06.0721 0x4390 usbohci - ok
13:45:06.0753 0x4390 [ EEF26F9034F0608B93D4D239534BB0BA, 6B047603D4F86C12CF0B22F4260E8BC6A6FF0BEEC50C74E31CA3A4E86567F90D ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
13:45:06.0784 0x4390 usbprint - ok
13:45:06.0784 0x4390 usbser - ok
13:45:06.0806 0x4390 [ 441CAE778B6A1FF6E618E37814A7A52A, 61DF48D662421F2149FA63187B2C8556A991BDA47EA75798BA86C572C432C1EB ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:45:06.0822 0x4390 USBSTOR - ok
13:45:06.0837 0x4390 [ 2D6BB2157B37B2D9DABF8C218F2A805B, 5FCA03DCAE81F6B7A6EB63F13A361ED915D82635697DAA085A31D447C21C1B65 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
13:45:06.0853 0x4390 usbuhci - ok
13:45:06.0868 0x4390 USBXHCI - ok
13:45:06.0868 0x4390 UserDataSvc - ok
13:45:06.0884 0x4390 UserManager - ok
13:45:06.0904 0x4390 UsoSvc - ok
13:45:06.0921 0x4390 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] VaultSvc C:\WINDOWS\system32\lsass.exe
13:45:06.0937 0x4390 VaultSvc - ok
13:45:06.0953 0x4390 vdrvroot - ok
13:45:06.0984 0x4390 [ 07C192BEEA76B1BD9D0310ED20551D54, 0E8A90B2A228CEE94DBD193E7C6775A64C8BBEF70E318F2ECE935B6ED5B26638 ] vds C:\WINDOWS\System32\vds.exe
13:45:07.0037 0x4390 vds - ok
13:45:07.0100 0x4390 [ EE776AE6D1DACD461D58A5B93FFA3731, 66F37BCC74AAFC825488A36CAAEE54F4D5DDBD626B51BEBD2143F7A83007DFCD ] veracrypt C:\WINDOWS\system32\drivers\veracrypt.sys
13:45:07.0122 0x4390 veracrypt - ok
13:45:07.0169 0x4390 [ 9D4EEE333603F3675685F644053499D5, 545A21F86C8CD64B556DE688B31DDB157863766D53E52DE443B881D267223578 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
13:45:07.0184 0x4390 VerifierExt - ok
13:45:07.0184 0x4390 vhdmp - ok
13:45:07.0207 0x4390 [ E10FEBB566E1F0A3936AB304F338637E, 01B344061F2A8802EE88F584CF583DCECA478823A0D37C41D90340E4E2FBC43F ] vhf C:\WINDOWS\System32\drivers\vhf.sys
13:45:07.0238 0x4390 vhf - ok
13:45:07.0253 0x4390 vmbus - ok
13:45:07.0269 0x4390 VMBusHID - ok
13:45:07.0269 0x4390 vmgid - ok
13:45:07.0285 0x4390 vmicguestinterface - ok
13:45:07.0285 0x4390 vmicheartbeat - ok
13:45:07.0285 0x4390 vmickvpexchange - ok
13:45:07.0305 0x4390 vmicrdv - ok
13:45:07.0307 0x4390 vmicshutdown - ok
13:45:07.0307 0x4390 vmictimesync - ok
13:45:07.0322 0x4390 vmicvmsession - ok
13:45:07.0322 0x4390 vmicvss - ok
13:45:07.0338 0x4390 [ D81F6B790519A60F3D1788B45D04B749, 7607DBA77412127C4968D3B6C4FD25F8C286A22DDDD9C78BDC54DF3A4C98AA8E ] vnvdimm C:\WINDOWS\System32\drivers\vnvdimm.sys
13:45:07.0369 0x4390 vnvdimm - ok
13:45:07.0385 0x4390 volmgr - ok
13:45:07.0407 0x4390 [ 6D6CACED512C1EF1FEAC215E37E3A9BC, 11B26DA5AB0C3736E2B8ADF3E06BFF3FD7853F9D6A948EA15ADC8B7D230062D4 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
13:45:07.0438 0x4390 volmgrx - ok
13:45:07.0454 0x4390 volsnap - ok
13:45:07.0485 0x4390 [ 72A95A844D6BAF2924A4C15BEDFD6BCA, AB9F8C77A077C9E95061D562F516793E547BC276926E1895A186A39317F21BA1 ] volume C:\WINDOWS\system32\drivers\volume.sys
13:45:07.0485 0x4390 volume - ok
13:45:07.0505 0x4390 vpci - ok
13:45:07.0523 0x4390 [ 075CE3C9E77D2666AFA888951E5F07A9, 264EDD6301851A41FB2233DC9BFC357EE5B60BEC1A04578FD7A576BA145E2A31 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
13:45:07.0539 0x4390 vsmraid - ok
13:45:07.0539 0x4390 VSS - ok
13:45:07.0570 0x4390 [ 26D00E85BE4726B114335250FCDEDA89, BA1E3EC92786A17B99BF6544FD76F0458DAC2810D2A3B0785AC2B066079D5B09 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
13:45:07.0585 0x4390 VSTXRAID - ok
13:45:07.0623 0x4390 [ 3DFDB573E4D49EA8F416B573525B7A86, 9951D34FF0B98CA562EC0D81E23DA81BF5E5E6B4F5C274BC8E258BAE5E69DF8D ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
13:45:07.0670 0x4390 vwifibus - ok
13:45:07.0686 0x4390 [ A40FA64655AB5B8773A96A821616C5FC, 221063771A70CD6238D5DD816EC99BFFE31418EDA08E2270D864554234271087 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
13:45:07.0707 0x4390 vwififlt - ok
13:45:07.0754 0x4390 [ A17A4F2823C5424C9B8B990644817DC0, D8CE6FC8B6B5BB89968D83AC3DC054C35BD16880D0B321B64799DA1830C2B626 ] W32Time C:\WINDOWS\system32\w32time.dll
13:45:07.0807 0x4390 W32Time - ok
13:45:07.0870 0x4390 [ AD72CFDA8E47BC32ED46DE4FD2434062, 0CFD5BFC6D19980E78382493167858CEE2A82977B5CD6646796270288315B3DA ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
13:45:07.0923 0x4390 w3logsvc - ok
13:45:07.0954 0x4390 [ A76A55BF0B22D1075434F1D723B9D1AC, 5522AD5CFCAC65D07CB80C810236590482FC4581451333AF37D99B54EBC176BE ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
13:45:07.0985 0x4390 W3SVC - ok
13:45:08.0007 0x4390 [ 5B5430522E0BDF2A753D758710BE7C5E, 1476C664EFCE7A2FEE738BB767D3E2EABBEF19F1037D383140BC01F92E154039 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
13:45:08.0023 0x4390 WacomPen - ok
13:45:08.0070 0x4390 [ 451D40C28E7D1CF51A980B83FDEFF498, E6CEEB222A1C0D97E53DCFC2E22084FD4547A8CE3C16A54DD49622F524BF48CE ] WalletService C:\WINDOWS\system32\WalletService.dll
13:45:08.0139 0x4390 WalletService - ok
13:45:08.0154 0x4390 wanarp - ok
13:45:08.0170 0x4390 wanarpv6 - ok
13:45:08.0186 0x4390 [ E3B4C37F1F3D8078AA2AFBEE7F5468CF, E620DC9F5AAAE9652E3B742BBF4D671F04D623F657959C98F2230CEF26086CDE ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
13:45:08.0224 0x4390 WarpJITSvc - ok
13:45:08.0239 0x4390 [ A76A55BF0B22D1075434F1D723B9D1AC, 5522AD5CFCAC65D07CB80C810236590482FC4581451333AF37D99B54EBC176BE ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
13:45:08.0270 0x4390 WAS - ok
13:45:08.0323 0x4390 [ 1C1EB9C4DAF428B3BFDD58572768182C, 99F429EB8C2DEC185124B8811AF96D30E963E2F71CC7184AF8650805818B52E4 ] wbengine C:\WINDOWS\system32\wbengine.exe
13:45:08.0455 0x4390 wbengine - ok
13:45:08.0486 0x4390 WbioSrvc - ok
13:45:08.0486 0x4390 wcifs - ok
13:45:08.0505 0x4390 Wcmsvc - ok
13:45:08.0508 0x4390 wcncsvc - ok
13:45:08.0508 0x4390 wcnfs - ok
13:45:08.0524 0x4390 [ 6FD8F1FBED780A7F3DF329C834E52AC5, 3AD265AF0E955A78102BFF7048C08C3D250694EBB47B9E603090EC0FE5BD522E ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
13:45:08.0539 0x4390 WdBoot - ok
13:45:08.0586 0x4390 [ FCC960498E3CD899F0A429F7CF9E77AD, 91FB3B6AF1522754E6ECF5D0CD146B1D06F657D06E6D9D917F55A3789A92D8EB ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
13:45:08.0624 0x4390 Wdf01000 - ok
13:45:08.0655 0x4390 [ 7D182F0F227FC141C5D2085175BE05F6, 58F3F00521DBD7D33E5383FBFE264777B8403C16F52C887FA4C5F391CB1E0250 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
13:45:08.0686 0x4390 WdFilter - ok
13:45:08.0724 0x4390 [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
13:45:08.0786 0x4390 WdiServiceHost - ok
13:45:08.0805 0x4390 [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
13:45:08.0840 0x4390 WdiSystemHost - ok
13:45:08.0856 0x4390 wdiwifi - ok
13:45:08.0887 0x4390 [ 0D38C257A7B34A818726BA2F323B196E, B136076CFDD0FB9B78E0BFF2873F4F3477808E12EB897ED0D883481EB92A24DE ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:45:08.0906 0x4390 WdNisDrv - ok
13:45:08.0924 0x4390 WdNisSvc - ok
13:45:08.0971 0x4390 [ DF58AA71FBA55E15F572C93447696DEC, F20C93140A44C1E61B5544FC8B3A1145E9ED57B2F09881719F4B2853B4900891 ] wdnsfltr C:\WINDOWS\system32\drivers\wdnsfltr.sys
13:45:09.0024 0x4390 wdnsfltr - ok
13:45:09.0024 0x4390 WebClient - ok
13:45:09.0124 0x4390 [ 865EA7793A8897357BBEE11104368382, C97D015AA5A2C9981BBB0C219EF9B735415918EE18023EDC24114CBEF1BE2C0E ] WEBDE_MailCheck_Update C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Update.exe
13:45:09.0171 0x4390 WEBDE_MailCheck_Update - ok
13:45:09.0208 0x4390 [ 7997BC2386A9976C0645A28FA8A6E7EA, ABE47A6132B7651EA2055F97E7BD9D596906086BCD726147449D4378C7E4F9B9 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
13:45:09.0240 0x4390 Wecsvc - ok
13:45:09.0271 0x4390 [ CEA146E0D096A491B265CD2340C2E31D, 285BA0D58E6E93FEB0D8F33738C6A223D7269378B3E77A7760D7131E43DEBE7C ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
13:45:09.0304 0x4390 WEPHOSTSVC - ok
13:45:09.0309 0x4390 [ 40610BA98D5830FB14C3695B3BCA647A, 6E047D04DDD9DCB142572CEAB5E73585062205BABE510C5B0D63800B2A9D251A ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
13:45:09.0340 0x4390 wercplsupport - ok
13:45:09.0356 0x4390 [ AA2B3154D12ABE34640C866AC3472E33, 32EBA0B999FDA77E6828274FE49A7619B97471BF828B18BF55BDAE19FB10DC6A ] WerSvc C:\WINDOWS\System32\WerSvc.dll
13:45:09.0409 0x4390 WerSvc - ok
13:45:09.0472 0x4390 [ 86B816E9D24625287BDE9784953A5E86, BCA73B320100D7C1052751D7FA42990579B6BA5908E31B2212BFE75681B32D3F ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
13:45:09.0541 0x4390 WFDSConMgrSvc - ok
13:45:09.0541 0x4390 WFPLWFS - ok
13:45:09.0572 0x4390 [ F78A2731EC972312C4C998174A9BB325, 72CCA57EB6383F65683C276337F53AB38BC398CEA69E53D6E2867D5EE8B4B007 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
13:45:09.0609 0x4390 WiaRpc - ok
13:45:09.0640 0x4390 [ C8D3FC38426E990E2787771678B19C6D, FB6CA9A5BF3935793CD8B2F288FAC0C675B333D4F7393FA02244E3BCC2E25625 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
13:45:09.0656 0x4390 WIMMount - ok
13:45:09.0672 0x4390 WinDefend - ok
13:45:09.0687 0x4390 WindowsTrustedRT - ok
13:45:09.0709 0x4390 [ 813EE0F4D4B8D599DB1968682D080732, A3EF1BBB866F5A7C1B5303BBF6E805B35739602CA7F244C076A8BF90F1CB2952 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
13:45:09.0725 0x4390 WindowsTrustedRTProxy - ok
13:45:09.0725 0x4390 WinHttpAutoProxySvc - ok
13:45:09.0741 0x4390 [ E23475E9150E6A50B12DB176EA5CDD56, 25699796948D4679D0C1633C726C3CDF052F877AAA18CD7D069F95A88701CB73 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
13:45:09.0756 0x4390 WinMad - ok
13:45:09.0825 0x4390 [ 0FBD5D358094E254A1508832D4042FF7, 4EC4DB3B03BE1518BB38D4F3BF79A77D1BCA5A2DE9BA5F9C9312606E4E2A14E9 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:45:09.0857 0x4390 Winmgmt - ok
13:45:09.0872 0x4390 WinNat - ok
13:45:09.0956 0x4390 [ C2A88E382CD48E4772A5570D66BF1A90, F1BFB1873FB1E37DAADE923FC30265C72018CF2003B0A5E0E5896167D1680D01 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:45:10.0072 0x4390 WinRM - ok
13:45:10.0110 0x4390 [ E92F3539C4758F6A9F4B80CBAC75B3E6, 9CF9069B9A738E86181FB02904720B2A88353574F35BDC298A2EB697D22B7723 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
13:45:10.0141 0x4390 WINUSB - ok
13:45:10.0157 0x4390 [ 59126AFCC64270747B5CC9B44A4A48F4, C0C1E6B248E725FE02B58151838AAC8841FB70B673A2B6EFB49EEA96E7F1C1DA ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
13:45:10.0172 0x4390 WinVerbs - ok
13:45:10.0225 0x4390 [ 0A3ADAA0EFAFA26CA8570E24A13CE484, 2B7FA1ADD904962F296111F555F4BB45A3BA77B6961DABC502B6DDC4E9324CEB ] wisvc C:\WINDOWS\system32\flightsettings.dll
13:45:10.0288 0x4390 wisvc - ok
13:45:10.0288 0x4390 WlanSvc - ok
13:45:10.0325 0x4390 wlidsvc - ok
13:45:10.0372 0x4390 [ 56E1A46DD1C5D28B10F02E21D077EBF6, CC9AADBBBA03E162948EE39CCAAFD0A43253C86F5B875765748B73A084DC4B25 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
13:45:10.0457 0x4390 wlpasvc - ok
13:45:10.0473 0x4390 [ E8C793ED028E132771988760819E3754, 7BC02774EEDF4B884181854BEADF2DCAC615BA3ED7F1551C0863B79E009E3043 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
13:45:10.0510 0x4390 WmiAcpi - ok
13:45:10.0542 0x4390 wmiApSrv - ok
13:45:10.0557 0x4390 WMPNetworkSvc - ok
13:45:10.0557 0x4390 [ 8D6E6F6C233AF450C50FA615530B44D2, 1BF6CD93B97920500F5FD0E9D8395ACCAAA2D126FD9C256148797B292D5F9A6C ] Wof C:\WINDOWS\system32\drivers\Wof.sys
13:45:10.0588 0x4390 Wof - ok
13:45:10.0657 0x4390 [ 1431D184691F7FA9AAC2064EB0EC6C96, 6185E5AB281327563DC4E87526B37792A9B4B86C65D5BADDBB1DBA6A50FC9134 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
13:45:10.0742 0x4390 workfolderssvc - ok
13:45:10.0773 0x4390 [ AE9793230B219113DE1163138645E5AE, 9CBC10269D847E4EFCF8B412D34B9551594396390BF5BFDEED03DBFB84D7174F ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
13:45:10.0810 0x4390 WPDBusEnum - ok
13:45:10.0857 0x4390 [ 9EAE1EF282864674355B4B81DF6AE935, 781CED5AE95D365BB59769517FA9462EFC6472ED4EB08C98EC66CE3E17C66D69 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:45:10.0872 0x4390 WpdUpFltr - ok
13:45:10.0910 0x4390 [ C75B59E441206A572CC64BBB60EE54B3, C43A3109EAB89B6A23E033C127F1B5586651A1A3A1C4D45ECFBF0ABE472FEBA1 ] WpnService C:\WINDOWS\system32\WpnService.dll
13:45:10.0957 0x4390 WpnService - ok
13:45:11.0006 0x4390 [ 07F4AF1730D55567EACE7ADDEA28FE48, 256671C52C350E42662DC590AE36BAFD06E9507551C39575BCD894D8FD040129 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
13:45:11.0057 0x4390 WpnUserService - ok
13:45:11.0088 0x4390 [ 367B3ED0C688AFE28C376B0230814567, 1E7419254852A70AEAA30DF0F85C4E489591E5A0E90256C40676F712D45960CA ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:45:11.0111 0x4390 ws2ifsl - ok
13:45:11.0126 0x4390 wscsvc - ok
13:45:11.0158 0x4390 [ 7B44553610A89F2011CF69BEA9AFD4CB, A7DE907114570F8CC248F4996045D33C0FB0159B8E6F0A4127F1C205183DDF35 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
13:45:11.0189 0x4390 WSDPrintDevice - ok
13:45:11.0227 0x4390 [ 8068DC839C3729FFC70821FBEF05D5ED, FAD4FDC8DD9CD119B93C8B8889796E9766952C032D70ACD8FA97D29A4BDFE29F ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
13:45:11.0258 0x4390 WSDScan - ok
13:45:11.0258 0x4390 WSearch - ok
13:45:11.0273 0x4390 wuauserv - ok
13:45:11.0307 0x4390 [ BD5E68B369DF3453A0A87663C6C5476D, 17B766ADB299D247EF9D4554F86015B38A89AE5C0310A36E1FCB0AC28462CE96 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
13:45:11.0342 0x4390 WudfPf - ok
13:45:11.0389 0x4390 [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
13:45:11.0411 0x4390 WUDFRd - ok
13:45:11.0427 0x4390 [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:45:11.0458 0x4390 WUDFWpdFs - ok
13:45:11.0458 0x4390 [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:45:11.0489 0x4390 WUDFWpdMtp - ok
13:45:11.0489 0x4390 WwanSvc - ok
13:45:11.0527 0x4390 [ 42C738ED1552FE168F6EE1BAE8ACFCAC, 01E9CD1FA7935DD442A2EBFC93E4BDDF204F995379FCAFFEADAF0BF6638AB925 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe
13:45:11.0543 0x4390 xbgm - ok
13:45:11.0590 0x4390 [ A03C4D4D71304087820A0EF18FCF7582, F92737321A5082A72F20491810A09D249F0676F0F12478A2C81ADF9B2F79BAB0 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
13:45:11.0643 0x4390 XblAuthManager - ok
13:45:11.0712 0x4390 [ 77ADC2F5DBE303EF8B8D2D08AEE3F3DB, 65128FB8561EF1BE4E3CAA3B0D873FEA3A218E3CF90527068C43F6E549ECB188 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
13:45:11.0790 0x4390 XblGameSave - ok
13:45:11.0828 0x4390 [ 2244A4CEFE8F9C74091369ACE2E9EBC6, 48F59F36EBA0434BED00B53321107C0BDFF20131683D5E6BC7A9F5DA0B8B6929 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
13:45:11.0875 0x4390 xboxgip - ok
13:45:11.0890 0x4390 [ 1A9550D746B8604D37A90436EF686777, 3DBF305C228D28A3C4FC48F65CC38BDBFEE6B7995CEE8319E680E073978CA58B ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
13:45:11.0912 0x4390 XboxGipSvc - ok
13:45:11.0959 0x4390 [ 4951DD543AA2710760D90A58261ED665, 37D08FA58147A6606E69DB39405898D82BC40420F8FFB0BD097694A53E60AD1D ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
13:45:12.0012 0x4390 XboxNetApiSvc - ok
13:45:12.0044 0x4390 [ 4A91B49C6B1E41151D47CB919ADF013A, 4DA1E3F50B2D63AFD2F7A014E3C0420C1E7DEDE96A48EEC33C53023D88F9AAFF ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
13:45:12.0075 0x4390 xinputhid - ok
13:45:12.0075 0x4390 ================ Scan global ===============================
13:45:12.0112 0x4390 [ EB45383BE9D7ECB36D55B262E0D8EB46, DC975066C426B5FBBFA3A4254D1D97DBF889B6BFD062D9FF1892F66C0CFF2DE3 ] C:\WINDOWS\system32\basesrv.dll
13:45:12.0191 0x4390 [ 9451BA31B1DC19CED2608D82863C6486, 888F8676086DD8338445C35A64106E01122881FD08858D3996470EBF0DF30648 ] C:\WINDOWS\system32\sxssrv.dll
13:45:12.0212 0x4390 [ Global ] - ok
13:45:12.0212 0x4390 ================ Scan MBR ==================================
13:45:12.0228 0x4390 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:45:12.0291 0x4390 \Device\Harddisk0\DR0 - ok
13:45:12.0291 0x4390 ================ Scan VBR ==================================
13:45:12.0291 0x4390 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
13:45:12.0291 0x4390 \Device\Harddisk0\DR0\Partition1 - ok
13:45:12.0313 0x4390 [ AD30239090ACC5F2F73594C146D93C14 ] \Device\Harddisk0\DR0\Partition2
13:45:12.0313 0x4390 \Device\Harddisk0\DR0\Partition2 - ok
13:45:12.0328 0x4390 [ B358CE204864712AB7107013C36D37C2 ] \Device\Harddisk0\DR0\Partition3
13:45:12.0328 0x4390 \Device\Harddisk0\DR0\Partition3 - ok
13:45:12.0375 0x4390 [ 91EF60387080FEFF3C43DF014E86870A ] \Device\Harddisk0\DR0\Partition4
13:45:12.0375 0x4390 \Device\Harddisk0\DR0\Partition4 - ok
13:45:12.0375 0x4390 ================ Scan generic autorun ======================
13:45:12.0391 0x4390 SecurityHealth - ok
13:45:12.0639 0x4390 [ 1F8CF6262B750DFE1118D22918589426, 6C7600B463EBB711E3CB41CFE48EBC5E41E20EF5F822A460DEA299CB43B07BC2 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
13:45:12.0789 0x4390 RTHDVCPL - ok
13:45:12.0851 0x4390 [ 053C93D5967E08748DBA0E132EAEC0B3, B48A00B00DFDFCF6911911B34788CD359BF90AB66F4A2A3FE177B75EB775C2C2 ] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
13:45:12.0851 0x4390 NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
13:45:12.0989 0x4390 Detect skipped due to KSN trusted
13:45:12.0989 0x4390 NUSB3MON - ok
13:45:13.0236 0x4390 [ 33358DAA4951D1303E570356622F52D6, 0166ABBD111D3DAED6585E6D4084D392432EEE69CC8227E846DFE7BCBEEA3547 ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
13:45:13.0305 0x4390 Dropbox - ok
13:45:13.0406 0x4390 [ F448DDC69CDAA391DBA26C3BCDD67DDA, 3AC3D29B89616421F2F92743A9FA32CC14C7D309D0898AC3A73E8668B04B8199 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
13:45:13.0474 0x4390 BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
13:45:13.0606 0x4390 Detect skipped due to KSN trusted
13:45:13.0606 0x4390 BrHelp - ok
13:45:13.0674 0x4390 [ 893B731FD112DF51F5CD095DAD622F16, 68BAF0342F0C8AC68CDA0F1EBE1AB5D65625EB545CF85DBB659AFD999C6D4335 ] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
13:45:13.0690 0x4390 Reader Application Helper - ok
13:45:13.0753 0x4390 [ 92186E427B216F010C5886A618801CF7, D2B652C692A38B29CBF66B6264CE7EF9A155E968744DD642D519D240E83B5CC7 ] C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe
13:45:13.0790 0x4390 GDataUsbProtection - ok
13:45:13.0953 0x4390 [ E0E35158C531BA5D32DC8657FF1FF6E3, ECBB39FCE5F3E53DC9E3291EC4C31C2B5D1768B9F937D1BE0643A8489AE4B868 ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
13:45:14.0122 0x4390 Fitbit Connect - detected UnsignedFile.Multi.Generic ( 1 )
13:45:14.0253 0x4390 Detect skipped due to KSN trusted
13:45:14.0253 0x4390 Fitbit Connect - ok
13:45:14.0453 0x4390 [ 0D03F00EF10738645573A0BADCD44C2F, B2A7C068C07EE009BF421706478ECD6E801312FBB58993911ECFCEF0CFF69EB7 ] C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
13:45:14.0522 0x4390 MailCheck IE Broker - ok
13:45:15.0063 0x4390 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:45:15.0526 0x4390 OneDriveSetup - ok
13:45:15.0933 0x4390 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:45:16.0366 0x4390 OneDriveSetup - ok
13:45:16.0428 0x4390 [ 9DD1E2F2C5BAAC44FF166B458C03001C, 24AAB8C944A6420E901E3D08AB37FE4081279B982D315515F5F21AC479FCAC0A ] C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe
13:45:16.0466 0x4390 TakeABreak - detected UnsignedFile.Multi.Generic ( 1 )
13:45:16.0613 0x4390 Detect skipped due to KSN trusted
13:45:16.0613 0x4390 TakeABreak - ok
13:45:16.0644 0x4390 [ 0E3BB9E5CA462CFA7033A1628C7EF104, A69D37C34713A16210D3A325418DF1ACAAA0CD252BCEB41ABDE91775FE193FC9 ] C:\Program Files (x86)\WordExpander\WordExpander.exe
13:45:16.0666 0x4390 WordExpander - detected UnsignedFile.Multi.Generic ( 1 )
13:45:16.0797 0x4390 Detect skipped due to KSN trusted
13:45:16.0797 0x4390 WordExpander - ok
13:45:16.0829 0x4390 Skype - ok
13:45:16.0967 0x4390 [ E0E35158C531BA5D32DC8657FF1FF6E3, ECBB39FCE5F3E53DC9E3291EC4C31C2B5D1768B9F937D1BE0643A8489AE4B868 ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
13:45:17.0129 0x4390 Fitbit Connect - detected UnsignedFile.Multi.Generic ( 1 )
13:45:17.0129 0x4390 Detect skipped due to KSN trusted
13:45:17.0129 0x4390 Fitbit Connect - ok
13:45:17.0267 0x4390 [ DC88C9CDE45C1DD6551C8212DA536274, 9368419F375CE26937EF71C9236DAA8D93C75EA87C8D33A1B2EA11AE13A5F1BC ] C:\Users\marelro\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:45:17.0314 0x4390 OneDrive - ok
13:45:17.0330 0x4390 [ 9DD1E2F2C5BAAC44FF166B458C03001C, 24AAB8C944A6420E901E3D08AB37FE4081279B982D315515F5F21AC479FCAC0A ] C:\Program Files (x86)\Scirocco\Scirocco Take a Break\TakeABreak.exe
13:45:17.0367 0x4390 TakeABreak - detected UnsignedFile.Multi.Generic ( 1 )
13:45:17.0367 0x4390 Detect skipped due to KSN trusted
13:45:17.0367 0x4390 TakeABreak - ok
13:45:17.0499 0x4390 [ 20758A3D6D2E849A24A1F2655D00B4A2, A213F29F7C6FC648E10E120B5025EE5692B56A34A66E52C9D8A479A14CBE2717 ] C:\Program Files (x86)\Nextcloud\nextcloud.exe
13:45:17.0667 0x4390 Nextcloud - detected UnsignedFile.Multi.Generic ( 1 )
13:45:17.0784 0x4390 Detect skipped due to KSN trusted
13:45:17.0784 0x4390 Nextcloud - ok
13:45:18.0260 0x4390 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:45:18.0687 0x4390 OneDriveSetup - ok
13:45:18.0744 0x4390 [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe
13:45:18.0807 0x4390 WAB Migrate - ok
13:45:18.0807 0x4390 Waiting for KSN requests completion. In queue: 68
13:45:19.0876 0x4390 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x60100 ( disabled : updated )
13:45:19.0876 0x4390 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.167 ), 0x61000 ( enabled : updated )
13:45:19.0876 0x4390 Win FW state via NFP2: enabled ( trusted )
13:45:20.0322 0x4390 ============================================================
13:45:20.0323 0x4390 Scan finished
13:45:20.0323 0x4390 ============================================================
13:45:20.0344 0x4388 Detected object count: 0
13:45:20.0344 0x4388 Actual detected object count: 0
|
|
15.05.2018, 20:07
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! adwCleaner v7.1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.05.2018, 21:48
| #13 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Hallo Cosinus, hier der Report: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-14.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-15-2018
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 44
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Windows\System32\config\systemprofile\AppData\Local\DMR
Deleted C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}
Deleted C:\Users\Admin\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}
Deleted C:\Program Files (x86)\Chip Digital GmbH
Deleted C:\Users\Admin\AppData\Local\Temp\DMR
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
***** [ Files ] *****
Deleted C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\9xuu7j7s.default\searchplugins\google-lavasoft.xml
Deleted C:\Windows\System32\LavasoftTcpService64.dll
Deleted C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted C:\Windows\SysWOW64\lavasofttcpservice.dll
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\chip1click
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-21-2369424989-362787197-3549092213-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Not Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Not Deleted HKLM\Software\Microsoft\Internet Explorer\Toolbar|{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKU\S-1-5-21-2369424989-362787197-3549092213-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKU\S-1-5-21-2369424989-362787197-3549092213-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKLM\Software\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchengineland.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
|
|
15.05.2018, 22:49
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads adwcleaner bitte zwecks Kontrolle wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.05.2018, 06:09
| #15 |
| | Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads Guten Morgen! Bevor ich den AdwCleaner neu laufen ließ, hab ich mich gefragt, was ich denn mit dem IE zu schaffen hatte (die 2 übriggebliebenen Ergebnisse), denn den nutze ich eigentlich nicht (bewusst) und dann bin ich drauf gekommen, dass das mit dem Web.de Mailcheck zusammenhängen kann. Den hab ich dann auch noch abgeschaltet. Ergebnis jetzt: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-14.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-16-2018
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########
|
|
| Themen zu Benötige Hilfe zu den Vorarbeiten zur Erstellung eins "Plagegeister"-Threads |
| aktualisieren, anderes, anweisung, avast, benutzerkonten, erfolgreich, escan, fenster, folge, gen, jahre, laptop, logfile, mbam, meldungen, neue, neuen, nichts, plagegeister, probleme, quarantäne, rechner, scan, scans, sekunden, win, win7, windows 10 |
dann auf 
und dann auf 
. 
Hybrid-Darstellung
