Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Google Chrome: www1.online/?w=RD2332

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.06.2018, 20:03   #1
Hakan-TR
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Hallo,

ich habe seit ca. 2 Tagen das gleiche Problem wie ein Vorposter, dessen Thread wegen Inaktivität jedoch geschlossen wurde.

Google Chrome öffnet nicht mehr Google als Startseite, sondern leitet mich über die Seite www1.online/?w=RD2332 zu "about: blank" weiter.

Was habe ich mir da eingefangen? Könnten personenbezogene Daten bzw. Passwörter bereits "abgefischt" worden seien. Zudem würde ich mich freuen, wenn Sie mir helfen könnten diesen Virus zu entfernen.

Vielen Dank im Voraus

PS:
Bin eben auf folgendes Zitat vonseiten eines Admins gestoßen:
"Lade keine Software von Chip, Softonic, SourceForge, openoffice.de oder VLC.de. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert."

Vor ca. 2 Tagen wurde mir ein kleines Fenster zum Update von OpenOffice angezeigt und ich habe dem zugestimmt. Vielleicht besteht ein Zusammenhang hierzu.

Geändert von Hakan-TR (08.06.2018 um 20:19 Uhr)

Alt 08.06.2018, 20:40   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Lesestoff:
Google Chrome

Offensichtlich nutzt du den Browser Chrome von Google. Von der Verwendung dieses Browsers muss man aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs

Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren.




Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 09.06.2018, 14:17   #3
Hakan-TR
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332




FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
durchgeführt von durma (Administrator) auf LAPTOP-9AQNOV5G (09-06-2018 14:13:12)
Gestartet von C:\Users\durma\Downloads
Geladene Profile: durma (Verfügbare Profile: durma)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Dell Inc.) C:\Windows\System32\ngvpnmgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxEM.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-15] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corporation)
HKLM\...\Run: [DeliveryAndStatusCheck] => C:\Program Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe [301832 2015-11-10] (HP)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-17] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-04-08] (Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-06-04] (Dropbox, Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-10-18] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-10-18] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Nike+ Connect] => C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [71680 2015-10-10] (Nike)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-10-05] (Valve Corporation)
HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\...\Run: [OpenOffice Updater] => C:\Users\durma\AppData\Roaming\OpenOffice Updater\Updater.exe [389144 2018-06-05] () <==== ACHTUNG
HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\...\Run: [GoogleChromeAutoLaunch_27CFA978203970C57DF746A969580ED2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008 2018-05-15] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell VPN Connection.lnk [2018-03-15]
ShortcutTarget: Dell VPN Connection.lnk ->  (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [S-1-5-21-1844293641-2757881521-3897887764-1001] => Proxy ist aktiviert.
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1a4d01a1-3b3b-41fb-adf2-d94d34ab20d1}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www1.online/?w=RD2332
HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> DefaultScope {C4B56839-CD05-4DF0-9EFD-D9A4E014D9C3} URL = hxxps://www1.online/?w=RD2332&q={searchTerms}
SearchScopes: HKLM -> {C4B56839-CD05-4DF0-9EFD-D9A4E014D9C3} URL = hxxps://www1.online/?w=RD2332&q={searchTerms}
SearchScopes: HKLM-x32 -> {7293ADEC-FEF9-46A1-9897-DEC927F4E7D9} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1844293641-2757881521-3897887764-1001 -> DefaultScope {C4B56839-CD05-4DF0-9EFD-D9A4E014D9C3} URL = hxxps://www1.online/?w=RD2332&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1844293641-2757881521-3897887764-1001 -> {7293ADEC-FEF9-46A1-9897-DEC927F4E7D9} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1844293641-2757881521-3897887764-1001 -> {C4B56839-CD05-4DF0-9EFD-D9A4E014D9C3} URL = hxxps://www1.online/?w=RD2332&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-05-30] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-05-02] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-05-02] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-30] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1233203.dll [2018-05-15] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-05-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-05-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-09-01] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default [2018-06-09]
CHR Extension: (Präsentationen) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-28]
CHR Extension: (AdGuard Werbeblocker) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2018-04-10]
CHR Extension: (Touch VPN) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-06-08]
CHR Extension: (YouTube) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-28]
CHR Extension: (Avast SafePrice) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-07]
CHR Extension: (Tabellen) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-28]
CHR Extension: (AdBlock) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-25]
CHR Extension: (Avast Online Security) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Google Mail) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-28]
CHR Extension: (Chrome Media Router) - C:\Users\durma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-29] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-17] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-17] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8652976 2018-05-24] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-06-04] (Dropbox, Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-18] (Intel Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-09-01] (WildTangent)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation)
R2 NgVpnMgr; C:\WINDOWS\system32\ngvpnmgr.exe [588768 2017-02-10] (Dell Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [326656 2016-10-15] (Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-09-17] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-21] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-21] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-05-17] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-15] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-15] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-15] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-15] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [234560 2018-05-17] (AVAST Software)
R3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-05-17] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159120 2018-05-17] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111360 2018-05-17] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-05-17] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-05-17] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-05-17] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-05-17] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381552 2018-05-17] (AVAST Software)
R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-18] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-18] (Intel Corporation)
S3 NgFilter; C:\WINDOWS\System32\drivers\ngfilter.sys [35088 2017-02-07] (Dell Inc.)
R3 NgLog; C:\WINDOWS\System32\drivers\nglog.sys [39176 2017-02-07] (Dell Inc.)
R3 NgVpn; C:\WINDOWS\System32\drivers\ngvpn.sys [118536 2017-02-07] (Dell Inc.)
R3 NgWfp; C:\WINDOWS\System32\drivers\ngwfp.sys [39688 2017-02-07] (Dell Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [723920 2017-07-20] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6895984 2017-08-17] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-03-21] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288296 2018-03-21] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-21] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-06-09 14:13 - 2018-06-09 14:14 - 000023853 _____ C:\Users\durma\Downloads\FRST.txt
2018-06-09 14:13 - 2018-06-09 14:13 - 000000000 ____D C:\FRST
2018-06-09 14:12 - 2018-06-09 14:12 - 002413056 _____ (Farbar) C:\Users\durma\Downloads\FRST64.exe
2018-06-07 14:19 - 2018-06-07 14:19 - 000000000 ____D C:\Program Files (x86)\Browser Files
2018-06-07 02:38 - 2018-06-07 02:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-06-07 02:35 - 2018-06-07 02:35 - 000282666 _____ C:\Users\durma\Downloads\Kapitel 3_Organisation nach Mintzberg.pdf
2018-06-04 14:29 - 2018-06-04 14:30 - 000000000 ___HD C:\$WINDOWS.~BT
2018-06-04 14:22 - 2018-06-04 14:22 - 000547477 _____ C:\Users\durma\Desktop\6_3 Gruppe_Leseskript_verbessert_Rechtschreibung_überarbeitet.pdf
2018-06-04 12:18 - 2018-06-04 12:18 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-06-04 12:18 - 2018-06-04 12:18 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-06-04 12:18 - 2018-06-04 12:18 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-06-04 12:18 - 2018-06-04 12:18 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-05-18 19:26 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-17 19:21 - 2018-05-17 19:21 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-05-10 19:29 - 2018-06-06 01:24 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-10 19:29 - 2018-06-06 01:24 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-10 15:04 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-10 15:04 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-10 15:04 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-10 15:04 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-10 15:04 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-10 15:04 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-10 15:04 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-10 15:04 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-10 15:04 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-10 15:04 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-10 15:04 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-10 15:04 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-10 15:04 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-10 15:04 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-10 15:04 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-10 15:04 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-10 15:04 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-10 15:04 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-10 15:04 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-10 15:04 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-10 15:04 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-10 15:04 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-10 15:04 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-10 15:04 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-10 15:04 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-10 15:04 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-10 15:04 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-10 15:04 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-10 15:04 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-10 15:04 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-10 15:04 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-10 15:04 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-10 15:04 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-10 15:04 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-10 15:04 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-10 15:04 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-10 15:04 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-10 15:04 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-10 15:04 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-10 15:04 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-10 15:04 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-10 15:04 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-10 15:04 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-10 15:04 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-10 15:04 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-10 15:04 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-10 15:04 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-10 15:04 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-10 15:04 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-10 15:04 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-10 15:04 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-10 15:04 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-10 15:04 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-10 15:04 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-10 15:04 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-10 15:04 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-10 15:04 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-10 15:04 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-10 15:04 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-10 15:04 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-10 15:04 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-10 15:04 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-10 15:04 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-10 15:04 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-10 15:04 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-10 15:04 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-10 15:04 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-10 15:04 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-10 15:04 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-10 15:04 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-10 15:04 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-10 15:04 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-10 15:04 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-10 15:04 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-10 15:04 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-10 15:04 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-10 15:04 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-10 15:04 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-10 15:04 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-10 15:04 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-10 15:04 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-10 15:04 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-10 15:04 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-10 15:04 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-10 15:04 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-10 15:04 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-10 15:04 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-10 15:04 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-10 15:04 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-10 15:04 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-10 15:04 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-10 15:04 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-10 15:04 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-10 15:04 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-10 15:04 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-10 15:04 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-10 15:04 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-10 15:04 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-10 15:04 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-10 15:04 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-10 15:04 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-10 15:04 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-10 15:04 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-10 15:04 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-10 15:04 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-10 15:04 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-10 15:04 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-10 15:04 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-10 15:04 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-10 15:04 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-10 15:04 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-10 15:04 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-10 15:04 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-10 15:04 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-10 15:04 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-10 15:04 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-10 15:04 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-10 15:04 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-10 15:04 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-10 15:04 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-10 15:04 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-10 15:04 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-10 15:04 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-10 15:04 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-10 15:04 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-10 15:04 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-10 15:04 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-10 15:04 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-10 15:04 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-10 15:04 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-10 15:04 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-10 15:04 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-10 15:04 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-10 15:04 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-10 15:04 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-10 15:04 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-10 15:04 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-10 15:04 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-10 15:04 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-10 15:04 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-10 15:04 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-10 15:04 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-10 15:04 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-10 15:04 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-10 15:04 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-10 15:04 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-10 15:04 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-10 15:04 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-10 15:04 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-10 15:04 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-10 15:04 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-10 15:04 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-10 15:04 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-10 15:04 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-10 15:04 - 2018-04-15 22:00 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-05-10 15:03 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-10 15:03 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-10 15:03 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-10 15:03 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-10 15:03 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-10 15:03 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-10 15:03 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-10 15:03 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-10 15:03 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-10 15:03 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-10 15:03 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-10 15:03 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-10 15:03 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-10 15:03 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-10 15:03 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-10 15:03 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-10 15:03 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-10 15:03 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-10 15:03 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-10 15:03 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-10 15:03 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-10 15:03 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-10 15:03 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-10 15:03 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-10 15:03 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-10 15:03 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-10 15:03 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-10 15:03 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-10 15:03 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-10 15:03 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-10 15:03 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-10 15:03 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-10 15:03 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-10 15:03 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-10 15:03 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-10 15:03 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-10 15:03 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-10 15:03 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-10 15:03 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-10 15:03 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-10 15:03 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-10 15:03 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-10 15:03 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-10 15:03 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-10 15:03 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-10 15:03 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-10 15:03 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-10 15:03 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-10 15:03 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-10 15:03 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-10 15:03 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-10 15:03 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-10 15:03 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-10 15:03 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-10 15:03 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-10 15:03 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-10 15:03 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-10 15:03 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-10 15:03 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-10 15:03 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-10 15:03 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-10 15:03 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-10 15:03 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-10 15:03 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-10 15:03 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-10 15:03 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-10 15:03 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-10 15:03 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-10 15:03 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-10 15:03 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-10 15:03 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-10 15:03 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-10 15:03 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-10 15:03 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-10 15:03 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-10 15:03 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-10 15:03 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-10 15:03 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-10 15:03 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-10 15:03 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-10 15:03 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-10 15:03 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-10 15:03 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-10 15:03 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-10 15:03 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-10 15:03 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-10 15:03 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-10 15:03 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-10 15:03 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-10 15:03 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-10 15:03 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-10 15:03 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-10 15:03 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-10 15:03 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-10 15:03 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-10 15:03 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-10 15:03 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-10 15:03 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-10 15:03 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-10 15:03 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-10 15:03 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-10 15:03 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-10 15:03 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-10 15:03 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-10 15:03 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-10 15:03 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-10 15:03 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-10 15:03 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-10 15:03 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-10 15:03 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-10 15:03 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-10 15:03 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-10 15:03 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-10 15:03 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-10 15:03 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-10 15:03 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-10 15:03 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-10 15:03 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-10 15:03 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-10 15:03 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-10 15:03 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-10 15:03 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-10 15:03 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-10 15:03 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-10 15:03 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-10 15:03 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-10 15:03 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-10 15:03 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-10 15:03 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-10 15:03 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-10 15:03 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-10 15:03 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-10 15:03 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-10 15:03 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-10 15:03 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-10 15:03 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-10 15:03 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-10 15:03 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-10 15:03 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-10 15:03 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-10 15:03 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-10 15:03 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-10 15:03 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-10 15:03 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-10 15:03 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-10 15:03 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-10 15:03 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-10 15:03 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-10 15:03 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-10 15:03 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-10 15:03 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-10 15:03 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-10 15:03 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-10 15:03 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-10 15:03 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-10 15:03 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-10 15:03 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-10 15:03 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-10 15:03 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-10 15:03 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-10 15:03 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-10 15:03 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-10 15:03 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-10 15:03 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-10 15:03 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-10 15:03 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-10 15:03 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-10 15:03 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-10 15:03 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-10 15:03 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-10 15:03 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-10 15:03 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-10 15:03 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-10 15:03 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-10 15:03 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-10 15:03 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-10 15:03 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-10 15:03 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-10 15:03 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-10 15:03 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-10 15:03 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-10 15:03 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-10 15:03 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-10 15:03 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-10 15:03 - 2017-11-26 15:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-06-09 14:10 - 2018-02-13 18:40 - 000003558 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-09 14:10 - 2018-02-13 18:40 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-06-09 14:10 - 2018-02-13 18:40 - 000003334 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-09 14:10 - 2018-02-13 18:40 - 000002802 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFordurma
2018-06-09 14:10 - 2018-02-13 18:40 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-06-09 14:10 - 2017-05-21 20:25 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleFordurma.job
2018-06-09 14:10 - 2017-02-06 21:28 - 000000000 ____D C:\Users\durma\AppData\Roaming\.minecraft
2018-06-09 11:27 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-06-09 11:21 - 2016-09-17 17:34 - 000000000 __SHD C:\Users\durma\IntelGraphicsProfiles
2018-06-08 22:29 - 2018-02-13 18:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-08 19:25 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-08 19:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-08 19:20 - 2018-02-13 18:40 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-06-08 13:54 - 2018-02-13 18:11 - 000000000 ____D C:\Users\durma
2018-06-08 12:27 - 2018-02-13 18:10 - 002579632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-08 12:27 - 2017-09-30 16:35 - 001155978 _____ C:\WINDOWS\system32\perfh007.dat
2018-06-08 12:27 - 2017-09-30 16:35 - 000273420 _____ C:\WINDOWS\system32\perfc007.dat
2018-06-08 12:20 - 2018-02-13 18:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-08 00:23 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-07 14:19 - 2016-09-28 17:19 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-07 14:19 - 2016-09-28 17:19 - 000002303 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-07 14:18 - 2018-03-03 21:42 - 000000000 ____D C:\Users\durma\AppData\Roaming\OpenOffice Updater
2018-06-07 02:38 - 2016-01-08 21:34 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-06-04 14:30 - 2017-12-30 00:56 - 000000000 ___DC C:\WINDOWS\Panther
2018-06-04 14:23 - 2018-02-13 18:12 - 000000000 ____D C:\Users\durma\AppData\Local\Packages
2018-06-02 22:40 - 2016-09-26 18:37 - 000000000 ____D C:\Users\durma\AppData\Roaming\vlc
2018-06-02 22:35 - 2016-09-17 20:52 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-05-30 17:23 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-30 17:20 - 2016-01-08 21:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-05-29 23:22 - 2018-03-03 21:37 - 000000000 ____D C:\Users\durma\Desktop\SS 18
2018-05-29 23:21 - 2017-10-21 23:18 - 000000000 ____D C:\Users\durma\Desktop\WS 1718
2018-05-26 13:22 - 2016-01-08 21:34 - 000001250 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-05-26 13:22 - 2016-01-08 21:34 - 000001246 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-05-26 13:21 - 2017-09-29 10:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-05-19 13:48 - 2018-02-13 18:40 - 000004312 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-05-19 13:48 - 2018-02-13 18:40 - 000004080 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-05-17 19:21 - 2017-11-18 21:40 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-05-17 19:21 - 2016-09-17 20:18 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-05-17 19:21 - 2016-09-17 20:18 - 000381552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-05-17 19:21 - 2016-09-17 20:18 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-05-17 19:21 - 2016-09-17 20:18 - 000159120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-05-17 19:21 - 2016-09-17 20:18 - 000111360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-05-17 19:21 - 2016-09-17 20:18 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-05-17 19:21 - 2016-09-17 20:18 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-05-17 19:19 - 2017-11-16 22:52 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-05-17 19:19 - 2016-09-17 20:18 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-05-16 18:31 - 2016-11-29 15:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-14 19:44 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-12 13:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-10 19:32 - 2015-11-02 20:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-10 19:31 - 2018-02-13 18:47 - 000000000 ___RD C:\Users\durma\3D Objects
2018-05-10 19:27 - 2018-02-13 18:04 - 000439464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-10 18:41 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-10 18:41 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-10 18:41 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-10 18:41 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-10 18:41 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-10 18:41 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-10 18:41 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-10 18:41 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-10 15:22 - 2016-09-22 10:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-10 15:18 - 2017-10-10 20:57 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-10 15:18 - 2016-09-22 10:52 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-10 15:09 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-10 15:08 - 2017-09-29 15:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-10 15:08 - 2017-09-29 15:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-10 15:08 - 2017-09-29 15:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-09-17 17:34 - 2018-06-09 11:22 - 001663439 _____ () C:\Users\durma\AppData\Local\BTServer.log
2017-02-27 23:34 - 2017-03-01 02:44 - 000000600 _____ () C:\Users\durma\AppData\Local\PUTTY.RND
2017-09-21 18:40 - 2017-09-21 18:40 - 000000876 _____ () C:\Users\durma\AppData\Local\recently-used.xbel
2018-03-17 15:59 - 2018-03-17 15:59 - 000000017 _____ () C:\Users\durma\AppData\Local\resmon.resmoncfg

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\durma\AppData\Roaming\OpenOffice Updater\Updater.exe


Einige Dateien in TEMP:
====================
2018-06-04 18:45 - 2018-06-04 18:45 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-1048454585328174848.dll
2018-06-02 11:45 - 2018-06-02 11:45 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-2229676161879821082.dll
2018-06-04 21:37 - 2018-06-04 21:37 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-2509930455984315796.dll
2018-06-06 18:57 - 2018-06-06 18:57 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-2726116339274073415.dll
2018-06-05 17:30 - 2018-06-05 17:30 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-2878776239356286756.dll
2018-06-03 01:24 - 2018-06-03 01:24 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-2972737384411303756.dll
2018-06-05 04:11 - 2018-06-05 04:11 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-3096684296645834691.dll
2018-06-03 01:23 - 2018-06-03 01:23 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-3257892812557646964.dll
2018-06-03 11:42 - 2018-06-03 11:42 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-3273425823217591088.dll
2018-06-06 01:54 - 2018-06-06 01:54 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-3735829831175782110.dll
2018-06-04 03:31 - 2018-06-04 03:31 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-4567584173317191713.dll
2018-06-07 01:53 - 2018-06-07 01:53 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-4574073910303981477.dll
2018-06-05 04:01 - 2018-06-05 04:01 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-491561922806595918.dll
2018-06-02 03:32 - 2018-06-02 03:32 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-6110337644582804507.dll
2018-06-06 19:05 - 2018-06-06 19:05 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-6128026009061002703.dll
2018-06-03 18:28 - 2018-06-03 18:28 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-64852134106239367.dll
2018-06-03 02:57 - 2018-06-03 02:57 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-65498290469613991.dll
2018-06-04 21:38 - 2018-06-04 21:38 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-7257929204497019644.dll
2018-06-08 20:28 - 2018-06-08 20:28 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-7388772381214748882.dll
2018-06-07 16:18 - 2018-06-07 16:18 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-7678696157131961122.dll
2018-06-09 11:26 - 2018-06-09 11:26 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-8059870150561833826.dll
2018-06-07 14:19 - 2018-06-07 14:19 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-8195139017412814618.dll
2018-06-08 03:08 - 2018-06-08 03:08 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-8257574106666151484.dll
2018-06-04 01:02 - 2018-06-04 01:02 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-8281093823053281403.dll
2018-06-02 18:27 - 2018-06-02 18:27 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-8714275087395125702.dll
2018-06-02 00:01 - 2018-06-02 00:01 - 000019968 ____N (Red Hat®, Inc.) C:\Users\durma\AppData\Local\Temp\jansi-64-9044091955151433483.dll
2018-06-07 14:19 - 2018-06-07 14:19 - 009932832 _____ () C:\Users\durma\AppData\Local\Temp\OpenOffice-Update_de.exe
2018-06-02 22:34 - 2018-06-02 22:34 - 041465128 _____ () C:\Users\durma\AppData\Local\Temp\vlc-3.0.3-win64.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-06-08 21:52

==================== Ende von FRST.txt ============================
         
--- --- ---
__________________

Alt 09.06.2018, 14:20   #4
Hakan-TR
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
durchgeführt von durma (09-06-2018 14:14:56)
Gestartet von C:\Users\durma\Downloads
Windows 10 Home Version 1709 16299.431 (X64) (2018-02-13 16:42:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1844293641-2757881521-3897887764-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1844293641-2757881521-3897887764-503 - Limited - Disabled)
durma (S-1-5-21-1844293641-2757881521-3897887764-1001 - Administrator - Enabled) => C:\Users\durma
Gast (S-1-5-21-1844293641-2757881521-3897887764-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1844293641-2757881521-3897887764-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.3.203 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{A14A2A00-D5CB-867E-8C03-8108DC2702D7}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apowersoft Bildschirmrekorder Pro V2.2.6 (HKLM-x32\...\{dc9006db-6b05-4f0f-833b-79ef3f284c24}_is1) (Version: 2.2.6 - APOWERSOFT LIMITED)
Apowersoft iPhone/iPad Recorder V1.1.7 (HKLM-x32\...\{ebf98365-092c-4e75-968f-ff760a70172c}_is1) (Version: 1.1.7 - APOWERSOFT LIMITED)
Apple Application Support (32-Bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9E005AAA-81A3-478E-8944-532D350952EE}) (Version: 11.3.1.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 64.0.387.186 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.2 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-d69930ac-1427-47d7-b42e-1e9f07ba82f6) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build-a-lot (HKLM-x32\...\WTA-8371dcb7-39d8-417c-8c69-499853ce9612) (Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-354824fb-fab4-45f2-9f10-abc97694eb11) (Version: 3.0.2.48 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Crazy Chicken Soccer (HKLM-x32\...\WTA-47ae85ac-b5aa-4601-9644-d95bc40d7f8a) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - Ihr Firmenname) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.2.5829 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - Ihr Firmenname) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4627 - CyberLink Corp.)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-2764dc7c-2499-45e9-9cf0-a57b4721ca1c) (Version: 3.0.2.59 - WildTangent) Hidden
Dell SMA Connect Tunnel (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 11.40.390 - Dell Inc.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 51.4.66 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.45.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.00.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.30.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Evernote v. 5.8.13 (HKLM-x32\...\{A229420E-204B-11E5-B844-0050569584E9}) (Version: 5.8.13.8152 - Evernote Corp.)
FileZilla Client 3.22.2.2 (HKLM-x32\...\FileZilla Client) (Version: 3.22.2.2 - Tim Kosse)
Fragen-Lern-CD 5.2 (HKLM-x32\...\{C00D8F0E-967F-F528-60C4-1612D6706E4F}) (Version: 5.2.0 - Wendel-Verlag GmbH) Hidden
Fragen-Lern-CD 5.2 (HKLM-x32\...\de.wendel.flcd-de) (Version: 5.2.0 - Wendel-Verlag GmbH)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version:  - HP)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.6.18.11 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B3FFA06F-CC21-439C-9452-DFE751ED58A8}) (Version: 12.9.18.3 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{DD21DBC9-2A74-44DA-A543-B1F4AF3ABFCA}) (Version: 1.1.8.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4542 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{a47edec4-fa11-4d02-b329-4424d0197af8}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{39C3E843-9833-446C-BB06-4E068B33D9DA}) (Version: 12.7.4.80 - Apple Inc.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-98c6706b-cc16-41cc-999e-78ae01996615) (Version: 2.2.0.97 - WildTangent) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.9330.2087 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.6.34 - Nike)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Ihr Firmenname)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9330.2087 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9330.2087 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9330.2087 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9330.2087 - Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32\...\{F0C909D7-D643-4628-8C6A-94073139F0CE}) (Version: 4.15.9789 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice) <==== ACHTUNG
Polar Bowler 1st Frame (HKLM-x32\...\WTA-b1f8e97d-60ff-4247-b7ed-d1484ee86d7e) (Version: 3.0.2.59 - WildTangent) Hidden
PX Profile Update (HKLM-x32\...\{6989BE86-B5BE-BF83-3AE9-4908B41EC1A2}) (Version: 1.00.1. - AMD) Hidden
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-aa56ac68-e36b-462c-a4da-334cdb58b367) (Version: 2.2.0.97 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.48 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.64 - REALTEK Semiconductor Corp.)
Runefall (HKLM-x32\...\WTA-df1c2189-1e0e-45bc-b0b2-3a8e6cecf942) (Version: 3.0.2.126 - WildTangent) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Trinklit Supreme (HKLM-x32\...\WTA-a9e09d24-c596-47c3-843b-09db7b8d08f0) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9C4F3AF4-21D8-43BD-A69C-517BB96012CF}) (Version: 2.12.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-8f941d68-3e9f-4f3e-a184-640a8d92ef0b) (Version: 3.0.2.59 - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Websuche (Chrome) (HKLM-x32\...\Websuche) (Version:  - Websuche) <==== ACHTUNG
Wedding Dash (HKLM-x32\...\WTA-62091e2b-8c0a-4522-915f-cdfe37209b04) (Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.16 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Youda Jewel Shop (HKLM-x32\...\WTA-1fa6e2dc-290b-4d95-8b7f-a505e4f8a818) (Version: 3.0.2.51 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-17] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-17] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-17] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-17] (AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-06] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-04] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxDTCM.dll [2017-02-22] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-17] (AVAST Software)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02F478AA-119B-4666-9FA8-FCC4DCB7C640} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-30] (Microsoft Corporation)
Task: {0337D309-A890-4010-9664-51502F0E5027} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-05-02] (HP Inc.)
Task: {0A1762B7-4240-4ADF-983E-997BF6ABA3A6} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-09-17] (AVAST Software)
Task: {17804879-7C92-4114-AD20-6AECA53827AE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-30] (Microsoft Corporation)
Task: {1B9AECF1-75F0-49AB-B197-D46521B66965} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-30] (Microsoft Corporation)
Task: {21D4DACE-491B-48EC-827B-3378D397467D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {2870B1C4-4CC4-4BA6-B2D7-5742E657C409} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {2AC408AC-1BF1-4A28-8B20-1486AF66B842} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2B462700-A551-46A9-B8BA-FD09DC90A540} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-17] (AVAST Software)
Task: {2E51DAEA-3037-4EA6-B439-564F60DC7559} - System32\Tasks\HPCeeScheduleFordurma => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {30AA390F-CFD7-408A-A88D-792BEE280F60} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {3E4848CB-C99D-4C11-93F9-A5F749A068DE} - System32\Tasks\EPSON WF-3620 Series Update {79C37856-BE23-4205-8B39-223E74E52073} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {449D0587-1F9B-4357-AF32-54566AB846E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-05-02] (HP Inc.)
Task: {4A4B587E-B753-4669-A724-4582D20FD7B8} - System32\Tasks\EPSON WF-3620 Series Invitation {4D5C06AC-E755-4BE8-99FE-9D83C64D0C5B} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {505F4D74-2FAC-45C3-BD53-52AD3765A6E8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-19] ()
Task: {5F710C6D-EAA3-47B3-B5F2-D48ED73D2BE7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-28] (Google Inc.)
Task: {6336C4A3-B873-4184-85DC-D22FCEAE8A3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-28] (Google Inc.)
Task: {7202B5F9-DA0E-4353-BF84-B9EE758D1400} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-06] (AVAST Software)
Task: {7415FF0D-1A89-4621-8B6A-EB9FDFF7FDF3} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {7B94765E-61CA-4074-AEFC-ACE38D74DCAE} - System32\Tasks\EPSON WF-3620 Series Update {4D5C06AC-E755-4BE8-99FE-9D83C64D0C5B} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {7D7B80CC-21FD-4BD1-B64C-0DF26101C38B} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {87222B56-4117-4AD5-82C3-FA49BF8E0F84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-05-11] (HP Inc.)
Task: {88F6B500-4D1E-4C9B-A87C-C51B5D919C19} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {8B334704-AFBE-44DD-AA13-6F8879FFCD7C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {95F9CAAC-F9EA-4B28-BD3F-A2EFEBD060AB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-30] (Microsoft Corporation)
Task: {A514136D-5ACF-4BCF-BBBB-E92866970CD4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-05-30] (Microsoft Corporation)
Task: {A525190B-34DD-460D-8BCA-5890762741F5} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-05-30] (Microsoft Corporation)
Task: {A5C64C5C-76A0-4CF5-9647-F1629AFDC637} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {AC79DCB4-5430-4387-8572-709D7781BFCB} - System32\Tasks\EPSON WF-3620 Series Update {28E1C377-ABE2-4F46-A2D6-DE2986C5EA67} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {B5EA3D2F-D6FD-4C7F-B1D6-5252634E8179} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-24] (Microsoft Corporation)
Task: {B6834ABB-DF0E-4E78-A7F2-F8049817DE66} - System32\Tasks\EPSON WF-3620 Series Invitation {28E1C377-ABE2-4F46-A2D6-DE2986C5EA67} => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {BBE5CAFB-5E10-49DD-9FF1-FD61B64C8D06} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-10-29] (CyberLink Corp.)
Task: {BC126B2E-C6CE-43B6-88C7-50344BD4472C} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe [2018-05-04] (Microsoft Corporation)
Task: {C09F6EC7-1D7F-4F1A-ADB9-55D7D0B9715C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {C0A13C13-2860-4359-9718-A92D5A8B43F9} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {C5C70592-CC74-44A5-B9A1-F808E501CBD6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {CC5F82B5-E2BF-404D-AE54-C0142391A7FB} - System32\Tasks\EPSON WF-3620 Series Invitation {1118B8B7-3F81-497C-B664-ABD804F2E902} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {F0B56A31-652C-4B5E-B136-DDB315796AFF} - System32\Tasks\EPSON WF-3620 Series Update {1118B8B7-3F81-497C-B664-ABD804F2E902} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {F4D3742E-4A48-4C04-9FE8-5C1C2ECA5A46} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {FAA7C4A5-B9EE-4140-BF2B-18FFF43A7179} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-09-17] (AVAST Software)
Task: {FB73AF1B-44BD-4F39-9BA8-07142779269D} - System32\Tasks\EPSON WF-3620 Series Invitation {79C37856-BE23-4205-8B39-223E74E52073} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {FEF8F956-62B9-4A68-9AED-828A44BFB4B8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-24] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\ Invitation {ECEE12B8-1D27-48E0-888D-C96941DAEBAC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {1118B8B7-3F81-497C-B664-ABD804F2E902}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {28E1C377-ABE2-4F46-A2D6-DE2986C5EA67}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {4D5C06AC-E755-4BE8-99FE-9D83C64D0C5B}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {79C37856-BE23-4205-8B39-223E74E52073}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {1118B8B7-3F81-497C-B664-ABD804F2E902}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{1118B8B7-3F81-497C-B664-ABD804F2E902} /F:UpdateWORKGROUP\LAPTOP-9AQNOV5G$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {28E1C377-ABE2-4F46-A2D6-DE2986C5EA67}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{28E1C377-ABE2-4F46-A2D6-DE2986C5EA67} /F:UpdateWORKGROUP\LAPTOP-9AQNOV5G$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {4D5C06AC-E755-4BE8-99FE-9D83C64D0C5B}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{4D5C06AC-E755-4BE8-99FE-9D83C64D0C5B} /F:UpdateWORKGROUP\LAPTOP-9AQNOV5G$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {79C37856-BE23-4205-8B39-223E74E52073}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE:/EXE:{79C37856-BE23-4205-8B39-223E74E52073} /F:UpdateWORKGROUP\LAPTOP-9AQNOV5G$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\HPCeeScheduleFordurma.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www1.online/?w=RD2332
ShortcutWithArgument: C:\Users\durma\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www1.online/?w=RD2332
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www1.online/?w=RD2332
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> www1.online/?w=RD2332

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-02-10 04:11 - 2017-02-10 04:11 - 000259040 _____ () C:\WINDOWS\ngmsi.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-08 21:17 - 2015-11-19 16:44 - 000127192 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-01-08 21:36 - 2014-04-14 19:59 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-09-17 17:40 - 2016-09-17 17:41 - 000592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-03-15 00:51 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-15 00:51 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-23 14:26 - 2018-05-23 14:26 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 14:26 - 2018-05-23 14:26 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 14:26 - 2018-05-23 14:26 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 14:26 - 2018-05-23 14:26 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-23 14:26 - 2018-05-23 14:26 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-04-08 08:04 - 2018-04-08 08:04 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-04-08 08:04 - 2018-04-08 08:04 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-05-16 12:36 - 2018-05-15 05:13 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libglesv2.dll
2018-05-16 12:36 - 2018-05-15 05:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libegl.dll
2018-02-13 17:47 - 2018-02-13 17:47 - 000975872 _____ () C:\WINDOWS\system32\FaceProcessor.dll
2018-02-13 17:47 - 2018-02-13 17:47 - 000269696 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 001357464 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll
2018-03-15 20:47 - 2018-03-15 20:47 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-17 19:20 - 2018-05-17 19:20 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-05-17 19:19 - 2018-05-17 19:19 - 000293592 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2016-09-17 17:43 - 2016-09-17 17:43 - 038907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2017-12-28 20:56 - 000000822 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-1844293641-2757881521-3897887764-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{34E63BDE-A9D4-4B80-83F5-552AE01CEF92}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{EF6F9D29-4669-4FD8-8AB9-0DBD845E83D5}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{CED07800-793F-43AA-A334-E748F900E884}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{9F1AF688-0B85-4B48-94CA-A73EC2462B59}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{13879BF6-514B-4D47-ABD5-1C39E14EBB0D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{4EA42743-4937-44E4-A2AD-807309A6C588}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{86955277-4CF3-4935-BCAE-2BD743C68232}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{7C7A8063-CD13-4A18-901A-864F0D444038}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{E1EF2F8A-36C0-4204-8935-B3E099CCD6E5}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{B587E8BE-B315-4856-9CAF-DEC99F32B6B7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6B4768BE-2880-4FA5-8DE1-1C5FD1FC2003}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{051C25D0-9FE4-4229-B374-53C3C9EB53AD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B70EDA22-B7B4-4D97-932C-AD50E937625D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{31555AA4-3937-46F2-8504-9E97AA16DD99}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2631069E-C39C-4F75-B5F3-48639C70A163}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{EA0F1C0D-1242-4766-A4BF-EAF83C326694}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{11D426EB-D35A-4394-B279-AE58FCABA295}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F84CF389-39C3-45E3-B748-F221A9B8FF2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{40E76EE8-8175-4B9C-A692-BB10DF59A20B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [TCP Query User{F07FD541-8266-49E3-BD83-8C3A5597D37B}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{9F05FF79-BEF3-4736-AAAA-35B521E84FCA}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{EEC11617-F0B2-4108-96C8-01034BDA30C3}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{AEFD3064-15B9-4750-B028-0F03FC21A8C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1D5EFE43-4798-4274-9D8D-7CFB20792DA8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{FDD26E41-8E5C-4F31-B768-1803E64482DD}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe
FirewallRules: [{9F258169-386C-4757-8524-AC5AFAB2305E}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe
FirewallRules: [{6AB5BB4C-81EB-4932-993E-FD17F2D77DC5}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{72D8E5AA-5D97-4BFB-9710-E64D4AD42241}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{7F790AD8-2D59-43EC-ADD3-723E8E0E9685}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe
FirewallRules: [{DD866114-C421-44E1-8843-A6062625FB88}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe
FirewallRules: [{D9DA081C-B807-4B69-9051-331A8A6136DB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe
FirewallRules: [{BF8A2117-499A-419C-9A2A-25DF9432D46E}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe
FirewallRules: [{CE61E4A8-30B4-4E1F-B3E9-1AD35F760091}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{9880C11C-92ED-4019-A1F4-16443DB43BA4}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{65E810DE-25A8-46CC-BC8F-8F297485CE94}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{70153E63-8C6F-4CC4-A151-3C5C6595E72A}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4D319F76-A2CA-409C-A80E-F28184ACC582}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft iPhone Recorder\Apowersoft iPhone Recorder.exe
FirewallRules: [{2286DBC1-8EB1-469D-A9D9-18188315C135}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft iPhone Recorder\Apowersoft iPhone Recorder.exe
FirewallRules: [{6E7ADDE7-AF08-434D-9DE6-E1FCDD96F448}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{53F49764-697B-4293-8413-291FD5A87626}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{76555502-6956-455B-9482-1B39CAB27AF5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{CC54AE47-DD6A-4ABC-BFEA-0D3ACB5ABCE4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{FCC62297-9B65-460A-ABA0-EBD92F20D1A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1EC31B70-370E-41C6-A79D-35A9BB0197AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BA6370E4-5152-4F37-BA56-904177FE8B22}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{79696488-64E7-446C-8209-DBD87795E17B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3F8D26EB-9CF4-4BA9-93BB-5D422673E59D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C729C5E1-F28E-4CF9-A6BA-BCF4C81A0E55}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{BB813D6A-7F8B-4F2B-87DB-6B445BEE9D79}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{9A108668-DBEC-42B3-A870-2F009898DB3D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4DD09B02-B891-43BC-95EF-77DA032C66A0}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

18-05-2018 19:26:54 Windows Update
08-06-2018 00:22:38 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/09/2018 12:54:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MinecraftLauncher.exe, Version: 1.0.1.0, Zeitstempel: 0x5af1959b
Name des fehlerhaften Moduls: launcher.dll, Version: 0.0.0.0, Zeitstempel: 0x5af19317
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00021b7e
ID des fehlerhaften Prozesses: 0x33d4
Startzeit der fehlerhaften Anwendung: 0x01d3ffd3d8c52086
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Minecraft\game\launcher.dll
Berichtskennung: 971ab710-d7f5-4dbb-a90c-d4c2a84868e0
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/09/2018 12:04:37 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/09/2018 11:26:26 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/09/2018 11:20:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15531

Error: (06/09/2018 11:20:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15531

Error: (06/09/2018 11:20:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/08/2018 07:20:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PowerDVD14Agent.exe, Version: 14.0.2.5829, Zeitstempel: 0x5631ba79
Name des fehlerhaften Moduls: EvoParser.dll_unloaded, Version: 1.2.0.8201, Zeitstempel: 0x560cd3be
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022bb8
ID des fehlerhaften Prozesses: 0x2f98
Startzeit der fehlerhaften Anwendung: 0x01d3ff4cefd1dc02
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
Pfad des fehlerhaften Moduls: EvoParser.dll
Berichtskennung: a6692483-7d8b-4bd9-a34c-a306e1a24747
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/08/2018 01:54:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MinecraftLauncher.exe, Version: 1.0.1.0, Zeitstempel: 0x5af1959b
Name des fehlerhaften Moduls: launcher.dll, Version: 0.0.0.0, Zeitstempel: 0x5af19317
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00021b7e
ID des fehlerhaften Prozesses: 0x2bf4
Startzeit der fehlerhaften Anwendung: 0x01d3ff13445ccfba
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Minecraft\game\launcher.dll
Berichtskennung: ed90cdff-5215-42ba-8c65-804bc77a0a6f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (06/09/2018 12:37:53 PM) (Source: DCOM) (EventID: 10029) (User: NT-AUTORITÄT)
Description: Das Zeitlimit für die Aktivierung der CLSID "{E60687F7-01A1-40AA-86AC-DB1CBF673334}" wurde überschritten, während auf das Beenden von Dienst "wuauserv" gewartet wurde.

Error: (06/09/2018 12:36:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/09/2018 11:36:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/09/2018 11:24:59 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/09/2018 11:23:02 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-9AQNOV5G)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "LAPTOP-9AQNOV5G\durma" (SID: S-1-5-21-1844293641-2757881521-3897887764-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/09/2018 11:21:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/09/2018 11:21:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/09/2018 11:21:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


Windows Defender:
===================================
Date: 2018-03-23 16:41:53.524
Description: 
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {95854945-0EF1-40D1-9107-83E63EF2AD87}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

CodeIntegrity:
===================================

Date: 2018-06-09 14:06:02.667
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-09 14:06:02.666
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-09 13:36:02.684
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-09 13:36:02.681
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-09 13:21:04.735
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-09 13:21:04.733
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-09 13:09:18.348
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-09 13:09:18.346
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8090.91 MB
Verfügbarer physikalischer RAM: 5061.19 MB
Summe virtueller Speicher: 9370.91 MB
Verfügbarer virtueller Speicher: 6124.91 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:1846.14 GB) (Free:1732.2 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.65 GB) (Free:1.83 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

\\?\Volume{67a56520-d485-4ae1-b3a3-d80789a36fd1}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
\\?\Volume{a94b01c0-9442-4f03-abcf-ebf07039ed8f}\ () (Fixed) (Total:0.95 GB) (Free:0.33 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: C5D67FB2)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
--- --- ---

Alt 09.06.2018, 15:23   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Avast bitte komplett deinstallieren

Von Avast raten wir schon lange ab.
Außerdem will ich für eine Analyse und Bereinigung so wenig Störquellen wie nur möglich. Zum Abschluss gibt es Hinweise zur Absicherung deines Windows-Systems.

Wir deinstallieren dann am besten auch gleich weiteren unnötigen oder veralteten Krempel.

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:


    Adobe Acrobat Reader DC - Deutsch

    Adobe AIR

    Adobe Shockwave Player 12.3

    Avast Free Antivirus

    Avast Secure Browser

    Avast SecureLine

    Avast Update Helper

    Java 8 Update 161

    Java 8 Update 172

    OpenOffice 4.1.5

    OpenOffice Updater

    Websuche


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Gib Bescheid wenn das weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.06.2018, 16:24   #6
Hakan-TR
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Vielen Dank für die Rückmeldung, die Programme wurden entfernt.

Alt 09.06.2018, 17:39   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Schädlinge suchen mit Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.06.2018, 23:49   #8
Hakan-TR
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Code:
ATTFilter
23:45:11.0495 0x1194  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
23:45:11.0495 0x1194  UEFI system
23:45:18.0104 0x1194  ============================================================
23:45:18.0104 0x1194  Current date / time: 2018/06/09 23:45:18.0104
23:45:18.0106 0x1194  SystemInfo:
23:45:18.0106 0x1194  
23:45:18.0106 0x1194  OS Version: 10.0.16299 ServicePack: 0.0
23:45:18.0106 0x1194  Product type: Workstation
23:45:18.0106 0x1194  ComputerName: LAPTOP-9AQNOV5G
23:45:18.0106 0x1194  UserName: durma
23:45:18.0106 0x1194  Windows directory: C:\WINDOWS
23:45:18.0106 0x1194  System windows directory: C:\WINDOWS
23:45:18.0106 0x1194  Running under WOW64
23:45:18.0106 0x1194  Processor architecture: Intel x64
23:45:18.0106 0x1194  Number of processors: 4
23:45:18.0106 0x1194  Page size: 0x1000
23:45:18.0106 0x1194  Boot type: Normal boot
23:45:18.0106 0x1194  CodeIntegrityOptions = 0x00000001
23:45:18.0106 0x1194  ============================================================
23:45:18.0483 0x1194  KLMD registered as C:\WINDOWS\system32\drivers\86434939.sys
23:45:18.0483 0x1194  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 16299.431, osProperties = 0x19
23:45:18.0610 0x1194  System UUID: {D11415EB-4B5B-B767-61E2-E65E366651C1}
23:45:19.0028 0x1194  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:45:19.0046 0x1194  ============================================================
23:45:19.0046 0x1194  \Device\Harddisk0\DR0:
23:45:19.0046 0x1194  GPT partitions:
23:45:19.0046 0x1194  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {67A56520-D485-4AE1-B3A3-D80789A36FD1}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
23:45:19.0046 0x1194  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CABFCC5F-FDA4-4519-9D59-CF0C5BC1901C}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
23:45:19.0046 0x1194  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {485E1334-DD94-42C1-AAE2-B366D8671341}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0xE6C45795
23:45:19.0046 0x1194  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A94B01C0-9442-4F03-ABCF-EBF07039ED8F}, Name: , StartLBA 0xE6CD0000, BlocksNum 0x1E7800
23:45:19.0046 0x1194  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4C1D65D0-D022-4EE7-B319-C401773D18B9}, Name: Basic data partition, StartLBA 0xE6EB7800, BlocksNum 0x1F4E800
23:45:19.0046 0x1194  MBR partitions:
23:45:19.0046 0x1194  ============================================================
23:45:19.0081 0x1194  C: <-> \Device\Harddisk0\DR0\Partition3
23:45:19.0134 0x1194  D: <-> \Device\Harddisk0\DR0\Partition5
23:45:19.0134 0x1194  ============================================================
23:45:19.0135 0x1194  Initialize success
23:45:19.0135 0x1194  ============================================================
23:48:24.0201 0x1ae0  ============================================================
23:48:24.0201 0x1ae0  Scan started
23:48:24.0201 0x1ae0  Mode: Manual; SigCheck; TDLFS; 
23:48:24.0201 0x1ae0  ============================================================
23:48:24.0201 0x1ae0  KSN ping started
23:48:24.0255 0x1ae0  KSN ping finished: true
23:48:27.0250 0x1ae0  ================ Scan system memory ========================
23:48:27.0250 0x1ae0  System memory - ok
23:48:27.0251 0x1ae0  ================ Scan services =============================
23:48:27.0496 0x1ae0  [ 08312DEEF0D3F8647AA53AD90A69094E, E32620323E7EDD3CAB5B04B9E37DDE7CA87B45C2CB17520D69D03C17E1D5F65A ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
23:48:27.0557 0x1ae0  1394ohci - ok
23:48:27.0585 0x1ae0  [ 645009E711BBF117CCEE917A03FB0CDD, B531951443D961C08428CB0F77F57D9F33C37C0637F919A9DA9DB5DA18479F70 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
23:48:27.0594 0x1ae0  3ware - ok
23:48:27.0610 0x1ae0  ACPI - ok
23:48:27.0613 0x1ae0  [ 44EA35A4B397898A83BF1B9B4B8DAE35, 023E3BC5CE47518269A812F156EFF1BD4CB14F1F5DD3FCC317DE046A519E20CE ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
23:48:27.0628 0x1ae0  AcpiDev - ok
23:48:27.0645 0x1ae0  [ 91D113A1532B8AB1E25B7DE5AB3C2F83, 43134DB92D522FCF537FFA8E829021F43BDD90006D7F096BA483DA1DAD3D1CC3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
23:48:27.0655 0x1ae0  acpiex - ok
23:48:27.0674 0x1ae0  [ 620BB2682BA625DF037072D89F44F6EE, A1A72F663C75DC65B1BA278CD7F43FAE6D1BDAE2F3F1D8269F508DECB555FFF9 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
23:48:27.0688 0x1ae0  acpipagr - ok
23:48:27.0736 0x1ae0  [ B9805A3C479390CEAEA5AEF5E4A90A2E, D9256734BC46EA43133873BDDE56B9A3597F74CFE82500FFB374A8EE6293ADD3 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
23:48:27.0760 0x1ae0  AcpiPmi - ok
23:48:27.0779 0x1ae0  [ ABD4EB55C661143B015BD0B9B47B235C, 5F109BA04010E634D547E86AF67659EA06BD05FCF78A493DB190790C4D7E13EA ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
23:48:27.0797 0x1ae0  acpitime - ok
23:48:27.0851 0x1ae0  [ 8C58BD711FAD5F11E8CFDBC5CED973A5, 340FCD2C492009D5D7732FBF94198C4767125A77E0C71BB20E5CB2BDA5AB57CF ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:48:27.0880 0x1ae0  ADP80XX - ok
23:48:27.0918 0x1ae0  AFD - ok
23:48:27.0929 0x1ae0  ahcache - ok
23:48:27.0975 0x1ae0  [ 84FFB4AC2BA923364DF13F73751E05D1, EBD054282D93F290408A2343C0CBF98CEF7619A8252DC04E15322E51505D45AF ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
23:48:28.0004 0x1ae0  AJRouter - ok
23:48:28.0051 0x1ae0  [ 084101AB03969D8ED00D5FFBE5F4C3DF, 6425FA16F0CBF5F3008780095364830EBF1F073BD5109764FE9E88245AFB9367 ] ALG             C:\WINDOWS\System32\alg.exe
23:48:28.0070 0x1ae0  ALG - ok
23:48:28.0122 0x1ae0  [ 1E108A1759AAFA8624A85A663F529965, 2470E95DE0C0826E8D7626D71BB9B34D3802535D74CE5D13B103785894766F87 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
23:48:28.0136 0x1ae0  AMD External Events Utility - ok
23:48:28.0139 0x1ae0  AmdK8 - ok
23:48:28.0143 0x1ae0  amdkmdag - ok
23:48:28.0222 0x1ae0  [ 9EA22FCFEB3A8616CBAF48E62446DED8, A0FBC020058602092C3545675E58FB98645A862269DF7D8697802DA5D79B4056 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
23:48:28.0244 0x1ae0  amdkmdap - ok
23:48:28.0248 0x1ae0  AmdPPM - ok
23:48:28.0268 0x1ae0  [ F1C16AABA27E9E153AEC7BD2AB853F30, 7CFDBD218E6C161747A21BBACC78BF1061F2427ED1247F1AE0879BE155C504E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
23:48:28.0278 0x1ae0  amdsata - ok
23:48:28.0299 0x1ae0  [ C834D0F1ECB8473E9E6D18EE1BCEECB2, C9B7B9279F96DE4DA1EE096B6463591B3A718F87CD75E544C5A07C3639D1F188 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
23:48:28.0311 0x1ae0  amdsbs - ok
23:48:28.0327 0x1ae0  [ 49203D2FFE30CBB36BE66A0E70F3D954, E5B5A3B3B4A8FF03B5C902642C776CECD554CA1DB25419111EDA83602986CCCE ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
23:48:28.0334 0x1ae0  amdxata - ok
23:48:28.0423 0x1ae0  [ 4EB4D11F563FBEBDE8DE4E74B8851715, 0F6FF3C5C999990501277AAC5A33DF8194CEE6975347C2D1D2319BB86D54867C ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
23:48:28.0443 0x1ae0  AppHostSvc - ok
23:48:28.0468 0x1ae0  AppID - ok
23:48:28.0493 0x1ae0  AppIDSvc - ok
23:48:28.0505 0x1ae0  Appinfo - ok
23:48:28.0582 0x1ae0  [ 1E085E2302D568F0CE041732B3E887B0, 0D2A3675FDD04C800B302C84A43F233F0217EB4B1AD44B11AADDB0D5D8FA0DB2 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
23:48:28.0613 0x1ae0  applockerfltr - ok
23:48:28.0686 0x1ae0  [ 1D123729F547EEDFBE3F510346848C38, B170860348FBAC054203A7B858866A12944D7046C01BA3A14AC0860D8C288770 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
23:48:28.0723 0x1ae0  AppReadiness - ok
23:48:28.0755 0x1ae0  AppXSvc - ok
23:48:28.0761 0x1ae0  [ B42C83DE28776B80DBA1310C56DD4F74, 8E017B73D5AD644EC1D46BC1DC2CAF465A6793E2AD6DC35A2E3AB907E7719C40 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
23:48:28.0770 0x1ae0  arcsas - ok
23:48:28.0904 0x1ae0  [ 9CDC69DDFDC91DC628F7515809329798, 2D202B3992A834A04C81834B0AC39E8B953410A24B929CB97D81F9CB546296D4 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:48:28.0918 0x1ae0  aspnet_state - ok
23:48:28.0955 0x1ae0  [ C2151380227CD1F7DDA2401C1F151367, 0E76DCD69CAB960DC65942269081436A9DDA255E908E71A29E72DFCFC5CDCC7C ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
23:48:28.0974 0x1ae0  AsyncMac - ok
23:48:29.0027 0x1ae0  [ 6191B9B2EE0E8CB957C683B9B341CC86, E60ACC6E9C6E90F2E1DA0DE220C890B50887FD97E7884F8F4301FF2C9A2F408A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
23:48:29.0036 0x1ae0  atapi - ok
23:48:29.0070 0x1ae0  AudioEndpointBuilder - ok
23:48:29.0089 0x1ae0  Audiosrv - ok
23:48:29.0129 0x1ae0  [ 947FF5992E26AFD4CAA34506678B70BC, 0B125EDBD6E740375E45AAA465DC83740F5CD43A55CDA404F7A81F37EE3BC57C ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
23:48:29.0149 0x1ae0  AxInstSV - ok
23:48:29.0201 0x1ae0  [ A921805C1ED3253DF48FCA4D724173EB, 7DB6A13228812550F066C76273ECA6B3FC12E7CC98C245D16B5A13FBCF6A509D ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
23:48:29.0221 0x1ae0  b06bdrv - ok
23:48:29.0239 0x1ae0  bam - ok
23:48:29.0291 0x1ae0  [ 2A7267AA15E508F6D05A5B562F1FD1CE, 7070123619A3F08864844FF89C9DEA1D4ED48D05D2B93E305774BE715583DD51 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:48:29.0306 0x1ae0  BasicDisplay - ok
23:48:29.0321 0x1ae0  BasicRender - ok
23:48:29.0335 0x1ae0  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
23:48:29.0346 0x1ae0  bcmfn2 - ok
23:48:29.0392 0x1ae0  [ 72963E0676003016B431306A6F4951BF, 3442A7C1AC1EE8E68F15C78CEBAC237D7535F834AA13F8BB602645DD183A73D3 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
23:48:29.0418 0x1ae0  BDESVC - ok
23:48:29.0437 0x1ae0  Beep - ok
23:48:29.0450 0x1ae0  BFE - ok
23:48:29.0454 0x1ae0  BITS - ok
23:48:29.0546 0x1ae0  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:48:29.0562 0x1ae0  Bonjour Service - ok
23:48:29.0567 0x1ae0  bowser - ok
23:48:29.0571 0x1ae0  BrokerInfrastructure - ok
23:48:29.0620 0x1ae0  [ 2BA1BED8E8168C301522AC7CFBFA2141, 07000BEF5ABCF7795B474B69B1113F7EE5C22CF0F8CAF4A3D5D872B0D452CDD0 ] Browser         C:\WINDOWS\System32\browser.dll
23:48:29.0653 0x1ae0  Browser - ok
23:48:29.0781 0x1ae0  [ 0958E70CD38E2020B767DC5237E041BE, F6CB7FC7331D0224591C46F4752207EA5B13E30737D410E39A1B4F19FC9EF9C2 ] BTDevManager    C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
23:48:29.0793 0x1ae0  BTDevManager - ok
23:48:29.0847 0x1ae0  [ A4863B7B1F0DB513D6E34547BACC211A, 41E74A60721CCBE0A4D487B3EE01BAC3108D9BA819BF58A64E963478C43828E9 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:48:29.0867 0x1ae0  BthAvrcpTg - ok
23:48:29.0913 0x1ae0  [ 9C9EE272C11252C651C5DE6A1AC1EDAA, DED378E894FA07B75F2E93490075879A50879CACACCF09F3F9EF37EDFA159233 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
23:48:29.0928 0x1ae0  BthHFEnum - ok
23:48:29.0983 0x1ae0  [ 69734E386826ED857C889330F35B4D9C, F0804D41D4BA6C9022B70D5092C4F14128D33F66C5D85DE10115A37C36927B70 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
23:48:29.0997 0x1ae0  bthhfhid - ok
23:48:30.0042 0x1ae0  [ BC58294295CBAD6637A526470305B5EA, FAA1A1C85D418B063D8A6E93558BA74D766081268354D63E28D372BD55D523DD ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
23:48:30.0068 0x1ae0  BthHFSrv - ok
23:48:30.0119 0x1ae0  [ A94AFAEA86F5F792BB4ECA095B231464, 588256D53CD50B8299FCABF624E8EF29761B16DE1999896DC647FBF8E2BAEA68 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
23:48:30.0146 0x1ae0  BTHMODEM - ok
23:48:30.0159 0x1ae0  BTHPORT - ok
23:48:30.0201 0x1ae0  [ 572BCA61B7E026E057AF7DF456AC7E0B, CA35DCC02BFE2D34C40449E47F0C8BA4AD709F01A952B9354332560CE72A1E4F ] bthserv         C:\WINDOWS\system32\bthserv.dll
23:48:30.0219 0x1ae0  bthserv - ok
23:48:30.0358 0x1ae0  [ 55C836530A9602255BFB4F5D9DA2B737, DB82CB1FB657955AE80A144CC30D5112CF90FBEFCE9E89CF7CEF2929EBE56B28 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
23:48:30.0376 0x1ae0  BTHUSB - ok
23:48:30.0396 0x1ae0  [ 39E7437FC59CDD7A303ABD514E462E8B, 9DCACFC12090BA03E3DD8E0EFE02382E3D42B528BDF6DD77318CAFACBA9EBA09 ] bttflt          C:\WINDOWS\system32\drivers\bttflt.sys
23:48:30.0405 0x1ae0  bttflt - ok
23:48:30.0456 0x1ae0  [ 522888590B0C19BC8128119060AE7901, 9C979FD442E7B189FD156BD5E5E4A3D10FDABB3C38094B9C67A702103D39B00F ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
23:48:30.0473 0x1ae0  buttonconverter - ok
23:48:30.0511 0x1ae0  [ 2AB01CE5E233A6FBA3E91BD57772AA4B, DC241810B774BCE651B525885480F05D15AE0E623D53E4CB02562A8424C067E2 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
23:48:30.0520 0x1ae0  CAD - ok
23:48:30.0557 0x1ae0  camsvc - ok
23:48:30.0600 0x1ae0  [ F6F97879F53AD57194C6BC8272FD73EA, C11CB040CC64ABC0A6EAD6D6985659896FBB5911D2E10B6584E0F90FE6813C57 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
23:48:30.0616 0x1ae0  CapImg - ok
23:48:30.0637 0x1ae0  [ 9E82A95D77AC78C84BA75FF896B060BF, 87905E55724ADE5149D3BBC2DB76A7275580DE204BB561B8E1FCD631DEF3D9F9 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:48:30.0658 0x1ae0  cdfs - ok
23:48:30.0736 0x1ae0  [ 147CEBE0C5F7A80135C54715521AD9E1, 99ACF25165C0C17822B0FC06F662848CA0DFAD51B3E3B440005C2E033BFE4840 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
23:48:30.0769 0x1ae0  CDPSvc - ok
23:48:30.0787 0x1ae0  CDPUserSvc - ok
23:48:30.0840 0x1ae0  [ 6D83565C1652E80447EDEA6947FA89D7, A84A3EA45304A9E3F53DA9F4CB9F2D9FF8A2AD69A36AEA366D35A2F5C9FDF851 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
23:48:30.0855 0x1ae0  cdrom - ok
23:48:30.0886 0x1ae0  CertPropSvc - ok
23:48:30.0896 0x1ae0  [ D81954CE5E016FD716EDDB2B2FD9BA58, C47FF6D6527605238EF46E9BDF4544E2B2F4F9C5BCE13881F569F996541D7FF7 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
23:48:30.0911 0x1ae0  cht4iscsi - ok
23:48:30.0982 0x1ae0  [ F9A8570805807FFD66488F0A858E1308, 5D8363C5EEB7B92CFA219C466D04D8C625CACAFBDEA5857C5C9FA0C391AC2FEB ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
23:48:31.0027 0x1ae0  cht4vbd - ok
23:48:31.0069 0x1ae0  [ 9798D58461706930190F1F2F6BF21D80, BD7552297A636E19F5D544BDBF3490DA544E76002F62B227FA5BDA7A11760040 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
23:48:31.0087 0x1ae0  circlass - ok
23:48:31.0116 0x1ae0  CldFlt - ok
23:48:31.0127 0x1ae0  CLFS - ok
23:48:31.0433 0x1ae0  [ 7E14012F1D86C8E298AF7234993CCED3, 778BD09EEEE7761FCA690956F33C27471730367873F39D6D32B7B034D3957834 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
23:48:31.0599 0x1ae0  ClickToRunSvc - ok
23:48:31.0630 0x1ae0  ClipSVC - ok
23:48:31.0673 0x1ae0  [ 228CB7727EC19833A74DAA5BE8627114, 7ABDEABF648C0CF04C736D9F1056CD54D5913837E1543CC358FDDFA9389934EC ] clwvd6          C:\WINDOWS\system32\DRIVERS\clwvd6.sys
23:48:31.0679 0x1ae0  clwvd6 - ok
23:48:31.0726 0x1ae0  [ 2BA3BA38B5A6A667B0EAEC477276707B, 80AD05C5C7E0398EB7320A82878700C6588B7411F3DEA02E5784CA599CB548C2 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
23:48:31.0737 0x1ae0  CmBatt - ok
23:48:31.0762 0x1ae0  CNG - ok
23:48:31.0812 0x1ae0  [ C65AF00EF12A1755E7CA370B0C71935D, C03315A5B999EB9AA5B5F1F000BD8A1C68DFC151B23AA2F29F69F7129407AA11 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
23:48:31.0820 0x1ae0  cnghwassist - ok
23:48:31.0946 0x1ae0  [ A50300498D56B2448F3593D25478D508, 841D66D4AB9749EE64802611157A9AAED1117B6B2C411B3DA272CE439E69AE45 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys
23:48:31.0960 0x1ae0  CompositeBus - ok
23:48:31.0965 0x1ae0  COMSysApp - ok
23:48:31.0974 0x1ae0  [ 65602B0DB49199647FECB2D1212147BE, DC25D2DED7C31B4691B61FC69BB12E50CA5EDA9705339CCC82BE145EFD6D47C5 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
23:48:31.0982 0x1ae0  condrv - ok
23:48:32.0007 0x1ae0  CoreMessagingRegistrar - ok
23:48:32.0090 0x1ae0  [ 98B3066540C43BF5349BDB4B5C4CE04F, 97DA0394C77E41360D7F6A4F998D00642DF665384C20E0029D63C99922E9906D ] cphs            C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe
23:48:32.0121 0x1ae0  cphs - ok
23:48:32.0147 0x1ae0  [ 943D29E61044350319CCC5BE0E1A9329, 7269A08BAB6B790A717790118C0CD1EC51DC994CBEFA49AE036477651C83E79B ] cplspcon        C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe
23:48:32.0163 0x1ae0  cplspcon - ok
23:48:32.0230 0x1ae0  [ D64EF74FC6DA47EC2E460076F299E77D, 1F77E9F777FA6996222DE45B3AB2C01CD94C80A4A7F5CA092DDF1F18D74F93AA ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
23:48:32.0250 0x1ae0  CryptSvc - ok
23:48:32.0301 0x1ae0  [ 72BE43ABD786E86AAE7EA2193201E100, A013CF10AA4158082B5D0D7F885969C5C92710A6084E57E9DDBDA84420D97367 ] dam             C:\WINDOWS\system32\drivers\dam.sys
23:48:32.0310 0x1ae0  dam - ok
23:48:32.0466 0x1ae0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
23:48:32.0476 0x1ae0  dbupdate - ok
23:48:32.0481 0x1ae0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
23:48:32.0488 0x1ae0  dbupdatem - ok
23:48:32.0520 0x1ae0  [ 0CE751A4B91D0EFD4DA259F1F0DC4477, 53D53CAE83037E65721661B028A03EB534258BA5B22E651B15C6FBE543DEE2E4 ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
23:48:32.0528 0x1ae0  DbxSvc - ok
23:48:32.0599 0x1ae0  [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:48:32.0644 0x1ae0  DcomLaunch - ok
23:48:32.0681 0x1ae0  [ F7FB921F438C3566CEC55657EA4E7D9C, 17FA956E3B89F9B6C154975E7E1AAFB204F5EDEACC14A8424827DE13440A9299 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
23:48:32.0712 0x1ae0  defragsvc - ok
23:48:32.0765 0x1ae0  [ B5F9123D6537856EA698386ABA27A232, C60DD499254B4A3741ECE71AF1685763BD6A6F828F879D54E175A6198C89ABF0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:48:32.0791 0x1ae0  DeviceAssociationService - ok
23:48:32.0840 0x1ae0  [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
23:48:32.0862 0x1ae0  DeviceInstall - ok
23:48:32.0928 0x1ae0  [ A19F51A044B62C994144ED87A7A5A887, 91ECE0E067E138817CD46A876B2D28CB47A2CCBE9C924EA91A1966FDF69AF7DF ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
23:48:32.0960 0x1ae0  DevicesFlowUserSvc - ok
23:48:33.0021 0x1ae0  [ 0D2A4CA81D1F7B5E5FBFE1E4F60246B8, EF425C2FB1191720F9B53EB26EC904F53851D296B222E20B0733615575D4B7E5 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
23:48:33.0035 0x1ae0  DevQueryBroker - ok
23:48:33.0054 0x1ae0  Dfsc - ok
23:48:33.0077 0x1ae0  Dhcp - ok
23:48:33.0149 0x1ae0  diagnosticshub.standardcollector.service - ok
23:48:33.0178 0x1ae0  [ E2BF09B816393AF73EDCB8ECF9BBDB2D, DBDFFC2450E4EC684DD59383799ACF1D207B0882C301B8D562FB76307AFCC553 ] diagsvc         C:\WINDOWS\system32\DiagSvc.dll
23:48:33.0202 0x1ae0  diagsvc - ok
23:48:33.0228 0x1ae0  DiagTrack - ok
23:48:33.0231 0x1ae0  Disk - ok
23:48:33.0241 0x1ae0  DmEnrollmentSvc - ok
23:48:33.0244 0x1ae0  dmvsc - ok
23:48:33.0290 0x1ae0  [ 10E72E3315305461D3F0C7560AE98CA5, 702B5C056DB6B4E337231BBEA48E106FA95F26B48CDE91857305E4C6E4EE6A12 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
23:48:33.0307 0x1ae0  dmwappushservice - ok
23:48:33.0338 0x1ae0  Dnscache - ok
23:48:33.0343 0x1ae0  dot3svc - ok
23:48:33.0400 0x1ae0  [ 6D8971C942FEE43A0AB6B3192534AFB4, 44D437DD32E1FDD7922B352CA6C19C83C1ADD825FB704B8E07BEF01E866E2B99 ] DPS             C:\WINDOWS\system32\dps.dll
23:48:33.0418 0x1ae0  DPS - ok
23:48:33.0445 0x1ae0  [ C1283B0BEE35F9AF3511E0EBA71F311C, 542D560B654EA4E4708837231A4A967FB4DF5CDB190B7D763E92B1F6FCB255B4 ] dptf_cpu        C:\WINDOWS\System32\drivers\dptf_cpu.sys
23:48:33.0500 0x1ae0  dptf_cpu - ok
23:48:33.0549 0x1ae0  [ F4800922F4ABA619585CE320A72E6389, CA83BCAA8B37F303E89598F8C93B201A3F000A09F4A9963E370D7E59BD79D448 ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
23:48:33.0557 0x1ae0  drmkaud - ok
23:48:33.0591 0x1ae0  DsmSvc - ok
23:48:33.0594 0x1ae0  DsSvc - ok
23:48:33.0618 0x1ae0  DusmSvc - ok
23:48:33.0632 0x1ae0  DXGKrnl - ok
23:48:33.0679 0x1ae0  [ FA94398748930D840FE35A44F1D225A7, E2D48460413904AAFB50E18A24471157D2A235F5CCDF89EE49BB139D1CA3B9F6 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
23:48:33.0700 0x1ae0  Eaphost - ok
23:48:33.0815 0x1ae0  [ C99D40C97841E0A7F0F90B8629593A97, 2DE7FB6E3CD7B06079C2B05D8C10AD0EDF187684ED1DE5BEE98FAB9A4B331824 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
23:48:33.0895 0x1ae0  ebdrv - ok
23:48:33.0972 0x1ae0  [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] EFS             C:\WINDOWS\System32\lsass.exe
23:48:33.0982 0x1ae0  EFS - ok
23:48:33.0997 0x1ae0  [ 260BBD6B1ED06298E509B452354EDB91, CF794D5AC62C6DBF356BC717910FD2B106A8BD90C3C03BA43859FD876F8820BC ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
23:48:34.0007 0x1ae0  EhStorClass - ok
23:48:34.0059 0x1ae0  [ F3BEBDC1B9DBA32F183079EAE6244837, 5DE0DA8D2A13BFA852355619C6DE5AC2FDFAB314A619A4F209842581E4D82DE1 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:48:34.0071 0x1ae0  EhStorTcgDrv - ok
23:48:34.0111 0x1ae0  [ A75880A9192B9DA69F46867B06276746, 53856262A5BD4BE93CB45D1F43B87F45CB01C02B7D94231CF05346B9BDF1F18D ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
23:48:34.0131 0x1ae0  embeddedmode - ok
23:48:34.0151 0x1ae0  EntAppSvc - ok
23:48:34.0176 0x1ae0  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
23:48:34.0186 0x1ae0  EpsonScanSvc - ok
23:48:34.0202 0x1ae0  [ 1B63CA857FD03FD0A5A1379F2996784F, 9EE5205DCFADAFC62D36528087FA4E023F7E48FF0D2A8333D8A6111AE09D21B8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
23:48:34.0245 0x1ae0  ErrDev - ok
23:48:34.0372 0x1ae0  [ 8A00CC653B8F02503C250FC1B9475807, 496517DD9E0BFFE03701E813EB7732578482ABA808771BE7889A27E1E2FEB647 ] esifsvc         C:\WINDOWS\SysWOW64\esif_uf.exe
23:48:34.0408 0x1ae0  esifsvc - ok
23:48:34.0432 0x1ae0  [ 99984B5D3378F8236F3A85E51ACEDD16, 73EE5B93C27C09F15BBAEADC8A293CB14FDD1E3DC65DDC0C665549D71F307D33 ] esif_lf         C:\WINDOWS\system32\DRIVERS\esif_lf.sys
23:48:34.0485 0x1ae0  esif_lf - ok
23:48:34.0545 0x1ae0  [ 6A5FA501A2D96001391FF3CBA32935AB, 018DB01ADE957A1A1FF5B168A2EC0EFEF8BFBE036079791FDF0C6AA6C12295BA ] EventSystem     C:\WINDOWS\system32\es.dll
23:48:34.0572 0x1ae0  EventSystem - ok
23:48:34.0590 0x1ae0  [ F1ACA42D448E3986565EA54275EEEA65, C85101D6E7A2204FD73AAACD972F610B6A4BCF7EB7512412FD34660DCB5E8C5C ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
23:48:34.0612 0x1ae0  exfat - ok
23:48:34.0635 0x1ae0  [ 0AF4B36754A6EAE794EE4398E219A9E1, A818763D7AE6E7F4BC57294BB4D80FE9E04387BB3EBE8A6088D2AF746FF548A6 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
23:48:34.0650 0x1ae0  fastfat - ok
23:48:34.0724 0x1ae0  [ B1A38C0D977D8738779CA3EFEBDFCA8C, EDD852EF89AFBDDBBBE002E6675EAFCC46742B6136EB22428C84D737C6229FEA ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:48:34.0758 0x1ae0  Fax - ok
23:48:34.0772 0x1ae0  [ 7CD8426A33F06EB72BFEC51F7C264AF8, 4FDD5F6A8BDF25D965CE52132DD0EA77D335C1C5F77A7758F3F6E22DFC12BDF5 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
23:48:34.0787 0x1ae0  fdc - ok
23:48:34.0835 0x1ae0  [ 21EB16C5DDFBC19DEBE9EEC10EA423FB, 514327DA987793AFE1DFB4F2C0F033C349432E6F1F6AACBAE23E24E63EFA51B9 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
23:48:34.0864 0x1ae0  fdPHost - ok
23:48:34.0913 0x1ae0  [ 57F98EFE6CB82AE5400BA99C705AF45C, 7AB83C7AF4CA49BFC2976FB707B251C181279B7E16EBDD43AD0E1A4AB8C4DFC9 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
23:48:34.0927 0x1ae0  FDResPub - ok
23:48:34.0975 0x1ae0  [ 02F93E4B9EC2821B6670208044FF5332, 2D947C8AE51E749029B3180751E4486E27A19471A7A98087076103D307B5CE64 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
23:48:34.0991 0x1ae0  fhsvc - ok
23:48:35.0039 0x1ae0  [ DE51BBBCF358188F9736F031546F9908, E2B80DF63C039663085FA9D63F3F30736EC20C49BC678CBD7D7C7231107C3635 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
23:48:35.0073 0x1ae0  FileCrypt - ok
23:48:35.0086 0x1ae0  [ 822F664952B0F8D11BB6BD2F11779602, B7E9908A305942194E64E834819186CBBF9DD4469B300DCC8D31E1E5674D6600 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
23:48:35.0094 0x1ae0  FileInfo - ok
23:48:35.0113 0x1ae0  [ 5A4935682A0D47A4EAC4BE3C2ACF74D6, 0DCF2E7928D11F49EBF906233894E81CFFE938ADFCA802CE0207CA58B4A02AAD ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
23:48:35.0127 0x1ae0  Filetrace - ok
23:48:35.0140 0x1ae0  [ 60641F22D1D38EAD197C25F0339C9712, 110ACEADAE92C384C80356C9DE88E3A94141881E8544DB65736875FFA2716F68 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
23:48:35.0150 0x1ae0  flpydisk - ok
23:48:35.0164 0x1ae0  FltMgr - ok
23:48:35.0186 0x1ae0  FontCache - ok
23:48:35.0327 0x1ae0  FontCache3.0.0.0 - ok
23:48:35.0356 0x1ae0  FrameServer - ok
23:48:35.0374 0x1ae0  FsDepends - ok
23:48:35.0384 0x1ae0  Fs_Rec - ok
23:48:35.0388 0x1ae0  fvevol - ok
23:48:35.0510 0x1ae0  [ 714CC2E431883AF55A9686FF637ED2D2, 7944ECC2401E808D74D238F11DF0A2759BC99984284CD75D95D9792EA8EECD28 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
23:48:35.0525 0x1ae0  GamesAppIntegrationService - ok
23:48:35.0540 0x1ae0  [ E3E4F1CEF352E2AA9DB1EDAF5063313E, 705B0E1ECE7CF1A0E68ECF83F3A6F62A6A17EC40B8E146AE3966F26D8CF244BB ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
23:48:35.0549 0x1ae0  GamesAppService - ok
23:48:35.0578 0x1ae0  gencounter - ok
23:48:35.0624 0x1ae0  [ 8B34E3F794F652082D7E8AF112F71681, C6CFA239BDF46827BFC89DC9A9BF45B0EBCE3EF1BB7DCA33980A632E549B37F5 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
23:48:35.0638 0x1ae0  genericusbfn - ok
23:48:35.0693 0x1ae0  [ 127C23F4720C8902A3AB0FEE12205317, E3BF55D81B04572D11B41CDA2DB4509FD252561EB29ED22CC6F616E856E3D86E ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:48:35.0704 0x1ae0  GPIOClx0101 - ok
23:48:35.0716 0x1ae0  gpsvc - ok
23:48:35.0721 0x1ae0  GpuEnergyDrv - ok
23:48:35.0756 0x1ae0  [ 141904F0581468B39B579EA33CA57549, 1D947A6079CED7840B0FF4720C36D873F5A69EA6C94E4C15ADF1A7C0CD0CD0EA ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
23:48:35.0776 0x1ae0  GraphicsPerfSvc - ok
23:48:35.0816 0x1ae0  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:48:35.0824 0x1ae0  gupdate - ok
23:48:35.0829 0x1ae0  [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:48:35.0836 0x1ae0  gupdatem - ok
23:48:35.0848 0x1ae0  [ 99A34FD1F6431A10D8C3BB50E170D0F2, 14BFF99BBF9ED53D3A157B096CDE0394824260021BA96E1F2C7B1CFB598DD850 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
23:48:35.0860 0x1ae0  HDAudBus - ok
23:48:35.0875 0x1ae0  [ 2443FC6EEB9CF092B62127D867901B02, ABD5E907FF066B95C5697C4E470B4EA19976DEC90C8159B963A82EDA218AB114 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
23:48:35.0884 0x1ae0  HidBatt - ok
23:48:35.0926 0x1ae0  [ 205043CDC16ADE85E252DD54AE925161, F377F046EFEE53C7786AF15C0BB5BADE36511427575A712B0098A883F3715DB3 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
23:48:35.0942 0x1ae0  HidBth - ok
23:48:35.0955 0x1ae0  [ B521DDDC9038C066B1B957BF063A531A, C5FE68FB22C28C4D06A0792FD5AC9A1F0EC01EF26E1D37B9DF05F22D8B7DFF8C ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
23:48:35.0970 0x1ae0  hidi2c - ok
23:48:36.0009 0x1ae0  [ 5AC0EBFA76E93273A806176D3178E986, 679BFEFF9F4172EBB14A6C2E8381F54FBDC9E8705E8B0F306723DDF48B6E5143 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
23:48:36.0020 0x1ae0  hidinterrupt - ok
23:48:36.0073 0x1ae0  [ 366AC0E05EBF5D5C375F65CD8BC7F0DF, A6B751864E33EBB5DE2E09403A8C26E72DD5510F3A380FA502393FC11A14A433 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
23:48:36.0084 0x1ae0  HidIr - ok
23:48:36.0132 0x1ae0  [ 75F4CCB7FF03603E91DD0C7FF83DAABF, 10508A6C36163C9D40C16A47AB4CA8C03C89BB7795690818E5C562E3FF828D5B ] hidserv         C:\WINDOWS\system32\hidserv.dll
23:48:36.0147 0x1ae0  hidserv - ok
23:48:36.0188 0x1ae0  [ 7CB54D02746024648FCE184FC3F941FF, 6C7B8E6AD3C05D66868D0268C9C8183021AB241E576184FAD0BD50ED4E18E9ED ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
23:48:36.0204 0x1ae0  HidUsb - ok
23:48:36.0218 0x1ae0  HomeGroupListener - ok
23:48:36.0274 0x1ae0  [ 24C900B7296AA9867FB761A5801AFBD1, 4A765E905D0F7C4B450A28FB85F413F4EAD2B53240E804FA531626ABB0518381 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:48:36.0316 0x1ae0  HomeGroupProvider - ok
23:48:36.0405 0x1ae0  [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
23:48:36.0431 0x1ae0  hpqwmiex - ok
23:48:36.0453 0x1ae0  [ 835FB95D85D362057A72D21A48C2C7F8, 06A57F9E459E52DAA7B27F232DBC1E0ED0E04759D34AF3E15A645D11DFDD6A58 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
23:48:36.0462 0x1ae0  HpSAMD - ok
23:48:36.0526 0x1ae0  [ 8EE3C2F98E987B4BACFB1EC31CFB5D6B, 3DF957D949EE660137612F263EBE49967964B28D1D28EF7ED9651CD64CF1B227 ] HPSupportSolutionsFrameworkService c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
23:48:36.0540 0x1ae0  HPSupportSolutionsFrameworkService - ok
23:48:36.0681 0x1ae0  [ A518BED1AD3F1D777AB5E29417C7A851, 11FB763E9ED78EB68C0753209EEAA10F1050F769B6191DF2F2A6FAB65CC9F4B0 ] HPTouchpointAnalyticsService C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
23:48:36.0692 0x1ae0  HPTouchpointAnalyticsService - ok
23:48:36.0758 0x1ae0  [ E7F6B3C8F78B4A49E283DB4619B26841, 1653F2CE201A8794D64A5E60B257CB6691D9C4B61CCDA415E0355E56506DFA47 ] HPWMISVC        c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
23:48:36.0774 0x1ae0  HPWMISVC - ok
23:48:36.0794 0x1ae0  HTTP - ok
23:48:36.0814 0x1ae0  HvHost - ok
23:48:36.0866 0x1ae0  hvservice - ok
23:48:36.0902 0x1ae0  [ 3737FE486929AFC48F1D10677B698E52, 9E8792F3A494AE3E7CDA65E93B561B6FFFB9C781606F5863D524DDD24CFEB9C3 ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
23:48:36.0920 0x1ae0  HwNClx0101 - ok
23:48:36.0941 0x1ae0  [ 3C65EBF7F1BFD98426C355D66876ECEE, CA1DC462C4D96176C81EF3448238B76B4CDA3C521533973B281359D7F436B8A5 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
23:48:36.0949 0x1ae0  hwpolicy - ok
23:48:36.0969 0x1ae0  hyperkbd - ok
23:48:36.0988 0x1ae0  HyperVideo - ok
23:48:37.0010 0x1ae0  [ 56FF074E50F9042FD2856AB3418F4B18, 239C9BF23DE2E36FD7112C425CDF18F29B751D75EF3551AEFB048FAD2B0A55E2 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
23:48:37.0026 0x1ae0  i8042prt - ok
23:48:37.0040 0x1ae0  [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
23:48:37.0071 0x1ae0  iagpio - ok
23:48:37.0090 0x1ae0  [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
23:48:37.0124 0x1ae0  iai2c - ok
23:48:37.0179 0x1ae0  [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
23:48:37.0192 0x1ae0  iaLPSS2i_GPIO2 - ok
23:48:37.0205 0x1ae0  [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
23:48:37.0218 0x1ae0  iaLPSS2i_GPIO2_BXT_P - ok
23:48:37.0230 0x1ae0  [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
23:48:37.0245 0x1ae0  iaLPSS2i_I2C - ok
23:48:37.0260 0x1ae0  [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
23:48:37.0275 0x1ae0  iaLPSS2i_I2C_BXT_P - ok
23:48:37.0291 0x1ae0  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:48:37.0299 0x1ae0  iaLPSSi_GPIO - ok
23:48:37.0321 0x1ae0  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:48:37.0335 0x1ae0  iaLPSSi_I2C - ok
23:48:37.0407 0x1ae0  [ 827933B762F90EB4E7690D4484190D77, 7400FA7CB1FDCC3142D9F56156C41427FB394CA32BC8887D17B1FB2DFC962C34 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
23:48:37.0438 0x1ae0  iaStorA - ok
23:48:37.0518 0x1ae0  [ 435883A27A376B125BD4DF888417C85F, 091F9285FCF1D5605D03CB68C062A2DE6FF2D705FF43E983A8A7B5DFA0872A96 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
23:48:37.0541 0x1ae0  iaStorAV - ok
23:48:37.0566 0x1ae0  [ 7118E4390C4ACDE61E280CE52BCAF44E, 11123C1555344A191283187BF1F4A8D731E29EE27C7A7A7916873E8D2E95D978 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
23:48:37.0582 0x1ae0  iaStorV - ok
23:48:37.0607 0x1ae0  [ 9DBE8C359ABACE1BE1BBAB687D114506, D2E5CB2BFC42627C1BB38A68F925DD534AEFFF9354AFD184005EC338E8E6B232 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
23:48:37.0628 0x1ae0  ibbus - ok
23:48:37.0660 0x1ae0  icssvc - ok
23:48:38.0026 0x1ae0  [ 0A136D4B31D5B6CCA29B913BE080B73F, 5795BC0B93927E1004BA46C105C3E8412DB80B505958E36DF86EC4570C1EA0E6 ] igfx            C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys
23:48:38.0231 0x1ae0  igfx - ok
23:48:38.0266 0x1ae0  [ 936B5DBBC861245A6319F18EA64A99F9, FC1EF74E77D99714AE563A3CF585C9D09F50A664181E99BD2E972C51CC7D3F63 ] igfxCUIService2.0.0.0 C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe
23:48:38.0279 0x1ae0  igfxCUIService2.0.0.0 - ok
23:48:38.0324 0x1ae0  IKEEXT - ok
23:48:38.0369 0x1ae0  [ 42CAF6216A6E516DC56BA319ACC7EEC5, DF60FF41F06D1101E4A81F7416DB5A34D7BA885CBA874BC15AD43FB4080F2958 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
23:48:38.0383 0x1ae0  IndirectKmd - ok
23:48:38.0411 0x1ae0  InstallService - ok
23:48:38.0562 0x1ae0  [ 69D1CE9AF11152D578CFE7C56A53FC8D, 321FB6E4741EA4730A04EC8772E61A068754CBC3F0C51CF62ED485D823C1740C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:48:38.0666 0x1ae0  IntcAzAudAddService - ok
23:48:38.0764 0x1ae0  [ A6087A824507CAB1ED568895F8081950, 53ADFCC6E795D47A7197AC372DB53E4F95B10409E5AFA7A40CC252ADBE84E8F4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
23:48:38.0787 0x1ae0  IntcDAud - ok
23:48:38.0907 0x1ae0  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
23:48:38.0929 0x1ae0  Intel(R) Capability Licensing Service TCP IP Interface - ok
23:48:39.0011 0x1ae0  [ 40943C1CD031ACE06A8374AD56B9E5EA, 05E5AD4330F272C421A8726E9E6555115D8717DC5AFDE3CC1DB53A3D7518BF62 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
23:48:39.0022 0x1ae0  intelide - ok
23:48:39.0073 0x1ae0  [ 327D9CCF5492543AEF3979F9EEAD02BE, 1C6CD9ECB785D022A38DF683FACCA737469BF72E42365CD6DB8C2675F2ED1F1C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
23:48:39.0085 0x1ae0  intelpep - ok
23:48:39.0100 0x1ae0  intelppm - ok
23:48:39.0147 0x1ae0  [ 8387E90B551B9B7F32EDC69909591E9E, 7086B6F2B728D7C46F0A1E7E4F81B3D33C25BD5F8A2A4ECEBA55F8C68F164500 ] invdimm         C:\WINDOWS\System32\drivers\invdimm.sys
23:48:39.0161 0x1ae0  invdimm - ok
23:48:39.0219 0x1ae0  [ E207078E0E1BB3524277DB9077E4148E, 309320950095AF83DCBE08BFDD4BFE4EBADBF48CA255871A6B37BAAA7B4A5B38 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
23:48:39.0228 0x1ae0  iorate - ok
23:48:39.0275 0x1ae0  [ FD8F64B7B345E539F2EA7F72846F83B4, 95F232BC2454D68F1A154C9BD8FCCF60D36F5424B798661D6F1DD8E052ED0D04 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:48:39.0293 0x1ae0  IpFilterDriver - ok
23:48:39.0323 0x1ae0  iphlpsvc - ok
23:48:39.0342 0x1ae0  [ 8AAB863E72A4F9C578FED2EE3541545B, B3278B790DF9F77F8FDDBECAD22E0D2E080D74B8E61EFF112055478B3B0B2329 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:48:39.0351 0x1ae0  IPMIDRV - ok
23:48:39.0410 0x1ae0  [ 7BEC2AF23F586EFF0DB4DBF4331B0C70, D02506CAB19AD1D3ABBB35FCC569ED613EB9D6828E9BC0389EC8A8DFC548334B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
23:48:39.0430 0x1ae0  IPNAT - ok
23:48:39.0487 0x1ae0  [ 3A531CF0C87FBB197A5F4CE2C450454E, 186C21F5C36642C05C5D0C4EC8930CE6BA83D8905B2928133BDEC16990F73700 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:48:39.0606 0x1ae0  iPod Service - ok
23:48:39.0649 0x1ae0  [ 35A54F19E703D4FE5919F812F6CC5D0A, B0AC1C97D115F57390BD2B4F9114429CF1729EB8D658B3EAEC8ECF28A24369F7 ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
23:48:39.0677 0x1ae0  IPT - ok
23:48:39.0727 0x1ae0  [ F6C47021C41F721B628161B64D7DECB9, 625227F18518098C00AF2C6F4EE5D96711D26080459AD2C9F7CF2A5778DEF191 ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
23:48:39.0747 0x1ae0  IpxlatCfgSvc - ok
23:48:39.0765 0x1ae0  irda - ok
23:48:39.0820 0x1ae0  [ F88664A2A82DDA456180FFF95A771765, 004BBC715FE6EC0D4D2CAE978EA64C6CEA130EE10C356B7FACF0C98B51E8AECB ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
23:48:39.0989 0x1ae0  IRENUM - ok
23:48:40.0046 0x1ae0  [ 4F500A0171606B0E37964694140FCA16, 6E29A7348395EE3EB85E2BA97E581FBF605CE1BA4651F5848976AD293CC797E3 ] irmon           C:\WINDOWS\System32\irmon.dll
23:48:40.0061 0x1ae0  irmon - ok
23:48:40.0079 0x1ae0  isapnp - ok
23:48:40.0089 0x1ae0  iScsiPrt - ok
23:48:40.0199 0x1ae0  [ DE70C5C10803C700DC1CFDE2D5CF207A, 4D11DE8B986C6966B66E1D6E931A72A1E9FA8D0B5B9EF57EF3EEDD09D0BE0B4E ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:48:40.0214 0x1ae0  jhi_service - ok
23:48:40.0258 0x1ae0  [ E320F986BBE0CD9324EA0A193EBF29B1, 9B4C7F1493377CE532361F88A0C88798F24E7EFB093DA2F0A6CB1575B9E3535C ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
23:48:40.0269 0x1ae0  kbdclass - ok
23:48:40.0285 0x1ae0  [ AFF5DDCC1A79217C9526FF5E01A69E89, 2BCD49DD8DD977B97521465B981332CA8FA8D16AB45B45993C87647FA3E9DAF0 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
23:48:40.0299 0x1ae0  kbdhid - ok
23:48:40.0317 0x1ae0  [ 916E62AF3386F7A74603E5C545F6FF2D, C5CA784F60B8CA3DE0672A816DCE14F1AD6B6783A5E6B556ED7C91337F65144F ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
23:48:40.0332 0x1ae0  kdnic - ok
23:48:40.0406 0x1ae0  [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] KeyIso          C:\WINDOWS\system32\lsass.exe
23:48:40.0415 0x1ae0  KeyIso - ok
23:48:40.0419 0x1ae0  KSecDD - ok
23:48:40.0446 0x1ae0  KSecPkg - ok
23:48:40.0450 0x1ae0  [ DD8C4726127CFE313233372D70787C37, 2420616FEEFC08A3F47420193A3A592D4AC5D2C817D27E5B7E4FD64153751AFB ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
23:48:40.0463 0x1ae0  ksthunk - ok
23:48:40.0519 0x1ae0  [ 6EAF246BC12DB548AC65A4CEFB14B547, F1487051FE459DB5A751DA2A6FF1E552F92226933AF8C037FA7D660B049896A3 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
23:48:40.0543 0x1ae0  KtmRm - ok
23:48:40.0562 0x1ae0  LanmanServer - ok
23:48:40.0566 0x1ae0  LanmanWorkstation - ok
23:48:40.0614 0x1ae0  [ D81931EF9914A135F9ECF409DC826266, 8BA15C12B374DE555CB7D3CDFDDC42FE583625A9C29BCCDDEB432223E4DEEB2D ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
23:48:40.0632 0x1ae0  lfsvc - ok
23:48:40.0648 0x1ae0  LicenseManager - ok
23:48:40.0651 0x1ae0  lltdio - ok
23:48:40.0706 0x1ae0  [ 48199253D7F6119F88294F8845F0808D, 85C014250C14425BEFF2D8B2CCF6A29D9A5DA329ECD00F1E6D4F8DB809194FAC ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
23:48:40.0727 0x1ae0  lltdsvc - ok
23:48:40.0809 0x1ae0  [ DCF6F1AA7A51CC08FED089363F83316E, C80FB26A6172510F3AD5E4D636AA49AD5D931FB47BECD9E8507F781D88917710 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
23:48:40.0843 0x1ae0  lmhosts - ok
23:48:40.0893 0x1ae0  [ 20048BEE892138A745B1C23EBB0E069F, B526035CE839BADA6ABC0A0CBFFDFA5267F4EB668AE201871E61E0011518843E ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
23:48:40.0904 0x1ae0  LSI_SAS - ok
23:48:40.0952 0x1ae0  [ 9EAB16572B576979D585DDEDB12417CD, 97C37DFEA309E27E4AC50D1F4C7C3D1FB9661E0DEBB442D620D8E460F9FC9966 ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
23:48:40.0964 0x1ae0  LSI_SAS2i - ok
23:48:40.0984 0x1ae0  [ 3B7B359C0870317106DF3438D4FF491D, 5EDF767D79EF49210DD3BCC00D7629600DD522B29A2B9A9D7805076ECDCBFD1D ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
23:48:40.0994 0x1ae0  LSI_SAS3i - ok
23:48:41.0006 0x1ae0  [ 2DE03BA338A4B0ACDB416A30F1C7D56F, CF2218EA8C67CC13893B286B0904F28FBFE5AA818CC3AD1C77120B7B6E80031F ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
23:48:41.0016 0x1ae0  LSI_SSS - ok
23:48:41.0037 0x1ae0  LSM - ok
23:48:41.0066 0x1ae0  luafv - ok
23:48:41.0114 0x1ae0  [ 3520DE00ABC5EFF0DBAFD41129AD970F, 821F9D9AAA6D8B08BEBFB76DAE5A8CCFB598789510A93D3DD4F149A39EE5D6B5 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
23:48:41.0134 0x1ae0  MapsBroker - ok
23:48:41.0157 0x1ae0  [ BF56CB9D02DEE8CA9CBA50220BE16F15, C6380ED59AD7B9CC9451A24808E193454CF15D90A2C1DAF22FBD3380B150F96F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
23:48:41.0175 0x1ae0  mausbhost - ok
23:48:41.0192 0x1ae0  [ 01BDEE1FFF6D2216797DFEE4ABD937D9, ED247E6F87ECA39A7D479CA7E386D85CE8B2978164E4E9876196176F393E1235 ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
23:48:41.0202 0x1ae0  mausbip - ok
23:48:41.0223 0x1ae0  [ C7B8B5053D646CBD30BE1BA6B487D396, E3864D4CE619D67E284C64A4EAA8843FB49BC2B8CC8659F4C4B89DB6701468CB ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
23:48:41.0232 0x1ae0  megasas - ok
23:48:41.0243 0x1ae0  [ EB8ED3204499DDB2D3BA094A4563EE3E, A5D0095D575B241CA66CAD86280170803E7042F51D3654FCB03D7EA2347E261B ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
23:48:41.0253 0x1ae0  megasas2i - ok
23:48:41.0275 0x1ae0  [ F1C1D4E752DE1D58295040E5BE8813AF, 4DE17C5FCE63AFD545B16FA16A38F7395F29155FE165E7B21BC028CCD2A4B18E ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
23:48:41.0294 0x1ae0  megasr - ok
23:48:41.0349 0x1ae0  [ 48F64A35BA9F2E4AC0587DDA555FF951, 77FE2BE86ADCE103F4220A641139C42B1407CF8EFFEB66F841ABF9CFC3621558 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
23:48:41.0359 0x1ae0  MEIx64 - ok
23:48:41.0404 0x1ae0  [ 4965456A1B4B3039E4B9AB233F5E9B1E, 3C303FE2BF9B38D73D005EA673C9500731125D793F4C77130F9BA8D745579591 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
23:48:41.0418 0x1ae0  MessagingService - ok
23:48:41.0486 0x1ae0  [ 16B078D1089FEA98710C9D07C152DCEE, A42C28E12F1BB21E907C1308447AD63DDF8FA5B2734A199A6EBE3824F3D1235C ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
23:48:41.0512 0x1ae0  mlx4_bus - ok
23:48:41.0532 0x1ae0  [ 20C57CE47B1A877C48A4B68E9A4E21FA, 35F98286F0665C5E06914F04F174476FBB41823564EDC55E351FCE211E2C765F ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
23:48:41.0543 0x1ae0  MMCSS - ok
23:48:41.0592 0x1ae0  [ A4467A5C080318F0CCCF5ED463821F8B, C8ECD63245B19807BAA92C3F3F87643A2F6B178395ABB15BD54D9DE68CC1A09B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
23:48:41.0604 0x1ae0  Modem - ok
23:48:41.0674 0x1ae0  [ 78BE85C1F1C7F3AF6C87BCE127007D5A, 5D5229FBCDC855BFF9BA3247BF4EF8E22764CFC1EC974FD5AB2D9E6293EF15A1 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
23:48:41.0697 0x1ae0  monitor - ok
23:48:41.0715 0x1ae0  [ 8E262B34A8BD184B4B3025AA8C396B00, B48AB637A92894318DC0A33CE55519D8FBD7B31177FA3C4CA33D8609D4FC0058 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
23:48:41.0724 0x1ae0  mouclass - ok
23:48:41.0736 0x1ae0  [ C094A555F148495EA130D3BBC5232D5E, 32E823C20FED94DB23F72F67DF1A2C043CA6179A543F3BD24FCB5500BA00A37C ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
23:48:41.0750 0x1ae0  mouhid - ok
23:48:41.0763 0x1ae0  mountmgr - ok
23:48:41.0787 0x1ae0  [ F36E4074C66DD31855A8D79EF0AE8066, 01C01B3EAEFADBCDACA5BE7CB2AA199667786C1AD637CF6792BF715242BEFEAD ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
23:48:41.0803 0x1ae0  mpsdrv - ok
23:48:41.0817 0x1ae0  MpsSvc - ok
23:48:41.0880 0x1ae0  [ 215D672CB71987CD98EB2298EFB84DDC, 7E23C36DBB7C80556560E1DECE5E8F5D3D422F3D1FFE9CEA511A0BCD9D69D304 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
23:48:41.0897 0x1ae0  MRxDAV - ok
23:48:41.0913 0x1ae0  mrxsmb - ok
23:48:41.0930 0x1ae0  mrxsmb20 - ok
23:48:41.0977 0x1ae0  [ 167408B38458ECAE545C57527BC99024, CB699B6C6F5B6DCDE85F8F0E40DD31B8066600A0833E5CD99ADE31DEC516B34F ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
23:48:41.0993 0x1ae0  MsBridge - ok
23:48:42.0047 0x1ae0  [ D5778559A0F34EE0BF0457293C6B5F4F, 73C0829F641F62CBFC0523ED54D94121E3A694ECCF148DBF4A5743631BADB714 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
23:48:42.0064 0x1ae0  MSDTC - ok
23:48:42.0083 0x1ae0  Msfs - ok
23:48:42.0124 0x1ae0  [ 6DDDFCAB646BBBCFC583135C4430E10F, 5EFD3F4F84EBEEC58914D5CC89622D69F2DBDFB7EB9AD8D9A0868127187FD673 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:48:42.0132 0x1ae0  msgpiowin32 - ok
23:48:42.0155 0x1ae0  [ 01C6A86BEA8279E557A5056148F068BF, 42983A61654F51515AC6DD64A68D319883FD02B3EC575F7EA7A907576866F0AF ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:48:42.0167 0x1ae0  mshidkmdf - ok
23:48:42.0215 0x1ae0  [ F65ABC7DE945047147F17330F79732CB, 050C64D7284D767C951E94EFBA579D0E066C36CA1899A2C64CEA41A34B8E9EF2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
23:48:42.0226 0x1ae0  mshidumdf - ok
23:48:42.0266 0x1ae0  [ 05B23012427801E710BDD12720B9020B, 48FB22CFDF61AAE4221B3B23E539C08083289FB0CB5ABF249700DDF968C7250A ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
23:48:42.0273 0x1ae0  msisadrv - ok
23:48:42.0325 0x1ae0  [ 21B88DF67507BD4DFF8A5487074BB31F, 5F2E1FB6227873DCA97D1BE6271E900AFA6BCE54D765C9BDBA07B74FC87B147B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
23:48:42.0342 0x1ae0  MSiSCSI - ok
23:48:42.0345 0x1ae0  msiserver - ok
23:48:42.0359 0x1ae0  MSKSSRV - ok
23:48:42.0408 0x1ae0  [ C3F5EA6B9041A30B4F11BE2E7863E487, 07324A9D81D30A173D3F369AA1A304AD7713C7CCF9909C6427718F0F90CE49C9 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
23:48:42.0448 0x1ae0  MsLldp - ok
23:48:42.0467 0x1ae0  [ 601D666820F0408B896791D19BE6D258, DD6BA3962A6D387D9F06B6D7006DBB2BF46D84A8FA91C628DA9D96117F14F4F0 ] MSPCLOCK        C:\WINDOWS\System32\drivers\MSPCLOCK.sys
23:48:42.0480 0x1ae0  MSPCLOCK - ok
23:48:42.0526 0x1ae0  [ 46E61FBA0097E48E5628C74A3F72233A, 21BD64041781085A7873ADA34C3648FBBBED386A071C69F21D98F2A0C3120DC6 ] MSPQM           C:\WINDOWS\System32\drivers\MSPQM.sys
23:48:42.0541 0x1ae0  MSPQM - ok
23:48:42.0560 0x1ae0  MsRPC - ok
23:48:42.0579 0x1ae0  [ CBD56E0B55FB3672BA80382EC2F8835C, 1956E9B20A363B715C2111138D2085AA28FEDA7A82228CB4D8CE7ACC578E4DDB ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
23:48:42.0587 0x1ae0  mssmbios - ok
23:48:42.0603 0x1ae0  [ 5734B2A36D3BB13A638E5305EEEC582D, 613D559ED892EC4ABDF80F2435892895677F97902E699BE30283C150ABA49877 ] MSTEE           C:\WINDOWS\System32\drivers\MSTEE.sys
23:48:42.0615 0x1ae0  MSTEE - ok
23:48:42.0633 0x1ae0  [ 85270E0DC6907C6B99F72A36F17AED34, 58C0BBF9CC9E42266C8AF9AB9FEC77442F96C7C6D0DFCFAAB763DAD30B1B7939 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
23:48:42.0644 0x1ae0  MTConfig - ok
23:48:42.0662 0x1ae0  Mup - ok
23:48:42.0685 0x1ae0  [ 3C57FF3BCF496D24C39C2198158864BB, 8671DF39AE5DD83033EC70BF8A502ED027B33B90FFC28AC2C79EC8F2F9128C14 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
23:48:42.0694 0x1ae0  mvumis - ok
23:48:42.0711 0x1ae0  NativeWifiP - ok
23:48:42.0726 0x1ae0  NaturalAuthentication - ok
23:48:42.0775 0x1ae0  [ FBA9F5B9F59A665F248F70B905EDCE14, D2C1795192809F6413E080A9ADC949A4D99D0FC6BE668870127161474FF40596 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
23:48:42.0804 0x1ae0  NcaSvc - ok
23:48:42.0815 0x1ae0  NcbService - ok
23:48:42.0862 0x1ae0  [ 3C7E074AE41D8DFB41A9E65904D8BF43, 34890591FDCEC035D3BB021DB035A4728C415A70F55D88F21E39073040C912AB ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
23:48:42.0879 0x1ae0  NcdAutoSetup - ok
23:48:42.0902 0x1ae0  [ 77B047B109CE758A017F58FAE5038D0D, 8E9E4ED5128C506B696FD5F0E8AD0D11FF53B5DD2F88860FF8F60307A7E08DEA ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
23:48:42.0913 0x1ae0  ndfltr - ok
23:48:42.0916 0x1ae0  NDIS - ok
23:48:42.0962 0x1ae0  [ 067AE5BA349CC35AF8975D22DC483DDF, FEC185ECDA27041506DF74528AA65B32FEBB06E32A55C8F7BA161A755C6659CF ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
23:48:42.0977 0x1ae0  NdisCap - ok
23:48:43.0000 0x1ae0  [ 6FC4D7EB5D38CFB7966405036116F065, B3E9083ABE7AD797FA54FB1308AA57D49C9B7BA662B09607666B23777F6167C8 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
23:48:43.0019 0x1ae0  NdisImPlatform - ok
23:48:43.0088 0x1ae0  [ ED7CC4E16B76B2603C9F827188EA63B4, A6E739D219F50866051A08867844BDA878D6FEA33E91DEAC1948A55CDC5BEB9F ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:48:43.0114 0x1ae0  NdisTapi - ok
23:48:43.0118 0x1ae0  Ndisuio - ok
23:48:43.0131 0x1ae0  [ DC1D26D62F40B7552BCF49D92774F0C5, 3DD7CE2AD578101EFF8C1448800A1317F01893AF6E559C4DCCD9F6ACE4B027E4 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:48:43.0142 0x1ae0  NdisVirtualBus - ok
23:48:43.0157 0x1ae0  [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
23:48:43.0175 0x1ae0  NdisWan - ok
23:48:43.0185 0x1ae0  [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:48:43.0202 0x1ae0  ndiswanlegacy - ok
23:48:43.0242 0x1ae0  ndproxy - ok
23:48:43.0291 0x1ae0  [ A791792DC412CCD83DA0AF6871682552, FE1A30A6D1501463CF8AAC3AD8CE114ACFEDD38CF9BD6B2247B84E41D74A9E6B ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
23:48:43.0305 0x1ae0  Ndu - ok
23:48:43.0329 0x1ae0  [ BE79982A50AC88BC0765F3AFECFCB596, 1E7CACB1095C3F1D10766E15B31DEE195C1E6954D4E7ADA141CA4C15EE3DA445 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
23:48:43.0347 0x1ae0  NetAdapterCx - ok
23:48:43.0361 0x1ae0  NetBIOS - ok
23:48:43.0372 0x1ae0  NetBT - ok
23:48:43.0400 0x1ae0  [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:48:43.0411 0x1ae0  Netlogon - ok
23:48:43.0452 0x1ae0  [ 94BC40F88309B0B7DFE68B2C2BB15EB6, 7E485F6A3F0B1C34C59D1F36EDE05ED9724E23FF63EA273910A02D8177905D9B ] Netman          C:\WINDOWS\System32\netman.dll
23:48:43.0473 0x1ae0  Netman - ok
23:48:43.0531 0x1ae0  [ 79ED54CA41486399361778D533E55A99, 17467C0C0D4D099DC7BF2BDE46086AF4AFC28895C62A35AA6A3906C19418AA32 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
23:48:43.0561 0x1ae0  netprofm - ok
23:48:43.0595 0x1ae0  NetSetupSvc - ok
23:48:43.0723 0x1ae0  [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:48:43.0732 0x1ae0  NetTcpPortSharing - ok
23:48:43.0748 0x1ae0  netvsc - ok
23:48:43.0805 0x1ae0  [ E27ACE78CA1BDF4FBBF3323D6E9AFCDB, 7930C172AD493E39712A0F4B1AF4ADFB4ABD499B00FEEA2E1D5C9E5A26105EFC ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
23:48:43.0836 0x1ae0  NgcCtnrSvc - ok
23:48:43.0910 0x1ae0  [ A557C92583E81CA97D2C0F2467E7C2F9, F78B07DB33253142C6CB2DE1BFA1C54EB7CB5D64C94C9B73182C7D49314061EF ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
23:48:43.0953 0x1ae0  NgcSvc - ok
23:48:43.0988 0x1ae0  [ 1EC76B65E0FD8F06D9F6D46FE4822D85, 22EE7AFC3B42D2A34D4BC501633E18CCD26A4917DAC379FD9C5263D540DF3B7C ] NgFilter        C:\WINDOWS\System32\drivers\ngfilter.sys
23:48:44.0036 0x1ae0  NgFilter - ok
23:48:44.0053 0x1ae0  [ B6B688EE7CE921F245D98717CB78C0B8, 4174FBF952C6F1B33267DA032105F335B3413507C65ACCF2C4CA3449779A82CC ] NgLog           C:\WINDOWS\System32\drivers\nglog.sys
23:48:44.0089 0x1ae0  NgLog - ok
23:48:44.0109 0x1ae0  [ 3F25096134B2D082D189F175AF648413, 33FC71B9BC0F1F277704D66A9FAA5F1CCA1C8A1D10ADB0E7223A8ACFCAB618DF ] NgVpn           C:\WINDOWS\System32\drivers\ngvpn.sys
23:48:44.0137 0x1ae0  NgVpn - ok
23:48:44.0163 0x1ae0  [ F08CDE876642348F3B9F8C792065777B, A286C91BD4141B31743F1ECC39E5BF241CB94F264058F714EAF58D6AAFAAFDA6 ] NgVpnMgr        C:\WINDOWS\system32\ngvpnmgr.exe
23:48:44.0213 0x1ae0  NgVpnMgr - ok
23:48:44.0218 0x1ae0  [ 48EA6EF1832244B324E5EA84F2BA9300, ADFB8CFB691BEE738B5ECC648426A5B83104E268ECC9DCEA034D5AE6F7EA9E4D ] NgWfp           C:\WINDOWS\System32\drivers\ngwfp.sys
23:48:44.0243 0x1ae0  NgWfp - ok
23:48:44.0257 0x1ae0  NlaSvc - ok
23:48:44.0261 0x1ae0  Npfs - ok
23:48:44.0313 0x1ae0  [ 5CB8082E51DE7D19042F0FF8C517CB0D, C0C5389E097D520018C346ECBF8AF9928FB44D9AD7B0EFD2D44E910214580A1A ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
23:48:44.0329 0x1ae0  npsvctrig - ok
23:48:44.0344 0x1ae0  nsi - ok
23:48:44.0347 0x1ae0  nsiproxy - ok
23:48:44.0359 0x1ae0  NTFS - ok
23:48:44.0371 0x1ae0  Null - ok
23:48:44.0425 0x1ae0  [ 532F27A2B62D70C327E763F035AED6C1, 9FB6C8040D48384BC72A2021EAD7D48B5E876731849FBA68338EC3562E7CB659 ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
23:48:44.0438 0x1ae0  nvdimmn - ok
23:48:44.0461 0x1ae0  [ 7E04652EB1A476BC0A72ECDC613AF0C5, F356C5F7B1C30253F4F8A3E45AAA8C82940DBE1F208D81043D7D89EE54355890 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
23:48:44.0471 0x1ae0  nvraid - ok
23:48:44.0493 0x1ae0  [ 880B3E874914DAEF97119876543AE117, E41A633F5C2519438FCA0A85F134061224C39AB82EE61F3B80043E21985A80D7 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
23:48:44.0504 0x1ae0  nvstor - ok
23:48:44.0525 0x1ae0  OneSyncSvc - ok
23:48:44.0618 0x1ae0  [ 7D7024102592080A99630B5DDD77CF40, AFE385CE4CD1D8D3648C1FEBD986ADCB9E0FF7099F6405B091F5DEAAB4C1A8D7 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:48:44.0644 0x1ae0  ose - ok
23:48:44.0647 0x1ae0  p2pimsvc - ok
23:48:44.0651 0x1ae0  p2psvc - ok
23:48:44.0665 0x1ae0  [ 2E07EC2C1622F5E7B535D62DCD61F3AB, 5FECA3CD9AF531E59B1A0FE04AE8BA22F3C929EB6AA5B2171C88A788AFAA8115 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
23:48:44.0678 0x1ae0  Parport - ok
23:48:44.0681 0x1ae0  partmgr - ok
23:48:44.0710 0x1ae0  PcaSvc - ok
23:48:44.0713 0x1ae0  pci - ok
23:48:44.0778 0x1ae0  [ E5AF806815ED797086629741F29E4156, 1AD39A8DD564807EE11775C1C69129184A28B7AC4ED66E47CBE657C9215986C4 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
23:48:44.0789 0x1ae0  pciide - ok
23:48:44.0813 0x1ae0  [ 2A631D447B988AFBE847CBAA8E5CC298, 65D52E0E7F16EFFF8926E4FF97B42ABB2C5F1125FB13F521143712E3F9028FE7 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
23:48:44.0823 0x1ae0  pcmcia - ok
23:48:44.0826 0x1ae0  pcw - ok
23:48:44.0841 0x1ae0  [ 1796112EB89559910BC18865A29C8894, 3EDACF3FDFB4164C1F07BAE7ABCA4E8DC5DBADE11C73F18546E5FE2A10CCDEA8 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
23:48:44.0851 0x1ae0  pdc - ok
23:48:44.0855 0x1ae0  PEAUTH - ok
23:48:44.0902 0x1ae0  [ 35FD028E4323018202C0B7D115FD3AEF, CA0CA9EF7A6496EBD35C775D0BD9CC814B07391B69C83938C90926D316A336FD ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
23:48:44.0911 0x1ae0  percsas2i - ok
23:48:44.0925 0x1ae0  [ F9F3D8BE9BC9241CC726197261362AC4, 0AF0EBD551B3C079C7A5EA568A171B43F822C4AD0177A8135FBF315813108535 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
23:48:44.0934 0x1ae0  percsas3i - ok
23:48:45.0067 0x1ae0  PerfHost - ok
23:48:45.0100 0x1ae0  PhoneSvc - ok
23:48:45.0133 0x1ae0  PimIndexMaintenanceSvc - ok
23:48:45.0241 0x1ae0  [ 73B5A132EBF3A8075A7C68DFBB4DE719, 847FC2A2B4C1C65BFEFBBF90C2EB99378E2FDE469425F141BC75D1874F94658C ] pla             C:\WINDOWS\system32\pla.dll
23:48:45.0306 0x1ae0  pla - ok
23:48:45.0353 0x1ae0  [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
23:48:45.0372 0x1ae0  PlugPlay - ok
23:48:45.0385 0x1ae0  [ 36D43EA5517F3F4AAAC8EE061C957EF1, 970CBE8F689C26C384B8F4E6D0C68BB07434C4776B497E310A603A896AED05E0 ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
23:48:45.0398 0x1ae0  pmem - ok
23:48:45.0444 0x1ae0  [ 59048555B59FD69287CFAB6022B5CC86, 733D3F1DBF75D6A5A015E6F849216E1954813F86E5D3B05B4AF0E9FD523FC646 ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
23:48:45.0456 0x1ae0  PNPMEM - ok
23:48:45.0495 0x1ae0  [ 7815D5EEE3624640150B1365EB2E98C5, 2E45B211F40510554E5BDA876E53497FA4A8465A152F77CF38CAD38CC6F47C8A ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
23:48:45.0512 0x1ae0  PNRPAutoReg - ok
23:48:45.0515 0x1ae0  PNRPsvc - ok
23:48:45.0568 0x1ae0  [ E1BCA08929D806A087D90BC11C6020E8, F9FE2E761F0F00C4A0C221D25069348185C75CA350DDD1407A6401220227A9F6 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
23:48:45.0593 0x1ae0  PolicyAgent - ok
23:48:45.0620 0x1ae0  Power - ok
23:48:45.0647 0x1ae0  PptpMiniport - ok
23:48:45.0795 0x1ae0  [ FAA5FBD37C00DE72573F9BF6B6E64BAD, AEF599C9D47ED197FAC54326E99114AD7EAA107A0248C77997D353A7B5C06FBB ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:48:45.0964 0x1ae0  PrintNotify - ok
23:48:46.0017 0x1ae0  [ 8803D4F36F1CB2E2203F5EB59571E89C, 0C83A8706CDB7400CCAB145211793B8C6153D30CA50843A5E3980536F2A38C11 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
23:48:46.0034 0x1ae0  PrintWorkflowUserSvc - ok
23:48:46.0044 0x1ae0  Processor - ok
23:48:46.0051 0x1ae0  ProfSvc - ok
23:48:46.0089 0x1ae0  [ 5818FE76C3C6AE0CA723EBE483BF447F, 613E1FE02FA52A6EF4B1E5C56F0108D493B1E97F799CF409A6697A5D5112C8B3 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
23:48:46.0100 0x1ae0  Psched - ok
23:48:46.0113 0x1ae0  PushToInstall - ok
23:48:46.0165 0x1ae0  [ 034BA34ADFA10F9D7E4989273DDABA33, 8763D28817A64F0D82B61EBA1FA54D7E0C97E66FA3F359C1A681740E1AF680C2 ] QWAVE           C:\WINDOWS\system32\qwave.dll
23:48:46.0187 0x1ae0  QWAVE - ok
23:48:46.0235 0x1ae0  [ 16F9A6B593B52EB18F7ECB9D251BDF7A, 5DD26B91DF51A07097A893F3537F94FE2CD1F9D132B0994451E922CE1359516B ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
23:48:46.0251 0x1ae0  QWAVEdrv - ok
23:48:46.0293 0x1ae0  [ 13600C467512147E99052806F2C1307A, 705257F42FA3502113958A295E0E0FED9C6A35DB6214099360606E792F69B1C6 ] Ramdisk         C:\WINDOWS\system32\DRIVERS\ramdisk.sys
23:48:46.0303 0x1ae0  Ramdisk - ok
23:48:46.0320 0x1ae0  RasAcd - ok
23:48:46.0391 0x1ae0  [ ED0EE10911C16AD8B21B9003C90E968F, CFB280D14F629E87BBBDA83841E4B3DD8866FB8382FF17D3E807BBFBBC3BAC1A ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
23:48:46.0419 0x1ae0  RasAgileVpn - ok
23:48:46.0435 0x1ae0  RasAuto - ok
23:48:46.0456 0x1ae0  [ E0220BB6580D34001D4D1D133052DAA4, F350A34E7592673B7B77F907E7D7ACFC50C6099A4874C1D870BD0E089D8EF668 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
23:48:46.0472 0x1ae0  Rasl2tp - ok
23:48:46.0490 0x1ae0  RasMan - ok
23:48:46.0508 0x1ae0  [ 12EE1D92F4E5FAE4B6F65195A2016CE5, C62E9EBD4FE642248C36BB2C9BD7B1C1C09E8A33D4B4AA39DD32F9FD1FE86081 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:48:46.0524 0x1ae0  RasPppoe - ok
23:48:46.0541 0x1ae0  [ 91CE469015979E5B3C3DBC2C41A476E8, 45D7EA66311126E370B4E082F7E8507399AC594AB6F7CD5A45C9F09658FD7E19 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
23:48:46.0556 0x1ae0  RasSstp - ok
23:48:46.0578 0x1ae0  rdbss - ok
23:48:46.0583 0x1ae0  rdpbus - ok
23:48:46.0588 0x1ae0  RDPDR - ok
23:48:46.0645 0x1ae0  [ 4D1A63ACEC42A88E52AFC4E84A8CE9EE, 37789428D78273EB09F3613BC72DF5D5E9210D4650CC4D9F9DD413DB4A20B6F2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:48:46.0655 0x1ae0  RdpVideoMiniport - ok
23:48:46.0677 0x1ae0  rdyboost - ok
23:48:46.0735 0x1ae0  [ FB0577F6BC9E07549CEACF5224327499, 7AD01A641C3A8735C05C7EFDF3730D7A385A241306E3AD01B088D7329FF319E0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
23:48:46.0783 0x1ae0  ReFS - ok
23:48:46.0838 0x1ae0  [ 4136BCA61BCDCC79DCE145F9CB639CD6, 58D49C41532A31F6F2112317BB60D80D34A4D29CAABBF11BAD9C45FD8B812F93 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
23:48:46.0866 0x1ae0  ReFSv1 - ok
23:48:46.0962 0x1ae0  [ 16884710EB4898CB49B18609EEE34C6C, CEC4850825D81969BE269A4DC23DF54F6E2346AADE40D95E91B512412D4BD358 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:48:47.0001 0x1ae0  RemoteAccess - ok
23:48:47.0056 0x1ae0  [ 9D82CD53B622A85A10B4DA8F4724A8E4, 0D4DDDF7C8D90CB19A86EA531205BAF19BA2335DBD10CD9F006C969CE9735223 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:48:47.0074 0x1ae0  RemoteRegistry - ok
23:48:47.0096 0x1ae0  RetailDemo - ok
23:48:47.0143 0x1ae0  [ BBC228CA2F96B784B01FE7F1C5E3CFBB, AF24D0B4093F9CCE88C5BCB94944BCD6D36B890AD8544AF0CD7814B8D4F73A7A ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
23:48:47.0156 0x1ae0  rhproxy - ok
23:48:47.0281 0x1ae0  [ 9E18DF158751CF968E7DF83256D70233, 89385DA5ABD283F289E37D7D9E33358B06216E9B3659B2E70F19FD5BA49C7F90 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
23:48:47.0294 0x1ae0  RichVideo64 - ok
23:48:47.0339 0x1ae0  [ 665A51DE515A2E8B0BDB3D6917D47DD9, F5BF28900F55CB17016E64775B9A5B64D16E2A5898F4D5A7ABE26639932B2C63 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
23:48:47.0358 0x1ae0  RmSvc - ok
23:48:47.0400 0x1ae0  [ D0F6698E56F0157EA72F2D754C6FD555, A93DEECB1D84E5AC2C1E2D3D54BA118774E6F77996BEC7BCB6C758B6D04D1920 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
23:48:47.0422 0x1ae0  RpcEptMapper - ok
23:48:47.0465 0x1ae0  [ EB65907BD63871669C54D5E5BAE4DD34, 9A429C4B416913D65728A40890FC3C69465C4C77C2D313007BDF24EA5F4E1400 ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:48:47.0478 0x1ae0  RpcLocator - ok
23:48:47.0516 0x1ae0  [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:48:47.0561 0x1ae0  RpcSs - ok
23:48:47.0647 0x1ae0  [ 27B80E5766B114621980F82FB78E912A, D7986FB32AFA2F376FBAA5EFAC18F5E699BAF97AD0C92A0B787E1CAF77465CFD ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
23:48:47.0719 0x1ae0  rspndr - ok
23:48:47.0790 0x1ae0  [ 909BEFE0B82DD2CDBAFD2A0C98E8E227, FCF0B863FF21B88F0F678455E3DCB3AC1DB4CF6D51FEE93B5752F72C6B1409EC ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
23:48:47.0813 0x1ae0  rt640x64 - ok
23:48:47.0912 0x1ae0  [ 7615992F35982471546A3DE5B7587250, C8703D4A836C543A7AE6E7B980D83712DC456C351FFFAF76987A3B4B50F610F8 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
23:48:47.0926 0x1ae0  RtkAudioService - ok
23:48:47.0986 0x1ae0  [ EB596B5491C634F4B16B09D244D883A1, AF4822A621222FD0E8109F1B04FAB1F4A1B2573EB320CE61AE734A753E6DB983 ] RtkBtFilter     C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys
23:48:48.0007 0x1ae0  RtkBtFilter - ok
23:48:48.0166 0x1ae0  [ 6846EB30E0B82F0A11361BDB1FBC5B9F, 8742F57386B8D917C9B7154118A1174E2308AC14ADEEB109AF3F3DF3EA5FD54D ] RTWlanE         C:\WINDOWS\System32\drivers\rtwlane.sys
23:48:48.0300 0x1ae0  RTWlanE - ok
23:48:48.0328 0x1ae0  s3cap - ok
23:48:48.0404 0x1ae0  [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] SamSs           C:\WINDOWS\system32\lsass.exe
23:48:48.0417 0x1ae0  SamSs - ok
23:48:48.0456 0x1ae0  [ 324FA3C337EB54B43448F7B08444DC8D, 6AC6E84EBE169400D5CE140C7DC7F527D1A8F5B642593870AD7D1B193C21C7A3 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
23:48:48.0466 0x1ae0  sbp2port - ok
23:48:48.0491 0x1ae0  SCardSvr - ok
23:48:48.0507 0x1ae0  ScDeviceEnum - ok
23:48:48.0565 0x1ae0  [ 62A33CE69DB508BCEC63F4D3BFF400CE, 914FF18959025C71923558898F95B8113EE49930144A0B19FC06C5C043A171B4 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:48:48.0583 0x1ae0  scfilter - ok
23:48:48.0617 0x1ae0  Schedule - ok
23:48:48.0631 0x1ae0  [ 7B057373146CC4E5A1F1DA665EA55DC7, 48F1C276F99D4E135A261DDEFE2D813430DEFF6BA30FCBFFB102EA40EAD9434A ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
23:48:48.0641 0x1ae0  scmbus - ok
23:48:48.0656 0x1ae0  SCPolicySvc - ok
23:48:48.0670 0x1ae0  sdbus - ok
23:48:48.0712 0x1ae0  [ 6D3853838864886B4F10B074282772E0, 50855299C5D7FBE0E45EE6288EA1B824215D3E3693F24F1AD2BB2F2E27F6150D ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
23:48:48.0721 0x1ae0  SDFRd - ok
23:48:48.0760 0x1ae0  [ 368180051766E4289E3D47AF21F2668C, AD1E675A990684F131F09E61988525102CDEDA0817A20F188FE9D2A428216BC2 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
23:48:48.0787 0x1ae0  SDRSVC - ok
23:48:48.0801 0x1ae0  sdstor - ok
23:48:48.0850 0x1ae0  [ 0356C85312D78F4C7F33C74B6000BB93, 378018A0ABDF65506B471F091DEF6A8E1D2E719BEBA843595C550E3151C9E6D6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
23:48:48.0864 0x1ae0  seclogon - ok
23:48:48.0883 0x1ae0  SecurityHealthService - ok
23:48:48.0890 0x1ae0  SEMgrSvc - ok
23:48:48.0934 0x1ae0  [ 62EDAD383010E037C4D3846C7C021A00, CF2C5D97B4B8C472242A1DCC1CB97A081BFDA41F5708CA78DC9B5041C9B747D9 ] SENS            C:\WINDOWS\System32\sens.dll
23:48:48.0952 0x1ae0  SENS - ok
23:48:49.0028 0x1ae0  [ DDBBE9A08C79D3BB50D6053507F7777D, CA67D6FFCF63F38AAA320276F0AB96F87F6431907D2BC138E7EEE4530BE88AF1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
23:48:49.0080 0x1ae0  SensorDataService - ok
23:48:49.0093 0x1ae0  SensorService - ok
23:48:49.0121 0x1ae0  SensrSvc - ok
23:48:49.0166 0x1ae0  [ 75A27472AFD009255DBDE52038E3BDB5, 95C31B86D77D73B340901D3BD9798A9E3171D4D3F3D4632FBE3F6AE2B49A17C7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
23:48:49.0176 0x1ae0  SerCx - ok
23:48:49.0195 0x1ae0  [ 84005F54308109A022413D628E966412, 6828A10DF28053C159E93BDD7A62A5517E7037DC302D0EEED55BF07B48E0A202 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
23:48:49.0207 0x1ae0  SerCx2 - ok
23:48:49.0218 0x1ae0  [ 40384793F74CFFA45BCC38DF65E978EC, FA68F18573CA92703A3442BB4BC5135C42520BA7D2C3E4B872115C02EE0A719E ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
23:48:49.0229 0x1ae0  Serenum - ok
23:48:49.0243 0x1ae0  [ 699470AD24D67908991A777716A352FD, 6155D9785DF9A9346B715798A2C4A0F9B90D2AF725E710F127E06155272B406E ] Serial          C:\WINDOWS\System32\drivers\serial.sys
23:48:49.0256 0x1ae0  Serial - ok
23:48:49.0269 0x1ae0  [ 92453F065F52A8EF0328A926B2C9502F, 11CF98993B00B4850C30528F0922BF392B8DE085AD84D17721964D543A41D64D ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
23:48:49.0283 0x1ae0  sermouse - ok
23:48:49.0303 0x1ae0  SessionEnv - ok
23:48:49.0320 0x1ae0  [ 1D8920C40F19B5FBA5F4897779840AD1, 9B1DAFD92963118ACEA411224AA65C841D57D29F6F1EB69A58AB32BC5FEB1592 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
23:48:49.0331 0x1ae0  sfloppy - ok
23:48:49.0377 0x1ae0  SharedAccess - ok
23:48:49.0452 0x1ae0  [ 63377493508564288721EF5421A216F5, 8D8F2CAD3608AE47AFEAA60C51E288EA622EC85B1CAA330CD226CA7A49F0F8E3 ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
23:48:49.0480 0x1ae0  SharedRealitySvc - ok
23:48:49.0543 0x1ae0  [ 887458A234108B5B69038299BE7FAD88, B25780E36FCA373141EC129EC878AC0C2D560DFF62FEE3DFE332256C1FCDF579 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:48:49.0576 0x1ae0  ShellHWDetection - ok
23:48:49.0678 0x1ae0  [ 5ED18BE9FE76540A0596BB41C91719C6, 54B52E6EC059F48D2A4FEDC9D2B7B391A605F63CFC29C46A9FC5BA936EF3A72D ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
23:48:49.0699 0x1ae0  shpamsvc - ok
23:48:49.0727 0x1ae0  [ A871F9CC9CF388DC7193D22EF8D8C8DF, D9E915F85E4FD993B04162B7D30BE6F230DD5464BBD75AE173255E59BA777067 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:48:49.0736 0x1ae0  SiSRaid2 - ok
23:48:49.0748 0x1ae0  [ D30FC341550CC364880950152AE8B1C5, BCCEB920C8DBCE061A62B0B7C91DA2981312DE9A8EC2D7398AE6009148603C77 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
23:48:49.0758 0x1ae0  SiSRaid4 - ok
23:48:49.0863 0x1ae0  [ 22CC2A61BC77C5972B58756049AA254E, 4DF554A1C2FF8C2D9AD8633231961DE95171A17295DAA7779E607AFD7BD8FE03 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:48:49.0882 0x1ae0  SkypeUpdate - ok
23:48:49.0912 0x1ae0  [ AE73570A0AF0FB1BF84B7CD815772409, 2E00FADEA5054E5E8A1BA964FA0F6C787320662C7AECBE0DC923698AB9252300 ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
23:48:49.0919 0x1ae0  SmbDrv - ok
23:48:49.0971 0x1ae0  [ ADFE78C4F1A328EC5BEC6EB4BC41EF06, 250DC9325772CA83E47D6D168FE4E1BF937910D0456D946637E0E96FE0022383 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
23:48:49.0979 0x1ae0  SmbDrvI - ok
23:48:50.0063 0x1ae0  [ 9CA6E573757C76A515EFD6DD795A3A1E, E7F87EF70545ABA33171A5783439E6E7874A2CAEE0C7ECF384023FBDCD967743 ] smphost         C:\WINDOWS\System32\smphost.dll
23:48:50.0097 0x1ae0  smphost - ok
23:48:50.0139 0x1ae0  SmsRouter - ok
23:48:50.0195 0x1ae0  [ FDADDEC855034107E5FAD708B4E2424D, 1E3A07E0F67E23F32E046F516608D78299BA66BC647F6A6A240C77245FE3A7FF ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:48:50.0215 0x1ae0  SNMPTRAP - ok
23:48:50.0247 0x1ae0  spaceport - ok
23:48:50.0298 0x1ae0  [ CCECE7E96B4F7B0E9F0FC82F6DADA917, 4C20D74971C7A822C51429BE960F85016B03166E05D43B29F5D290F413006C18 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
23:48:50.0308 0x1ae0  SpatialGraphFilter - ok
23:48:50.0328 0x1ae0  [ 545507AF670BC88B89200A118513ED9A, 1450D29E678F26B317D55BBF41E603296C5FBA54F956801D3E796808FFDCC0AD ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
23:48:50.0337 0x1ae0  SpbCx - ok
23:48:50.0367 0x1ae0  spectrum - ok
23:48:50.0377 0x1ae0  Spooler - ok
23:48:50.0409 0x1ae0  sppsvc - ok
23:48:50.0428 0x1ae0  srv - ok
23:48:50.0432 0x1ae0  srv2 - ok
23:48:50.0450 0x1ae0  srvnet - ok
23:48:50.0479 0x1ae0  SSDPSRV - ok
23:48:50.0501 0x1ae0  [ 3BEF5FAC7F3DA3E25B80CC41B5060616, CAAB3CAF150F564964471F494F583014E5EF842BC4761A64B708842C4425753B ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
23:48:50.0524 0x1ae0  SstpSvc - ok
23:48:50.0559 0x1ae0  StateRepository - ok
23:48:50.0698 0x1ae0  [ 75449A527B4B339AC7C312FF05DAF759, 20BC52F508EE80DB64C038ABA5026313783BFA9E378E726C06CD7711B57E8ACE ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:48:50.0737 0x1ae0  Steam Client Service - ok
23:48:50.0758 0x1ae0  [ 162A805E13B3C0DD06AE8B6FC1900156, 43782D9136596365B87E7DF2046CC28C2AF9EC014308E1458E0315F7F6463B44 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
23:48:50.0766 0x1ae0  stexstor - ok
23:48:50.0843 0x1ae0  [ 3B3F5D6BB8A6A6F3630194A471989069, 0A5D586A1866113B94F5F11571506E133F64640DB38BEEDBE5489ED10314FA31 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
23:48:50.0875 0x1ae0  stisvc - ok
23:48:50.0879 0x1ae0  storahci - ok
23:48:50.0883 0x1ae0  storflt - ok
23:48:50.0896 0x1ae0  stornvme - ok
23:48:50.0899 0x1ae0  storqosflt - ok
23:48:50.0903 0x1ae0  StorSvc - ok
23:48:50.0907 0x1ae0  storufs - ok
23:48:50.0910 0x1ae0  storvsc - ok
23:48:50.0931 0x1ae0  [ 587854AF01CABE83A62D81FFEEBCD6AA, 99103FCCFE18DA0EA0121A10BCB7DEB833DE2A5C4CB8BD70E4983C2274D469E6 ] svsvc           C:\WINDOWS\system32\svsvc.dll
23:48:50.0998 0x1ae0  svsvc - ok
23:48:51.0013 0x1ae0  [ 027B27E4B9DB3931D64159B81BD915A0, B30BD828748205642529B6E528D12B16F86CA4F06F60C2C2E89AD7A97EB06B49 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
23:48:51.0021 0x1ae0  swenum - ok
23:48:51.0057 0x1ae0  [ E0915F9B3C154FEF700C34A8E613B945, 172205D9DF0ABCC1F2B9484BA75A637BC0899CB42BFA5F0352B9C8E0CD6DDDA3 ] swprv           C:\WINDOWS\System32\swprv.dll
23:48:51.0085 0x1ae0  swprv - ok
23:48:51.0115 0x1ae0  Synth3dVsc - ok
23:48:51.0178 0x1ae0  [ 347F4B8DC1CAA234474AE79BF5207E2B, 5AA283992801FAC705EC99A8644D2F2F77D13EAF802F92D7EACEB4FA1724DE15 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:48:51.0198 0x1ae0  SynTP - ok
23:48:51.0259 0x1ae0  [ 91AF2EF13E4F1A555F16C49F50BF8746, 396B4E67BCA7BC4B853940AF98406EF72135F536882385A6EC1960FA0C4FC42F ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
23:48:51.0270 0x1ae0  SynTPEnhService - ok
23:48:51.0291 0x1ae0  SysMain - ok
23:48:51.0315 0x1ae0  SystemEventsBroker - ok
23:48:51.0367 0x1ae0  [ 73F6476EE9F5448838B2883E0B710CD7, 0C2362C92A5CF8EBE428FC7C0399A8B6812CA42DD11D8669CB23FB10AC7B52AA ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:48:51.0389 0x1ae0  TabletInputService - ok
23:48:51.0442 0x1ae0  [ AC1AA61B04116E540C5AFD18F11F2697, D5ACC296853911E2C9A5E7B0B6F36AC4FA6B49417CB456D153427BCFD944C195 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:48:51.0468 0x1ae0  TapiSrv - ok
23:48:51.0471 0x1ae0  Tcpip - ok
23:48:51.0474 0x1ae0  Tcpip6 - ok
23:48:51.0521 0x1ae0  [ 74A1BF4093FA7B7D6C9366A39911A78E, E60694303A608EBFEAA5C581B312A212BC7081A4D67234F003917FA6E6A05F84 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
23:48:51.0533 0x1ae0  tcpipreg - ok
23:48:51.0558 0x1ae0  tdx - ok
23:48:51.0605 0x1ae0  [ B4B68E1DB59456419D9E49645729502A, A741EDEBCF5E8141BCC8867D5A62024425656432B6E6B0A0131B1B4AB878744E ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
23:48:51.0613 0x1ae0  terminpt - ok
23:48:51.0681 0x1ae0  [ 96037700AEE1B4D5A6FFC62861E4FF8C, E2E4D23525389C13126401215541F5625258DA18372CB5C98D0B95123A86ACFB ] TermService     C:\WINDOWS\System32\termsrv.dll
23:48:51.0724 0x1ae0  TermService - ok
23:48:51.0736 0x1ae0  [ E0F78207F33D6C10CBFB23E873837C87, 55D4411A4070AFE81E576989D67DC411BAE39D9B90697E7646F07716EABE8EC1 ] Themes          C:\WINDOWS\system32\themeservice.dll
23:48:51.0753 0x1ae0  Themes - ok
23:48:51.0802 0x1ae0  [ B52BA61AB8E4BAA83EA86BAB312EE6ED, D9A9D17FD222A67CA1906A422055718269929F0B33C7417F7D1F9447FD424683 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
23:48:51.0825 0x1ae0  TieringEngineService - ok
23:48:51.0885 0x1ae0  [ BC834B233125DBB321B809972F2E270E, 7085FAF5BC5E37E81E30345E984887E2D3F7657F87A23C0C1C0A4DFCD558BA55 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
23:48:51.0917 0x1ae0  tiledatamodelsvc - ok
23:48:51.0947 0x1ae0  TimeBrokerSvc - ok
23:48:51.0981 0x1ae0  TokenBroker - ok
23:48:51.0990 0x1ae0  TPM - ok
23:48:52.0031 0x1ae0  [ 39187852984778424A0EFD6B01FAB272, 2E7F7AEE8BAB1C6D8B880C28222EFFB721CFDA3B39215BB065088E396581ADA9 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
23:48:52.0048 0x1ae0  TrkWks - ok
23:48:52.0133 0x1ae0  TrustedInstaller - ok
23:48:52.0179 0x1ae0  [ 8D811209E34358EAD3FD8E40F657E59C, 1A40ED03C03C4FD87EBD166C0D87356F5036F04FBC1F9A600E92E2125B117DFE ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
23:48:52.0210 0x1ae0  tsusbflt - ok
23:48:52.0257 0x1ae0  [ 68DE1735FB020AE8948BD7B60F2EBD3B, 198EFA09C3FB57CD7C11F1AB91491E8FB8093F12DACE1B1AF1BDE50EBCD8EB43 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:48:52.0268 0x1ae0  TsUsbGD - ok
23:48:52.0316 0x1ae0  [ ACD39B0E5CFDA7B1AB7DF33FC5CC0E46, 89FE50DE5037770D568BA025A7EB06B5FAEA39A1EB97910319B942B02EFD14E5 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
23:48:52.0333 0x1ae0  tunnel - ok
23:48:52.0375 0x1ae0  [ D5E68FCEDE15214BDB5D986D5B50E0BF, D2FA040B4BF4424928ABFB0B8CCA768C8DC9BE3DA86A3C61B1CEE1A2C543FADC ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
23:48:52.0394 0x1ae0  tzautoupdate - ok
23:48:52.0436 0x1ae0  [ 04FC2C7F73AE58BF0DD674164E28A6DF, 513E98D6838008B6F97E895BCD639679276AD6A7F7E789A6F3D4E9F9781CA78A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
23:48:52.0446 0x1ae0  UASPStor - ok
23:48:52.0465 0x1ae0  UcmCx0101 - ok
23:48:52.0499 0x1ae0  [ 950A3E42167904CAB9AA64863C31CEB5, FC31C3177EDA9FFD2CE51EB2B1E696E50FFB378973C3C001EE29265FED249353 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
23:48:52.0516 0x1ae0  UcmTcpciCx0101 - ok
23:48:52.0530 0x1ae0  UcmUcsi - ok
23:48:52.0550 0x1ae0  [ E6E91B3980A495D2A9D28A09580EA993, B4987D875A8AA176818C115844388EE64054411689B014ADEAC18164D02F6AE8 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
23:48:52.0562 0x1ae0  Ucx01000 - ok
23:48:52.0575 0x1ae0  [ DACA289DFFA7658C04FEF6DCFA2AA9CE, 7BD32B5F395A8675D4B2BDCA75530F2FFA64ED87B2B67FDA08EF709A4EA15553 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
23:48:52.0587 0x1ae0  UdeCx - ok
23:48:52.0612 0x1ae0  [ 12383D410AEF99AD6979A8EFD3D61888, 376929794A2A8B05DDB2EE93E58A3C3DA19855F5CBC8B29E208E28BF95970355 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
23:48:52.0633 0x1ae0  udfs - ok
23:48:52.0647 0x1ae0  [ AB7FE51D818B6059C2F56FA62268CCAC, D8412F13BFE0B96E0A9CCB5E25A567A66AE24983564D76954AA76DAF0A52726E ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
23:48:52.0656 0x1ae0  UEFI - ok
23:48:52.0725 0x1ae0  [ 58447F28E697A93521DD20530A8D50ED, BC166B829BA28DAEB8B113D5575D6A11BF81716B38797396496F4D2C2E537F23 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
23:48:52.0739 0x1ae0  Ufx01000 - ok
23:48:52.0766 0x1ae0  [ 69ED2D00A7787D9D84E6C90CE0B02B2D, 55B137766D72BF5FFF645E8E76248FD15367DFDF7FFDABB9A9ECC27FD7555DD3 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
23:48:52.0777 0x1ae0  UfxChipidea - ok
23:48:52.0806 0x1ae0  [ F061EC57330FBC597A4E7298BE667780, 0C32162782BAE9912373CA40A67567BAEF185173E033579C4833A91C11D83E2E ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
23:48:52.0820 0x1ae0  ufxsynopsys - ok
23:48:52.0877 0x1ae0  [ B26729B378282F72241859C13326E3E8, 859398D02E301B8C79078DB43E3BF9691EBA52DD0717868E27D2D6EF918098DD ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
23:48:52.0895 0x1ae0  UI0Detect - ok
23:48:52.0910 0x1ae0  [ D40BCED160D332005AF612E1228825E6, 72B7B89A3ED1D6846D004D9BDCAAF8F1D488C21A93A926FE158217B529B55157 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
23:48:52.0922 0x1ae0  umbus - ok
23:48:52.0968 0x1ae0  [ 64CF24D7B1FA4975C52A31BF4C82EB73, 2F803884A417F2DD39A155D20EAA4D61D494E41B0F98760810EC5193B84DD425 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
23:48:52.0980 0x1ae0  UmPass - ok
23:48:53.0032 0x1ae0  [ E6B6BDA0412D3C56275E662A5A1937FD, CB971073A34CF3FA184B8E41308A14CFD5E22F48B01109E7531DF013EB5E05E7 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
23:48:53.0068 0x1ae0  UmRdpService - ok
23:48:53.0100 0x1ae0  UnistoreSvc - ok
23:48:53.0157 0x1ae0  [ D2931E3F67A990328DE5CE7E43F4467C, 06BA872FB07CFDD14813963A06E01F225EFDF58A63D6B0A5AEF7872C7126DF54 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:48:53.0184 0x1ae0  upnphost - ok
23:48:53.0233 0x1ae0  [ ACE4C3B4C7D17B154FFC5BBE5F7A9835, C330123EE9BF90518CCB7DA923ED32C0CFA9319C886D9ECA65E3B84E743CB145 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
23:48:53.0241 0x1ae0  UrsChipidea - ok
23:48:53.0264 0x1ae0  UrsCx01000 - ok
23:48:53.0295 0x1ae0  [ EB738F830D3E7EA62A218F101EF91FD4, 35B05845497448C0721377F0EDD7624A4043D0C6E91C5C1CB96853F2D3B16457 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
23:48:53.0304 0x1ae0  UrsSynopsys - ok
23:48:53.0332 0x1ae0  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
23:48:53.0355 0x1ae0  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
23:48:53.0407 0x1ae0  Detect skipped due to KSN trusted
23:48:53.0407 0x1ae0  USBAAPL64 - ok
23:48:53.0431 0x1ae0  [ B43E28E5CF868517EEC0923AB2BC366B, 01817474AFBC2199387F30F708DDD9458FB156EA4AECC8C3E2EBBCBF7A2BA857 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
23:48:53.0443 0x1ae0  usbccgp - ok
23:48:53.0482 0x1ae0  [ 1080D80B5F6D249F23BAE1C0C36233A4, 8EB810282DACCE101D4B5F70FEB450204359537098215DED1DBFF9E14B6F86D0 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
23:48:53.0495 0x1ae0  usbcir - ok
23:48:53.0510 0x1ae0  [ EE162DA2C92026A5B96ED89737975AA8, A26E58C7BEE9B6F0F692A2649F258384E55523A64889E3B7D8EFD6D77753E243 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
23:48:53.0522 0x1ae0  usbehci - ok
23:48:53.0550 0x1ae0  [ C27FEE9758E3BEDE4D48B5EDBE1122CF, 64F7215ADCA3DC1E2D8EF3E6C3579529605DF8F7A2161FB04B19182C828E54D6 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
23:48:53.0569 0x1ae0  usbhub - ok
23:48:53.0588 0x1ae0  USBHUB3 - ok
23:48:53.0608 0x1ae0  [ 44B954306BB2B311E070EDA276FECAB1, 8F3C1FC07E2B8059E41AF3BD1CC03C67770B4FB403D79171CA075874721BBCAB ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
23:48:53.0622 0x1ae0  usbohci - ok
23:48:53.0668 0x1ae0  [ EEF26F9034F0608B93D4D239534BB0BA, 6B047603D4F86C12CF0B22F4260E8BC6A6FF0BEEC50C74E31CA3A4E86567F90D ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
23:48:53.0684 0x1ae0  usbprint - ok
23:48:53.0715 0x1ae0  [ E55C9AF5EE8905879048118824B06816, F431ABF555E09BE64AF7EA0B2573C7F5E5634408E03DC3FAC4A5CC7D48CAF0EC ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:48:53.0729 0x1ae0  usbscan - ok
23:48:53.0741 0x1ae0  usbser - ok
23:48:53.0790 0x1ae0  [ 441CAE778B6A1FF6E618E37814A7A52A, 61DF48D662421F2149FA63187B2C8556A991BDA47EA75798BA86C572C432C1EB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:48:53.0801 0x1ae0  USBSTOR - ok
23:48:53.0822 0x1ae0  [ 2D6BB2157B37B2D9DABF8C218F2A805B, 5FCA03DCAE81F6B7A6EB63F13A361ED915D82635697DAA085A31D447C21C1B65 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
23:48:53.0837 0x1ae0  usbuhci - ok
23:48:53.0893 0x1ae0  [ 68788AE61B2E6A7D97CAD73B632F5BF5, 23F69D7398B1948492C88C610EAA76A72BA4CD93C795E575DDB1886321B30244 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
23:48:53.0915 0x1ae0  usbvideo - ok
23:48:53.0933 0x1ae0  USBXHCI - ok
23:48:53.0955 0x1ae0  UserDataSvc - ok
23:48:53.0960 0x1ae0  UserManager - ok
23:48:53.0974 0x1ae0  UsoSvc - ok
23:48:53.0994 0x1ae0  [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] VaultSvc        C:\WINDOWS\system32\lsass.exe
23:48:54.0005 0x1ae0  VaultSvc - ok
23:48:54.0008 0x1ae0  vdrvroot - ok
23:48:54.0074 0x1ae0  [ 07C192BEEA76B1BD9D0310ED20551D54, 0E8A90B2A228CEE94DBD193E7C6775A64C8BBEF70E318F2ECE935B6ED5B26638 ] vds             C:\WINDOWS\System32\vds.exe
23:48:54.0109 0x1ae0  vds - ok
23:48:54.0128 0x1ae0  [ 9D4EEE333603F3675685F644053499D5, 545A21F86C8CD64B556DE688B31DDB157863766D53E52DE443B881D267223578 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
23:48:54.0142 0x1ae0  VerifierExt - ok
23:48:54.0145 0x1ae0  vhdmp - ok
23:48:54.0158 0x1ae0  [ E10FEBB566E1F0A3936AB304F338637E, 01B344061F2A8802EE88F584CF583DCECA478823A0D37C41D90340E4E2FBC43F ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
23:48:54.0170 0x1ae0  vhf - ok
23:48:54.0174 0x1ae0  vmbus - ok
23:48:54.0200 0x1ae0  VMBusHID - ok
23:48:54.0204 0x1ae0  vmgid - ok
23:48:54.0217 0x1ae0  vmicguestinterface - ok
23:48:54.0221 0x1ae0  vmicheartbeat - ok
23:48:54.0224 0x1ae0  vmickvpexchange - ok
23:48:54.0234 0x1ae0  vmicrdv - ok
23:48:54.0238 0x1ae0  vmicshutdown - ok
23:48:54.0242 0x1ae0  vmictimesync - ok
23:48:54.0245 0x1ae0  vmicvmsession - ok
23:48:54.0249 0x1ae0  vmicvss - ok
23:48:54.0261 0x1ae0  [ D81F6B790519A60F3D1788B45D04B749, 7607DBA77412127C4968D3B6C4FD25F8C286A22DDDD9C78BDC54DF3A4C98AA8E ] vnvdimm         C:\WINDOWS\System32\drivers\vnvdimm.sys
23:48:54.0280 0x1ae0  vnvdimm - ok
23:48:54.0288 0x1ae0  volmgr - ok
23:48:54.0321 0x1ae0  [ 6D6CACED512C1EF1FEAC215E37E3A9BC, 11B26DA5AB0C3736E2B8ADF3E06BFF3FD7853F9D6A948EA15ADC8B7D230062D4 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
23:48:54.0337 0x1ae0  volmgrx - ok
23:48:54.0365 0x1ae0  volsnap - ok
23:48:54.0386 0x1ae0  [ 72A95A844D6BAF2924A4C15BEDFD6BCA, AB9F8C77A077C9E95061D562F516793E547BC276926E1895A186A39317F21BA1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
23:48:54.0394 0x1ae0  volume - ok
23:48:54.0397 0x1ae0  vpci - ok
23:48:54.0420 0x1ae0  [ 075CE3C9E77D2666AFA888951E5F07A9, 264EDD6301851A41FB2233DC9BFC357EE5B60BEC1A04578FD7A576BA145E2A31 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
23:48:54.0431 0x1ae0  vsmraid - ok
23:48:54.0435 0x1ae0  VSS - ok
23:48:54.0443 0x1ae0  [ 26D00E85BE4726B114335250FCDEDA89, BA1E3EC92786A17B99BF6544FD76F0458DAC2810D2A3B0785AC2B066079D5B09 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
23:48:54.0458 0x1ae0  VSTXRAID - ok
23:48:54.0503 0x1ae0  [ 3DFDB573E4D49EA8F416B573525B7A86, 9951D34FF0B98CA562EC0D81E23DA81BF5E5E6B4F5C274BC8E258BAE5E69DF8D ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
23:48:54.0521 0x1ae0  vwifibus - ok
23:48:54.0528 0x1ae0  [ A40FA64655AB5B8773A96A821616C5FC, 221063771A70CD6238D5DD816EC99BFFE31418EDA08E2270D864554234271087 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
23:48:54.0543 0x1ae0  vwififlt - ok
23:48:54.0546 0x1ae0  vwifimp - ok
23:48:54.0602 0x1ae0  [ A17A4F2823C5424C9B8B990644817DC0, D8CE6FC8B6B5BB89968D83AC3DC054C35BD16880D0B321B64799DA1830C2B626 ] W32Time         C:\WINDOWS\system32\w32time.dll
23:48:54.0633 0x1ae0  W32Time - ok
23:48:54.0730 0x1ae0  [ AD72CFDA8E47BC32ED46DE4FD2434062, 0CFD5BFC6D19980E78382493167858CEE2A82977B5CD6646796270288315B3DA ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
23:48:54.0820 0x1ae0  w3logsvc - ok
23:48:54.0834 0x1ae0  [ 5B5430522E0BDF2A753D758710BE7C5E, 1476C664EFCE7A2FEE738BB767D3E2EABBEF19F1037D383140BC01F92E154039 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
23:48:54.0844 0x1ae0  WacomPen - ok
23:48:54.0917 0x1ae0  [ 451D40C28E7D1CF51A980B83FDEFF498, E6CEEB222A1C0D97E53DCFC2E22084FD4547A8CE3C16A54DD49622F524BF48CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
23:48:54.0945 0x1ae0  WalletService - ok
23:48:54.0963 0x1ae0  wanarp - ok
23:48:54.0967 0x1ae0  wanarpv6 - ok
23:48:54.0984 0x1ae0  [ E3B4C37F1F3D8078AA2AFBEE7F5468CF, E620DC9F5AAAE9652E3B742BBF4D671F04D623F657959C98F2230CEF26086CDE ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
23:48:55.0000 0x1ae0  WarpJITSvc - ok
23:48:55.0064 0x1ae0  [ A76A55BF0B22D1075434F1D723B9D1AC, 5522AD5CFCAC65D07CB80C810236590482FC4581451333AF37D99B54EBC176BE ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
23:48:55.0104 0x1ae0  WAS - ok
23:48:55.0182 0x1ae0  [ 1C1EB9C4DAF428B3BFDD58572768182C, 99F429EB8C2DEC185124B8811AF96D30E963E2F71CC7184AF8650805818B52E4 ] wbengine        C:\WINDOWS\system32\wbengine.exe
23:48:55.0249 0x1ae0  wbengine - ok
23:48:55.0280 0x1ae0  WbioSrvc - ok
23:48:55.0284 0x1ae0  wcifs - ok
23:48:55.0306 0x1ae0  Wcmsvc - ok
23:48:55.0310 0x1ae0  wcncsvc - ok
23:48:55.0314 0x1ae0  wcnfs - ok
23:48:55.0356 0x1ae0  [ 042ABE47A7BA6722AA5B61E267B28DFC, 07CE195F12B5234F4FA10A08E18CB51CDAF179CC1C32581872C28F57835CE1BE ] WdBoot          C:\WINDOWS\system32\drivers\wd\WdBoot.sys
23:48:55.0374 0x1ae0  WdBoot - ok
23:48:55.0443 0x1ae0  [ FCC960498E3CD899F0A429F7CF9E77AD, 91FB3B6AF1522754E6ECF5D0CD146B1D06F657D06E6D9D917F55A3789A92D8EB ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
23:48:55.0468 0x1ae0  Wdf01000 - ok
23:48:55.0493 0x1ae0  [ C8C75E56CDDBCDF597055343B641C910, A26556923165B84DC481B9924FF6AE57C7022E07AF1FC2E1FC1B14F12EF85CCF ] WdFilter        C:\WINDOWS\system32\drivers\wd\WdFilter.sys
23:48:55.0519 0x1ae0  WdFilter - ok
23:48:55.0570 0x1ae0  [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
23:48:55.0589 0x1ae0  WdiServiceHost - ok
23:48:55.0593 0x1ae0  [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
23:48:55.0612 0x1ae0  WdiSystemHost - ok
23:48:55.0623 0x1ae0  wdiwifi - ok
23:48:55.0642 0x1ae0  [ 318AE771614EE4919ED68830C13EA2AE, BFC40724B94623348EFF185BD415893E7F521F58D8F5139913D469D66D9C6CF3 ] WdNisDrv        C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
23:48:55.0651 0x1ae0  WdNisDrv - ok
23:48:55.0935 0x1ae0  [ F41413EEE16B618FB03EAB487A7DC0B7, E59FFC2EE80DB61564EAE0B35759BF6E750FD909104C12DD085112A7A5853319 ] WdNisSvc        C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe
23:48:56.0028 0x1ae0  WdNisSvc - ok
23:48:56.0085 0x1ae0  [ DF58AA71FBA55E15F572C93447696DEC, F20C93140A44C1E61B5544FC8B3A1145E9ED57B2F09881719F4B2853B4900891 ] wdnsfltr        C:\WINDOWS\system32\drivers\wdnsfltr.sys
23:48:56.0114 0x1ae0  wdnsfltr - ok
23:48:56.0127 0x1ae0  WebClient - ok
23:48:56.0176 0x1ae0  [ 7997BC2386A9976C0645A28FA8A6E7EA, ABE47A6132B7651EA2055F97E7BD9D596906086BCD726147449D4378C7E4F9B9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
23:48:56.0199 0x1ae0  Wecsvc - ok
23:48:56.0245 0x1ae0  [ CEA146E0D096A491B265CD2340C2E31D, 285BA0D58E6E93FEB0D8F33738C6A223D7269378B3E77A7760D7131E43DEBE7C ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
23:48:56.0262 0x1ae0  WEPHOSTSVC - ok
23:48:56.0311 0x1ae0  [ 40610BA98D5830FB14C3695B3BCA647A, 6E047D04DDD9DCB142572CEAB5E73585062205BABE510C5B0D63800B2A9D251A ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
23:48:56.0331 0x1ae0  wercplsupport - ok
23:48:56.0381 0x1ae0  [ AA2B3154D12ABE34640C866AC3472E33, 32EBA0B999FDA77E6828274FE49A7619B97471BF828B18BF55BDAE19FB10DC6A ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
23:48:56.0403 0x1ae0  WerSvc - ok
23:48:56.0455 0x1ae0  [ 86B816E9D24625287BDE9784953A5E86, BCA73B320100D7C1052751D7FA42990579B6BA5908E31B2212BFE75681B32D3F ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
23:48:56.0500 0x1ae0  WFDSConMgrSvc - ok
23:48:56.0517 0x1ae0  WFPLWFS - ok
23:48:56.0563 0x1ae0  [ F78A2731EC972312C4C998174A9BB325, 72CCA57EB6383F65683C276337F53AB38BC398CEA69E53D6E2867D5EE8B4B007 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
23:48:56.0581 0x1ae0  WiaRpc - ok
23:48:56.0633 0x1ae0  [ C8D3FC38426E990E2787771678B19C6D, FB6CA9A5BF3935793CD8B2F288FAC0C675B333D4F7393FA02244E3BCC2E25625 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
23:48:56.0642 0x1ae0  WIMMount - ok
23:48:56.0676 0x1ae0  [ DD005C7745BE7F0CDB8B17E9CA1FB796, 29C429BC839CE6B88365DADEEC01B7F0629AFF4FE7E555C18692CCE5858D74D8 ] WinDefend       C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe
23:48:56.0687 0x1ae0  WinDefend - ok
23:48:56.0714 0x1ae0  WindowsTrustedRT - ok
23:48:56.0755 0x1ae0  [ 813EE0F4D4B8D599DB1968682D080732, A3EF1BBB866F5A7C1B5303BBF6E805B35739602CA7F244C076A8BF90F1CB2952 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
23:48:56.0763 0x1ae0  WindowsTrustedRTProxy - ok
23:48:56.0800 0x1ae0  WinHttpAutoProxySvc - ok
23:48:56.0821 0x1ae0  [ E23475E9150E6A50B12DB176EA5CDD56, 25699796948D4679D0C1633C726C3CDF052F877AAA18CD7D069F95A88701CB73 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
23:48:56.0828 0x1ae0  WinMad - ok
23:48:56.0934 0x1ae0  [ 0FBD5D358094E254A1508832D4042FF7, 4EC4DB3B03BE1518BB38D4F3BF79A77D1BCA5A2DE9BA5F9C9312606E4E2A14E9 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:48:56.0955 0x1ae0  Winmgmt - ok
23:48:56.0959 0x1ae0  WinNat - ok
23:48:57.0071 0x1ae0  [ C2A88E382CD48E4772A5570D66BF1A90, F1BFB1873FB1E37DAADE923FC30265C72018CF2003B0A5E0E5896167D1680D01 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
23:48:57.0165 0x1ae0  WinRM - ok
23:48:57.0216 0x1ae0  [ E92F3539C4758F6A9F4B80CBAC75B3E6, 9CF9069B9A738E86181FB02904720B2A88353574F35BDC298A2EB697D22B7723 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
23:48:57.0233 0x1ae0  WINUSB - ok
23:48:57.0252 0x1ae0  [ 59126AFCC64270747B5CC9B44A4A48F4, C0C1E6B248E725FE02B58151838AAC8841FB70B673A2B6EFB49EEA96E7F1C1DA ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
23:48:57.0261 0x1ae0  WinVerbs - ok
23:48:57.0305 0x1ae0  [ 569FB3D619213F226CBB60F9CB8FE1BD, 1BFFC248FB43948EE4E5C19A45CF2DB89BEA14F67CA50BF58C5C4D2C7A2B8EFA ] WirelessButtonDriver64 C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
23:48:57.0312 0x1ae0  WirelessButtonDriver64 - ok
23:48:57.0366 0x1ae0  [ 0A3ADAA0EFAFA26CA8570E24A13CE484, 2B7FA1ADD904962F296111F555F4BB45A3BA77B6961DABC502B6DDC4E9324CEB ] wisvc           C:\WINDOWS\system32\flightsettings.dll
23:48:57.0402 0x1ae0  wisvc - ok
23:48:57.0431 0x1ae0  WlanSvc - ok
23:48:57.0462 0x1ae0  wlidsvc - ok
23:48:57.0526 0x1ae0  [ 56E1A46DD1C5D28B10F02E21D077EBF6, CC9AADBBBA03E162948EE39CCAAFD0A43253C86F5B875765748B73A084DC4B25 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
23:48:57.0575 0x1ae0  wlpasvc - ok
23:48:57.0587 0x1ae0  [ E8C793ED028E132771988760819E3754, 7BC02774EEDF4B884181854BEADF2DCAC615BA3ED7F1551C0863B79E009E3043 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
23:48:57.0599 0x1ae0  WmiAcpi - ok
23:48:57.0630 0x1ae0  wmiApSrv - ok
23:48:57.0670 0x1ae0  WMPNetworkSvc - ok
23:48:57.0721 0x1ae0  [ 8D6E6F6C233AF450C50FA615530B44D2, 1BF6CD93B97920500F5FD0E9D8395ACCAAA2D126FD9C256148797B292D5F9A6C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
23:48:57.0736 0x1ae0  Wof - ok
23:48:57.0837 0x1ae0  [ 1431D184691F7FA9AAC2064EB0EC6C96, 6185E5AB281327563DC4E87526B37792A9B4B86C65D5BADDBB1DBA6A50FC9134 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
23:48:57.0921 0x1ae0  workfolderssvc - ok
23:48:57.0969 0x1ae0  [ AE9793230B219113DE1163138645E5AE, 9CBC10269D847E4EFCF8B412D34B9551594396390BF5BFDEED03DBFB84D7174F ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
23:48:58.0006 0x1ae0  WPDBusEnum - ok
23:48:58.0022 0x1ae0  [ 9EAE1EF282864674355B4B81DF6AE935, 781CED5AE95D365BB59769517FA9462EFC6472ED4EB08C98EC66CE3E17C66D69 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:48:58.0031 0x1ae0  WpdUpFltr - ok
23:48:58.0082 0x1ae0  [ C75B59E441206A572CC64BBB60EE54B3, C43A3109EAB89B6A23E033C127F1B5586651A1A3A1C4D45ECFBF0ABE472FEBA1 ] WpnService      C:\WINDOWS\system32\WpnService.dll
23:48:58.0106 0x1ae0  WpnService - ok
23:48:58.0161 0x1ae0  [ 07F4AF1730D55567EACE7ADDEA28FE48, 256671C52C350E42662DC590AE36BAFD06E9507551C39575BCD894D8FD040129 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
23:48:58.0179 0x1ae0  WpnUserService - ok
23:48:58.0214 0x1ae0  [ 367B3ED0C688AFE28C376B0230814567, 1E7419254852A70AEAA30DF0F85C4E489591E5A0E90256C40676F712D45960CA ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:48:58.0241 0x1ae0  ws2ifsl - ok
23:48:58.0256 0x1ae0  wscsvc - ok
23:48:58.0311 0x1ae0  [ 7B44553610A89F2011CF69BEA9AFD4CB, A7DE907114570F8CC248F4996045D33C0FB0159B8E6F0A4127F1C205183DDF35 ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
23:48:58.0324 0x1ae0  WSDPrintDevice - ok
23:48:58.0359 0x1ae0  [ 8068DC839C3729FFC70821FBEF05D5ED, FAD4FDC8DD9CD119B93C8B8889796E9766952C032D70ACD8FA97D29A4BDFE29F ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
23:48:58.0371 0x1ae0  WSDScan - ok
23:48:58.0374 0x1ae0  WSearch - ok
23:48:58.0407 0x1ae0  wuauserv - ok
23:48:58.0460 0x1ae0  [ BD5E68B369DF3453A0A87663C6C5476D, 17B766ADB299D247EF9D4554F86015B38A89AE5C0310A36E1FCB0AC28462CE96 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
23:48:58.0487 0x1ae0  WudfPf - ok
23:48:58.0533 0x1ae0  [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
23:48:58.0554 0x1ae0  WUDFRd - ok
23:48:58.0561 0x1ae0  [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:48:58.0580 0x1ae0  WUDFWpdFs - ok
23:48:58.0587 0x1ae0  [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:48:58.0605 0x1ae0  WUDFWpdMtp - ok
23:48:58.0608 0x1ae0  WwanSvc - ok
23:48:58.0652 0x1ae0  [ 42C738ED1552FE168F6EE1BAE8ACFCAC, 01E9CD1FA7935DD442A2EBFC93E4BDDF204F995379FCAFFEADAF0BF6638AB925 ] xbgm            C:\WINDOWS\system32\xbgmsvc.exe
23:48:58.0666 0x1ae0  xbgm - ok
23:48:58.0731 0x1ae0  [ A03C4D4D71304087820A0EF18FCF7582, F92737321A5082A72F20491810A09D249F0676F0F12478A2C81ADF9B2F79BAB0 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
23:48:58.0778 0x1ae0  XblAuthManager - ok
23:48:58.0854 0x1ae0  [ 77ADC2F5DBE303EF8B8D2D08AEE3F3DB, 65128FB8561EF1BE4E3CAA3B0D873FEA3A218E3CF90527068C43F6E549ECB188 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
23:48:58.0905 0x1ae0  XblGameSave - ok
23:48:58.0956 0x1ae0  [ 2244A4CEFE8F9C74091369ACE2E9EBC6, 48F59F36EBA0434BED00B53321107C0BDFF20131683D5E6BC7A9F5DA0B8B6929 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
23:48:58.0977 0x1ae0  xboxgip - ok
23:48:58.0993 0x1ae0  [ 1A9550D746B8604D37A90436EF686777, 3DBF305C228D28A3C4FC48F65CC38BDBFEE6B7995CEE8319E680E073978CA58B ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
23:48:59.0012 0x1ae0  XboxGipSvc - ok
23:48:59.0111 0x1ae0  [ 4951DD543AA2710760D90A58261ED665, 37D08FA58147A6606E69DB39405898D82BC40420F8FFB0BD097694A53E60AD1D ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
23:48:59.0159 0x1ae0  XboxNetApiSvc - ok
23:48:59.0237 0x1ae0  [ 4A91B49C6B1E41151D47CB919ADF013A, 4DA1E3F50B2D63AFD2F7A014E3C0420C1E7DEDE96A48EEC33C53023D88F9AAFF ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
23:48:59.0252 0x1ae0  xinputhid - ok
23:48:59.0253 0x1ae0  ================ Scan global ===============================
23:48:59.0314 0x1ae0  [ EB45383BE9D7ECB36D55B262E0D8EB46, DC975066C426B5FBBFA3A4254D1D97DBF889B6BFD062D9FF1892F66C0CFF2DE3 ] C:\WINDOWS\system32\basesrv.dll
23:48:59.0373 0x1ae0  [ 9451BA31B1DC19CED2608D82863C6486, 888F8676086DD8338445C35A64106E01122881FD08858D3996470EBF0DF30648 ] C:\WINDOWS\system32\sxssrv.dll
23:48:59.0405 0x1ae0  [ Global ] - ok
23:48:59.0405 0x1ae0  ================ Scan MBR ==================================
23:48:59.0422 0x1ae0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:48:59.0495 0x1ae0  \Device\Harddisk0\DR0 - ok
23:48:59.0495 0x1ae0  ================ Scan VBR ==================================
23:48:59.0497 0x1ae0  [ 9ABA3A63E1A376E0788C34882AAC712D ] \Device\Harddisk0\DR0\Partition1
23:48:59.0498 0x1ae0  \Device\Harddisk0\DR0\Partition1 - ok
23:48:59.0529 0x1ae0  [ 6940213001A358836EE8E183F24D8A91 ] \Device\Harddisk0\DR0\Partition2
23:48:59.0530 0x1ae0  \Device\Harddisk0\DR0\Partition2 - ok
23:48:59.0536 0x1ae0  [ 98F777AAE55E10F958332A6FD3E5B584 ] \Device\Harddisk0\DR0\Partition3
23:48:59.0538 0x1ae0  \Device\Harddisk0\DR0\Partition3 - ok
23:48:59.0569 0x1ae0  [ A3244EF2528A75E1A397A9CC54ED3398 ] \Device\Harddisk0\DR0\Partition4
23:48:59.0570 0x1ae0  \Device\Harddisk0\DR0\Partition4 - ok
23:48:59.0579 0x1ae0  [ C861EC1515C9C814A5FD7E65B1F0D72B ] \Device\Harddisk0\DR0\Partition5
23:48:59.0581 0x1ae0  \Device\Harddisk0\DR0\Partition5 - ok
23:48:59.0581 0x1ae0  ================ Scan generic autorun ======================
23:48:59.0650 0x1ae0  SecurityHealth - ok
23:48:59.0920 0x1ae0  [ ADDD0817493A4A7556E89FEF9586CED3, C99E49451D2798420B72C9B9A0EE5FBFE9EA6BAB682C89DB65ED6D9C8F9934D7 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
23:49:00.0089 0x1ae0  RTHDVCPL - ok
23:49:00.0197 0x1ae0  [ 1ACD6F295A09260BE8E2D4DE99C79338, 6C62C69C243667D813ACDEDA7B192C0370E97472C48E2AD4D00A7DC329554063 ] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
23:49:00.0209 0x1ae0  BtServer - ok
23:49:00.0286 0x1ae0  [ D1BD2B7EDD5D5C0CB3DEABDE0F44E11D, 722F5FE8882C7388672FE4F1F2150E09DC169EA2244FC80D01A016C4FAC91C5A ] C:\Program Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe
23:49:00.0350 0x1ae0  DeliveryAndStatusCheck - ok
23:49:00.0418 0x1ae0  [ 8F3F547B85CE21C1F652F5EFBCFA123A, 44D73E059F53BFC65099A9471EFBD063E915D547F06BD1B74CA7CF29FDA71DFA ] C:\Program Files\iTunes\iTunesHelper.exe
23:49:00.0541 0x1ae0  iTunesHelper - ok
23:49:00.0638 0x1ae0  [ 90D6A3B9DD3F54A2ACEF8DF2AB001F0D, A7F411C6D0C1B00E9C462ABA13BB765FD2D3C3D49FE0663AABDC32A69835AC2F ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
23:49:00.0655 0x1ae0  HPMessageService - ok
23:49:00.0724 0x1ae0  [ 65C1180F28E870892469340E50CB720D, 7521220A960ADD30A0939B36DD5F09241A5E40D273DA817F1C0FC48A0F9AB7AD ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
23:49:00.0743 0x1ae0  StartCCC - ok
23:49:00.0839 0x1ae0  [ 995846BC134F8792AF4D3342522A7E33, 652A4B69FD55F97118F282E0615A6EF99BB59753D5B3012D169A6E166922CBCC ] C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
23:49:00.0856 0x1ae0  PowerDVD14Agent - ok
23:49:01.0028 0x1ae0  [ 790CB7899FCA1B592306CCAD91C851CF, 3C8AC8B3E4CA1B7C9C4A14A32E5D0292C01E4CE460B855495B2419FF30B552D2 ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
23:49:01.0098 0x1ae0  Dropbox - ok
23:49:01.0190 0x1ae0  [ 9872F2B6BD47098092E0C8E2E0B6A21F, 23DECCF3755B4220A13D925D0295D02C60D5DCE354E1659AACEE91DC5FBBE669 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
23:49:01.0206 0x1ae0  FUFAXRCV - ok
23:49:01.0223 0x1ae0  [ 0FDE360CDD65A72F50977AA9EADE5D61, D259954CD15AB0358A03EDA6CE64043544D2F76B7FB31A3963BE3CF509D60AE9 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
23:49:01.0243 0x1ae0  FUFAXSTM - ok
23:49:01.0298 0x1ae0  [ FB7672A1A96E28EBC14175468811FFE7, 3BCB31072430C3EAE6FAE61317675C59C24FF77A24627F8EA58AF0D0076D2981 ] C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
23:49:01.0306 0x1ae0  Nike+ Connect - detected UnsignedFile.Multi.Generic ( 1 )
23:49:01.0365 0x1ae0  Detect skipped due to KSN trusted
23:49:01.0365 0x1ae0  Nike+ Connect - ok
23:49:01.0916 0x1ae0  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:49:02.0336 0x1ae0  OneDriveSetup - ok
23:49:02.0683 0x1ae0  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:49:03.0044 0x1ae0  OneDriveSetup - ok
23:49:03.0181 0x1ae0  [ 2A4CE718F1B14E2F027F3357E241DA9F, 2CEC02B89DF36F436350582FAA8B04F025AAA02CE23A1B46B8D515E8C2A4F40B ] C:\Program Files (x86)\Steam\steam.exe
23:49:03.0242 0x1ae0  Steam - ok
23:49:03.0469 0x1ae0  [ 054C5313C15AEBFD031FC4723C08CE14, AE3B67A1863704E0D97321266C3664A4A2AF4C05BB56A4843630F3B6F3DA9305 ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE
23:49:03.0481 0x1ae0  EPLTarget\P0000000000000002 - ok
23:49:03.0493 0x1ae0  [ 054C5313C15AEBFD031FC4723C08CE14, AE3B67A1863704E0D97321266C3664A4A2AF4C05BB56A4843630F3B6F3DA9305 ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE
23:49:03.0502 0x1ae0  EPLTarget\P0000000000000000 - ok
23:49:03.0595 0x1ae0  [ 29C74BFDB61FBFBEEA6EAB7AFE81EDDA, D93A144F94731F0F9E5F034BCB8FAC4002C028068522870A0E3E43C07C4C2173 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
23:49:03.0631 0x1ae0  GoogleChromeAutoLaunch_27CFA978203970C57DF746A969580ED2 - ok
23:49:03.0633 0x1ae0  Waiting for KSN requests completion. In queue: 77
23:49:04.0655 0x1ae0  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x61100 ( enabled : updated )
23:49:04.0668 0x1ae0  Win FW state via NFP2: enabled ( trusted )
23:49:04.0748 0x1ae0  ============================================================
23:49:04.0748 0x1ae0  Scan finished
23:49:04.0748 0x1ae0  ============================================================
23:49:04.0758 0x265c  Detected object count: 0
23:49:04.0758 0x265c  Actual detected object count: 0
         

Alt 10.06.2018, 09:52   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.06.2018, 13:16   #10
Hakan-TR
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2018.06.10.02
  rootkit: v2018.06.10.02

Windows 10 x64 NTFS
Internet Explorer 11.431.16299.0
durma :: LAPTOP-9AQNOV5G [administrator]

10.06.2018 12:24:21
mbar-log-2018-06-10 (12-24-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 253218
Time elapsed: 40 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 10.06.2018, 20:28   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!




adwCleaner v7.x

Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Einstellungen, scrolle nach unten und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Tracing Schlüssel löschen
    • Prefetch-Dateien löschen
    • Proxy wiederherstellen
    • IE-Policies wiederherstellen
    • Chrome-Policies wiederherstellen
    • Winsock wiederherstellen
  • Klicke nun auf Dashboard, dann auf Jetzt scannen und warte bis der Suchlauf abgeschlossen ist.
  • Klicke nun auf Bereinigen & Reparieren und bestätige mit Jetzt bereinigen.
  • WICHTIG:
    Sollte AdwCleaner nichts finden, klicke auf Grundlegende Reparatur ausführen und anschließend auf Jetzt bereinigen.
  • Nach dem Neustart öffnet sich AdwCleaner automatisch. Klicke auf Log-Datei ansehen.
  • Poste mir deren Inhalt der Log-Datei mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt. (xx = fortlaufende Nummer).
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.06.2018, 12:07   #12
Hakan-TR
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build:    06-05-2018
# Database: 2018-06-07.1
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-11-2018
# Duration: 00:00:06
# OS:       Windows 10 Home
# Cleaned:  6
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted       C:\Users\durma\AppData\Local\Temp\OpenOffice-Update_de.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\YCMServiceAgent

***** [ Registry ] *****

Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YCMServiceAgent
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKLM\Software\Websuche

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.
a
***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1723 octets] - [11/06/2018 11:59:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
         

Alt 11.06.2018, 12:19   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



adwcleaner bitte zwecks Kontrolle wiederholen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.06.2018, 20:12   #14
Hakan-TR
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build:    06-05-2018
# Database: 2018-06-07.1
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-11-2018
# Duration: 00:00:03
# OS:       Windows 10 Home
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1723 octets] - [11/06/2018 11:59:23]
AdwCleaner[C00].txt - [1886 octets] - [11/06/2018 12:00:03]
AdwCleaner[S01].txt - [1364 octets] - [11/06/2018 19:17:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
         

Alt 11.06.2018, 20:38   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Google Chrome: www1.online/?w=RD2332 - Standard

Google Chrome: www1.online/?w=RD2332



Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Google Chrome: www1.online/?w=RD2332
1online, about, aktivität, bereits, bla, blank, chrome, daten, eingefangen, entferne, freue, gefangen, geschlossen, google, leitet, nicht mehr, passwörter, problem, seite, startseite, tagen, thread, trojaner, virus, würde, öffnet, öffnet nicht



Ähnliche Themen: Google Chrome: www1.online/?w=RD2332


  1. www1.online/?w=RD2332
    Plagegeister aller Art und deren Bekämpfung - 06.06.2018 (3)
  2. Bei Start von Firefox http://www1.online/?w=RD2121
    Plagegeister aller Art und deren Bekämpfung - 05.12.2017 (23)
  3. Win10/Google Chrome hat neue Startseite http://www1.online/?w=RD2121
    Log-Analyse und Auswertung - 04.12.2017 (14)
  4. ein weiteres OpenOffice Update Opfer (www1.online/?w=RD2121)
    Log-Analyse und Auswertung - 28.11.2017 (17)
  5. Windows 10, falsches OpenOffice Update,Internetbrowsers geht auf www1.online/?w=RD2121
    Plagegeister aller Art und deren Bekämpfung - 25.11.2017 (12)
  6. Win10/Chrome: www1.online/?w=RD2121
    Log-Analyse und Auswertung - 24.11.2017 (12)
  7. Win 10 - Bei Chrome auf Webseite (www1.online/?w=RD2121) weitergeleitet
    Log-Analyse und Auswertung - 24.11.2017 (27)
  8. Win10/Chrome Umleitung auf www1.online/?w=RD2121
    Plagegeister aller Art und deren Bekämpfung - 20.11.2017 (11)
  9. www1.online/?w=RD2121
    Plagegeister aller Art und deren Bekämpfung - 14.11.2017 (12)
  10. http://www1.online/?w=RD9898
    Plagegeister aller Art und deren Bekämpfung - 06.07.2017 (13)
  11. http://www1.online/?w=RD9898 -> about blank
    Log-Analyse und Auswertung - 12.05.2017 (4)
  12. Windows 10 Pro: Google Chrome -> http://www1.online/?w=RD9898 -> about blank
    Log-Analyse und Auswertung - 07.05.2017 (16)
  13. Win10/Chrome: Umleitung auf http://www1.online/?w=RD1213
    Plagegeister aller Art und deren Bekämpfung - 03.08.2016 (10)
  14. about:blank beim start von google chrome...langsames surfen manchmal wird mir www1.online usw. angezeigt möglicherweise ein trojaner?
    Plagegeister aller Art und deren Bekämpfung - 13.07.2016 (16)
  15. Verdächtige Startseite www1.online/?w=RD1213
    Plagegeister aller Art und deren Bekämpfung - 13.06.2016 (1)
  16. Google Chrome - öffnet eine andere Seite beim Starten von Google Chrome (Win7)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (29)

Zum Thema Google Chrome: www1.online/?w=RD2332 - Hallo, ich habe seit ca. 2 Tagen das gleiche Problem wie ein Vorposter, dessen Thread wegen Inaktivität jedoch geschlossen wurde. Google Chrome öffnet nicht mehr Google als Startseite, sondern leitet - Google Chrome: www1.online/?w=RD2332...
Archiv
Du betrachtest: Google Chrome: www1.online/?w=RD2332 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.