| |
| |||||||
Log-Analyse und Auswertung: Systemhänger, Probleme beim Hoch- & RunterfahrenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
09.10.2018, 22:14
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Systemhänger, Probleme beim Hoch- & Runterfahren Photoshop CS2 ist jetzt fast 14 Jahre alt! Du musst dich echt mal von diesem alten Kack trennen!  Auch das bei dir installierte Open und LibreOffice sind uralt. Was soll der Unisinn Open und Libreoffice gleichzeititig drauf zu haben? Totaler Quatsch. Wenn wir hier fertig sind, installierst du nur noch ein aktuelles LibreOffice.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
09.10.2018, 22:49
| #17 |
 | Systemhänger, Probleme beim Hoch- & Runterfahren Erledigt.
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 06.10.2018
durchgeführt von MJ (09-10-2018 23:45:52)
Gestartet von C:\Users\MJ\Downloads neu
Windows 10 Home Version 1803 17134.285 (X64) (2018-07-24 09:20:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4265166804-2826880171-2750840647-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4265166804-2826880171-2750840647-503 - Limited - Disabled)
Gast (S-1-5-21-4265166804-2826880171-2750840647-501 - Limited - Disabled)
MJ (S-1-5-21-4265166804-2826880171-2750840647-1001 - Administrator - Enabled) => C:\Users\MJ
WDAGUtilityAccount (S-1-5-21-4265166804-2826880171-2750840647-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Amazon Kindle (HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
BenVista PhotoZoom Classic 4.1.4 (HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\PhotoZoom Classic 4) (Version: 4.1.4 - BenVista Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP7200 series Benutzerregistrierung (HKLM-x32\...\Canon iP7200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Cut Out 3.0 (HKLM-x32\...\Cut Out_is1) (Version: - Franzis.de)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 11 (HKLM\...\{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.4426 - Ihr Firmenname) Hidden
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3617 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3617 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.3.4 - CEWE Stiftung u Co. KGaA)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd)
ELAN Touchpad 15.19.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.19.7.1 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.0.4.20160106 - Landesfinanzdirektion Thüringen)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3871 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
MacroKey Manager (HKLM\...\{66A4349A-AA55-43E5-A781-62867A701A90}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
MacroKey Manager (HKLM-x32\...\InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}) (Version: - )
MAGIX Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.5.1.83 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (HKLM\...\{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (HKLM\...\{36DD63B6-B6C0-4B56-AA23-22A652A77EC1}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{36DD63B6-B6C0-4B56-AA23-22A652A77EC1}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{05EC0475-A301-4906-BDC0-F6AF1EBF9770}) (Version: 15.0.0.114 - MAGIX Software GmbH) Hidden
Medion GoPal Assistant 4.03.006 (HKLM-x32\...\Medion GoPal Assistant) (Version: 4.3.6.0 - Medion)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 62.0.3 (x64 de) (HKLM\...\Mozilla Firefox 62.0.3 (x64 de)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Opera Stable 55.0.2994.61 (HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0105 - Pegatron Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7378 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Rossmann Fotowelt Software 4.12.1 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Steuer 2013 (HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
Steuer 2016 (HKLM-x32\...\{284354A5-0D3A-4065-A997-C21762D0160E}) (Version: 24.00.1375 - Buhl Data Service GmbH)
Steuer 2017 (HKLM-x32\...\{595F1685-D937-4E8D-ACED-DB6F09C945C0}) (Version: 25.00.1359 - Buhl Data Service GmbH)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{A0DF7B74-C56E-4CA1-96B6-489B54213446}) (Version: 17.05.0 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.36.103 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2017 (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.31.75 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung Selbstständige 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.37.167 - Akademische Arbeitsgemeinschaft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{479E8CC7-CD68-4EB4-BB04-34A5C2C74102}) (Version: 2.46.0.0 - Microsoft Corporation)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4265166804-2826880171-2750840647-1001_Classes\CLSID\{A72BEBED-27F3-D0F3-6B71-48EA90F8D1ED}\InprocServer32 -> kein Dateipfad
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-01-05] (Cyberlink)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-08-14] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-01-05] (Cyberlink)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-08-14] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-08-14] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-04] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-04-04] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {088656C4-897E-4FBA-913A-1F0FFC76A586} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1E3E2CA9-8A8D-4333-BE21-678A5A553F8F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {20C5E84F-9617-4306-ADEE-226775463F4C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2C4317D9-78B2-477B-8C9A-E7815D6BEA24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-09] (Microsoft Corporation)
Task: {2EF534E7-FE64-4F8A-AE93-1F951E619F71} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35C98DC1-797B-4DBA-9A65-714014F7B047} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2014-10-03] (CyberLink Corp.)
Task: {3BC37E08-1684-425F-86AD-4770C4446BA1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3C2C4FDE-1A06-4514-BBA9-BA92AB048AC8} - System32\Tasks\Opera scheduled Autoupdate 1522956843 => C:\Users\MJ\AppData\Local\Programs\Opera\launcher.exe [2018-09-13] (Opera Software)
Task: {3F51C5CC-77DC-4D08-AFEE-64862BF1D297} - System32\Tasks\Power Suite (Tray) => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
Task: {42A98323-72D9-4723-8785-C9E6C4E5E5E5} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-09-17] (CyberLink Corp.)
Task: {510B94D2-DCC2-4607-B971-D64D83667E11} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
Task: {5AAA6E7D-28E8-4301-9CC1-AA3EFE624ED1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {5D2CD4DE-E2D8-4F5D-BAA6-63F604DC53A0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6539F12F-D034-4EF8-AA13-A8FD4260820F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-09] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {69AF9A2D-D9C1-48AE-90BC-9498C633AA09} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-09] (Microsoft Corporation)
Task: {897535F3-AC93-485B-B0AF-AAAA28636161} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe
Task: {8CDE57EA-7958-4F43-A814-067D57C821F0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9F5FD6D2-DD64-430A-8B9F-4449B7B8C740} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A8CD0484-D4E3-417A-89FB-75B424814E08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-09] (Microsoft Corporation)
Task: {A9A3F3DB-1022-49D5-A674-1A11EE41B9C1} - System32\Tasks\Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: {B0E64671-CDCC-4E5D-A3A3-4817B4ABF329} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {BE11D935-7807-4508-95C4-E7C0C47DB9D9} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {C5817339-B091-4623-83AF-D054F0D73FB2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C7CBF4C3-2D6D-4188-9EC4-A485E18E507A} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {D1290BAD-1385-434F-B16D-BC26D05B721B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-09-11] (Microsoft Corporation)
Task: {E0BDE794-9FFB-4559-A318-0E8207F86EE3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {E8C4B280-FBCE-4E3A-9EA2-9A3F6ADE53D0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F08E34E9-D34C-47F2-8219-4AD31B153394} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
Task: {F372F652-F6A1-46D8-8E29-5DD5F4FAEFD6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FE6E7496-31F0-4738-8711-0452E308EBD8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Power Suite (Tray).job => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
Task: C:\WINDOWS\Tasks\Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi.com
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2014-12-09 15:12 - 2014-03-04 18:58 - 000136192 _____ () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
2008-10-24 16:35 - 2008-10-24 16:35 - 000128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2016-01-22 11:35 - 2016-01-07 07:13 - 000162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2010-01-27 10:27 - 2010-01-27 10:27 - 000665320 _____ () C:\Windows\System32\atwtusb.exe
2014-12-09 15:12 - 2014-07-11 19:15 - 002222592 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2014-12-09 15:12 - 2010-01-12 19:36 - 000117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2014-12-09 15:12 - 2010-01-12 19:36 - 000121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2014-12-09 15:12 - 2010-12-17 16:04 - 000449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2014-12-09 15:12 - 2014-04-03 20:41 - 003471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2014-12-09 15:12 - 2014-02-21 19:19 - 008857088 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2014-12-09 15:12 - 2014-07-08 16:39 - 003006464 _____ () C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe
2017-04-04 17:36 - 2017-04-04 17:36 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-09-14 06:35 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-13 15:35 - 2018-09-13 15:36 - 035124736 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-09-13 15:35 - 2018-09-13 15:36 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-09-13 15:35 - 2018-09-13 15:35 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-02-17 06:20 - 2018-02-17 06:21 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-13 15:35 - 2018-09-13 15:35 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-09-26 01:05 - 2018-09-26 01:06 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-26 01:05 - 2018-09-26 01:06 - 069128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-02-27 12:08 - 2018-02-27 12:58 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-09-26 01:05 - 2018-09-26 01:07 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-05 21:39 - 2018-05-05 21:45 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-08-30 18:59 - 2018-08-30 19:00 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-08-30 18:59 - 2018-08-30 19:02 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-21 22:00 - 2018-08-21 22:05 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-21 22:00 - 2018-08-21 22:05 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-03-30 10:38 - 2018-03-30 10:52 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-09-26 01:05 - 2018-09-26 01:07 - 014171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-08-30 18:59 - 2018-08-30 19:00 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-09-26 01:05 - 2018-09-26 01:05 - 002866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 18:59 - 2018-08-30 19:02 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 21:59 - 2018-07-26 22:01 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 19:04 - 2018-10-06 19:04 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 06:31 - 2018-07-31 06:31 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 19:04 - 2018-10-06 19:04 - 001689088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2014-12-09 15:12 - 2009-12-18 17:36 - 000973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2014-12-09 15:12 - 2013-09-18 01:23 - 000108032 _____ () C:\Program Files (x86)\PHotkey\PGFNEX.dll
2014-06-24 18:08 - 2014-06-24 18:08 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 15:46 - 2018-10-04 07:31 - 000000853 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "MacroKeyManager"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "PowerDVD12Agent"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter"
HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\StartupApproved\Run: => "Power2GoExpress8"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{9BB35B09-60A7-4390-8B12-87B1FE382509}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [TCP Query User{F8820B53-C0DC-4C73-86FB-3F09A67F9145}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{26A334D1-2194-442D-874A-CC4B0BF0CA09}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{40E89B25-801A-4502-ADAD-34FF6B0F6DEA}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{7FEB3B27-9C5C-4558-A643-70785574AB3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{012D2451-B534-4F02-B8F3-78A6C1FC61E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{25B248B7-9B95-4A16-98ED-0B09061C8C30}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6EE01518-FF92-4608-BE49-8905840A6B58}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B1A591A-FB18-4DC1-BA37-9B3C4C7BF101}] => (Allow) LPort=1900
FirewallRules: [{629A7F21-F3CC-454C-B3E7-E4485C1CA15D}] => (Allow) LPort=2869
FirewallRules: [{BF5ADA2D-FE42-4196-95C2-F35798BBEE51}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{569AE2A1-D035-4A57-8652-E74E7F408A71}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3153B440-1248-49D1-92C5-B47D986ECBAA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A958B13B-5349-49FD-B2CE-B138E64AF4B1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F22E0AAE-7B12-4179-B936-5971CF332FCF}] => (Allow) E:\DWizard300.exe
FirewallRules: [{4397DEDE-A916-45CF-B063-6347105779AB}] => (Allow) E:\DWizard300.exe
FirewallRules: [{710C3D2E-A688-406E-B538-0780FB280A64}] => (Allow) E:\libNEAP.dll
FirewallRules: [{E597E964-23B5-4CD7-ADF4-9A1CD9FA2ACB}] => (Allow) E:\libNEAP.dll
FirewallRules: [{911E6363-B108-44A8-9E0B-A43AF3218BED}] => (Allow) C:\Program Files\CyberLink\PowerDirector11\PDR10.EXE
FirewallRules: [TCP Query User{2D7B56EB-94E0-4C67-99DB-78352D4CEE3D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4C23B16B-C965-4AE1-906E-3177A82AF314}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8DE4979D-58A3-452D-85AA-B02CA0B158DA}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [{3A88E98B-BB34-4577-9CB8-05568B47223B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{1F582F2B-B1CF-4D38-ADBB-A772F558CA1E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{A785A5D4-B777-4F54-B771-76A86020B381}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{D084ED11-4AA4-43C2-96E4-DA2039540F38}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{C3C022F6-2A5A-47DB-BD76-CE82053F66C3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{9807A3AF-030C-4479-8472-92B24F20569B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{87D9DB68-6032-4F56-8E2F-56FB2787389F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Wiederherstellungspunkte =========================
21-09-2018 00:10:22 Geplanter Prüfpunkt
30-09-2018 04:55:50 Geplanter Prüfpunkt
08-10-2018 08:00:23 Geplanter Prüfpunkt
09-10-2018 17:15:44 Removed Adobe Shockwave Player 12.2.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/09/2018 11:40:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:38:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:36:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:34:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:29:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:18:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:13:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:09:49 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Systemfehler:
=============
Error: (10/09/2018 11:29:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee SiteAdvisor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/09/2018 06:28:13 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HANS-WERNER1-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7B58E266-A246-4550-B878-2D1AF9BD4FA7}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (10/09/2018 06:21:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
Windows.SecurityCenter.WscBrokerManager
und der APPID
Nicht verfügbar
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (10/09/2018 05:27:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "McAfee Security Scan Component Host Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/09/2018 04:17:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (10/09/2018 04:16:12 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HANS-WERNER1-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7B58E266-A246-4550-B878-2D1AF9BD4FA7}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (10/08/2018 08:07:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
Windows.SecurityCenter.WscBrokerManager
und der APPID
Nicht verfügbar
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (10/08/2018 07:56:26 PM) (Source: DCOM) (EventID: 10001) (User: MJ-Mobil)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXynb3eakad12451rv00qxextfnce9sxb8.mca als Nicht verfügbar/Nicht verfügbar. Fehler:
"0"
Aufgetreten beim Start dieses Befehls:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
Windows Defender:
===================================
Date: 2018-10-09 18:36:41.709
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A6488C5B-9312-4A93-AA01-B0F559236492}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
CodeIntegrity:
===================================
Date: 2018-08-08 10:46:06.552
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.16299.492_none_565e23a3c6a4b914\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:46:06.527
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.16299.492_none_565e23a3c6a4b914\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:46:06.487
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.16299.492_none_565e23a3c6a4b914\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:46:06.271
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.16299.492_none_565e23a3c6a4b914\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:43:42.036
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.16299.125_none_e4bdfa665037ae02\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:43:42.029
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.16299.125_none_e4bdfa665037ae02\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:43:42.017
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.16299.125_none_e4bdfa665037ae02\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:43:41.945
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.16299.125_none_e4bdfa665037ae02\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 4014.89 MB
Verfügbarer physikalischer RAM: 1410.75 MB
Summe virtueller Speicher: 9902.89 MB
Verfügbarer virtueller Speicher: 6891.61 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:868.99 GB) (Free:640.32 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:9.74 GB) NTFS
\\?\Volume{e91d32f7-956c-4ae9-b28d-7e649bb74aa2}\ () (Fixed) (Total:0.49 GB) (Free:0.23 GB) NTFS
\\?\Volume{ba0b41e7-8147-4b1b-bc57-37554203120c}\ () (Fixed) (Total:0.82 GB) (Free:0.35 GB) NTFS
\\?\Volume{97ef7f84-a398-4e66-990e-a5b1aa32931a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06.10.2018
durchgeführt von MJ (Administrator) auf MJ-MOBIL (09-10-2018 23:43:32)
Gestartet von C:\Users\MJ\Downloads neu
Geladene Profile: MJ (Verfügbare Profile: MJ)
Platform: Windows 10 Home Version 1803 17134.285 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Windows\System32\atwtusb.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Windows\System32\atwtusb.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2014-10-23] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [MacroKeyManager] => C:\WINDOWS\system32\WTMKM.exe [6105832 2010-01-15] ()
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3352808 2015-11-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110344 2014-09-17] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492808 2014-09-17] (CyberLink Corp.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2018-10-09]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (Keine Datei)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7b58e266-a246-4550-b878-2d1af9bd4fa7}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{92ff9eac-f618-49f7-9bb3-5d508e75d390}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4265166804-2826880171-2750840647-1001 -> {D37DE6C1-3465-4FAC-B689-230C33449C51} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C014DE1140D20150430&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-22] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-22] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: qa910faa.default
FF ProfilePath: C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default [2018-10-09]
FF NetworkProxy: Mozilla\Firefox\Profiles\qa910faa.default -> type", 0
FF NewTabOverride: Mozilla\Firefox\Profiles\qa910faa.default -> Disabled: safesearchplus2@avira.com
FF Extension: (Avira Browserschutz) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\abs@avira.com.xpi [2018-09-10]
FF Extension: (ProxTube) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\ich@maltegoetz.de.xpi [2018-09-13]
FF Extension: (Facebook Secret Emoticons) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\jid0-XZn6pYCdV3ANrfYigxlyyGDrxAM@jetpack.xpi [2016-10-18] [Legacy]
FF Extension: (Mailvelope) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\jid1-AQqSMBYb0a8ADg@jetpack.xpi [2018-05-16]
FF Extension: (Privacy Badger) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2018-10-05]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi [2017-07-16]
FF Extension: (Avira SafeSearch Plus) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\safesearchplus2@avira.com.xpi [2018-09-13]
FF Extension: (NoScript) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-10-07]
FF Extension: (Video DownloadHelper) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-02]
FF Extension: (Adblock Plus) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-31]
FF Extension: (Telemetry coverage) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\features\{cb141178-20ad-48d5-b202-84bca7d9c818}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-09] [Legacy]
FF SearchPlugin: C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\searchplugins\McSiteAdvisor.xml [2016-03-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [Keine Datei]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [Keine Datei]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin HKU\S-1-5-21-4265166804-2826880171-2750840647-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 0005141539120570mcinstcleanup; C:\Users\MJ\AppData\Local\Temp\000514~1.EXE [1031928 2018-09-29] (McAfee, Inc.) <==== ACHTUNG
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-07] (Microsoft Corporation)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2018-08-14] (CHENGDU YIWO Tech Development Co., Ltd)
S3 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-11-06] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183480 2017-08-10] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-04-04] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-06-24] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [136192 2014-03-04] () [Datei ist nicht signiert]
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-10-09] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-10-09] (Microsoft Corporation)
R2 WTService; C:\Windows\System32\atwtusb.exe [665320 2010-01-27] () [Datei ist nicht signiert]
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [30808 2015-11-06] (ELAN Microelectronic Corp.)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53360 2018-05-15] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [232976 2017-08-10] (Intel Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
R4 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
S3 MHIKEY10; C:\WINDOWS\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 moufiltr; C:\WINDOWS\System32\drivers\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2018-04-12] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2018-05-17] (The OpenVPN Project)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 vhidmini; C:\WINDOWS\System32\drivers\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-10-09] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [352424 2018-10-09] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-10-09] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-10-09 16:53 - 2018-10-09 16:53 - 000001083 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-10-09 16:53 - 2018-10-09 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-10-09 16:53 - 2018-10-09 16:53 - 000000000 ____D C:\Program Files\VS Revo Group
2018-10-08 23:00 - 2018-10-09 23:43 - 000000000 ____D C:\FRST
2018-10-02 16:09 - 2018-10-02 16:10 - 000000000 ____D C:\Users\MJ\Desktop\Klaus NTFS Data
2018-10-02 10:23 - 2018-10-02 10:23 - 000001078 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard.lnk
2018-10-02 10:23 - 2018-10-02 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2018-09-21 11:39 - 2018-09-21 11:40 - 008771896 _____ C:\Users\MJ\Downloads\1707400 Kunduz Bundestag aufklärung bericht.pdf
2018-09-21 11:33 - 2018-09-21 11:33 - 000296494 _____ C:\Users\MJ\Downloads\Dokument 052 Kunduz.pdf
2018-09-14 06:36 - 2018-08-31 09:46 - 000542504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-14 06:36 - 2018-08-31 09:45 - 000348328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-14 06:36 - 2018-08-31 09:43 - 001524152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-14 06:36 - 2018-08-31 09:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-14 06:36 - 2018-08-31 09:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-14 06:36 - 2018-08-31 09:23 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-14 06:36 - 2018-08-31 09:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-14 06:36 - 2018-08-31 09:22 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-14 06:36 - 2018-08-31 08:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-09-14 06:36 - 2018-08-31 08:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-09-14 06:36 - 2018-08-31 05:50 - 000273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-09-14 06:36 - 2018-08-31 05:50 - 000270648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-09-14 06:36 - 2018-08-31 05:44 - 001222440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-09-14 06:36 - 2018-08-31 05:44 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-09-14 06:36 - 2018-08-31 05:44 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-09-14 06:36 - 2018-08-31 05:44 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-09-14 06:36 - 2018-08-31 05:44 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-09-14 06:36 - 2018-08-31 05:44 - 000076256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-09-14 06:36 - 2018-08-31 05:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 009090016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-14 06:36 - 2018-08-31 05:42 - 007520064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 007436192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 002824672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-14 06:36 - 2018-08-31 05:42 - 002461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 001767064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 001458552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-14 06:36 - 2018-08-31 05:42 - 001258352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-14 06:36 - 2018-08-31 05:42 - 001142000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-14 06:36 - 2018-08-31 05:42 - 000983080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-14 06:36 - 2018-08-31 05:42 - 000885928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 000604640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-09-14 06:36 - 2018-08-31 05:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-14 06:36 - 2018-08-31 05:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-09-14 06:36 - 2018-08-31 05:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-09-14 06:36 - 2018-08-31 05:28 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-09-14 06:36 - 2018-08-31 05:18 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-14 06:36 - 2018-08-31 05:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-14 06:36 - 2018-08-31 05:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-14 06:36 - 2018-08-31 05:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-14 06:36 - 2018-08-31 05:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-14 06:36 - 2018-08-31 05:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-14 06:36 - 2018-08-31 05:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-14 06:36 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-14 06:36 - 2018-08-31 05:11 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-14 06:36 - 2018-08-31 05:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-14 06:36 - 2018-08-31 05:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-14 06:36 - 2018-08-31 05:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-14 06:36 - 2018-08-31 05:11 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-14 06:36 - 2018-08-31 05:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-14 06:36 - 2018-08-31 05:10 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-14 06:36 - 2018-08-31 05:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-14 06:36 - 2018-08-31 05:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-14 06:36 - 2018-08-31 03:57 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2018-09-14 06:36 - 2018-08-09 11:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-14 06:36 - 2018-08-09 11:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-14 06:36 - 2018-08-09 11:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-14 06:36 - 2018-08-09 11:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-14 06:36 - 2018-08-09 11:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-14 06:36 - 2018-08-09 11:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-14 06:36 - 2018-08-09 11:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-14 06:36 - 2018-08-09 11:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-14 06:36 - 2018-08-09 11:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-14 06:36 - 2018-08-09 11:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-14 06:36 - 2018-08-09 11:12 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-14 06:36 - 2018-08-09 11:11 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-14 06:36 - 2018-08-09 11:11 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-14 06:36 - 2018-08-09 11:11 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-14 06:36 - 2018-08-09 11:11 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-14 06:36 - 2018-08-09 11:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-14 06:36 - 2018-08-09 11:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-14 06:36 - 2018-08-09 11:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-14 06:36 - 2018-08-09 10:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-09-14 06:36 - 2018-08-09 07:02 - 001035144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-14 06:36 - 2018-08-09 07:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-14 06:36 - 2018-08-09 06:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-14 06:36 - 2018-08-09 06:54 - 001019016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-14 06:36 - 2018-08-09 06:54 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-14 06:36 - 2018-08-09 06:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-14 06:36 - 2018-08-09 06:54 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-14 06:36 - 2018-08-09 06:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-14 06:36 - 2018-08-09 06:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-14 06:36 - 2018-08-09 06:53 - 000932136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-14 06:36 - 2018-08-09 06:53 - 000482480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-09-14 06:36 - 2018-08-09 06:53 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-09-14 06:36 - 2018-08-09 06:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-14 06:36 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-14 06:36 - 2018-08-09 06:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-09-14 06:36 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-14 06:36 - 2018-08-09 06:28 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-14 06:36 - 2018-08-09 06:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-14 06:36 - 2018-08-09 06:27 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-14 06:36 - 2018-08-09 06:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-14 06:36 - 2018-08-09 06:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-14 06:36 - 2018-08-09 06:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-14 06:36 - 2018-08-09 06:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-14 06:36 - 2018-08-09 06:26 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-14 06:36 - 2018-08-09 06:26 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-14 06:36 - 2018-08-09 06:24 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-14 06:36 - 2018-08-09 06:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-14 06:36 - 2018-08-09 06:23 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-14 06:36 - 2018-08-09 06:23 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-14 06:36 - 2018-08-09 06:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-14 06:36 - 2018-08-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-14 06:36 - 2018-08-09 06:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-14 06:36 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-14 06:36 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-14 06:36 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-14 06:36 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-14 06:36 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-14 06:36 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-14 06:36 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-14 06:36 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-14 06:35 - 2018-08-31 09:42 - 001636232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-14 06:35 - 2018-08-31 09:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-14 06:35 - 2018-08-31 09:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-14 06:35 - 2018-08-31 09:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-14 06:35 - 2018-08-31 09:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-14 06:35 - 2018-08-31 09:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-14 06:35 - 2018-08-31 09:24 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-14 06:35 - 2018-08-31 09:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-14 06:35 - 2018-08-31 08:55 - 001455960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-09-14 06:35 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-14 06:35 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-14 06:35 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-14 06:35 - 2018-08-31 08:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-14 06:35 - 2018-08-31 08:37 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-09-14 06:35 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-14 06:35 - 2018-08-31 05:43 - 002719216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-14 06:35 - 2018-08-31 05:42 - 001097720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-09-14 06:35 - 2018-08-31 05:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-14 06:35 - 2018-08-31 05:42 - 000494472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-09-14 06:35 - 2018-08-31 05:28 - 006570040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-09-14 06:35 - 2018-08-31 05:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-09-14 06:35 - 2018-08-31 05:28 - 001129728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-09-14 06:35 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-14 06:35 - 2018-08-31 05:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-14 06:35 - 2018-08-31 05:26 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-14 06:35 - 2018-08-31 05:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-09-14 06:35 - 2018-08-31 05:20 - 022715904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-14 06:35 - 2018-08-31 05:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-09-14 06:35 - 2018-08-31 05:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-09-14 06:35 - 2018-08-31 05:16 - 004382720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-14 06:35 - 2018-08-31 05:15 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-14 06:35 - 2018-08-31 05:15 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-14 06:35 - 2018-08-31 05:15 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-14 06:35 - 2018-08-31 05:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-14 06:35 - 2018-08-31 05:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-14 06:35 - 2018-08-31 05:14 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-14 06:35 - 2018-08-31 05:14 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-14 06:35 - 2018-08-31 05:14 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-09-14 06:35 - 2018-08-31 05:13 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-14 06:35 - 2018-08-31 05:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-14 06:35 - 2018-08-31 05:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-14 06:35 - 2018-08-31 05:11 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-14 06:35 - 2018-08-31 05:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-14 06:35 - 2018-08-31 05:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-09-14 06:35 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-14 06:35 - 2018-08-31 05:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-09-14 06:35 - 2018-08-31 05:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-14 06:35 - 2018-08-31 05:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-14 06:35 - 2018-08-31 05:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-14 06:35 - 2018-08-28 09:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-14 06:35 - 2018-08-28 08:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-09-14 06:35 - 2018-08-28 08:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-14 06:35 - 2018-08-28 08:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-14 06:35 - 2018-08-28 08:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-14 06:35 - 2018-08-28 07:51 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-09-14 06:35 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-14 06:35 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-14 06:35 - 2018-08-09 11:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-14 06:35 - 2018-08-09 11:16 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-14 06:35 - 2018-08-09 11:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-14 06:35 - 2018-08-09 11:13 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-14 06:35 - 2018-08-09 11:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-14 06:35 - 2018-08-09 11:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-14 06:35 - 2018-08-09 11:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-14 06:35 - 2018-08-09 11:10 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-14 06:35 - 2018-08-09 11:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-14 06:35 - 2018-08-09 11:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-14 06:35 - 2018-08-09 11:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-14 06:35 - 2018-08-09 10:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-14 06:35 - 2018-08-09 10:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-14 06:35 - 2018-08-09 10:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-14 06:35 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-14 06:35 - 2018-08-09 10:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-09-14 06:35 - 2018-08-09 10:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-09-14 06:35 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-14 06:35 - 2018-08-09 10:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-09-14 06:35 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-14 06:35 - 2018-08-09 10:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-09-14 06:35 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-14 06:35 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-14 06:35 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-14 06:35 - 2018-08-09 10:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-09-14 06:35 - 2018-08-09 10:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-14 06:35 - 2018-08-09 10:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-09-14 06:35 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-14 06:35 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-14 06:35 - 2018-08-09 10:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-09-14 06:35 - 2018-08-09 06:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-14 06:35 - 2018-08-09 06:53 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-14 06:35 - 2018-08-09 06:53 - 000714792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-09-14 06:35 - 2018-08-09 06:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-09-14 06:35 - 2018-08-09 06:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-09-14 06:35 - 2018-08-09 06:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-14 06:35 - 2018-08-09 06:29 - 000581696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-09-14 06:35 - 2018-08-09 06:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-14 06:35 - 2018-08-09 06:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-14 06:35 - 2018-08-09 06:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-14 06:35 - 2018-08-09 06:24 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-14 06:35 - 2018-08-09 06:22 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-14 06:35 - 2018-08-09 06:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-14 06:35 - 2018-08-09 06:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-14 06:35 - 2018-08-09 06:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-14 06:35 - 2018-08-09 06:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-09-14 06:35 - 2018-08-09 06:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-09-14 06:35 - 2018-08-09 06:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-09-14 06:35 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-14 06:35 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-14 06:35 - 2018-08-09 06:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-09-14 06:35 - 2018-08-09 06:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-09-14 06:35 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-14 06:35 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-10 21:54 - 2010-02-21 22:37 - 000280240 _____ C:\Users\MJ\Documents\Handbuch_Hausfrau_1955.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-10-09 23:42 - 2016-11-22 01:45 - 000000000 ____D C:\Users\MJ\AppData\LocalLow\Mozilla
2018-10-09 23:37 - 2018-01-02 14:20 - 000000000 ____D C:\Program Files (x86)\Steuer 2017
2018-10-09 23:37 - 2015-05-03 17:05 - 000000000 ____D C:\Program Files (x86)\Steuer 2014
2018-10-09 23:37 - 2015-05-02 09:56 - 000000000 ____D C:\Program Files (x86)\Canon
2018-10-09 23:37 - 2015-04-30 21:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-09 23:37 - 2014-12-09 14:51 - 000000000 ____D C:\Program Files (x86)\Intel
2018-10-09 23:32 - 2014-04-25 10:12 - 000000000 ____D C:\ProgramData\McAfee
2018-10-09 23:27 - 2015-02-02 16:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-09 23:16 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-09 23:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-10-09 23:12 - 2015-05-01 12:45 - 000000000 ____D C:\Program Files (x86)\Avira
2018-10-09 23:06 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-09 23:04 - 2018-07-24 10:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-09 22:19 - 2018-07-24 11:19 - 000004622 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-09 22:18 - 2013-08-22 15:25 - 000000335 _____ C:\WINDOWS\win.ini
2018-10-09 18:36 - 2018-07-24 11:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-10-09 18:36 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-09 18:26 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-10-09 18:26 - 2014-04-24 18:11 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-10-09 18:22 - 2015-04-30 13:12 - 000000000 ____D C:\Users\MJ\Documents\YouCam
2018-10-09 18:19 - 2018-07-24 11:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-09 18:19 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-09 18:19 - 2015-12-01 17:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-09 18:19 - 2015-04-30 13:10 - 000000000 __SHD C:\Users\MJ\IntelGraphicsProfiles
2018-10-09 18:18 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-09 17:38 - 2015-12-01 18:11 - 000000000 ___RD C:\Users\MJ\OneDrive
2018-10-09 17:33 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-09 17:33 - 2015-04-30 13:10 - 000000000 ____D C:\Users\MJ\AppData\Local\Packages
2018-10-09 17:31 - 2014-12-09 14:54 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-09 16:52 - 2016-08-04 09:36 - 000000000 ____D C:\Users\MJ\Downloads neu
2018-10-09 16:21 - 2018-07-12 18:18 - 000000000 ____D C:\ProgramData\Packages
2018-10-08 22:46 - 2016-03-27 19:18 - 000000000 ____D C:\Users\MJ\AppData\Roaming\vlc
2018-10-06 18:08 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-06 18:04 - 2018-07-24 11:00 - 000000000 ____D C:\Users\MJ
2018-10-04 06:20 - 2017-06-14 19:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-04 06:20 - 2015-04-30 21:58 - 000001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-02 09:29 - 2015-05-03 13:38 - 000002328 _____ C:\WINDOWS\Sandboxie.ini
2018-09-26 13:53 - 2016-12-07 21:48 - 000000000 ____D C:\Users\MJ\dwhelper
2018-09-26 13:13 - 2016-11-06 18:17 - 000001147 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-20 22:10 - 2016-09-30 20:25 - 000000000 ____D C:\Users\MJ\Documents\Politik
2018-09-20 17:51 - 2017-04-25 07:15 - 000000000 ____D C:\Users\MJ\Desktop\PC Fusion5
2018-09-20 17:49 - 2016-12-13 13:29 - 000000000 ___RD C:\Users\MJ\Desktop\Sammel
2018-09-17 12:28 - 2018-07-31 19:58 - 000001369 _____ C:\Users\MJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2018-09-17 12:28 - 2018-07-24 11:19 - 000004162 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1522956843
2018-09-15 12:01 - 2016-01-22 12:03 - 000002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-09-15 10:54 - 2018-07-24 10:56 - 000781128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-15 10:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-15 10:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-15 10:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-15 10:27 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-15 10:22 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-14 07:00 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-12 08:23 - 2018-08-12 21:39 - 000000000 ____D C:\Users\MJ\AppData\Local\D3DSCache
2018-09-11 21:16 - 2015-04-30 13:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-11 20:56 - 2014-04-24 18:12 - 139184408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-11 20:51 - 2016-09-30 20:21 - 000000000 ____D C:\Users\MJ\Documents\Medizin
Einige Dateien in TEMP:
====================
2018-10-09 23:29 - 2018-09-29 03:21 - 001031928 _____ (McAfee, Inc.) C:\Users\MJ\AppData\Local\Temp\0005141539120570mcinst.exe
2018-10-09 23:18 - 2003-07-28 13:28 - 000089136 _____ (Microsoft Corporation) C:\Users\MJ\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-07-24 10:56
==================== Ende von FRST.txt ============================
|
|
09.10.2018, 22:52
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemhänger, Probleme beim Hoch- & Runterfahren Schädlinge suchen mit Kaspersky TDSS-Killer
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
10.10.2018, 10:11
| #19 |
| | Systemhänger, Probleme beim Hoch- & Runterfahren Ist die Seite filepony überlastet? Erscheint momentan immer Time-out 504 |
|
10.10.2018, 10:44
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemhänger, Probleme beim Hoch- & Runterfahren ja ist leider down  Kannst auch von BC laden --> https://www.bleepingcomputer.com/download/tdsskiller/
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2018, 10:51
| #21 |
| | Systemhänger, Probleme beim Hoch- & RunterfahrenCode:
ATTFilter 11:48:25.0573 0x25f0 TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
11:48:25.0573 0x25f0 UEFI system
11:48:32.0747 0x25f0 ============================================================
11:48:32.0747 0x25f0 Current date / time: 2018/10/10 11:48:32.0747
11:48:32.0747 0x25f0 SystemInfo:
11:48:32.0747 0x25f0
11:48:32.0747 0x25f0 OS Version: 10.0.17134 ServicePack: 0.0
11:48:32.0747 0x25f0 Product type: Workstation
11:48:32.0747 0x25f0 ComputerName: MJ-MOBIL
11:48:32.0747 0x25f0 UserName: MJ
11:48:32.0747 0x25f0 Windows directory: C:\WINDOWS
11:48:32.0747 0x25f0 System windows directory: C:\WINDOWS
11:48:32.0747 0x25f0 Running under WOW64
11:48:32.0747 0x25f0 Processor architecture: Intel x64
11:48:32.0747 0x25f0 Number of processors: 4
11:48:32.0747 0x25f0 Page size: 0x1000
11:48:32.0747 0x25f0 Boot type: Normal boot
11:48:32.0747 0x25f0 CodeIntegrityOptions = 0x00000001
11:48:32.0747 0x25f0 ============================================================
11:48:33.0591 0x25f0 KLMD registered as C:\WINDOWS\system32\drivers\12321245.sys
11:48:33.0591 0x25f0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
11:48:33.0810 0x25f0 System UUID: {F19376C2-33E0-E490-4653-3B75DC1AC4CD}
11:48:34.0357 0x25f0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:48:34.0357 0x25f0 ============================================================
11:48:34.0357 0x25f0 \Device\Harddisk0\DR0:
11:48:34.0357 0x25f0 GPT partitions:
11:48:34.0357 0x25f0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E91D32F7-956C-4AE9-B28D-7E649BB74AA2}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
11:48:34.0357 0x25f0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {97EF7F84-A398-4E66-990E-A5B1AA32931A}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
11:48:34.0357 0x25f0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {374A1AF4-8F94-4F2C-9ECA-C670D386B735}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x40000
11:48:34.0357 0x25f0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {40F5497B-944D-4BD0-A6A4-CC348F0FC674}, Name: Basic data partition, StartLBA 0x16C000, BlocksNum 0x200000
11:48:34.0357 0x25f0 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {043A86FA-6362-4B3A-866A-74B0B0D9D770}, Name: Basic data partition, StartLBA 0x36C000, BlocksNum 0x6C9F8A09
11:48:34.0357 0x25f0 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BA0B41E7-8147-4B1B-BC57-37554203120C}, Name: , StartLBA 0x6CD65000, BlocksNum 0x1A2000
11:48:34.0357 0x25f0 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {93A8FB84-A9C2-497D-871B-12882ED2334F}, Name: Basic data partition, StartLBA 0x6CF07000, BlocksNum 0x77FF800
11:48:34.0357 0x25f0 MBR partitions:
11:48:34.0357 0x25f0 ============================================================
11:48:34.0419 0x25f0 C: <-> \Device\Harddisk0\DR0\Partition5
11:48:34.0450 0x25f0 D: <-> \Device\Harddisk0\DR0\Partition7
11:48:34.0450 0x25f0 ============================================================
11:48:34.0450 0x25f0 Initialize success
11:48:34.0450 0x25f0 ============================================================
11:48:37.0442 0x2b90 ============================================================
11:48:37.0442 0x2b90 Scan started
11:48:37.0442 0x2b90 Mode: Manual;
11:48:37.0442 0x2b90 ============================================================
11:48:37.0442 0x2b90 KSN ping started
11:48:37.0598 0x2b90 KSN ping finished: true
11:48:43.0072 0x2b90 ================ Scan system memory ========================
11:48:43.0072 0x2b90 System memory - ok
11:48:43.0072 0x2b90 ================ Scan services =============================
11:48:43.0197 0x2b90 0005141539120570mcinstcleanup - ok
11:48:43.0307 0x2b90 1394ohci - ok
11:48:43.0307 0x2b90 3ware - ok
11:48:43.0369 0x2b90 [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
11:48:43.0369 0x2b90 AAV UpdateService - ok
11:48:43.0400 0x2b90 ACPI - ok
11:48:43.0416 0x2b90 AcpiDev - ok
11:48:43.0416 0x2b90 acpiex - ok
11:48:43.0416 0x2b90 acpipagr - ok
11:48:43.0447 0x2b90 [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
11:48:43.0463 0x2b90 AcpiPmi - ok
11:48:43.0463 0x2b90 acpitime - ok
11:48:43.0541 0x2b90 AdobeFlashPlayerUpdateSvc - ok
11:48:43.0572 0x2b90 ADP80XX - ok
11:48:43.0588 0x2b90 AFD - ok
11:48:43.0604 0x2b90 [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix C:\WINDOWS\system32\drivers\afunix.sys
11:48:43.0604 0x2b90 afunix - ok
11:48:43.0650 0x2b90 [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
11:48:43.0650 0x2b90 ahcache - ok
11:48:43.0682 0x2b90 [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
11:48:43.0697 0x2b90 AJRouter - ok
11:48:43.0721 0x2b90 [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG C:\WINDOWS\System32\alg.exe
11:48:43.0721 0x2b90 ALG - ok
11:48:43.0732 0x2b90 AmdK8 - ok
11:48:43.0732 0x2b90 AmdPPM - ok
11:48:43.0732 0x2b90 amdsata - ok
11:48:43.0747 0x2b90 amdsbs - ok
11:48:43.0747 0x2b90 amdxata - ok
11:48:43.0782 0x2b90 [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys
11:48:43.0782 0x2b90 AMPPAL - ok
11:48:43.0798 0x2b90 [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPALP C:\WINDOWS\system32\DRIVERS\amppal.sys
11:48:43.0798 0x2b90 AMPPALP - ok
11:48:43.0813 0x2b90 AppID - ok
11:48:43.0845 0x2b90 [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
11:48:43.0876 0x2b90 AppIDSvc - ok
11:48:43.0891 0x2b90 [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo C:\WINDOWS\System32\appinfo.dll
11:48:43.0907 0x2b90 Appinfo - ok
11:48:43.0938 0x2b90 [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
11:48:43.0954 0x2b90 applockerfltr - ok
11:48:43.0970 0x2b90 AppReadiness - ok
11:48:43.0985 0x2b90 AppXSvc - ok
11:48:44.0001 0x2b90 arcsas - ok
11:48:44.0001 0x2b90 AsyncMac - ok
11:48:44.0016 0x2b90 atapi - ok
11:48:44.0036 0x2b90 AudioEndpointBuilder - ok
11:48:44.0036 0x2b90 Audiosrv - ok
11:48:44.0051 0x2b90 [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
11:48:44.0069 0x2b90 AxInstSV - ok
11:48:44.0069 0x2b90 b06bdrv - ok
11:48:44.0085 0x2b90 [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam C:\WINDOWS\system32\drivers\bam.sys
11:48:44.0101 0x2b90 bam - ok
11:48:44.0101 0x2b90 BasicDisplay - ok
11:48:44.0101 0x2b90 BasicRender - ok
11:48:44.0132 0x2b90 BcastDVRUserService - ok
11:48:44.0179 0x2b90 bcmfn2 - ok
11:48:44.0241 0x2b90 [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
11:48:44.0257 0x2b90 BDESVC - ok
11:48:44.0288 0x2b90 [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:48:44.0288 0x2b90 Beep - ok
11:48:44.0288 0x2b90 BFE - ok
11:48:44.0319 0x2b90 [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys
11:48:44.0319 0x2b90 bindflt - ok
11:48:44.0382 0x2b90 [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS C:\WINDOWS\System32\qmgr.dll
11:48:45.0073 0x2b90 BITS - ok
11:48:45.0104 0x2b90 [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
11:48:45.0120 0x2b90 BluetoothUserService - ok
11:48:45.0151 0x2b90 bowser - ok
11:48:45.0167 0x2b90 BrokerInfrastructure - ok
11:48:45.0214 0x2b90 [ 3E4BF0145201239E0BBD0A937431C14C, 1DDC27C89B16ADD9346EB30AA9E17330FE0181BE96DC6F06C455493FBDCB1113 ] Browser C:\WINDOWS\System32\browser.dll
11:48:45.0214 0x2b90 Browser - ok
11:48:45.0261 0x2b90 [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService C:\WINDOWS\System32\BTAGService.dll
11:48:45.0276 0x2b90 BTAGService - ok
11:48:45.0323 0x2b90 [ 2B5EB1BB42AEE7A77B1E9C794DFCEF3D, E94040AAE365CFCAEEC75F38EBDDB2C7F13B41F41D96C33FE3F25078BA21DA13 ] BthA2DP C:\WINDOWS\system32\drivers\BthA2DP.sys
11:48:45.0323 0x2b90 BthA2DP - ok
11:48:45.0354 0x2b90 [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll
11:48:45.0370 0x2b90 BthAvctpSvc - ok
11:48:45.0432 0x2b90 [ E0121734C2492406034FA23E3D394EBD, E855EB12DD35CC47F68C5C6B1622560599C7074E274E510528196D47BDA56960 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
11:48:45.0432 0x2b90 BthEnum - ok
11:48:45.0448 0x2b90 [ F56B351A4E2B384911B2BA2A98261F34, A8140A2ABEC704A11776D29894ADD5D1FA9C125567EB6B270694573DB9B0E30E ] BthHFAud C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
11:48:45.0464 0x2b90 BthHFAud - ok
11:48:45.0495 0x2b90 [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
11:48:45.0511 0x2b90 BthHFEnum - ok
11:48:45.0542 0x2b90 [ 8EE632BFE4BABD4E7A299AF54476F9A5, 836675F295A033C0239DCF86D90985443A60D5A1F38B668CA82A30BDFD983352 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
11:48:45.0604 0x2b90 BthLEEnum - ok
11:48:45.0636 0x2b90 [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
11:48:45.0636 0x2b90 BTHMODEM - ok
11:48:45.0667 0x2b90 [ B10E0CC936462BBA7BC659C0927617A0, B4F2A318384D176D0ACF26372756CE097F34EED59FBB023E7DB8F95D8F73F69A ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
11:48:45.0682 0x2b90 BthPan - ok
11:48:45.0682 0x2b90 BTHPORT - ok
11:48:45.0714 0x2b90 [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv C:\WINDOWS\system32\bthserv.dll
11:48:45.0714 0x2b90 bthserv - ok
11:48:45.0745 0x2b90 [ 0D5ECDF2601312025811F6AC413F851A, B7E99CF02C6B511BD643E7F8BB59E983D8B65073D9B55ED44457EDC2BBBBC419 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
11:48:45.0761 0x2b90 BTHUSB - ok
11:48:45.0776 0x2b90 bttflt - ok
11:48:45.0776 0x2b90 buttonconverter - ok
11:48:45.0808 0x2b90 [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD C:\WINDOWS\System32\drivers\CAD.sys
11:48:45.0808 0x2b90 CAD - ok
11:48:45.0839 0x2b90 camsvc - ok
11:48:45.0839 0x2b90 CapImg - ok
11:48:45.0839 0x2b90 cdfs - ok
11:48:45.0948 0x2b90 [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
11:48:45.0964 0x2b90 CDPSvc - ok
11:48:46.0026 0x2b90 [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
11:48:46.0042 0x2b90 CDPUserSvc - ok
11:48:46.0058 0x2b90 cdrom - ok
11:48:46.0104 0x2b90 [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
11:48:46.0104 0x2b90 CertPropSvc - ok
11:48:46.0120 0x2b90 cht4iscsi - ok
11:48:46.0136 0x2b90 cht4vbd - ok
11:48:46.0151 0x2b90 [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
11:48:46.0151 0x2b90 circlass - ok
11:48:46.0167 0x2b90 CldFlt - ok
11:48:46.0167 0x2b90 CLFS - ok
11:48:46.0308 0x2b90 [ 80E9ED159D9CFC9EA59A6FA0DE7843AE, EECA5709B45057BE00F10E32A75E21F87D2DDDF4E043C468CD1920F6EC47329D ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
11:48:46.0355 0x2b90 ClickToRunSvc - ok
11:48:46.0433 0x2b90 [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
11:48:46.0448 0x2b90 ClipSVC - ok
11:48:46.0495 0x2b90 [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
11:48:46.0495 0x2b90 CLVirtualDrive - ok
11:48:46.0542 0x2b90 [ 7BB935831ACAEEF54684B675575530E5, C0F1D2BD84B696BDDA247845A1A76E188175EB36F1C52D8505C250E088CF44F2 ] clwvd6 C:\WINDOWS\system32\DRIVERS\clwvd6.sys
11:48:46.0542 0x2b90 clwvd6 - ok
11:48:46.0558 0x2b90 CmBatt - ok
11:48:46.0573 0x2b90 CNG - ok
11:48:46.0605 0x2b90 [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
11:48:46.0605 0x2b90 cnghwassist - ok
11:48:46.0683 0x2b90 [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
11:48:46.0683 0x2b90 CompositeBus - ok
11:48:46.0698 0x2b90 COMSysApp - ok
11:48:46.0698 0x2b90 condrv - ok
11:48:46.0714 0x2b90 CoreMessagingRegistrar - ok
11:48:46.0777 0x2b90 [ 2E0A35871680D1E9E5A94031E2B781A7, 8EE720D4326DB9E409A291ED1AA169DC5595BE05663787D49DA6552A5FF3C509 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
11:48:46.0951 0x2b90 cphs - ok
11:48:47.0013 0x2b90 CryptSvc - ok
11:48:47.0060 0x2b90 [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam C:\WINDOWS\system32\drivers\dam.sys
11:48:47.0060 0x2b90 dam - ok
11:48:47.0076 0x2b90 DcomLaunch - ok
11:48:47.0076 0x2b90 defragsvc - ok
11:48:47.0107 0x2b90 [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll
11:48:47.0122 0x2b90 DeviceAssociationService - ok
11:48:47.0138 0x2b90 DeviceInstall - ok
11:48:47.0169 0x2b90 [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
11:48:47.0435 0x2b90 DevicePickerUserSvc - ok
11:48:47.0513 0x2b90 [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
11:48:47.0529 0x2b90 DevicesFlowUserSvc - ok
11:48:47.0576 0x2b90 [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
11:48:47.0576 0x2b90 DevQueryBroker - ok
11:48:47.0607 0x2b90 Dfsc - ok
11:48:47.0622 0x2b90 Dhcp - ok
11:48:47.0669 0x2b90 diagnosticshub.standardcollector.service - ok
11:48:47.0685 0x2b90 [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
11:48:47.0700 0x2b90 diagsvc - ok
11:48:47.0716 0x2b90 DiagTrack - ok
11:48:47.0732 0x2b90 Disk - ok
11:48:47.0763 0x2b90 DmEnrollmentSvc - ok
11:48:47.0763 0x2b90 dmvsc - ok
11:48:47.0794 0x2b90 [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
11:48:47.0794 0x2b90 dmwappushservice - ok
11:48:47.0810 0x2b90 Dnscache - ok
11:48:47.0841 0x2b90 [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
11:48:47.0841 0x2b90 dot3svc - ok
11:48:47.0904 0x2b90 [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS C:\WINDOWS\system32\dps.dll
11:48:47.0919 0x2b90 DPS - ok
11:48:47.0919 0x2b90 drmkaud - ok
11:48:47.0951 0x2b90 DsmSvc - ok
11:48:47.0966 0x2b90 DsSvc - ok
11:48:48.0013 0x2b90 [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
11:48:48.0029 0x2b90 DusmSvc - ok
11:48:48.0044 0x2b90 DXGKrnl - ok
11:48:48.0044 0x2b90 Eaphost - ok
11:48:48.0122 0x2b90 [ 4FC652FE87EB0D46487A4788A401F445, 7F2C665DE2C97639590B68013F4829D791C2986FF819FB8B04BB3311D4F034D0 ] EaseUS Agent C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
11:48:48.0357 0x2b90 EaseUS Agent - ok
11:48:48.0388 0x2b90 ebdrv - ok
11:48:48.0419 0x2b90 EFS - ok
11:48:48.0435 0x2b90 EhStorClass - ok
11:48:48.0435 0x2b90 EhStorTcgDrv - ok
11:48:48.0466 0x2b90 [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
11:48:48.0482 0x2b90 embeddedmode - ok
11:48:48.0529 0x2b90 [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
11:48:48.0529 0x2b90 EntAppSvc - ok
11:48:48.0544 0x2b90 ErrDev - ok
11:48:48.0575 0x2b90 [ BF8362193CB83B5283BC5D24AA3D8DF3, 9A45520D624B101D18A434E63DB7EA6CC44F598EDA36B8A916BB76C1DBB0955C ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
11:48:48.0591 0x2b90 ETD - ok
11:48:48.0670 0x2b90 [ 06C67EE6E9E5DF0692BBE14437E56F3F, 9569B03031AE0CAC51AEF8B8CB8F8F2E717478B482AB4760711E1427C33A396D ] ETDService C:\Program Files\Elantech\ETDService.exe
11:48:48.0670 0x2b90 ETDService - ok
11:48:48.0685 0x2b90 [ C75C4769BBAE1397E1333D895C2DAE63, A066F6D6BCF25976EA16EC2077A0656C44952A3CB49C6A1A857482C8346E9D2D ] ETDSMBus C:\WINDOWS\System32\drivers\ETDSMBus.sys
11:48:48.0685 0x2b90 ETDSMBus - ok
11:48:48.0717 0x2b90 [ EB8489D2B2A37A757753F158B64835C3, DD62EDAC5C9675D504CF3588561F283D846A59511011C239A083CE27711EA75A ] EUBAKUP C:\WINDOWS\system32\drivers\eubakup.sys
11:48:48.0842 0x2b90 EUBAKUP - ok
11:48:48.0873 0x2b90 [ D85EC70E8C7855F3131ED5BAA0320F8E, 30A06EBEFE5AB8B27D7CB796C5373E1C39F558EC4B4183B8F8CCAF8EBD43F176 ] EUBKMON C:\WINDOWS\system32\drivers\EUBKMON.sys
11:48:48.0889 0x2b90 EUBKMON - ok
11:48:48.0904 0x2b90 [ 9B577FB6FA599A8AEDF8F5048CD8274B, BFB433745EEC55292529804AC7884B73FFFB86DBEB333BC7D8AAB8F529150D63 ] EUDSKACS C:\WINDOWS\system32\drivers\eudskacs.sys
11:48:48.0904 0x2b90 EUDSKACS - ok
11:48:48.0936 0x2b90 [ FA93CD6B9EFD2360C76087BBF1A22B62, 3BB0C02F65A77390E539F12EBEC03B5B55E2FC2EB1F70A1FEBF07D919B1907BA ] EUFDDISK C:\WINDOWS\system32\drivers\EuFdDisk.sys
11:48:48.0951 0x2b90 EUFDDISK - ok
11:48:49.0001 0x2b90 [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem C:\WINDOWS\system32\es.dll
11:48:49.0016 0x2b90 EventSystem - ok
11:48:49.0016 0x2b90 exfat - ok
11:48:49.0016 0x2b90 fastfat - ok
11:48:49.0063 0x2b90 [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax C:\WINDOWS\system32\fxssvc.exe
11:48:49.0079 0x2b90 Fax - ok
11:48:49.0095 0x2b90 fdc - ok
11:48:49.0110 0x2b90 [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
11:48:49.0126 0x2b90 fdPHost - ok
11:48:49.0157 0x2b90 [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
11:48:49.0157 0x2b90 FDResPub - ok
11:48:49.0188 0x2b90 [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
11:48:49.0188 0x2b90 fhsvc - ok
11:48:49.0235 0x2b90 [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
11:48:49.0235 0x2b90 FileCrypt - ok
11:48:49.0235 0x2b90 FileInfo - ok
11:48:49.0251 0x2b90 Filetrace - ok
11:48:49.0251 0x2b90 flpydisk - ok
11:48:49.0266 0x2b90 FltMgr - ok
11:48:49.0282 0x2b90 FontCache - ok
11:48:49.0376 0x2b90 FontCache3.0.0.0 - ok
11:48:49.0391 0x2b90 FrameServer - ok
11:48:49.0391 0x2b90 FsDepends - ok
11:48:49.0407 0x2b90 Fs_Rec - ok
11:48:49.0407 0x2b90 fvevol - ok
11:48:49.0454 0x2b90 [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
11:48:49.0532 0x2b90 gencounter - ok
11:48:49.0548 0x2b90 genericusbfn - ok
11:48:49.0563 0x2b90 GPIOClx0101 - ok
11:48:49.0579 0x2b90 gpsvc - ok
11:48:49.0595 0x2b90 [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
11:48:49.0595 0x2b90 GpuEnergyDrv - ok
11:48:49.0626 0x2b90 [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
11:48:49.0626 0x2b90 GraphicsPerfSvc - ok
11:48:49.0641 0x2b90 HDAudBus - ok
11:48:49.0641 0x2b90 HidBatt - ok
11:48:49.0688 0x2b90 [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
11:48:49.0688 0x2b90 HidBth - ok
11:48:49.0688 0x2b90 hidi2c - ok
11:48:49.0704 0x2b90 hidinterrupt - ok
11:48:49.0735 0x2b90 [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
11:48:49.0735 0x2b90 HidIr - ok
11:48:49.0751 0x2b90 hidserv - ok
11:48:49.0766 0x2b90 HidUsb - ok
11:48:49.0782 0x2b90 HpSAMD - ok
11:48:49.0798 0x2b90 HTTP - ok
11:48:49.0829 0x2b90 [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys
11:48:49.0829 0x2b90 hvcrash - ok
11:48:49.0851 0x2b90 HvHost - ok
11:48:49.0851 0x2b90 hvservice - ok
11:48:49.0867 0x2b90 [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
11:48:49.0867 0x2b90 HwNClx0101 - ok
11:48:49.0882 0x2b90 hwpolicy - ok
11:48:49.0898 0x2b90 hyperkbd - ok
11:48:49.0898 0x2b90 HyperVideo - ok
11:48:49.0913 0x2b90 i8042prt - ok
11:48:49.0913 0x2b90 iagpio - ok
11:48:49.0913 0x2b90 iai2c - ok
11:48:49.0929 0x2b90 iaLPSS2i_GPIO2 - ok
11:48:49.0931 0x2b90 iaLPSS2i_GPIO2_BXT_P - ok
11:48:49.0946 0x2b90 iaLPSS2i_I2C - ok
11:48:49.0946 0x2b90 iaLPSS2i_I2C_BXT_P - ok
11:48:49.0946 0x2b90 iaLPSSi_GPIO - ok
11:48:49.0962 0x2b90 iaLPSSi_I2C - ok
11:48:49.0993 0x2b90 [ 9863EC0FB887C0AD0C3A20AC3BF91629, B695048C370CB91BB0CFF2E29641636225B23347B08F7E451FB91CF8B1A0120A ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
11:48:50.0009 0x2b90 iaStorA - ok
11:48:50.0009 0x2b90 iaStorAVC - ok
11:48:50.0056 0x2b90 [ E4B16F9770B0F04A1841C74368896870, 55A07A24686DEFB53158992F4490371D7BC6378692F353124599C9E653134236 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:48:50.0056 0x2b90 IAStorDataMgrSvc - ok
11:48:50.0071 0x2b90 iaStorV - ok
11:48:50.0071 0x2b90 ibbus - ok
11:48:50.0071 0x2b90 ibtsiva - ok
11:48:50.0118 0x2b90 [ 0E40EFCB2DCF1A0AEFBE065EAD67AA02, B83935D3ADDBB6D10D070DCCFC6512DF678C604E9E99000AAA23C89CED345DE3 ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
11:48:50.0118 0x2b90 ibtusb - ok
11:48:50.0181 0x2b90 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
11:48:50.0196 0x2b90 ICCS - ok
11:48:50.0243 0x2b90 [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc C:\WINDOWS\System32\tetheringservice.dll
11:48:50.0259 0x2b90 icssvc - ok
11:48:50.0306 0x2b90 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:48:50.0446 0x2b90 IDriverT - ok
11:48:50.0688 0x2b90 [ F37606EAFFB621AA6A341CC76BEF37C3, 421674158785B8911354AA02514080390239FBFC8713A2F2AEF55223AF1C28D3 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
11:48:50.0813 0x2b90 igfx - ok
11:48:50.0860 0x2b90 [ 407102406ABA1916DFA7915E52A2EC48, 2DBC62F778579E3BB839D31E4C4BDB26E1EDD2735EECFF4298973A03EC53233F ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
11:48:50.0875 0x2b90 igfxCUIService2.0.0.0 - ok
11:48:50.0891 0x2b90 IKEEXT - ok
11:48:50.0922 0x2b90 [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
11:48:50.0922 0x2b90 IndirectKmd - ok
11:48:50.0953 0x2b90 InstallService - ok
11:48:50.0969 0x2b90 [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
11:48:50.0969 0x2b90 intaud_WaveExtensible - ok
11:48:51.0125 0x2b90 [ 07598029B8B7A18A49095010319E7056, A38FCAC718A11DF92C79E867934CB35825D67942A32C190F6A67230EB20B5878 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:48:51.0203 0x2b90 IntcAzAudAddService - ok
11:48:51.0250 0x2b90 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
11:48:51.0250 0x2b90 IntcDAud - ok
11:48:51.0298 0x2b90 [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:48:51.0313 0x2b90 Intel(R) Capability Licensing Service TCP IP Interface - ok
11:48:51.0376 0x2b90 [ A7AED4514E3E309AABF8237A8DD341A9, 59DC19773C0AA28B08FBB954B4F737EE5EE4D833D6EE12F7E3D901B244C5B1F9 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:48:51.0376 0x2b90 Intel(R) ME Service - ok
11:48:51.0392 0x2b90 intelide - ok
11:48:51.0407 0x2b90 [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
11:48:51.0423 0x2b90 intelpep - ok
11:48:51.0423 0x2b90 intelppm - ok
11:48:51.0454 0x2b90 [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
11:48:51.0454 0x2b90 iorate - ok
11:48:51.0470 0x2b90 [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:48:51.0485 0x2b90 IpFilterDriver - ok
11:48:51.0517 0x2b90 [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
11:48:51.0532 0x2b90 iphlpsvc - ok
11:48:51.0563 0x2b90 IPMIDRV - ok
11:48:51.0595 0x2b90 [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
11:48:51.0595 0x2b90 IPNAT - ok
11:48:51.0626 0x2b90 [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
11:48:51.0626 0x2b90 IPT - ok
11:48:51.0657 0x2b90 [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
11:48:51.0657 0x2b90 IpxlatCfgSvc - ok
11:48:51.0704 0x2b90 [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda C:\WINDOWS\system32\drivers\irda.sys
11:48:51.0704 0x2b90 irda - ok
11:48:51.0720 0x2b90 [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
11:48:51.0720 0x2b90 IRENUM - ok
11:48:51.0735 0x2b90 [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon C:\WINDOWS\System32\irmon.dll
11:48:51.0735 0x2b90 irmon - ok
11:48:51.0767 0x2b90 isapnp - ok
11:48:51.0767 0x2b90 iScsiPrt - ok
11:48:51.0782 0x2b90 ItSas35i - ok
11:48:51.0845 0x2b90 [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
11:48:51.0860 0x2b90 iumsvc - ok
11:48:51.0907 0x2b90 [ 2749D828991C160D1D8E7A06A0A95D93, 6F590E3A8F295D367A23938E062AEB0D904CDD8B8262B1EBB1208369587EA186 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:48:51.0938 0x2b90 jhi_service - ok
11:48:51.0954 0x2b90 kbdclass - ok
11:48:51.0954 0x2b90 kbdhid - ok
11:48:51.0954 0x2b90 kdnic - ok
11:48:51.0970 0x2b90 KeyIso - ok
11:48:51.0970 0x2b90 KSecDD - ok
11:48:51.0985 0x2b90 KSecPkg - ok
11:48:51.0985 0x2b90 ksthunk - ok
11:48:52.0017 0x2b90 [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
11:48:52.0035 0x2b90 KtmRm - ok
11:48:52.0052 0x2b90 LanmanServer - ok
11:48:52.0068 0x2b90 LanmanWorkstation - ok
11:48:52.0083 0x2b90 [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
11:48:52.0083 0x2b90 lfsvc - ok
11:48:52.0114 0x2b90 [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
11:48:52.0114 0x2b90 LicenseManager - ok
11:48:52.0161 0x2b90 [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
11:48:52.0161 0x2b90 lltdio - ok
11:48:52.0193 0x2b90 [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
11:48:52.0193 0x2b90 lltdsvc - ok
11:48:52.0219 0x2b90 lmhosts - ok
11:48:52.0265 0x2b90 [ 9C30978597D52AD8EA319BABE6112AAE, 50A63FB33797D79D688CA86600693FA4BD668588FAE0F67D9725ACDD20445D2E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:48:52.0265 0x2b90 LMS - ok
11:48:52.0296 0x2b90 LSI_SAS - ok
11:48:52.0296 0x2b90 LSI_SAS2i - ok
11:48:52.0296 0x2b90 LSI_SAS3i - ok
11:48:52.0312 0x2b90 LSI_SSS - ok
11:48:52.0312 0x2b90 LSM - ok
11:48:52.0343 0x2b90 [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
11:48:52.0343 0x2b90 luafv - ok
11:48:52.0375 0x2b90 [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll
11:48:52.0390 0x2b90 LxpSvc - ok
11:48:52.0421 0x2b90 MapsBroker - ok
11:48:52.0421 0x2b90 mausbhost - ok
11:48:52.0437 0x2b90 mausbip - ok
11:48:52.0437 0x2b90 McComponentHostService - ok
11:48:52.0437 0x2b90 megasas - ok
11:48:52.0453 0x2b90 megasas2i - ok
11:48:52.0453 0x2b90 megasas35i - ok
11:48:52.0453 0x2b90 megasr - ok
11:48:52.0468 0x2b90 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
11:48:52.0468 0x2b90 MEIx64 - ok
11:48:52.0517 0x2b90 [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll
11:48:52.0517 0x2b90 MessagingService - ok
11:48:52.0549 0x2b90 [ 5F4CABAFF1858C54DD5AFB33BD76926E, 06BDEE2B5325E605774C095D9DADFF5E6E124259482C4B7D9E74F1CEDC5A194E ] mfeelamk C:\WINDOWS\system32\drivers\mfeelamk.sys
11:48:52.0595 0x2b90 mfeelamk - ok
11:48:52.0658 0x2b90 [ B3096F77D6D876B712D27F574DABEA27, B2A974C0944628E8C8539BE43995949D5A2912E74FC4180F9A1D50967E170D7B ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
11:48:52.0658 0x2b90 mfesapsn - ok
11:48:52.0689 0x2b90 [ BA7E071E855D4C502916164A31B05D4D, 11B250AA98EAAB4A15A8796CABAFCFC20B8E049513BF66FFAA0F6C2BEED958A5 ] MHIKEY10 C:\WINDOWS\System32\Drivers\MHIKEY10x64.sys
11:48:52.0752 0x2b90 MHIKEY10 - ok
11:48:52.0783 0x2b90 [ 1ECAB1D7A88F953397D09ECFCF789B91, 42AFE658FABAA6816700886B2F0697A692DE6B5DB0B90B361E099BF79B44E389 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys
11:48:52.0783 0x2b90 Microsoft_Bluetooth_AvrcpTransport - ok
11:48:52.0814 0x2b90 mlx4_bus - ok
11:48:52.0814 0x2b90 MMCSS - ok
11:48:52.0830 0x2b90 [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem C:\WINDOWS\system32\drivers\modem.sys
11:48:52.0845 0x2b90 Modem - ok
11:48:52.0861 0x2b90 [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor C:\WINDOWS\System32\drivers\monitor.sys
11:48:52.0861 0x2b90 monitor - ok
11:48:52.0877 0x2b90 mouclass - ok
11:48:52.0877 0x2b90 [ 21B7ACEA1BB49C3371DD5427BF309D6A, 39055A4D9BC293BD5DE5519FC6B95E7345089B32027E1799FA642606E6298856 ] moufiltr C:\WINDOWS\System32\drivers\moufiltr.sys
11:48:52.0877 0x2b90 moufiltr - ok
11:48:52.0892 0x2b90 mouhid - ok
11:48:52.0892 0x2b90 mountmgr - ok
11:48:52.0939 0x2b90 [ F9B1419B15CC3C848EE2E98758B05363, 07BDF6BCF098DF866B8263833F59CEE79D24C9F00B28ED9D4A73A784C3F37E6A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:48:52.0939 0x2b90 MozillaMaintenance - ok
11:48:52.0955 0x2b90 mpsdrv - ok
11:48:52.0971 0x2b90 mpssvc - ok
11:48:52.0986 0x2b90 MRxDAV - ok
11:48:52.0986 0x2b90 mrxsmb - ok
11:48:52.0986 0x2b90 mrxsmb20 - ok
11:48:53.0017 0x2b90 [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
11:48:53.0017 0x2b90 MsBridge - ok
11:48:53.0049 0x2b90 [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC C:\WINDOWS\System32\msdtc.exe
11:48:53.0064 0x2b90 MSDTC - ok
11:48:53.0064 0x2b90 Msfs - ok
11:48:53.0111 0x2b90 [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
11:48:53.0111 0x2b90 msgpiowin32 - ok
11:48:53.0111 0x2b90 mshidkmdf - ok
11:48:53.0127 0x2b90 [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
11:48:53.0127 0x2b90 mshidumdf - ok
11:48:53.0127 0x2b90 msisadrv - ok
11:48:53.0158 0x2b90 MSiSCSI - ok
11:48:53.0158 0x2b90 msiserver - ok
11:48:53.0158 0x2b90 MSKSSRV - ok
11:48:53.0189 0x2b90 [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
11:48:53.0189 0x2b90 MsLldp - ok
11:48:53.0189 0x2b90 MSPCLOCK - ok
11:48:53.0205 0x2b90 MSPQM - ok
11:48:53.0205 0x2b90 MsRPC - ok
11:48:53.0205 0x2b90 mssmbios - ok
11:48:53.0221 0x2b90 MSTEE - ok
11:48:53.0221 0x2b90 MTConfig - ok
11:48:53.0221 0x2b90 Mup - ok
11:48:53.0221 0x2b90 mvumis - ok
11:48:53.0236 0x2b90 NativeWifiP - ok
11:48:53.0283 0x2b90 [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
11:48:53.0299 0x2b90 NaturalAuthentication - ok
11:48:53.0346 0x2b90 [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
11:48:53.0361 0x2b90 NcaSvc - ok
11:48:53.0424 0x2b90 [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService C:\WINDOWS\System32\ncbservice.dll
11:48:53.0439 0x2b90 NcbService - ok
11:48:53.0482 0x2b90 [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
11:48:53.0482 0x2b90 NcdAutoSetup - ok
11:48:53.0482 0x2b90 ndfltr - ok
11:48:53.0497 0x2b90 NDIS - ok
11:48:53.0529 0x2b90 [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
11:48:53.0529 0x2b90 NdisCap - ok
11:48:53.0564 0x2b90 [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
11:48:53.0564 0x2b90 NdisImPlatform - ok
11:48:53.0577 0x2b90 NdisTapi - ok
11:48:53.0577 0x2b90 Ndisuio - ok
11:48:53.0592 0x2b90 NdisVirtualBus - ok
11:48:53.0592 0x2b90 NdisWan - ok
11:48:53.0608 0x2b90 ndiswanlegacy - ok
11:48:53.0608 0x2b90 ndproxy - ok
11:48:53.0639 0x2b90 [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
11:48:53.0639 0x2b90 Ndu - ok
11:48:53.0639 0x2b90 NetAdapterCx - ok
11:48:53.0639 0x2b90 NetBIOS - ok
11:48:53.0655 0x2b90 NetBT - ok
11:48:53.0655 0x2b90 Netlogon - ok
11:48:53.0671 0x2b90 Netman - ok
11:48:53.0702 0x2b90 netprofm - ok
11:48:53.0718 0x2b90 NetSetupSvc - ok
11:48:53.0800 0x2b90 [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:48:53.0909 0x2b90 NetTcpPortSharing - ok
11:48:53.0940 0x2b90 netvsc - ok
11:48:54.0065 0x2b90 [ 1F91B1E5FD41BDC3DF8AFFB81C8AA277, B8CB13863C1F0C589C008E191A393DF241F3067DD7CADE02B3B7D36B28BBA2ED ] NETwNb64 C:\WINDOWS\System32\drivers\Netwbw02.sys
11:48:54.0128 0x2b90 NETwNb64 - ok
11:48:54.0175 0x2b90 [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
11:48:54.0190 0x2b90 NgcCtnrSvc - ok
11:48:54.0190 0x2b90 NgcSvc - ok
11:48:54.0206 0x2b90 NlaSvc - ok
11:48:54.0222 0x2b90 Npfs - ok
11:48:54.0222 0x2b90 npsvctrig - ok
11:48:54.0237 0x2b90 nsi - ok
11:48:54.0253 0x2b90 nsiproxy - ok
11:48:54.0269 0x2b90 Ntfs - ok
11:48:54.0269 0x2b90 Null - ok
11:48:54.0269 0x2b90 nvdimm - ok
11:48:54.0284 0x2b90 nvraid - ok
11:48:54.0284 0x2b90 nvstor - ok
11:48:54.0315 0x2b90 [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
11:48:54.0331 0x2b90 OneSyncSvc - ok
11:48:54.0367 0x2b90 [ E0406C2951A24073AB920705A9CC9D59, D4865B7B9812CEAB1D18F7FFE3C6AAA90538C91E4A6B61199F84B9A5BE5A6D3D ] osrss C:\WINDOWS\system32\osrss.dll
11:48:54.0382 0x2b90 osrss - ok
11:48:54.0429 0x2b90 [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
11:48:54.0429 0x2b90 p2pimsvc - ok
11:48:54.0476 0x2b90 [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
11:48:54.0492 0x2b90 p2psvc - ok
11:48:54.0507 0x2b90 Parport - ok
11:48:54.0530 0x2b90 partmgr - ok
11:48:54.0546 0x2b90 PcaSvc - ok
11:48:54.0562 0x2b90 pci - ok
11:48:54.0562 0x2b90 pciide - ok
11:48:54.0577 0x2b90 pcmcia - ok
11:48:54.0577 0x2b90 pcw - ok
11:48:54.0577 0x2b90 pdc - ok
11:48:54.0624 0x2b90 [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
11:48:54.0640 0x2b90 PEAUTH - ok
11:48:54.0687 0x2b90 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys
11:48:54.0687 0x2b90 PEGAGFN - ok
11:48:54.0702 0x2b90 [ 7BB4BD4E20221B6BFC0038851CF3A4F0, 29EECB0C2A8BFC315C5212AD26B871B02DF7B76B5097FF45BA5E5C78891F357C ] PegaRadioSwitch C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys
11:48:54.0702 0x2b90 PegaRadioSwitch - ok
11:48:54.0702 0x2b90 percsas2i - ok
11:48:54.0718 0x2b90 percsas3i - ok
11:48:54.0798 0x2b90 [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
11:48:54.0976 0x2b90 PerfHost - ok
11:48:55.0023 0x2b90 [ 81BDFDAE4FA5E1A4F767B332CACB1292, 19C468B1D43ADB93A3BBE03B83137A2720C01F4F63A929D059FA784572F4C97A ] PGFNEXSrv C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
11:48:55.0038 0x2b90 PGFNEXSrv - ok
11:48:55.0056 0x2b90 [ 419F10BCF592762A22821AACBF5B629D, 0866BE3470A98F81AA83C90635FCF43493A1739389DB88F7FD20604AD21AB691 ] phantomtap C:\WINDOWS\System32\drivers\phantomtap.sys
11:48:55.0056 0x2b90 phantomtap - ok
11:48:55.0087 0x2b90 PhoneSvc - ok
11:48:55.0134 0x2b90 [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
11:48:55.0134 0x2b90 PimIndexMaintenanceSvc - ok
11:48:55.0214 0x2b90 [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla C:\WINDOWS\system32\pla.dll
11:48:55.0246 0x2b90 pla - ok
11:48:55.0261 0x2b90 PlugPlay - ok
11:48:55.0284 0x2b90 pmem - ok
11:48:55.0300 0x2b90 [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
11:48:55.0300 0x2b90 PNPMEM - ok
11:48:55.0331 0x2b90 [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
11:48:55.0331 0x2b90 PNRPAutoReg - ok
11:48:55.0347 0x2b90 [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
11:48:55.0362 0x2b90 PNRPsvc - ok
11:48:55.0378 0x2b90 PolicyAgent - ok
11:48:55.0394 0x2b90 Power - ok
11:48:55.0394 0x2b90 PptpMiniport - ok
11:48:55.0553 0x2b90 [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:48:55.0904 0x2b90 PrintNotify - ok
11:48:55.0935 0x2b90 [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
11:48:55.0935 0x2b90 PrintWorkflowUserSvc - ok
11:48:55.0966 0x2b90 Processor - ok
11:48:55.0984 0x2b90 ProfSvc - ok
11:48:56.0015 0x2b90 [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
11:48:56.0015 0x2b90 Psched - ok
11:48:56.0034 0x2b90 PushToInstall - ok
11:48:56.0065 0x2b90 [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE C:\WINDOWS\system32\qwave.dll
11:48:56.0081 0x2b90 QWAVE - ok
11:48:56.0096 0x2b90 [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
11:48:56.0112 0x2b90 QWAVEdrv - ok
11:48:56.0112 0x2b90 Ramdisk - ok
11:48:56.0112 0x2b90 RasAcd - ok
11:48:56.0143 0x2b90 RasAgileVpn - ok
11:48:56.0143 0x2b90 RasAuto - ok
11:48:56.0143 0x2b90 Rasl2tp - ok
11:48:56.0175 0x2b90 RasMan - ok
11:48:56.0190 0x2b90 RasPppoe - ok
11:48:56.0192 0x2b90 RasSstp - ok
11:48:56.0208 0x2b90 rdbss - ok
11:48:56.0224 0x2b90 [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
11:48:56.0224 0x2b90 rdpbus - ok
11:48:56.0239 0x2b90 RDPDR - ok
11:48:56.0302 0x2b90 [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
11:48:56.0302 0x2b90 RdpVideoMiniport - ok
11:48:56.0364 0x2b90 [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
11:48:56.0380 0x2b90 rdyboost - ok
11:48:56.0380 0x2b90 ReFS - ok
11:48:56.0380 0x2b90 ReFSv1 - ok
11:48:56.0427 0x2b90 [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:48:56.0442 0x2b90 RemoteAccess - ok
11:48:56.0474 0x2b90 [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:48:56.0489 0x2b90 RemoteRegistry - ok
11:48:56.0521 0x2b90 [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
11:48:56.0567 0x2b90 RetailDemo - ok
11:48:56.0614 0x2b90 [ 59F600BDA5B6EE591802945F1D8388D5, A30593A0EC696DE21264969664261E7ADA12C9E1161445BD41E71B7E3232604F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
11:48:56.0614 0x2b90 RFCOMM - ok
11:48:56.0646 0x2b90 [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
11:48:56.0646 0x2b90 rhproxy - ok
11:48:56.0755 0x2b90 [ 27A3A6BF6EE99AB61BF6F1147542F6AA, EA77F391067BF597E2E9A5A915CED91694B34624CD7BC87531C1610659C28748 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
11:48:56.0755 0x2b90 RichVideo64 - ok
11:48:56.0786 0x2b90 [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc C:\WINDOWS\System32\RMapi.dll
11:48:56.0802 0x2b90 RmSvc - ok
11:48:56.0817 0x2b90 RpcEptMapper - ok
11:48:56.0817 0x2b90 [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator C:\WINDOWS\system32\locator.exe
11:48:56.0833 0x2b90 RpcLocator - ok
11:48:56.0850 0x2b90 RpcSs - ok
11:48:56.0866 0x2b90 [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
11:48:56.0866 0x2b90 rspndr - ok
11:48:56.0913 0x2b90 [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168 C:\WINDOWS\System32\drivers\Rt630x64.sys
11:48:56.0928 0x2b90 RTL8168 - ok
11:48:56.0984 0x2b90 [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
11:48:57.0000 0x2b90 RTSUER - ok
11:48:57.0031 0x2b90 [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
11:48:57.0031 0x2b90 s3cap - ok
11:48:57.0067 0x2b90 SamSs - ok
11:48:57.0082 0x2b90 sbp2port - ok
11:48:57.0113 0x2b90 [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
11:48:57.0144 0x2b90 SCardSvr - ok
11:48:57.0175 0x2b90 [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
11:48:57.0191 0x2b90 ScDeviceEnum - ok
11:48:57.0226 0x2b90 [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
11:48:57.0226 0x2b90 scfilter - ok
11:48:57.0242 0x2b90 Schedule - ok
11:48:57.0257 0x2b90 scmbus - ok
11:48:57.0289 0x2b90 [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
11:48:57.0289 0x2b90 SCPolicySvc - ok
11:48:57.0289 0x2b90 sdbus - ok
11:48:57.0320 0x2b90 [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
11:48:57.0320 0x2b90 SDFRd - ok
11:48:57.0351 0x2b90 [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
11:48:57.0351 0x2b90 SDRSVC - ok
11:48:57.0383 0x2b90 sdstor - ok
11:48:57.0399 0x2b90 [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon C:\WINDOWS\system32\seclogon.dll
11:48:57.0399 0x2b90 seclogon - ok
11:48:57.0414 0x2b90 SecurityHealthService - ok
11:48:57.0477 0x2b90 [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
11:48:57.0539 0x2b90 SEMgrSvc - ok
11:48:57.0571 0x2b90 [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS C:\WINDOWS\System32\sens.dll
11:48:57.0586 0x2b90 SENS - ok
11:48:57.0624 0x2b90 [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
11:48:57.0655 0x2b90 SensorDataService - ok
11:48:57.0702 0x2b90 [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService C:\WINDOWS\system32\SensorService.dll
11:48:57.0718 0x2b90 SensorService - ok
11:48:57.0749 0x2b90 [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
11:48:57.0765 0x2b90 SensrSvc - ok
11:48:57.0765 0x2b90 SerCx - ok
11:48:57.0765 0x2b90 SerCx2 - ok
11:48:57.0780 0x2b90 Serenum - ok
11:48:57.0796 0x2b90 Serial - ok
11:48:57.0796 0x2b90 sermouse - ok
11:48:57.0827 0x2b90 [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
11:48:57.0843 0x2b90 SessionEnv - ok
11:48:57.0843 0x2b90 sfloppy - ok
11:48:57.0880 0x2b90 [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys
11:48:57.0880 0x2b90 SgrmAgent - ok
11:48:57.0912 0x2b90 [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe
11:48:57.0927 0x2b90 SgrmBroker - ok
11:48:57.0962 0x2b90 [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:48:57.0977 0x2b90 SharedAccess - ok
11:48:58.0009 0x2b90 SharedRealitySvc - ok
11:48:58.0061 0x2b90 [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:48:58.0077 0x2b90 ShellHWDetection - ok
11:48:58.0108 0x2b90 [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
11:48:58.0155 0x2b90 shpamsvc - ok
11:48:58.0177 0x2b90 SiSRaid2 - ok
11:48:58.0177 0x2b90 SiSRaid4 - ok
11:48:58.0192 0x2b90 smphost - ok
11:48:58.0224 0x2b90 [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
11:48:58.0239 0x2b90 SmsRouter - ok
11:48:58.0271 0x2b90 [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
11:48:58.0271 0x2b90 SNMPTRAP - ok
11:48:58.0302 0x2b90 spaceport - ok
11:48:58.0317 0x2b90 [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
11:48:58.0317 0x2b90 SpatialGraphFilter - ok
11:48:58.0333 0x2b90 SpbCx - ok
11:48:58.0349 0x2b90 spectrum - ok
11:48:58.0382 0x2b90 [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler C:\WINDOWS\System32\spoolsv.exe
11:48:58.0398 0x2b90 Spooler - ok
11:48:58.0429 0x2b90 sppsvc - ok
11:48:58.0429 0x2b90 srv - ok
11:48:58.0445 0x2b90 srv2 - ok
11:48:58.0445 0x2b90 srvnet - ok
11:48:58.0480 0x2b90 [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:48:58.0496 0x2b90 SSDPSRV - ok
11:48:58.0558 0x2b90 [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
11:48:58.0558 0x2b90 ssh-agent - ok
11:48:58.0574 0x2b90 SstpSvc - ok
11:48:58.0605 0x2b90 StateRepository - ok
11:48:58.0605 0x2b90 stexstor - ok
11:48:58.0652 0x2b90 [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc C:\WINDOWS\System32\wiaservc.dll
11:48:58.0668 0x2b90 stisvc - ok
11:48:58.0668 0x2b90 storahci - ok
11:48:58.0668 0x2b90 storflt - ok
11:48:58.0683 0x2b90 stornvme - ok
11:48:58.0683 0x2b90 storqosflt - ok
11:48:58.0699 0x2b90 StorSvc - ok
11:48:58.0699 0x2b90 storufs - ok
11:48:58.0699 0x2b90 storvsc - ok
11:48:58.0715 0x2b90 svsvc - ok
11:48:58.0762 0x2b90 swenum - ok
11:48:58.0762 0x2b90 swprv - ok
11:48:58.0793 0x2b90 [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
11:48:58.0793 0x2b90 Synth3dVsc - ok
11:48:58.0808 0x2b90 SysMain - ok
11:48:58.0824 0x2b90 SystemEventsBroker - ok
11:48:58.0866 0x2b90 [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
11:48:58.0877 0x2b90 TabletInputService - ok
11:48:58.0924 0x2b90 [ BB3F041ACE6FF23FD8F51B4CDDAB111B, A74544001291AB5E03E4B728CE7A336B17AA351C5E57C48536F62EAA756DFF7B ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
11:48:58.0924 0x2b90 tap0901 - ok
11:48:58.0971 0x2b90 [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:48:58.0989 0x2b90 TapiSrv - ok
11:48:59.0004 0x2b90 Tcpip - ok
11:48:59.0020 0x2b90 Tcpip6 - ok
11:48:59.0035 0x2b90 [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
11:48:59.0051 0x2b90 tcpipreg - ok
11:48:59.0067 0x2b90 tdx - ok
11:48:59.0082 0x2b90 [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
11:48:59.0082 0x2b90 terminpt - ok
11:48:59.0160 0x2b90 [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService C:\WINDOWS\System32\termsrv.dll
11:48:59.0192 0x2b90 TermService - ok
11:48:59.0226 0x2b90 [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes C:\WINDOWS\system32\themeservice.dll
11:48:59.0242 0x2b90 Themes - ok
11:48:59.0289 0x2b90 [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
11:48:59.0304 0x2b90 TieringEngineService - ok
11:48:59.0320 0x2b90 TimeBrokerSvc - ok
11:48:59.0351 0x2b90 TokenBroker - ok
11:48:59.0367 0x2b90 TPM - ok
11:48:59.0382 0x2b90 [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks C:\WINDOWS\System32\trkwks.dll
11:48:59.0398 0x2b90 TrkWks - ok
11:48:59.0429 0x2b90 TrustedInstaller - ok
11:48:59.0461 0x2b90 [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
11:48:59.0461 0x2b90 TsUsbFlt - ok
11:48:59.0480 0x2b90 [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
11:48:59.0480 0x2b90 TsUsbGD - ok
11:48:59.0499 0x2b90 [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys
11:48:59.0515 0x2b90 tunnel - ok
11:48:59.0531 0x2b90 [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
11:48:59.0531 0x2b90 tzautoupdate - ok
11:48:59.0546 0x2b90 UASPStor - ok
11:48:59.0578 0x2b90 [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
11:48:59.0578 0x2b90 UcmCx0101 - ok
11:48:59.0609 0x2b90 [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
11:48:59.0609 0x2b90 UcmTcpciCx0101 - ok
11:48:59.0656 0x2b90 [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
11:48:59.0656 0x2b90 UcmUcsi - ok
11:48:59.0671 0x2b90 Ucx01000 - ok
11:48:59.0671 0x2b90 UdeCx - ok
11:48:59.0671 0x2b90 udfs - ok
11:48:59.0687 0x2b90 UEFI - ok
11:48:59.0718 0x2b90 [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
11:48:59.0718 0x2b90 Ufx01000 - ok
11:48:59.0734 0x2b90 UfxChipidea - ok
11:48:59.0734 0x2b90 ufxsynopsys - ok
11:48:59.0734 0x2b90 umbus - ok
11:48:59.0750 0x2b90 UmPass - ok
11:48:59.0781 0x2b90 [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
11:48:59.0796 0x2b90 UmRdpService - ok
11:48:59.0843 0x2b90 [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
11:48:59.0879 0x2b90 UnistoreSvc - ok
11:48:59.0926 0x2b90 [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost C:\WINDOWS\System32\upnphost.dll
11:48:59.0942 0x2b90 upnphost - ok
11:48:59.0973 0x2b90 [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
11:48:59.0973 0x2b90 UrsChipidea - ok
11:49:00.0004 0x2b90 [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
11:49:00.0020 0x2b90 UrsCx01000 - ok
11:49:00.0051 0x2b90 [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
11:49:00.0067 0x2b90 UrsSynopsys - ok
11:49:00.0082 0x2b90 usbccgp - ok
11:49:00.0114 0x2b90 [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
11:49:00.0114 0x2b90 usbcir - ok
11:49:00.0129 0x2b90 usbehci - ok
11:49:00.0129 0x2b90 usbhub - ok
11:49:00.0145 0x2b90 USBHUB3 - ok
11:49:00.0160 0x2b90 usbohci - ok
11:49:00.0176 0x2b90 [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
11:49:00.0176 0x2b90 usbprint - ok
11:49:00.0192 0x2b90 usbser - ok
11:49:00.0192 0x2b90 USBSTOR - ok
11:49:00.0192 0x2b90 usbuhci - ok
11:49:00.0239 0x2b90 [ 9431F7E997A8750139517709B04D8629, 250DE2A461DD3E6D40BD7A21041BF451D954D5BC14A9BC4D819955A135FC34F4 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
11:49:00.0239 0x2b90 usbvideo - ok
11:49:00.0239 0x2b90 USBXHCI - ok
11:49:00.0301 0x2b90 [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
11:49:00.0332 0x2b90 UserDataSvc - ok
11:49:00.0348 0x2b90 UserManager - ok
11:49:00.0364 0x2b90 UsoSvc - ok
11:49:00.0395 0x2b90 [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc C:\WINDOWS\System32\vac.dll
11:49:00.0410 0x2b90 VacSvc - ok
11:49:00.0426 0x2b90 VaultSvc - ok
11:49:00.0442 0x2b90 vdrvroot - ok
11:49:00.0442 0x2b90 vds - ok
11:49:00.0457 0x2b90 VerifierExt - ok
11:49:00.0457 0x2b90 vhdmp - ok
11:49:00.0473 0x2b90 vhf - ok
11:49:00.0488 0x2b90 [ C2C95D62C90CA809240112B41C1765F2, FAFBA11CE7D273D28D1C27D01BEB4E62AB4ADA7517183F46E505D335E1117CA0 ] vhidmini C:\WINDOWS\System32\drivers\walvhid.sys
11:49:00.0504 0x2b90 vhidmini - ok
11:49:00.0504 0x2b90 vmbus - ok
11:49:00.0520 0x2b90 VMBusHID - ok
11:49:00.0522 0x2b90 vmgid - ok
11:49:00.0553 0x2b90 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
11:49:00.0553 0x2b90 vmicguestinterface - ok
11:49:00.0569 0x2b90 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
11:49:00.0569 0x2b90 vmicheartbeat - ok
11:49:00.0584 0x2b90 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
11:49:00.0600 0x2b90 vmickvpexchange - ok
11:49:00.0631 0x2b90 [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
11:49:00.0647 0x2b90 vmicrdv - ok
11:49:00.0647 0x2b90 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
11:49:00.0662 0x2b90 vmicshutdown - ok
11:49:00.0662 0x2b90 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
11:49:00.0678 0x2b90 vmictimesync - ok
11:49:00.0678 0x2b90 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
11:49:00.0694 0x2b90 vmicvmsession - ok
11:49:00.0694 0x2b90 [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
11:49:00.0709 0x2b90 vmicvss - ok
11:49:00.0709 0x2b90 volmgr - ok
11:49:00.0709 0x2b90 volmgrx - ok
11:49:00.0725 0x2b90 volsnap - ok
11:49:00.0725 0x2b90 volume - ok
11:49:00.0725 0x2b90 vpci - ok
11:49:00.0740 0x2b90 vsmraid - ok
11:49:00.0740 0x2b90 VSS - ok
11:49:00.0740 0x2b90 VSTXRAID - ok
11:49:00.0756 0x2b90 vwifibus - ok
11:49:00.0756 0x2b90 vwififlt - ok
11:49:00.0756 0x2b90 vwifimp - ok
11:49:00.0772 0x2b90 W32Time - ok
11:49:00.0787 0x2b90 WaaSMedicSvc - ok
11:49:00.0787 0x2b90 WacomPen - ok
11:49:00.0827 0x2b90 [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService C:\WINDOWS\system32\WalletService.dll
11:49:00.0840 0x2b90 WalletService - ok
11:49:00.0840 0x2b90 wanarp - ok
11:49:00.0856 0x2b90 wanarpv6 - ok
11:49:00.0887 0x2b90 [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
11:49:00.0887 0x2b90 WarpJITSvc - ok
11:49:00.0903 0x2b90 wbengine - ok
11:49:00.0934 0x2b90 WbioSrvc - ok
11:49:00.0965 0x2b90 [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
11:49:00.0965 0x2b90 wcifs - ok
11:49:00.0965 0x2b90 Wcmsvc - ok
11:49:00.0981 0x2b90 wcncsvc - ok
11:49:00.0997 0x2b90 [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
11:49:00.0997 0x2b90 wcnfs - ok
11:49:01.0028 0x2b90 [ EF2B6F9152F6F79D00BF7DCBE2081951, 1DEDD6C3FCDE9A5DBEE6594940037633C1BB09286690B8D29528EC119C835D3B ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
11:49:01.0028 0x2b90 WdBoot - ok
11:49:01.0044 0x2b90 Wdf01000 - ok
11:49:01.0059 0x2b90 [ 273B2EE5A3CA626D4A1D299CB27A7FC8, 7056A0223E67E280EDED8E60B7F45BECCD49752CA8F179A4BAEE37A75014BAC1 ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
11:49:01.0075 0x2b90 WdFilter - ok
11:49:01.0090 0x2b90 [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
11:49:01.0106 0x2b90 WdiServiceHost - ok
11:49:01.0106 0x2b90 [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
11:49:01.0122 0x2b90 WdiSystemHost - ok
11:49:01.0122 0x2b90 wdiwifi - ok
11:49:01.0153 0x2b90 [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
11:49:01.0153 0x2b90 WdmCompanionFilter - ok
11:49:01.0184 0x2b90 [ 85641F5E6761F9A9B8E4ABC319BE68B5, 8AA96547EA4BAC6EA26FEE29AC2C70EAB987D3391091C5564243B905AB80C8E4 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
11:49:01.0184 0x2b90 WdNisDrv - ok
11:49:01.0387 0x2b90 [ 9A92286431EC4AAD197D7F2F648969CB, 0CD2301E27F4304C0EEBDEA61CCAB03738425FBF174801A5BAAF9DBD6B73C0D3 ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe
11:49:01.0465 0x2b90 WdNisSvc - ok
11:49:01.0547 0x2b90 [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:49:01.0562 0x2b90 WebClient - ok
11:49:01.0609 0x2b90 [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
11:49:01.0625 0x2b90 Wecsvc - ok
11:49:01.0656 0x2b90 [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
11:49:01.0672 0x2b90 WEPHOSTSVC - ok
11:49:01.0703 0x2b90 [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
11:49:01.0703 0x2b90 wercplsupport - ok
11:49:01.0734 0x2b90 WerSvc - ok
11:49:01.0750 0x2b90 WFDSConMgrSvc - ok
11:49:01.0781 0x2b90 WFPLWFS - ok
11:49:01.0797 0x2b90 [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
11:49:01.0812 0x2b90 WiaRpc - ok
11:49:01.0828 0x2b90 WIMMount - ok
11:49:01.0875 0x2b90 [ 115CFC73B2DA6A30424EB5229CA8D398, 03E286F9E054756D81C7EB5BB6D280602147F2E6465B817315FAF8AD11286343 ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe
11:49:01.0890 0x2b90 WinDefend - ok
11:49:01.0906 0x2b90 WindowsTrustedRT - ok
11:49:01.0937 0x2b90 [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
11:49:01.0937 0x2b90 WindowsTrustedRTProxy - ok
11:49:01.0968 0x2b90 WinHttpAutoProxySvc - ok
11:49:01.0984 0x2b90 WinMad - ok
11:49:02.0047 0x2b90 Winmgmt - ok
11:49:02.0062 0x2b90 WinNat - ok
11:49:02.0156 0x2b90 [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
11:49:02.0281 0x2b90 WinRM - ok
11:49:02.0312 0x2b90 [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
11:49:02.0328 0x2b90 WINUSB - ok
11:49:02.0328 0x2b90 WinVerbs - ok
11:49:02.0359 0x2b90 wisvc - ok
11:49:02.0359 0x2b90 WlanSvc - ok
11:49:02.0375 0x2b90 wlidsvc - ok
11:49:02.0406 0x2b90 wlpasvc - ok
11:49:02.0422 0x2b90 WmiAcpi - ok
11:49:02.0437 0x2b90 wmiApSrv - ok
11:49:02.0468 0x2b90 WMPNetworkSvc - ok
11:49:02.0500 0x2b90 [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
11:49:02.0500 0x2b90 Wof - ok
11:49:02.0594 0x2b90 [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
11:49:02.0641 0x2b90 workfolderssvc - ok
11:49:02.0656 0x2b90 WpcMonSvc - ok
11:49:02.0688 0x2b90 WPDBusEnum - ok
11:49:02.0703 0x2b90 [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
11:49:02.0719 0x2b90 WpdUpFltr - ok
11:49:02.0750 0x2b90 [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService C:\WINDOWS\system32\WpnService.dll
11:49:02.0766 0x2b90 WpnService - ok
11:49:02.0782 0x2b90 [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
11:49:02.0797 0x2b90 WpnUserService - ok
11:49:02.0828 0x2b90 ws2ifsl - ok
11:49:02.0860 0x2b90 [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc C:\WINDOWS\System32\wscsvc.dll
11:49:02.0875 0x2b90 wscsvc - ok
11:49:02.0906 0x2b90 [ A3317B8C6765C18F3BD9FE9DD352B05D, 8312D05F32909933FA692B893D5F6E1DC2E5908C8E590D4B6A51EA724DF4744C ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
11:49:02.0906 0x2b90 WSDPrintDevice - ok
11:49:02.0922 0x2b90 WSearch - ok
11:49:02.0938 0x2b90 WTService - ok
11:49:02.0953 0x2b90 wuauserv - ok
11:49:02.0985 0x2b90 [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
11:49:02.0985 0x2b90 WudfPf - ok
11:49:03.0031 0x2b90 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:49:03.0031 0x2b90 WUDFRd - ok
11:49:03.0047 0x2b90 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:49:03.0047 0x2b90 WUDFWpdFs - ok
11:49:03.0047 0x2b90 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:49:03.0063 0x2b90 WUDFWpdMtp - ok
11:49:03.0141 0x2b90 [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
11:49:03.0172 0x2b90 WwanSvc - ok
11:49:03.0203 0x2b90 [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe
11:49:03.0219 0x2b90 xbgm - ok
11:49:03.0250 0x2b90 [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
11:49:03.0281 0x2b90 XblAuthManager - ok
11:49:03.0344 0x2b90 [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
11:49:03.0375 0x2b90 XblGameSave - ok
11:49:03.0375 0x2b90 xboxgip - ok
11:49:03.0391 0x2b90 [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
11:49:03.0422 0x2b90 XboxGipSvc - ok
11:49:03.0486 0x2b90 [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
11:49:03.0501 0x2b90 XboxNetApiSvc - ok
11:49:03.0548 0x2b90 [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
11:49:03.0548 0x2b90 xinputhid - ok
11:49:03.0548 0x2b90 ================ Scan global ===============================
11:49:03.0642 0x2b90 [ Global ] - ok
11:49:03.0642 0x2b90 ================ Scan MBR ==================================
11:49:03.0658 0x2b90 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:49:03.0658 0x2b90 \Device\Harddisk0\DR0 - ok
11:49:03.0658 0x2b90 ================ Scan VBR ==================================
11:49:03.0658 0x2b90 [ D4DDEC930CD4E38EE65A524277EDA560 ] \Device\Harddisk0\DR0\Partition1
11:49:03.0658 0x2b90 \Device\Harddisk0\DR0\Partition1 - ok
11:49:03.0673 0x2b90 [ FF265B35E451992AEA6E80767FBDFA98 ] \Device\Harddisk0\DR0\Partition2
11:49:03.0673 0x2b90 \Device\Harddisk0\DR0\Partition2 - ok
11:49:03.0689 0x2b90 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
11:49:03.0689 0x2b90 \Device\Harddisk0\DR0\Partition3 - ok
11:49:03.0704 0x2b90 [ EC3510DE15159798A07EF19C7DA538CF ] \Device\Harddisk0\DR0\Partition4
11:49:03.0704 0x2b90 \Device\Harddisk0\DR0\Partition4 - ok
11:49:03.0720 0x2b90 [ 6317B6117355C99E3DC89DDCB62CC50F ] \Device\Harddisk0\DR0\Partition5
11:49:03.0720 0x2b90 \Device\Harddisk0\DR0\Partition5 - ok
11:49:03.0751 0x2b90 [ 9A4DC5F4A2B504FD6FF35E6CE87E305E ] \Device\Harddisk0\DR0\Partition6
11:49:03.0751 0x2b90 \Device\Harddisk0\DR0\Partition6 - ok
11:49:03.0751 0x2b90 [ EE1A9E2BE2E37493CCF5CEAD90D1F852 ] \Device\Harddisk0\DR0\Partition7
11:49:03.0767 0x2b90 \Device\Harddisk0\DR0\Partition7 - ok
11:49:03.0767 0x2b90 ================ Scan generic autorun ======================
11:49:03.0798 0x2b90 SecurityHealth - ok
11:49:04.0204 0x2b90 [ 6BCE148DE6670CFB44828B8497E089F6, 150899C8FCBF57BD61794638149D8C14738AB915CA4470E2B65E766BBE4CF171 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:49:04.0517 0x2b90 RtHDVCpl - ok
11:49:04.0595 0x2b90 [ 7C17C957880958754F70963E3C8EABBD, F933F2AD913811DE5C1340CB7E76E53F6F3A2AE27943B6AAE0A1A250DA70B439 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
11:49:04.0642 0x2b90 IAStorIcon - ok
11:49:04.0767 0x2b90 [ 5858DE874168C5F0AEA7A353DD520D48, DB77AF431227AEBD92C6E40AC723435E83DCF4620B7366D4FA6D9ACB500AA6EA ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
11:49:04.0814 0x2b90 CanonMyPrinter - ok
11:49:05.0003 0x2b90 [ 564383876D55C2C804B13B34A2AC6658, 298B64ADBAAF31343E8D5C4D7508843262F7E27949CFB581831C0D8505DBC1D1 ] C:\WINDOWS\system32\WTMKM.exe
11:49:05.0363 0x2b90 MacroKeyManager - ok
11:49:05.0378 0x2b90 ETDCtrl - ok
11:49:05.0441 0x2b90 [ EC7059FE43C74A6281ECC08253B6D5DB, AE14E00733C0AC394457BFCD4A5ECD884286038BE2C7AAE34E3D32F3F992F29F ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:49:05.0472 0x2b90 RtHDVBg_Dolby - ok
11:49:05.0566 0x2b90 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\WINDOWS\WindowsMobile\wmdc.exe
11:49:05.0582 0x2b90 Windows Mobile Device Center - ok
11:49:05.0738 0x2b90 [ 00AB2B491C7037BB219BEB26FAD34C72, 95EDBBE07EB85EEE1376252AA975BAA61235C80FC03036357BD4786E5D6B9703 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
11:49:05.0769 0x2b90 CanonSolutionMenuEx - ok
11:49:05.0800 0x2b90 [ 5F7EE76129F9A591F22F99F95D97AC95, D3446BD4CAB8017B44BAD94EBB88468D080AC65E14444C12B09B6BF3E70B2AED ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
11:49:05.0800 0x2b90 IJNetworkScannerSelectorEX - ok
11:49:05.0863 0x2b90 [ EE21235713DF5733E91CE63BCA721C71, 1C61096B1365E41C0B09297C16925299DAB50FB5B477B42A21148170DAC317B9 ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
11:49:05.0863 0x2b90 CLMLServer_For_P2G8 - ok
11:49:05.0878 0x2b90 [ BAB775E97D4B373C6ECDDB15688603FA, B06637F8059FFE1C022A83259D6FA57EC483F10FFCE83025CB47096D6C809859 ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
11:49:05.0895 0x2b90 CLVirtualDrive - ok
11:49:06.0445 0x2b90 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:49:06.0917 0x2b90 OneDriveSetup - ok
11:49:06.0980 0x2b90 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
11:49:07.0011 0x2b90 WAB Migrate - ok
11:49:07.0545 0x2b90 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:49:07.0999 0x2b90 OneDriveSetup - ok
11:49:08.0077 0x2b90 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
11:49:08.0108 0x2b90 WAB Migrate - ok
11:49:08.0108 0x2b90 Waiting for KSN requests completion. In queue: 256
11:49:09.0363 0x2b90 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x61100 ( enabled : updated )
11:49:09.0489 0x2b90 Win FW state via NFP2: enabled ( trusted )
11:49:09.0629 0x2b90 ============================================================
11:49:09.0629 0x2b90 Scan finished
11:49:09.0629 0x2b90 ============================================================
11:49:09.0645 0x2978 Detected object count: 0
11:49:09.0645 0x2978 Actual detected object count: 0
|
|
10.10.2018, 10:54
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemhänger, Probleme beim Hoch- & Runterfahren Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! adwCleaner v7.x Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2018, 11:17
| #23 |
| | Systemhänger, Probleme beim Hoch- & RunterfahrenCode:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-10-2018
# Duration: 00:00:12
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\foxydeal.sqlite
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\YCMServiceAgent
Deleted C:\Windows\Tasks\Power Suite (Tray).job
Deleted C:\Windows\System32\Tasks\Power Suite (Tray)
Deleted C:\Windows\Tasks\Power Suite.job
Deleted C:\Windows\System32\Tasks\Power Suite
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YCMServiceAgent
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F51C5CC-77DC-4D08-AFEE-64862BF1D297}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Suite (Tray)
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9A3F3DB-1022-49D5-A674-1A11EE41B9C1}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9A3F3DB-1022-49D5-A674-1A11EE41B9C1}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Suite
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted Avira SafeSearch Plus
***** [ Firefox URLs ] *****
Not Deleted search.avira.com
Not Deleted search.avira.com
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2649 octets] - [10/10/2018 12:00:56]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Geändert von johanna62 (10.10.2018 um 11:29 Uhr) |
|
10.10.2018, 11:23
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemhänger, Probleme beim Hoch- & Runterfahren Bitte setzt die CODE-Tags richtig! Korrigiere/editiere deinen Beitrag entsprechend!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2018, 11:31
| #25 |
| | Systemhänger, Probleme beim Hoch- & RunterfahrenCode:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-10-2018
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
Not Deleted search.avira.com
Not Deleted search.avira.com
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2649 octets] - [10/10/2018 12:00:56]
AdwCleaner[C00].txt - [2558 octets] - [10/10/2018 12:01:36]
AdwCleaner[S01].txt - [1438 octets] - [10/10/2018 12:08:10]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
|
|
10.10.2018, 11:38
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemhänger, Probleme beim Hoch- & Runterfahren adwcleaner bitte zwecks Kontrolle wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2018, 11:51
| #27 |
| | Systemhänger, Probleme beim Hoch- & RunterfahrenCode:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-10-2018
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
Not Deleted search.avira.com
Not Deleted search.avira.com
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2649 octets] - [10/10/2018 12:00:56]
AdwCleaner[C00].txt - [2558 octets] - [10/10/2018 12:01:36]
AdwCleaner[S01].txt - [1438 octets] - [10/10/2018 12:08:10]
AdwCleaner[C01].txt - [1685 octets] - [10/10/2018 12:10:15]
AdwCleaner[S02].txt - [1560 octets] - [10/10/2018 12:44:34]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
|
|
10.10.2018, 12:21
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemhänger, Probleme beim Hoch- & Runterfahren Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2018, 12:32
| #29 |
| | Systemhänger, Probleme beim Hoch- & RunterfahrenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10.10.2018
durchgeführt von MJ (10-10-2018 13:28:17)
Gestartet von C:\Users\MJ\Downloads neu
Windows 10 Home Version 1803 17134.285 (X64) (2018-07-24 09:20:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4265166804-2826880171-2750840647-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4265166804-2826880171-2750840647-503 - Limited - Disabled)
Gast (S-1-5-21-4265166804-2826880171-2750840647-501 - Limited - Disabled)
MJ (S-1-5-21-4265166804-2826880171-2750840647-1001 - Administrator - Enabled) => C:\Users\MJ
WDAGUtilityAccount (S-1-5-21-4265166804-2826880171-2750840647-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Amazon Kindle (HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
BenVista PhotoZoom Classic 4.1.4 (HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\PhotoZoom Classic 4) (Version: 4.1.4 - BenVista Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP7200 series Benutzerregistrierung (HKLM-x32\...\Canon iP7200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Cut Out 3.0 (HKLM-x32\...\Cut Out_is1) (Version: - Franzis.de)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 11 (HKLM\...\{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.4426 - Ihr Firmenname) Hidden
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3617 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3617 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.3.4 - CEWE Stiftung u Co. KGaA)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd)
ELAN Touchpad 15.19.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.19.7.1 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.0.4.20160106 - Landesfinanzdirektion Thüringen)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3871 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
MacroKey Manager (HKLM\...\{66A4349A-AA55-43E5-A781-62867A701A90}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
MacroKey Manager (HKLM-x32\...\InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}) (Version: - )
MAGIX Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.5.1.83 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (HKLM\...\{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{422D3F30-7446-46C9-9FFE-F4F1645A3A41}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (HKLM\...\{36DD63B6-B6C0-4B56-AA23-22A652A77EC1}) (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{36DD63B6-B6C0-4B56-AA23-22A652A77EC1}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium Update (HKLM\...\{05EC0475-A301-4906-BDC0-F6AF1EBF9770}) (Version: 15.0.0.114 - MAGIX Software GmbH) Hidden
Medion GoPal Assistant 4.03.006 (HKLM-x32\...\Medion GoPal Assistant) (Version: 4.3.6.0 - Medion)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 62.0.3 (x64 de) (HKLM\...\Mozilla Firefox 62.0.3 (x64 de)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Opera Stable 55.0.2994.61 (HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0105 - Pegatron Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7378 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Rossmann Fotowelt Software 4.12.1 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.12.1 - ORWO Net)
Steuer 2013 (HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
Steuer 2016 (HKLM-x32\...\{284354A5-0D3A-4065-A997-C21762D0160E}) (Version: 24.00.1375 - Buhl Data Service GmbH)
Steuer 2017 (HKLM-x32\...\{595F1685-D937-4E8D-ACED-DB6F09C945C0}) (Version: 25.00.1359 - Buhl Data Service GmbH)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{A0DF7B74-C56E-4CA1-96B6-489B54213446}) (Version: 17.05.0 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.36.103 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2017 (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.31.75 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung Selbstständige 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.37.167 - Akademische Arbeitsgemeinschaft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{479E8CC7-CD68-4EB4-BB04-34A5C2C74102}) (Version: 2.46.0.0 - Microsoft Corporation)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4265166804-2826880171-2750840647-1001_Classes\CLSID\{A72BEBED-27F3-D0F3-6B71-48EA90F8D1ED}\InprocServer32 -> kein Dateipfad
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-01-05] (Cyberlink)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-08-14] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-01-05] (Cyberlink)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-08-14] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-08-14] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-04] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-04-04] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {088656C4-897E-4FBA-913A-1F0FFC76A586} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1E3E2CA9-8A8D-4333-BE21-678A5A553F8F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {20C5E84F-9617-4306-ADEE-226775463F4C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2C4317D9-78B2-477B-8C9A-E7815D6BEA24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-09] (Microsoft Corporation)
Task: {2EF534E7-FE64-4F8A-AE93-1F951E619F71} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35C98DC1-797B-4DBA-9A65-714014F7B047} - \YCMServiceAgent -> Keine Datei <==== ACHTUNG
Task: {3BC37E08-1684-425F-86AD-4770C4446BA1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3C2C4FDE-1A06-4514-BBA9-BA92AB048AC8} - System32\Tasks\Opera scheduled Autoupdate 1522956843 => C:\Users\MJ\AppData\Local\Programs\Opera\launcher.exe [2018-09-13] (Opera Software)
Task: {42A98323-72D9-4723-8785-C9E6C4E5E5E5} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-09-17] (CyberLink Corp.)
Task: {510B94D2-DCC2-4607-B971-D64D83667E11} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
Task: {5AAA6E7D-28E8-4301-9CC1-AA3EFE624ED1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {5D2CD4DE-E2D8-4F5D-BAA6-63F604DC53A0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6539F12F-D034-4EF8-AA13-A8FD4260820F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-09] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {69AF9A2D-D9C1-48AE-90BC-9498C633AA09} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-09] (Microsoft Corporation)
Task: {897535F3-AC93-485B-B0AF-AAAA28636161} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe
Task: {8CDE57EA-7958-4F43-A814-067D57C821F0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9F5FD6D2-DD64-430A-8B9F-4449B7B8C740} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A8CD0484-D4E3-417A-89FB-75B424814E08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MpCmdRun.exe [2018-10-09] (Microsoft Corporation)
Task: {B0E64671-CDCC-4E5D-A3A3-4817B4ABF329} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {BE11D935-7807-4508-95C4-E7C0C47DB9D9} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {C5817339-B091-4623-83AF-D054F0D73FB2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C7CBF4C3-2D6D-4188-9EC4-A485E18E507A} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {D1290BAD-1385-434F-B16D-BC26D05B721B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-09-11] (Microsoft Corporation)
Task: {E0BDE794-9FFB-4559-A318-0E8207F86EE3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {E8C4B280-FBCE-4E3A-9EA2-9A3F6ADE53D0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F08E34E9-D34C-47F2-8219-4AD31B153394} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
Task: {F372F652-F6A1-46D8-8E29-5DD5F4FAEFD6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FE6E7496-31F0-4738-8711-0452E308EBD8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi.com
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2014-12-09 15:12 - 2014-03-04 18:58 - 000136192 _____ () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
2016-01-22 11:35 - 2016-01-07 07:13 - 000162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2008-10-24 16:35 - 2008-10-24 16:35 - 000128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2010-01-27 10:27 - 2010-01-27 10:27 - 000665320 _____ () C:\Windows\System32\atwtusb.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-14 06:35 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-12-09 15:12 - 2014-07-11 19:15 - 002222592 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2014-12-09 15:12 - 2010-01-12 19:36 - 000117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2014-12-09 15:12 - 2010-01-12 19:36 - 000121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2017-04-04 17:36 - 2017-04-04 17:36 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2014-12-09 15:12 - 2010-12-17 16:04 - 000449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2018-09-13 15:35 - 2018-09-13 15:36 - 035124736 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-09-13 15:35 - 2018-09-13 15:36 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-09-13 15:35 - 2018-09-13 15:35 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-02-17 06:20 - 2018-02-17 06:21 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-13 15:35 - 2018-09-13 15:35 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2014-12-09 15:12 - 2014-04-03 20:41 - 003471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2014-12-09 15:12 - 2014-02-21 19:19 - 008857088 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2014-12-09 15:12 - 2014-07-08 16:39 - 003006464 _____ () C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe
2018-09-26 01:05 - 2018-09-26 01:06 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-26 01:05 - 2018-09-26 01:06 - 069128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-09-26 01:05 - 2018-09-26 01:07 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-02-27 12:08 - 2018-02-27 12:58 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-05 21:39 - 2018-05-05 21:45 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-08-30 18:59 - 2018-08-30 19:00 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-08-30 18:59 - 2018-08-30 19:02 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-21 22:00 - 2018-08-21 22:05 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-21 22:00 - 2018-08-21 22:05 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-03-30 10:38 - 2018-03-30 10:52 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-09-26 01:05 - 2018-09-26 01:07 - 014171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-08-30 18:59 - 2018-08-30 19:00 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-09-26 01:05 - 2018-09-26 01:05 - 002866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 18:59 - 2018-08-30 19:02 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 21:59 - 2018-07-26 22:01 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 19:04 - 2018-10-06 19:04 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 06:31 - 2018-07-31 06:31 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 19:04 - 2018-10-06 19:04 - 001689088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2014-12-09 15:12 - 2009-12-18 17:36 - 000973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2014-12-09 15:12 - 2013-09-18 01:23 - 000108032 _____ () C:\Program Files (x86)\PHotkey\PGFNEX.dll
2014-06-24 18:08 - 2014-06-24 18:08 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 15:46 - 2018-10-04 07:31 - 000000853 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run: => "MacroKeyManager"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "PowerDVD12Agent"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter"
HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\...\StartupApproved\Run: => "Power2GoExpress8"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{9BB35B09-60A7-4390-8B12-87B1FE382509}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [TCP Query User{F8820B53-C0DC-4C73-86FB-3F09A67F9145}C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe] => (Allow) C:\program files (x86)\avira\softwareupdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{26A334D1-2194-442D-874A-CC4B0BF0CA09}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{40E89B25-801A-4502-ADAD-34FF6B0F6DEA}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{7FEB3B27-9C5C-4558-A643-70785574AB3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{012D2451-B534-4F02-B8F3-78A6C1FC61E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{25B248B7-9B95-4A16-98ED-0B09061C8C30}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6EE01518-FF92-4608-BE49-8905840A6B58}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B1A591A-FB18-4DC1-BA37-9B3C4C7BF101}] => (Allow) LPort=1900
FirewallRules: [{629A7F21-F3CC-454C-B3E7-E4485C1CA15D}] => (Allow) LPort=2869
FirewallRules: [{BF5ADA2D-FE42-4196-95C2-F35798BBEE51}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{569AE2A1-D035-4A57-8652-E74E7F408A71}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{3153B440-1248-49D1-92C5-B47D986ECBAA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A958B13B-5349-49FD-B2CE-B138E64AF4B1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F22E0AAE-7B12-4179-B936-5971CF332FCF}] => (Allow) E:\DWizard300.exe
FirewallRules: [{4397DEDE-A916-45CF-B063-6347105779AB}] => (Allow) E:\DWizard300.exe
FirewallRules: [{710C3D2E-A688-406E-B538-0780FB280A64}] => (Allow) E:\libNEAP.dll
FirewallRules: [{E597E964-23B5-4CD7-ADF4-9A1CD9FA2ACB}] => (Allow) E:\libNEAP.dll
FirewallRules: [{911E6363-B108-44A8-9E0B-A43AF3218BED}] => (Allow) C:\Program Files\CyberLink\PowerDirector11\PDR10.EXE
FirewallRules: [TCP Query User{2D7B56EB-94E0-4C67-99DB-78352D4CEE3D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4C23B16B-C965-4AE1-906E-3177A82AF314}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8DE4979D-58A3-452D-85AA-B02CA0B158DA}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe
FirewallRules: [{3A88E98B-BB34-4577-9CB8-05568B47223B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{1F582F2B-B1CF-4D38-ADBB-A772F558CA1E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{A785A5D4-B777-4F54-B771-76A86020B381}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{D084ED11-4AA4-43C2-96E4-DA2039540F38}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{C3C022F6-2A5A-47DB-BD76-CE82053F66C3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{9807A3AF-030C-4479-8472-92B24F20569B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{87D9DB68-6032-4F56-8E2F-56FB2787389F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Wiederherstellungspunkte =========================
21-09-2018 00:10:22 Geplanter Prüfpunkt
30-09-2018 04:55:50 Geplanter Prüfpunkt
08-10-2018 08:00:23 Geplanter Prüfpunkt
09-10-2018 17:15:44 Removed Adobe Shockwave Player 12.2.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/09/2018 11:40:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:38:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:36:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:34:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:29:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:18:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:13:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (10/09/2018 11:09:49 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Systemfehler:
=============
Error: (10/10/2018 01:07:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
Windows.SecurityCenter.WscBrokerManager
und der APPID
Nicht verfügbar
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (10/10/2018 01:07:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
Windows.SecurityCenter.WscDataProtection
und der APPID
Nicht verfügbar
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (10/10/2018 01:02:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/10/2018 01:02:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/10/2018 01:02:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel® ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/10/2018 01:02:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/10/2018 01:02:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WTService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/10/2018 01:02:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PGFNEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
===================================
Date: 2018-10-09 18:36:41.709
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {A6488C5B-9312-4A93-AA01-B0F559236492}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
CodeIntegrity:
===================================
Date: 2018-08-08 10:46:06.552
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.16299.492_none_565e23a3c6a4b914\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:46:06.527
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.16299.492_none_565e23a3c6a4b914\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:46:06.487
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.16299.492_none_565e23a3c6a4b914\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:46:06.271
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.16299.492_none_565e23a3c6a4b914\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:43:42.036
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.16299.125_none_e4bdfa665037ae02\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:43:42.029
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.16299.125_none_e4bdfa665037ae02\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:43:42.017
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.16299.125_none_e4bdfa665037ae02\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-08-08 10:43:41.945
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows.old\WINDOWS\WinSxS\wow64_microsoft-windows-security-spp-clientext_31bf3856ad364e35_10.0.16299.125_none_e4bdfa665037ae02\sppcext.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 4014.89 MB
Verfügbarer physikalischer RAM: 1524.29 MB
Summe virtueller Speicher: 9902.89 MB
Verfügbarer virtueller Speicher: 7071.24 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:868.99 GB) (Free:638.46 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:9.74 GB) NTFS
\\?\Volume{e91d32f7-956c-4ae9-b28d-7e649bb74aa2}\ () (Fixed) (Total:0.49 GB) (Free:0.23 GB) NTFS
\\?\Volume{ba0b41e7-8147-4b1b-bc57-37554203120c}\ () (Fixed) (Total:0.82 GB) (Free:0.35 GB) NTFS
\\?\Volume{97ef7f84-a398-4e66-990e-a5b1aa32931a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
durchgeführt von MJ (Administrator) auf MJ-MOBIL (10-10-2018 13:26:31)
Gestartet von C:\Users\MJ\Downloads neu
Geladene Profile: MJ (Verfügbare Profile: MJ)
Platform: Windows 10 Home Version 1803 17134.285 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\MsMpEng.exe
() C:\Windows\System32\atwtusb.exe
() C:\Windows\System32\atwtusb.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Windows\System32\igfxTray.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2014-10-23] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [MacroKeyManager] => C:\WINDOWS\system32\WTMKM.exe [6105832 2010-01-15] ()
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3352808 2015-11-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110344 2014-09-17] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492808 2014-09-17] (CyberLink Corp.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7b58e266-a246-4550-b878-2d1af9bd4fa7}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{92ff9eac-f618-49f7-9bb3-5d508e75d390}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-4265166804-2826880171-2750840647-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4265166804-2826880171-2750840647-1001 -> {D37DE6C1-3465-4FAC-B689-230C33449C51} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C014DE1140D20150430&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-22] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-22] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: qa910faa.default
FF ProfilePath: C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default [2018-10-10]
FF NetworkProxy: Mozilla\Firefox\Profiles\qa910faa.default -> type", 0
FF NewTabOverride: Mozilla\Firefox\Profiles\qa910faa.default -> Disabled: safesearchplus2@avira.com
FF Extension: (ProxTube) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\ich@maltegoetz.de.xpi [2018-09-13]
FF Extension: (Facebook Secret Emoticons) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\jid0-XZn6pYCdV3ANrfYigxlyyGDrxAM@jetpack.xpi [2016-10-18] [Legacy]
FF Extension: (Mailvelope) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\jid1-AQqSMBYb0a8ADg@jetpack.xpi [2018-05-16]
FF Extension: (Privacy Badger) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2018-10-05]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi [2017-07-16]
FF Extension: (NoScript) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-10-07]
FF Extension: (Video DownloadHelper) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-02]
FF Extension: (Adblock Plus) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-31]
FF Extension: (Telemetry coverage) - C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\features\{cb141178-20ad-48d5-b202-84bca7d9c818}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-09] [Legacy]
FF SearchPlugin: C:\Users\MJ\AppData\Roaming\Mozilla\Firefox\Profiles\qa910faa.default\searchplugins\McSiteAdvisor.xml [2016-03-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [Keine Datei]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [Keine Datei]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin HKU\S-1-5-21-4265166804-2826880171-2750840647-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-07] (Microsoft Corporation)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2018-08-14] (CHENGDU YIWO Tech Development Co., Ltd)
S3 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-11-06] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [183480 2017-08-10] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-04-04] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-06-24] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation)
R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [136192 2014-03-04] () [Datei ist nicht signiert]
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-10-09] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-10-09] (Microsoft Corporation)
R2 WTService; C:\Windows\System32\atwtusb.exe [665320 2010-01-27] () [Datei ist nicht signiert]
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [30808 2015-11-06] (ELAN Microelectronic Corp.)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53360 2018-05-15] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [232976 2017-08-10] (Intel Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
S3 MHIKEY10; C:\WINDOWS\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 moufiltr; C:\WINDOWS\System32\drivers\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2018-04-12] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys [23552 2013-08-22] (Windows (R) Win 7 DDK provider)
S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2018-05-17] (The OpenVPN Project)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
R3 vhidmini; C:\WINDOWS\System32\drivers\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-10-09] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [352424 2018-10-09] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-10-09] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-10-10 11:59 - 2018-10-10 12:01 - 000000000 ____D C:\AdwCleaner
2018-10-10 11:48 - 2018-10-10 11:54 - 000164498 _____ C:\TDSSKiller.3.1.0.17_10.10.2018_11.48.25_log.txt
2018-10-09 16:53 - 2018-10-09 16:53 - 000001083 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-10-09 16:53 - 2018-10-09 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-10-09 16:53 - 2018-10-09 16:53 - 000000000 ____D C:\Program Files\VS Revo Group
2018-10-08 23:00 - 2018-10-10 13:26 - 000000000 ____D C:\FRST
2018-10-02 16:09 - 2018-10-02 16:10 - 000000000 ____D C:\Users\MJ\Desktop\Klaus NTFS Data
2018-10-02 10:23 - 2018-10-02 10:23 - 000001078 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard.lnk
2018-10-02 10:23 - 2018-10-02 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2018-09-21 11:39 - 2018-09-21 11:40 - 008771896 _____ C:\Users\MJ\Downloads\1707400 Kunduz Bundestag aufklärung bericht.pdf
2018-09-21 11:33 - 2018-09-21 11:33 - 000296494 _____ C:\Users\MJ\Downloads\Dokument 052 Kunduz.pdf
2018-09-14 06:36 - 2018-08-31 09:46 - 000542504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-14 06:36 - 2018-08-31 09:45 - 000348328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-14 06:36 - 2018-08-31 09:43 - 001524152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-14 06:36 - 2018-08-31 09:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-14 06:36 - 2018-08-31 09:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-14 06:36 - 2018-08-31 09:23 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-14 06:36 - 2018-08-31 09:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-14 06:36 - 2018-08-31 09:22 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-14 06:36 - 2018-08-31 08:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-09-14 06:36 - 2018-08-31 08:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-09-14 06:36 - 2018-08-31 05:50 - 000273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-09-14 06:36 - 2018-08-31 05:50 - 000270648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-09-14 06:36 - 2018-08-31 05:44 - 001222440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-09-14 06:36 - 2018-08-31 05:44 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-09-14 06:36 - 2018-08-31 05:44 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-09-14 06:36 - 2018-08-31 05:44 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-09-14 06:36 - 2018-08-31 05:44 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-09-14 06:36 - 2018-08-31 05:44 - 000076256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-09-14 06:36 - 2018-08-31 05:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 009090016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-14 06:36 - 2018-08-31 05:42 - 007520064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 007436192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 002824672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-14 06:36 - 2018-08-31 05:42 - 002461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 001767064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 001458552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-14 06:36 - 2018-08-31 05:42 - 001258352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-14 06:36 - 2018-08-31 05:42 - 001142000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-14 06:36 - 2018-08-31 05:42 - 000983080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-14 06:36 - 2018-08-31 05:42 - 000885928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 000604640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-09-14 06:36 - 2018-08-31 05:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-14 06:36 - 2018-08-31 05:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-14 06:36 - 2018-08-31 05:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-09-14 06:36 - 2018-08-31 05:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-09-14 06:36 - 2018-08-31 05:28 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-09-14 06:36 - 2018-08-31 05:18 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-14 06:36 - 2018-08-31 05:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-14 06:36 - 2018-08-31 05:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-14 06:36 - 2018-08-31 05:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-14 06:36 - 2018-08-31 05:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-14 06:36 - 2018-08-31 05:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-14 06:36 - 2018-08-31 05:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-14 06:36 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-14 06:36 - 2018-08-31 05:11 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-14 06:36 - 2018-08-31 05:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-14 06:36 - 2018-08-31 05:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-14 06:36 - 2018-08-31 05:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-14 06:36 - 2018-08-31 05:11 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-14 06:36 - 2018-08-31 05:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-14 06:36 - 2018-08-31 05:10 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-14 06:36 - 2018-08-31 05:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-14 06:36 - 2018-08-31 05:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-14 06:36 - 2018-08-31 03:57 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2018-09-14 06:36 - 2018-08-09 11:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-14 06:36 - 2018-08-09 11:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-14 06:36 - 2018-08-09 11:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-14 06:36 - 2018-08-09 11:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-14 06:36 - 2018-08-09 11:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-14 06:36 - 2018-08-09 11:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-14 06:36 - 2018-08-09 11:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-14 06:36 - 2018-08-09 11:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-14 06:36 - 2018-08-09 11:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-14 06:36 - 2018-08-09 11:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-14 06:36 - 2018-08-09 11:12 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-14 06:36 - 2018-08-09 11:11 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-14 06:36 - 2018-08-09 11:11 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-14 06:36 - 2018-08-09 11:11 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-14 06:36 - 2018-08-09 11:11 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-14 06:36 - 2018-08-09 11:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-14 06:36 - 2018-08-09 11:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-14 06:36 - 2018-08-09 11:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-14 06:36 - 2018-08-09 10:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-09-14 06:36 - 2018-08-09 07:02 - 001035144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-14 06:36 - 2018-08-09 07:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-14 06:36 - 2018-08-09 06:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-14 06:36 - 2018-08-09 06:54 - 001019016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-14 06:36 - 2018-08-09 06:54 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-14 06:36 - 2018-08-09 06:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-14 06:36 - 2018-08-09 06:54 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-14 06:36 - 2018-08-09 06:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-14 06:36 - 2018-08-09 06:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-14 06:36 - 2018-08-09 06:53 - 000932136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-14 06:36 - 2018-08-09 06:53 - 000482480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-09-14 06:36 - 2018-08-09 06:53 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-09-14 06:36 - 2018-08-09 06:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-14 06:36 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-14 06:36 - 2018-08-09 06:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-09-14 06:36 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-14 06:36 - 2018-08-09 06:28 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-14 06:36 - 2018-08-09 06:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-14 06:36 - 2018-08-09 06:27 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-14 06:36 - 2018-08-09 06:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-14 06:36 - 2018-08-09 06:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-14 06:36 - 2018-08-09 06:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-14 06:36 - 2018-08-09 06:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-14 06:36 - 2018-08-09 06:26 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-14 06:36 - 2018-08-09 06:26 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-14 06:36 - 2018-08-09 06:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-14 06:36 - 2018-08-09 06:24 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-14 06:36 - 2018-08-09 06:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-14 06:36 - 2018-08-09 06:23 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-14 06:36 - 2018-08-09 06:23 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-14 06:36 - 2018-08-09 06:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-14 06:36 - 2018-08-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-14 06:36 - 2018-08-09 06:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-14 06:36 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-14 06:36 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-14 06:36 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-14 06:36 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-14 06:36 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-14 06:36 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-14 06:36 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-14 06:36 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-14 06:35 - 2018-08-31 09:42 - 001636232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-14 06:35 - 2018-08-31 09:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-14 06:35 - 2018-08-31 09:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-14 06:35 - 2018-08-31 09:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-14 06:35 - 2018-08-31 09:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-14 06:35 - 2018-08-31 09:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-14 06:35 - 2018-08-31 09:24 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-14 06:35 - 2018-08-31 09:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-14 06:35 - 2018-08-31 08:55 - 001455960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-09-14 06:35 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-14 06:35 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-14 06:35 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-14 06:35 - 2018-08-31 08:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-14 06:35 - 2018-08-31 08:37 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-09-14 06:35 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-14 06:35 - 2018-08-31 05:43 - 002719216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-14 06:35 - 2018-08-31 05:42 - 001097720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-09-14 06:35 - 2018-08-31 05:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-14 06:35 - 2018-08-31 05:42 - 000494472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-09-14 06:35 - 2018-08-31 05:28 - 006570040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-09-14 06:35 - 2018-08-31 05:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-09-14 06:35 - 2018-08-31 05:28 - 001129728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-09-14 06:35 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-14 06:35 - 2018-08-31 05:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-14 06:35 - 2018-08-31 05:26 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-14 06:35 - 2018-08-31 05:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-09-14 06:35 - 2018-08-31 05:20 - 022715904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-14 06:35 - 2018-08-31 05:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-09-14 06:35 - 2018-08-31 05:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-09-14 06:35 - 2018-08-31 05:16 - 004382720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-14 06:35 - 2018-08-31 05:15 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-14 06:35 - 2018-08-31 05:15 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-14 06:35 - 2018-08-31 05:15 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-14 06:35 - 2018-08-31 05:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-14 06:35 - 2018-08-31 05:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-14 06:35 - 2018-08-31 05:14 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-14 06:35 - 2018-08-31 05:14 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-14 06:35 - 2018-08-31 05:14 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-09-14 06:35 - 2018-08-31 05:13 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-14 06:35 - 2018-08-31 05:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-14 06:35 - 2018-08-31 05:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-14 06:35 - 2018-08-31 05:11 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-09-14 06:35 - 2018-08-31 05:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-14 06:35 - 2018-08-31 05:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-14 06:35 - 2018-08-31 05:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-09-14 06:35 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-14 06:35 - 2018-08-31 05:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-09-14 06:35 - 2018-08-31 05:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-14 06:35 - 2018-08-31 05:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-14 06:35 - 2018-08-31 05:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-14 06:35 - 2018-08-28 09:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-14 06:35 - 2018-08-28 08:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-09-14 06:35 - 2018-08-28 08:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-14 06:35 - 2018-08-28 08:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-14 06:35 - 2018-08-28 08:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-14 06:35 - 2018-08-28 07:51 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-09-14 06:35 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-14 06:35 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-14 06:35 - 2018-08-09 11:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-14 06:35 - 2018-08-09 11:16 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-14 06:35 - 2018-08-09 11:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-14 06:35 - 2018-08-09 11:13 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-14 06:35 - 2018-08-09 11:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-14 06:35 - 2018-08-09 11:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-14 06:35 - 2018-08-09 11:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-14 06:35 - 2018-08-09 11:10 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-14 06:35 - 2018-08-09 11:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-14 06:35 - 2018-08-09 11:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-14 06:35 - 2018-08-09 11:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-14 06:35 - 2018-08-09 10:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-14 06:35 - 2018-08-09 10:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-14 06:35 - 2018-08-09 10:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-14 06:35 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-14 06:35 - 2018-08-09 10:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-09-14 06:35 - 2018-08-09 10:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-09-14 06:35 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-14 06:35 - 2018-08-09 10:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-09-14 06:35 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-14 06:35 - 2018-08-09 10:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-09-14 06:35 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-14 06:35 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-14 06:35 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-14 06:35 - 2018-08-09 10:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-09-14 06:35 - 2018-08-09 10:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-14 06:35 - 2018-08-09 10:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-09-14 06:35 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-14 06:35 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-14 06:35 - 2018-08-09 10:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-09-14 06:35 - 2018-08-09 06:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-14 06:35 - 2018-08-09 06:53 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-14 06:35 - 2018-08-09 06:53 - 000714792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-09-14 06:35 - 2018-08-09 06:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-09-14 06:35 - 2018-08-09 06:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-09-14 06:35 - 2018-08-09 06:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-14 06:35 - 2018-08-09 06:29 - 000581696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-09-14 06:35 - 2018-08-09 06:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-14 06:35 - 2018-08-09 06:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-14 06:35 - 2018-08-09 06:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-14 06:35 - 2018-08-09 06:24 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-14 06:35 - 2018-08-09 06:22 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-14 06:35 - 2018-08-09 06:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-14 06:35 - 2018-08-09 06:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-14 06:35 - 2018-08-09 06:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-14 06:35 - 2018-08-09 06:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-09-14 06:35 - 2018-08-09 06:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-09-14 06:35 - 2018-08-09 06:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-09-14 06:35 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-14 06:35 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-14 06:35 - 2018-08-09 06:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-09-14 06:35 - 2018-08-09 06:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-09-14 06:35 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-14 06:35 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-10 21:54 - 2010-02-21 22:37 - 000280240 _____ C:\Users\MJ\Documents\Handbuch_Hausfrau_1955.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-10-10 13:26 - 2016-08-04 09:36 - 000000000 ____D C:\Users\MJ\Downloads neu
2018-10-10 13:12 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-10 13:04 - 2016-11-22 01:45 - 000000000 ____D C:\Users\MJ\AppData\LocalLow\Mozilla
2018-10-10 13:03 - 2018-07-24 11:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-10 13:03 - 2015-12-01 17:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-10 13:03 - 2015-04-30 13:10 - 000000000 __SHD C:\Users\MJ\IntelGraphicsProfiles
2018-10-10 13:03 - 2013-08-22 15:25 - 000000335 _____ C:\WINDOWS\win.ini
2018-10-10 13:02 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-10 12:03 - 2018-07-24 10:56 - 000698552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-10 12:02 - 2014-10-06 15:40 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-10-10 10:00 - 2015-04-30 13:12 - 000000000 ____D C:\Users\MJ\Documents\YouCam
2018-10-09 23:37 - 2018-01-02 14:20 - 000000000 ____D C:\Program Files (x86)\Steuer 2017
2018-10-09 23:37 - 2015-05-03 17:05 - 000000000 ____D C:\Program Files (x86)\Steuer 2014
2018-10-09 23:37 - 2015-05-02 09:56 - 000000000 ____D C:\Program Files (x86)\Canon
2018-10-09 23:37 - 2015-04-30 21:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-09 23:37 - 2014-12-09 14:51 - 000000000 ____D C:\Program Files (x86)\Intel
2018-10-09 23:32 - 2014-04-25 10:12 - 000000000 ____D C:\ProgramData\McAfee
2018-10-09 23:27 - 2015-02-02 16:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-09 23:16 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-09 23:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-10-09 23:12 - 2015-05-01 12:45 - 000000000 ____D C:\Program Files (x86)\Avira
2018-10-09 23:04 - 2018-07-24 10:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-09 22:19 - 2018-07-24 11:19 - 000004622 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-09 18:36 - 2018-07-24 11:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-10-09 18:36 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-09 18:26 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-10-09 18:26 - 2014-04-24 18:11 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-10-09 18:19 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-09 17:38 - 2015-12-01 18:11 - 000000000 ___RD C:\Users\MJ\OneDrive
2018-10-09 17:33 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-09 17:33 - 2015-04-30 13:10 - 000000000 ____D C:\Users\MJ\AppData\Local\Packages
2018-10-09 17:31 - 2014-12-09 14:54 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-09 16:21 - 2018-07-12 18:18 - 000000000 ____D C:\ProgramData\Packages
2018-10-08 22:46 - 2016-03-27 19:18 - 000000000 ____D C:\Users\MJ\AppData\Roaming\vlc
2018-10-08 20:01 - 2018-07-24 11:00 - 000000000 ____D C:\Users\MJ
2018-10-06 18:08 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-04 06:20 - 2017-06-14 19:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-04 06:20 - 2015-04-30 21:58 - 000001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-02 09:29 - 2015-05-03 13:38 - 000002328 _____ C:\WINDOWS\Sandboxie.ini
2018-09-26 13:53 - 2016-12-07 21:48 - 000000000 ____D C:\Users\MJ\dwhelper
2018-09-26 13:13 - 2016-11-06 18:17 - 000001147 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-09-20 22:10 - 2016-09-30 20:25 - 000000000 ____D C:\Users\MJ\Documents\Politik
2018-09-20 17:51 - 2017-04-25 07:15 - 000000000 ____D C:\Users\MJ\Desktop\PC Fusion5
2018-09-20 17:49 - 2016-12-13 13:29 - 000000000 ___RD C:\Users\MJ\Desktop\Sammel
2018-09-17 12:28 - 2018-07-31 19:58 - 000001369 _____ C:\Users\MJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2018-09-17 12:28 - 2018-07-24 11:19 - 000004162 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1522956843
2018-09-15 12:01 - 2016-01-22 12:03 - 000002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-09-15 10:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-15 10:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-15 10:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-15 10:27 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-15 10:22 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-14 07:00 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-12 08:23 - 2018-08-12 21:39 - 000000000 ____D C:\Users\MJ\AppData\Local\D3DSCache
2018-09-11 21:16 - 2015-04-30 13:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-11 20:56 - 2014-04-24 18:12 - 139184408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-11 20:51 - 2016-09-30 20:21 - 000000000 ____D C:\Users\MJ\Documents\Medizin
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-07-24 10:56
==================== Ende von FRST.txt ============================
|
|
10.10.2018, 12:55
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Systemhänger, Probleme beim Hoch- & Runterfahren Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Systemhänger, Probleme beim Hoch- & Runterfahren |
| adobe, adobe flash player, antivirus, auswerten, avg, avira, bho, defender, ebay, flash player, hijack, internet, internet explorer, logfile, logfile auswertung, mozilla, opera, realtek, scan, security, siteadvisor, software, system, tcp, windows |
