Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Reiman echt lästig (https://www.trojaner-board.de/183865-reiman-echt-laestig.html)

Lausbua 09.01.2017 15:45
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.01.09.06
  rootkit: v2016.11.20.01

Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
USER :: LAPTOP-ETAMG2VU [administrator]

09.01.2017 14:50:32
mbar-log-2017-01-09 (14-50-32).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 351115
Time elapsed: 40 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
15:34:25.0203 0x1584  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
15:34:25.0203 0x1584  UEFI system
15:34:29.0655 0x1584  ============================================================
15:34:29.0655 0x1584  Current date / time: 2017/01/09 15:34:29.0655
15:34:29.0686 0x1584  SystemInfo:
15:34:29.0686 0x1584 
15:34:29.0686 0x1584  OS Version: 10.0.14393 ServicePack: 0.0
15:34:29.0686 0x1584  Product type: Workstation
15:34:29.0686 0x1584  ComputerName: LAPTOP-ETAMG2VU
15:34:29.0686 0x1584  UserName: USER
15:34:29.0686 0x1584  Windows directory: C:\WINDOWS
15:34:29.0686 0x1584  System windows directory: C:\WINDOWS
15:34:29.0686 0x1584  Running under WOW64
15:34:29.0686 0x1584  Processor architecture: Intel x64
15:34:29.0686 0x1584  Number of processors: 4
15:34:29.0686 0x1584  Page size: 0x1000
15:34:29.0686 0x1584  Boot type: Normal boot
15:34:29.0686 0x1584  CodeIntegrityOptions = 0x00000001
15:34:29.0686 0x1584  ============================================================
15:34:29.0686 0x1584  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.576, osProperties = 0x19
15:34:30.0577 0x1584  System UUID: {3B2B551D-11F0-96B8-3C46-275D0AA3DB88}
15:34:31.0373 0x1584  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:34:31.0373 0x1584  ============================================================
15:34:31.0373 0x1584  \Device\Harddisk0\DR0:
15:34:31.0373 0x1584  GPT partitions:
15:34:31.0373 0x1584  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {299938C8-AF7C-453C-899D-257A9F588E4A}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
15:34:31.0373 0x1584  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9B2D8262-036C-48B4-9FC7-476F994DB500}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
15:34:31.0373 0x1584  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E9E35229-9F6A-483A-8913-7E79D5A1C9D5}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x72E9C800
15:34:31.0373 0x1584  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2C6F2FAC-74AE-444A-8872-2A6FF398B5C7}, Name: Basic data partition, StartLBA 0x72F27000, BlocksNum 0xE6000
15:34:31.0373 0x1584  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4F92F35D-3E2E-4840-8186-E0C27ACEEC11}, Name: Basic data partition, StartLBA 0x7300D000, BlocksNum 0x16F9800
15:34:31.0373 0x1584  MBR partitions:
15:34:31.0373 0x1584  ============================================================
15:34:31.0389 0x1584  C: <-> \Device\Harddisk0\DR0\Partition3
15:34:31.0389 0x1584  ============================================================
15:34:31.0389 0x1584  Initialize success
15:34:31.0389 0x1584  ============================================================
15:34:39.0145 0x15b8  ============================================================
15:34:39.0145 0x15b8  Scan started
15:34:39.0145 0x15b8  Mode: Manual; SigCheck; TDLFS;
15:34:39.0145 0x15b8  ============================================================
15:34:39.0145 0x15b8  KSN ping started
15:34:46.0265 0x15b8  KSN ping finished: true
15:34:47.0687 0x15b8  ================ Scan system memory ========================
15:34:47.0687 0x15b8  System memory - ok
15:34:47.0687 0x15b8  ================ Scan services =============================
15:34:47.0844 0x15b8  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
15:34:47.0922 0x15b8  1394ohci - ok
15:34:47.0937 0x15b8  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
15:34:47.0953 0x15b8  3ware - ok
15:34:48.0015 0x15b8  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
15:34:48.0062 0x15b8  ACPI - ok
15:34:48.0062 0x15b8  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev        C:\WINDOWS\System32\drivers\AcpiDev.sys
15:34:48.0078 0x15b8  AcpiDev - ok
15:34:48.0109 0x15b8  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
15:34:48.0125 0x15b8  acpiex - ok
15:34:48.0140 0x15b8  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
15:34:48.0156 0x15b8  acpipagr - ok
15:34:48.0172 0x15b8  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
15:34:48.0187 0x15b8  AcpiPmi - ok
15:34:48.0187 0x15b8  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
15:34:48.0203 0x15b8  acpitime - ok
15:34:48.0312 0x15b8  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:34:48.0343 0x15b8  AdobeARMservice - ok
15:34:48.0412 0x15b8  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX        C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:34:48.0459 0x15b8  ADP80XX - ok
15:34:48.0506 0x15b8  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD            C:\WINDOWS\system32\drivers\afd.sys
15:34:48.0537 0x15b8  AFD - ok
15:34:48.0662 0x15b8  [ 840E0468368EB5FD87371EF508D72ACF, 7E05854D29C24E9BBB27B038620C345E063FF3B8F1AE0FDA054BEDF842FB29A9 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
15:34:48.0725 0x15b8  AGSService - ok
15:34:48.0756 0x15b8  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache        C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:34:48.0803 0x15b8  ahcache - ok
15:34:48.0834 0x15b8  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
15:34:48.0881 0x15b8  AJRouter - ok
15:34:48.0928 0x15b8  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG            C:\WINDOWS\System32\alg.exe
15:34:49.0084 0x15b8  ALG - ok
15:34:49.0115 0x15b8  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
15:34:49.0147 0x15b8  AmdK8 - ok
15:34:49.0162 0x15b8  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
15:34:49.0178 0x15b8  AmdPPM - ok
15:34:49.0225 0x15b8  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
15:34:49.0256 0x15b8  amdsata - ok
15:34:49.0287 0x15b8  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
15:34:49.0303 0x15b8  amdsbs - ok
15:34:49.0319 0x15b8  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
15:34:49.0334 0x15b8  amdxata - ok
15:34:49.0381 0x15b8  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID          C:\WINDOWS\system32\drivers\appid.sys
15:34:49.0397 0x15b8  AppID - ok
15:34:49.0412 0x15b8  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
15:34:49.0475 0x15b8  AppIDSvc - ok
15:34:49.0506 0x15b8  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo        C:\WINDOWS\System32\appinfo.dll
15:34:49.0522 0x15b8  Appinfo - ok
15:34:49.0546 0x15b8  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr  C:\WINDOWS\system32\drivers\applockerfltr.sys
15:34:49.0561 0x15b8  applockerfltr - ok
15:34:49.0608 0x15b8  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
15:34:49.0655 0x15b8  AppReadiness - ok
15:34:49.0796 0x15b8  [ 2C1CEC25F6D92871F38960E2E84CC3EE, 979DB74192644A71F3031EB29480ECEFE014B916636D85AACD64292CB58494A5 ] AppXSvc        C:\WINDOWS\system32\appxdeploymentserver.dll
15:34:49.0921 0x15b8  AppXSvc - ok
15:34:49.0952 0x15b8  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
15:34:49.0967 0x15b8  arcsas - ok
15:34:49.0983 0x15b8  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
15:34:49.0999 0x15b8  AsyncMac - ok
15:34:50.0031 0x15b8  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
15:34:50.0062 0x15b8  atapi - ok
15:34:50.0093 0x15b8  [ 59F44051BCD479E70446506B7E4E78BB, CB58E55196EC702DC85916F963A3C16D429C141391F9AA7F415BD63E7328C4C6 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:34:50.0140 0x15b8  AudioEndpointBuilder - ok
15:34:50.0187 0x15b8  [ 1C986DC8F4FDA1B040AC1176FB24467F, DEDA2FF4D0369348C2A74D29FB08AC86219BBCFDF44C59339BC39A25AE0727EB ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
15:34:50.0269 0x15b8  Audiosrv - ok
15:34:50.0316 0x15b8  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
15:34:50.0363 0x15b8  AxInstSV - ok
15:34:50.0410 0x15b8  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
15:34:50.0461 0x15b8  b06bdrv - ok
15:34:50.0477 0x15b8  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:34:50.0493 0x15b8  BasicDisplay - ok
15:34:50.0508 0x15b8  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
15:34:50.0539 0x15b8  BasicRender - ok
15:34:50.0571 0x15b8  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn          C:\WINDOWS\System32\drivers\bcmfn.sys
15:34:50.0618 0x15b8  bcmfn - ok
15:34:50.0633 0x15b8  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
15:34:50.0649 0x15b8  bcmfn2 - ok
15:34:50.0697 0x15b8  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
15:34:50.0744 0x15b8  BDESVC - ok
15:34:50.0781 0x15b8  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:34:50.0807 0x15b8  Beep - ok
15:34:50.0854 0x15b8  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE            C:\WINDOWS\System32\bfe.dll
15:34:50.0916 0x15b8  BFE - ok
15:34:50.0985 0x15b8  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
15:34:51.0063 0x15b8  BITS - ok
15:34:51.0095 0x15b8  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
15:34:51.0126 0x15b8  bowser - ok
15:34:51.0173 0x15b8  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:34:51.0251 0x15b8  BrokerInfrastructure - ok
15:34:51.0282 0x15b8  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser        C:\WINDOWS\System32\browser.dll
15:34:51.0329 0x15b8  Browser - ok
15:34:51.0360 0x15b8  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:34:51.0379 0x15b8  BthAvrcpTg - ok
15:34:51.0420 0x15b8  [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum        C:\WINDOWS\System32\drivers\BthEnum.sys
15:34:51.0482 0x15b8  BthEnum - ok
15:34:51.0592 0x15b8  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
15:34:51.0639 0x15b8  BthHFEnum - ok
15:34:51.0654 0x15b8  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
15:34:51.0670 0x15b8  bthhfhid - ok
15:34:51.0701 0x15b8  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
15:34:51.0732 0x15b8  BthHFSrv - ok
15:34:51.0779 0x15b8  [ 0AB691736D4D4029444AF62DE59CFD37, C1C22EFBF67331B87AB261BBF9813009257437BA02F728EC2DFA1A49ECC5FABF ] BthLEEnum      C:\WINDOWS\System32\drivers\BthLEEnum.sys
15:34:51.0826 0x15b8  BthLEEnum - ok
15:34:51.0842 0x15b8  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
15:34:51.0874 0x15b8  BTHMODEM - ok
15:34:51.0890 0x15b8  [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
15:34:51.0921 0x15b8  BthPan - ok
15:34:51.0969 0x15b8  [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT        C:\WINDOWS\System32\drivers\BTHport.sys
15:34:52.0031 0x15b8  BTHPORT - ok
15:34:52.0064 0x15b8  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv        C:\WINDOWS\system32\bthserv.dll
15:34:52.0096 0x15b8  bthserv - ok
15:34:52.0143 0x15b8  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
15:34:52.0158 0x15b8  BTHUSB - ok
15:34:52.0190 0x15b8  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
15:34:52.0236 0x15b8  buttonconverter - ok
15:34:52.0268 0x15b8  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
15:34:52.0299 0x15b8  CapImg - ok
15:34:52.0330 0x15b8  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:34:52.0361 0x15b8  cdfs - ok
15:34:52.0424 0x15b8  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
15:34:52.0486 0x15b8  CDPSvc - ok
15:34:52.0518 0x15b8  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
15:34:52.0564 0x15b8  CDPUserSvc - ok
15:34:52.0643 0x15b8  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
15:34:52.0689 0x15b8  cdrom - ok
15:34:52.0721 0x15b8  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
15:34:52.0736 0x15b8  CertPropSvc - ok
15:34:52.0759 0x15b8  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi      C:\WINDOWS\system32\drivers\cht4sx64.sys
15:34:52.0790 0x15b8  cht4iscsi - ok
15:34:52.0852 0x15b8  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd        C:\WINDOWS\System32\drivers\cht4vx64.sys
15:34:52.0930 0x15b8  cht4vbd - ok
15:34:52.0977 0x15b8  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
15:34:53.0024 0x15b8  circlass - ok
15:34:53.0071 0x15b8  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
15:34:53.0102 0x15b8  CLFS - ok
15:34:53.0149 0x15b8  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC        C:\WINDOWS\System32\ClipSVC.dll
15:34:53.0196 0x15b8  ClipSVC - ok
15:34:53.0227 0x15b8  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg          C:\WINDOWS\System32\drivers\registry.sys
15:34:53.0258 0x15b8  clreg - ok
15:34:53.0290 0x15b8  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
15:34:53.0321 0x15b8  CmBatt - ok
15:34:53.0368 0x15b8  [ B0D9B87B795B7833C9152441CBD55CC4, D86C0FE8BF03D6F3330E16728FE6645AE910F95D23A9EFBDF3A50F45AB5D525B ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
15:34:53.0399 0x15b8  CNG - ok
15:34:53.0415 0x15b8  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist    C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
15:34:53.0430 0x15b8  cnghwassist - ok
15:34:53.0508 0x15b8  [ 93C1A714D1D7A4486438A908C8B378E8, 86C43EDE89DCE0EB3246C5E86018D228ABEF0630B804C239E7718A410B926D68 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
15:34:53.0586 0x15b8  CnxtHdAudService - ok
15:34:53.0650 0x15b8  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
15:34:53.0681 0x15b8  CompositeBus - ok
15:34:53.0681 0x15b8  COMSysApp - ok
15:34:53.0712 0x15b8  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
15:34:53.0728 0x15b8  condrv - ok
15:34:53.0790 0x15b8  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
15:34:53.0837 0x15b8  CoreMessagingRegistrar - ok
15:34:53.0915 0x15b8  [ 1B24013E59DE781FD16FACE4C161C46B, 9ED20A35BF45065D67F20D30398D9846BBE4BB067B60B94D92334A600D6D6610 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
15:34:53.0947 0x15b8  cphs - ok
15:34:53.0978 0x15b8  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
15:34:53.0994 0x15b8  CryptSvc - ok
15:34:54.0025 0x15b8  [ 5FCABDE89AC62A8818C803646FCEE23E, 070B110A0D4C93086472A3E582AA0B4E0EFAB05651EE30BD06E75D113D446BAA ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
15:34:54.0040 0x15b8  CxAudMsg - ok
15:34:54.0056 0x15b8  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam            C:\WINDOWS\system32\drivers\dam.sys
15:34:54.0072 0x15b8  dam - ok
15:34:54.0119 0x15b8  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:34:54.0197 0x15b8  DcomLaunch - ok
15:34:54.0212 0x15b8  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
15:34:54.0244 0x15b8  DcpSvc - ok
15:34:54.0290 0x15b8  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
15:34:54.0431 0x15b8  defragsvc - ok
15:34:54.0465 0x15b8  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:34:54.0558 0x15b8  DeviceAssociationService - ok
15:34:54.0590 0x15b8  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
15:34:54.0622 0x15b8  DeviceInstall - ok
15:34:54.0657 0x15b8  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
15:34:54.0687 0x15b8  DevQueryBroker - ok
15:34:54.0734 0x15b8  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
15:34:54.0765 0x15b8  Dfsc - ok
15:34:54.0797 0x15b8  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
15:34:54.0797 0x15b8  dg_ssudbus - ok
15:34:54.0844 0x15b8  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
15:34:54.0890 0x15b8  Dhcp - ok
15:34:54.0953 0x15b8  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
15:34:55.0031 0x15b8  diagnosticshub.standardcollector.service - ok
15:34:55.0140 0x15b8  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack      C:\WINDOWS\system32\diagtrack.dll
15:34:55.0265 0x15b8  DiagTrack - ok
15:34:55.0312 0x15b8  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
15:34:55.0328 0x15b8  disk - ok
15:34:55.0406 0x15b8  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
15:34:55.0469 0x15b8  DmEnrollmentSvc - ok
15:34:55.0484 0x15b8  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
15:34:55.0531 0x15b8  dmvsc - ok
15:34:55.0562 0x15b8  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
15:34:55.0594 0x15b8  dmwappushservice - ok
15:34:55.0609 0x15b8  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:34:55.0656 0x15b8  Dnscache - ok
15:34:55.0687 0x15b8  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
15:34:55.0734 0x15b8  dot3svc - ok
15:34:55.0750 0x15b8  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS            C:\WINDOWS\system32\dps.dll
15:34:55.0797 0x15b8  DPS - ok
15:34:55.0812 0x15b8  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud        C:\WINDOWS\system32\DRIVERS\drmkaud.sys
15:34:55.0828 0x15b8  drmkaud - ok
15:34:55.0859 0x15b8  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
15:34:55.0906 0x15b8  DsmSvc - ok
15:34:55.0922 0x15b8  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc          C:\WINDOWS\System32\DsSvc.dll
15:34:55.0937 0x15b8  DsSvc - ok
15:34:56.0000 0x15b8  [ 651FF4F0BF40496EECE86980B9818CF7, E8297BFA851C485AC586B1ADFFF3CFA63650A099B87845FDA07CA41F8E0E2D33 ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
15:34:56.0015 0x15b8  dts_apo_service - ok
15:34:56.0094 0x15b8  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:34:56.0219 0x15b8  DXGKrnl - ok
15:34:56.0235 0x15b8  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost        C:\WINDOWS\System32\eapsvc.dll
15:34:56.0281 0x15b8  EapHost - ok
15:34:56.0422 0x15b8  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
15:34:56.0531 0x15b8  ebdrv - ok
15:34:56.0610 0x15b8  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS            C:\WINDOWS\System32\lsass.exe
15:34:56.0625 0x15b8  EFS - ok
15:34:56.0641 0x15b8  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
15:34:56.0656 0x15b8  EhStorClass - ok
15:34:56.0672 0x15b8  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:34:56.0719 0x15b8  EhStorTcgDrv - ok
15:34:56.0735 0x15b8  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
15:34:56.0766 0x15b8  embeddedmode - ok
15:34:56.0797 0x15b8  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc      C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
15:34:56.0828 0x15b8  EntAppSvc - ok
15:34:56.0844 0x15b8  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
15:34:56.0860 0x15b8  ErrDev - ok
15:34:56.0891 0x15b8  [ A61885BDC6BF3FCB078751DB0E659DEA, 839FB64F620FA12AC834E7E2FDFCA7F3C8917F4EBCAC9066098CBC944061BA6F ] ETD            C:\WINDOWS\system32\DRIVERS\ETD.sys
15:34:56.0938 0x15b8  ETD - ok
15:34:56.0991 0x15b8  [ 7C217E0797442804A0D1A6B08671C285, B703F58097642C1EB436B1B987BC9188F8C7D4CFA2C5B108A9661257C3507DE1 ] ETDService      C:\Program Files\Elantech\ETDService.exe
15:34:57.0007 0x15b8  ETDService - ok
15:34:57.0023 0x15b8  [ 546098BE6C845D943C73755FFCE2F9B7, 6BF8ED49C696FC44E370AFB2B9805C30BF53495E94E067B1B8AE1ED692A2D9EA ] ETDSMBus        C:\WINDOWS\System32\drivers\ETDSMBus.sys
15:34:57.0023 0x15b8  ETDSMBus - ok
15:34:57.0070 0x15b8  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem    C:\WINDOWS\system32\es.dll
15:34:57.0101 0x15b8  EventSystem - ok
15:34:57.0163 0x15b8  [ 6DCB7233AAD29E43331B3ECFCC8FB8D1, A8E203BB774A4E055C871E9A28F958287A75E8BEA42496E6BA9983063CF6C539 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:34:57.0210 0x15b8  EvtEng - ok
15:34:57.0257 0x15b8  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
15:34:57.0304 0x15b8  exfat - ok
15:34:57.0351 0x15b8  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
15:34:57.0366 0x15b8  fastfat - ok
15:34:57.0429 0x15b8  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax            C:\WINDOWS\system32\fxssvc.exe
15:34:57.0476 0x15b8  Fax - ok
15:34:57.0492 0x15b8  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
15:34:57.0507 0x15b8  fdc - ok
15:34:57.0539 0x15b8  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
15:34:57.0572 0x15b8  fdPHost - ok
15:34:57.0587 0x15b8  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
15:34:57.0634 0x15b8  FDResPub - ok
15:34:57.0650 0x15b8  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
15:34:57.0681 0x15b8  fhsvc - ok
15:34:57.0697 0x15b8  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt      C:\WINDOWS\system32\drivers\filecrypt.sys
15:34:57.0743 0x15b8  FileCrypt - ok
15:34:57.0775 0x15b8  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
15:34:57.0790 0x15b8  FileInfo - ok
15:34:57.0806 0x15b8  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
15:34:57.0853 0x15b8  Filetrace - ok
15:34:57.0853 0x15b8  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
15:34:57.0884 0x15b8  flpydisk - ok
15:34:57.0931 0x15b8  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
15:34:57.0962 0x15b8  FltMgr - ok
15:34:57.0962 0x15b8  fltsrv - ok
15:34:58.0040 0x15b8  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache      C:\WINDOWS\system32\FntCache.dll
15:34:58.0197 0x15b8  FontCache - ok
15:34:58.0306 0x15b8  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:34:58.0337 0x15b8  FontCache3.0.0.0 - ok
15:34:58.0384 0x15b8  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer    C:\WINDOWS\system32\FrameServer.dll
15:34:58.0494 0x15b8  FrameServer - ok
15:34:58.0509 0x15b8  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
15:34:58.0525 0x15b8  FsDepends - ok
15:34:58.0540 0x15b8  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:34:58.0540 0x15b8  Fs_Rec - ok
15:34:58.0587 0x15b8  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:34:58.0634 0x15b8  fvevol - ok
15:34:58.0650 0x15b8  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
15:34:58.0697 0x15b8  gencounter - ok
15:34:58.0712 0x15b8  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
15:34:58.0728 0x15b8  genericusbfn - ok
15:34:58.0759 0x15b8  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:34:58.0775 0x15b8  GPIOClx0101 - ok
15:34:58.0837 0x15b8  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
15:34:58.0931 0x15b8  gpsvc - ok
15:34:58.0931 0x15b8  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
15:34:58.0978 0x15b8  GpuEnergyDrv - ok
15:34:59.0025 0x15b8  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:34:59.0056 0x15b8  gupdate - ok
15:34:59.0056 0x15b8  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:34:59.0072 0x15b8  gupdatem - ok
15:34:59.0072 0x15b8  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
15:34:59.0103 0x15b8  HDAudBus - ok
15:34:59.0118 0x15b8  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
15:34:59.0134 0x15b8  HidBatt - ok
15:34:59.0150 0x15b8  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
15:34:59.0181 0x15b8  HidBth - ok
15:34:59.0197 0x15b8  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
15:34:59.0259 0x15b8  hidi2c - ok
15:34:59.0322 0x15b8  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
15:34:59.0353 0x15b8  hidinterrupt - ok
15:34:59.0384 0x15b8  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
15:34:59.0415 0x15b8  HidIr - ok
15:34:59.0462 0x15b8  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv        C:\WINDOWS\system32\hidserv.dll
15:34:59.0509 0x15b8  hidserv - ok
15:34:59.0556 0x15b8  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
15:34:59.0587 0x15b8  HidUsb - ok
15:34:59.0619 0x15b8  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:34:59.0697 0x15b8  HomeGroupListener - ok
15:34:59.0743 0x15b8  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:34:59.0822 0x15b8  HomeGroupProvider - ok
15:34:59.0853 0x15b8  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
15:34:59.0868 0x15b8  HpSAMD - ok
15:34:59.0931 0x15b8  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
15:35:00.0040 0x15b8  HTTP - ok
15:35:00.0056 0x15b8  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
15:35:00.0103 0x15b8  HvHost - ok
15:35:00.0134 0x15b8  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice      C:\WINDOWS\system32\drivers\hvservice.sys
15:35:00.0165 0x15b8  hvservice - ok
15:35:00.0165 0x15b8  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
15:35:00.0181 0x15b8  hwpolicy - ok
15:35:00.0197 0x15b8  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
15:35:00.0228 0x15b8  hyperkbd - ok
15:35:00.0259 0x15b8  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
15:35:00.0290 0x15b8  i8042prt - ok
15:35:00.0306 0x15b8  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
15:35:00.0353 0x15b8  iagpio - ok
15:35:00.0384 0x15b8  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c          C:\WINDOWS\System32\drivers\iai2c.sys
15:35:00.0431 0x15b8  iai2c - ok
15:35:00.0431 0x15b8  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
15:35:00.0478 0x15b8  iaLPSS2i_GPIO2 - ok
15:35:00.0494 0x15b8  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
15:35:00.0509 0x15b8  iaLPSS2i_I2C - ok
15:35:00.0540 0x15b8  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:35:00.0556 0x15b8  iaLPSSi_GPIO - ok
15:35:00.0572 0x15b8  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:35:00.0587 0x15b8  iaLPSSi_I2C - ok
15:35:00.0650 0x15b8  [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA        C:\WINDOWS\system32\drivers\iaStorA.sys
15:35:00.0697 0x15b8  iaStorA - ok
15:35:00.0728 0x15b8  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
15:35:00.0775 0x15b8  iaStorAV - ok
15:35:00.0790 0x15b8  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
15:35:00.0822 0x15b8  iaStorV - ok
15:35:00.0853 0x15b8  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus          C:\WINDOWS\System32\drivers\ibbus.sys
15:35:00.0884 0x15b8  ibbus - ok
15:35:00.0900 0x15b8  ibtsiva - ok
15:35:00.0931 0x15b8  [ 17CF9460BCF23BB4F96EAE3E160D7DB9, 68ABB485CBFCC22B9A5A5847557424937E5001086AB30EE5A717B18EDB81DE18 ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
15:35:00.0947 0x15b8  ibtusb - ok
15:35:00.0963 0x15b8  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
15:35:01.0009 0x15b8  icssvc - ok
15:35:01.0275 0x15b8  [ CAC521E187666201551CA44692ECE0FE, BB2061A08D513564326880E322FB5169C7D865D1E47C91EE9A718C501E5B20BD ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
15:35:01.0478 0x15b8  igfx - ok
15:35:01.0525 0x15b8  [ F94429F40A82C37F616C6C28C8B3E4C1, 194901563469B6F81EC70F6DA74F95F6D956DA02C15956827FDD92BF1A07254A ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
15:35:01.0541 0x15b8  igfxCUIService2.0.0.0 - ok
15:35:01.0588 0x15b8  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
15:35:01.0666 0x15b8  IKEEXT - ok
15:35:01.0681 0x15b8  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd    C:\WINDOWS\System32\drivers\IndirectKmd.sys
15:35:01.0713 0x15b8  IndirectKmd - ok
15:35:01.0744 0x15b8  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
15:35:01.0775 0x15b8  IntcDAud - ok
15:35:01.0869 0x15b8  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
15:35:01.0900 0x15b8  Intel(R) Capability Licensing Service TCP IP Interface - ok
15:35:01.0978 0x15b8  [ CDE1C0A8A20F5531FB8B5CE4CE72C770, 2F35CF5EFB178CBA8D336017CAC4D71ED0251C358EE0D7E1B479F3E2497437A0 ] Intel(R) WiDi SAM C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
15:35:01.0994 0x15b8  Intel(R) WiDi SAM - ok
15:35:02.0025 0x15b8  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
15:35:02.0041 0x15b8  intelide - ok
15:35:02.0056 0x15b8  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
15:35:02.0072 0x15b8  intelpep - ok
15:35:02.0088 0x15b8  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
15:35:02.0119 0x15b8  intelppm - ok
15:35:02.0150 0x15b8  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
15:35:02.0181 0x15b8  iorate - ok
15:35:02.0181 0x15b8  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:35:02.0213 0x15b8  IpFilterDriver - ok
15:35:02.0276 0x15b8  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
15:35:02.0354 0x15b8  iphlpsvc - ok
15:35:02.0370 0x15b8  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:35:02.0371 0x15b8  IPMIDRV - ok
15:35:02.0402 0x15b8  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
15:35:02.0433 0x15b8  IPNAT - ok
15:35:02.0449 0x15b8  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
15:35:02.0480 0x15b8  irda - ok
15:35:02.0480 0x15b8  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
15:35:02.0512 0x15b8  IRENUM - ok
15:35:02.0543 0x15b8  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon          C:\WINDOWS\System32\irmon.dll
15:35:02.0574 0x15b8  irmon - ok
15:35:02.0574 0x15b8  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
15:35:02.0605 0x15b8  isapnp - ok
15:35:02.0637 0x15b8  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
15:35:02.0668 0x15b8  iScsiPrt - ok
15:35:02.0730 0x15b8  [ DE70C5C10803C700DC1CFDE2D5CF207A, 4D11DE8B986C6966B66E1D6E931A72A1E9FA8D0B5B9EF57EF3EEDD09D0BE0B4E ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:35:02.0746 0x15b8  jhi_service - ok
15:35:02.0777 0x15b8  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
15:35:02.0793 0x15b8  kbdclass - ok
15:35:02.0824 0x15b8  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
15:35:02.0855 0x15b8  kbdhid - ok
15:35:02.0902 0x15b8  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic          C:\WINDOWS\System32\drivers\kdnic.sys
15:35:02.0965 0x15b8  kdnic - ok
15:35:02.0996 0x15b8  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
15:35:03.0012 0x15b8  KeyIso - ok
15:35:03.0027 0x15b8  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
15:35:03.0043 0x15b8  KSecDD - ok
15:35:03.0074 0x15b8  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:35:03.0090 0x15b8  KSecPkg - ok
15:35:03.0121 0x15b8  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
15:35:03.0152 0x15b8  ksthunk - ok
15:35:03.0183 0x15b8  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
15:35:03.0230 0x15b8  KtmRm - ok
15:35:03.0262 0x15b8  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
15:35:03.0293 0x15b8  LanmanServer - ok
15:35:03.0340 0x15b8  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:35:03.0387 0x15b8  LanmanWorkstation - ok
15:35:03.0418 0x15b8  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc          C:\WINDOWS\System32\lfsvc.dll
15:35:03.0449 0x15b8  lfsvc - ok
15:35:03.0480 0x15b8  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
15:35:03.0496 0x15b8  LicenseManager - ok
15:35:03.0515 0x15b8  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
15:35:03.0531 0x15b8  lltdio - ok
15:35:03.0562 0x15b8  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
15:35:03.0609 0x15b8  lltdsvc - ok
15:35:03.0640 0x15b8  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
15:35:03.0656 0x15b8  lmhosts - ok
15:35:03.0687 0x15b8  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
15:35:03.0702 0x15b8  LSI_SAS - ok
15:35:03.0702 0x15b8  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i      C:\WINDOWS\system32\drivers\lsi_sas2i.sys
15:35:03.0718 0x15b8  LSI_SAS2i - ok
15:35:03.0734 0x15b8  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i      C:\WINDOWS\system32\drivers\lsi_sas3i.sys
15:35:03.0749 0x15b8  LSI_SAS3i - ok
15:35:03.0796 0x15b8  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
15:35:03.0827 0x15b8  LSI_SSS - ok
15:35:03.0890 0x15b8  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM            C:\WINDOWS\System32\lsm.dll
15:35:03.0968 0x15b8  LSM - ok
15:35:03.0984 0x15b8  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
15:35:04.0015 0x15b8  luafv - ok
15:35:04.0046 0x15b8  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\WINDOWS\System32\moshost.dll
15:35:04.0081 0x15b8  MapsBroker - ok
15:35:04.0143 0x15b8  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM            C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
15:35:04.0159 0x15b8  MDM - ok
15:35:04.0190 0x15b8  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
15:35:04.0206 0x15b8  megasas - ok
15:35:04.0238 0x15b8  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i      C:\WINDOWS\system32\drivers\MegaSas2i.sys
15:35:04.0269 0x15b8  megasas2i - ok
15:35:04.0300 0x15b8  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
15:35:04.0362 0x15b8  megasr - ok
15:35:04.0409 0x15b8  [ 48F64A35BA9F2E4AC0587DDA555FF951, 77FE2BE86ADCE103F4220A641139C42B1407CF8EFFEB66F841ABF9CFC3621558 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
15:35:04.0409 0x15b8  MEIx64 - ok
15:35:04.0441 0x15b8  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
15:35:04.0456 0x15b8  MessagingService - ok
15:35:04.0566 0x15b8  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
15:35:04.0612 0x15b8  mlx4_bus - ok
15:35:04.0632 0x15b8  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS          C:\WINDOWS\system32\drivers\mmcss.sys
15:35:04.0660 0x15b8  MMCSS - ok
15:35:04.0691 0x15b8  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem          C:\WINDOWS\system32\drivers\modem.sys
15:35:04.0722 0x15b8  Modem - ok
15:35:04.0753 0x15b8  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
15:35:04.0784 0x15b8  monitor - ok
15:35:04.0831 0x15b8  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
15:35:04.0847 0x15b8  mouclass - ok
15:35:04.0847 0x15b8  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
15:35:04.0878 0x15b8  mouhid - ok
15:35:04.0894 0x15b8  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
15:35:04.0909 0x15b8  mountmgr - ok
15:35:04.0925 0x15b8  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
15:35:04.0956 0x15b8  mpsdrv - ok
15:35:05.0019 0x15b8  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
15:35:05.0097 0x15b8  MpsSvc - ok
15:35:05.0144 0x15b8  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
15:35:05.0206 0x15b8  MRxDAV - ok
15:35:05.0238 0x15b8  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:35:05.0284 0x15b8  mrxsmb - ok
15:35:05.0316 0x15b8  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:35:05.0363 0x15b8  mrxsmb10 - ok
15:35:05.0378 0x15b8  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:35:05.0409 0x15b8  mrxsmb20 - ok
15:35:05.0441 0x15b8  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
15:35:05.0472 0x15b8  MsBridge - ok
15:35:05.0488 0x15b8  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC          C:\WINDOWS\System32\msdtc.exe
15:35:05.0503 0x15b8  MSDTC - ok
15:35:05.0519 0x15b8  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:35:05.0550 0x15b8  Msfs - ok
15:35:05.0566 0x15b8  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:35:05.0597 0x15b8  msgpiowin32 - ok
15:35:05.0613 0x15b8  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:35:05.0628 0x15b8  mshidkmdf - ok
15:35:05.0628 0x15b8  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
15:35:05.0644 0x15b8  mshidumdf - ok
15:35:05.0659 0x15b8  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
15:35:05.0675 0x15b8  msisadrv - ok
15:35:05.0706 0x15b8  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
15:35:05.0738 0x15b8  MSiSCSI - ok
15:35:05.0738 0x15b8  msiserver - ok
15:35:05.0753 0x15b8  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV        C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
15:35:05.0784 0x15b8  MSKSSRV - ok
15:35:05.0817 0x15b8  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
15:35:05.0848 0x15b8  MsLldp - ok
15:35:05.0864 0x15b8  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
15:35:05.0895 0x15b8  MSPCLOCK - ok
15:35:05.0895 0x15b8  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM          C:\WINDOWS\system32\DRIVERS\MSPQM.sys
15:35:05.0942 0x15b8  MSPQM - ok
15:35:05.0988 0x15b8  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
15:35:06.0004 0x15b8  MsRPC - ok
15:35:06.0020 0x15b8  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
15:35:06.0035 0x15b8  mssmbios - ok
15:35:06.0051 0x15b8  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE          C:\WINDOWS\system32\DRIVERS\MSTEE.sys
15:35:06.0082 0x15b8  MSTEE - ok
15:35:06.0082 0x15b8  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
15:35:06.0114 0x15b8  MTConfig - ok
15:35:06.0145 0x15b8  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
15:35:06.0160 0x15b8  Mup - ok
15:35:06.0176 0x15b8  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
15:35:06.0207 0x15b8  mvumis - ok
15:35:06.0239 0x15b8  [ F1F6EE6C068CBDB80BAC43A79591F1F2, 39387A25ECFBFDD5B6A43A9A2CA2EC5703D0CCCFFE36C989B0E461B72C242D1C ] MyWiFiDHCPDNS  C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:35:06.0254 0x15b8  MyWiFiDHCPDNS - ok
15:35:06.0301 0x15b8  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:35:06.0348 0x15b8  NativeWifiP - ok
15:35:06.0395 0x15b8  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
15:35:06.0442 0x15b8  NcaSvc - ok
15:35:06.0457 0x15b8  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
15:35:06.0504 0x15b8  NcbService - ok
15:35:06.0520 0x15b8  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
15:35:06.0567 0x15b8  NcdAutoSetup - ok
15:35:06.0598 0x15b8  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
15:35:06.0613 0x15b8  ndfltr - ok
15:35:06.0676 0x15b8  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
15:35:06.0738 0x15b8  NDIS - ok
15:35:06.0754 0x15b8  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap        C:\WINDOWS\system32\drivers\ndiscap.sys
15:35:06.0785 0x15b8  NdisCap - ok
15:35:06.0817 0x15b8  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
15:35:06.0863 0x15b8  NdisImPlatform - ok
15:35:06.0879 0x15b8  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:35:06.0910 0x15b8  NdisTapi - ok
15:35:06.0926 0x15b8  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio        C:\WINDOWS\system32\drivers\ndisuio.sys
15:35:06.0957 0x15b8  Ndisuio - ok
15:35:06.0973 0x15b8  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:35:06.0988 0x15b8  NdisVirtualBus - ok
15:35:07.0004 0x15b8  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan        C:\WINDOWS\System32\drivers\ndiswan.sys
15:35:07.0051 0x15b8  NdisWan - ok
15:35:07.0067 0x15b8  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:35:07.0082 0x15b8  ndiswanlegacy - ok
15:35:07.0098 0x15b8  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy        C:\WINDOWS\system32\DRIVERS\NDProxy.sys
15:35:07.0129 0x15b8  ndproxy - ok
15:35:07.0145 0x15b8  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
15:35:07.0176 0x15b8  Ndu - ok
15:35:07.0192 0x15b8  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
15:35:07.0223 0x15b8  NetAdapterCx - ok
15:35:07.0238 0x15b8  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS        C:\WINDOWS\system32\drivers\netbios.sys
15:35:07.0254 0x15b8  NetBIOS - ok
15:35:07.0301 0x15b8  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
15:35:07.0348 0x15b8  NetBT - ok
15:35:07.0364 0x15b8  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:35:07.0395 0x15b8  Netlogon - ok
15:35:07.0426 0x15b8  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
15:35:07.0457 0x15b8  Netman - ok
15:35:07.0535 0x15b8  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
15:35:07.0598 0x15b8  netprofm - ok
15:35:07.0629 0x15b8  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc    C:\WINDOWS\System32\NetSetupSvc.dll
15:35:07.0661 0x15b8  NetSetupSvc - ok
15:35:07.0707 0x15b8  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:35:07.0723 0x15b8  NetTcpPortSharing - ok
15:35:07.0870 0x15b8  [ 93F9E44D6AA0FFDE901D53CEF389AADD, 6DBF20DD61F6BF478D3099343B23DC4F45D836192B4E3E95EF0CEAFD63799128 ] NETwNb64        C:\WINDOWS\System32\drivers\Netwbw02.sys
15:35:07.0979 0x15b8  NETwNb64 - ok
15:35:08.0042 0x15b8  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
15:35:08.0073 0x15b8  NgcCtnrSvc - ok
15:35:08.0151 0x15b8  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
15:35:08.0245 0x15b8  NgcSvc - ok
15:35:08.0260 0x15b8  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
15:35:08.0307 0x15b8  NlaSvc - ok
15:35:08.0323 0x15b8  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:35:08.0354 0x15b8  Npfs - ok
15:35:08.0385 0x15b8  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
15:35:08.0417 0x15b8  npsvctrig - ok
15:35:08.0448 0x15b8  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi            C:\WINDOWS\system32\nsisvc.dll
15:35:08.0526 0x15b8  nsi - ok
15:35:08.0542 0x15b8  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
15:35:08.0573 0x15b8  nsiproxy - ok
15:35:08.0698 0x15b8  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
15:35:08.0776 0x15b8  NTFS - ok
15:35:08.0807 0x15b8  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:35:08.0839 0x15b8  Null - ok
15:35:08.0870 0x15b8  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
15:35:08.0901 0x15b8  nvraid - ok
15:35:08.0901 0x15b8  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
15:35:08.0932 0x15b8  nvstor - ok
15:35:08.0948 0x15b8  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
15:35:08.0995 0x15b8  OneSyncSvc - ok
15:35:09.0057 0x15b8  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
15:35:09.0104 0x15b8  p2pimsvc - ok
15:35:09.0135 0x15b8  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
15:35:09.0182 0x15b8  p2psvc - ok
15:35:09.0198 0x15b8  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport        C:\WINDOWS\System32\drivers\parport.sys
15:35:09.0229 0x15b8  Parport - ok
15:35:09.0245 0x15b8  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys

Lausbua 09.01.2017 15:46
Code:
15:35:09.0260 0x15b8  partmgr - ok
15:35:09.0307 0x15b8  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
15:35:09.0339 0x15b8  PcaSvc - ok
15:35:09.0385 0x15b8  [ E2DD2E5BDCCD225670831B439826065B, 0153F1CE26D402C03CFC155F428EBA04D6EA8E19A28AF629B1CE347363B7697C ] pci            C:\WINDOWS\system32\drivers\pci.sys
15:35:09.0401 0x15b8  pci - ok
15:35:09.0432 0x15b8  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
15:35:09.0432 0x15b8  pciide - ok
15:35:09.0448 0x15b8  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
15:35:09.0464 0x15b8  pcmcia - ok
15:35:09.0479 0x15b8  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
15:35:09.0495 0x15b8  pcw - ok
15:35:09.0526 0x15b8  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
15:35:09.0542 0x15b8  pdc - ok
15:35:09.0589 0x15b8  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
15:35:09.0682 0x15b8  PEAUTH - ok
15:35:09.0714 0x15b8  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i      C:\WINDOWS\system32\drivers\percsas2i.sys
15:35:09.0729 0x15b8  percsas2i - ok
15:35:09.0745 0x15b8  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i      C:\WINDOWS\system32\drivers\percsas3i.sys
15:35:09.0776 0x15b8  percsas3i - ok
15:35:09.0839 0x15b8  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
15:35:09.0901 0x15b8  PerfHost - ok
15:35:09.0964 0x15b8  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
15:35:10.0026 0x15b8  PhoneSvc - ok
15:35:10.0073 0x15b8  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
15:35:10.0120 0x15b8  PimIndexMaintenanceSvc - ok
15:35:10.0229 0x15b8  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla            C:\WINDOWS\system32\pla.dll
15:35:10.0323 0x15b8  pla - ok
15:35:10.0354 0x15b8  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
15:35:10.0370 0x15b8  PlugPlay - ok
15:35:10.0385 0x15b8  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
15:35:10.0417 0x15b8  PNRPAutoReg - ok
15:35:10.0432 0x15b8  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
15:35:10.0464 0x15b8  PNRPsvc - ok
15:35:10.0495 0x15b8  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
15:35:10.0542 0x15b8  PolicyAgent - ok
15:35:10.0557 0x15b8  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power          C:\WINDOWS\system32\umpo.dll
15:35:10.0589 0x15b8  Power - ok
15:35:10.0620 0x15b8  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
15:35:10.0651 0x15b8  PptpMiniport - ok
15:35:10.0839 0x15b8  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
15:35:11.0057 0x15b8  PrintNotify - ok
15:35:11.0074 0x15b8  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor      C:\WINDOWS\System32\drivers\processr.sys
15:35:11.0089 0x15b8  Processor - ok
15:35:11.0120 0x15b8  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
15:35:11.0151 0x15b8  ProfSvc - ok
15:35:11.0167 0x15b8  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
15:35:11.0183 0x15b8  Psched - ok
15:35:11.0214 0x15b8  [ 3EB2E97049C14B05D9218009BAF05ED6, 39234A35B54D4006D45125E139E1B795054B029DF1BAC5931CA229ABCAF7F7C2 ] QIOMem          C:\WINDOWS\System32\drivers\QIOMem.sys
15:35:11.0230 0x15b8  QIOMem - ok
15:35:11.0245 0x15b8  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE          C:\WINDOWS\system32\qwave.dll
15:35:11.0277 0x15b8  QWAVE - ok
15:35:11.0308 0x15b8  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
15:35:11.0339 0x15b8  QWAVEdrv - ok
15:35:11.0355 0x15b8  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:35:11.0386 0x15b8  RasAcd - ok
15:35:11.0402 0x15b8  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn    C:\WINDOWS\System32\drivers\AgileVpn.sys
15:35:11.0448 0x15b8  RasAgileVpn - ok
15:35:11.0464 0x15b8  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
15:35:11.0480 0x15b8  RasAuto - ok
15:35:11.0511 0x15b8  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp        C:\WINDOWS\System32\drivers\rasl2tp.sys
15:35:11.0548 0x15b8  Rasl2tp - ok
15:35:11.0579 0x15b8  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:35:11.0641 0x15b8  RasMan - ok
15:35:11.0657 0x15b8  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:35:11.0688 0x15b8  RasPppoe - ok
15:35:11.0704 0x15b8  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp        C:\WINDOWS\System32\drivers\rassstp.sys
15:35:11.0766 0x15b8  RasSstp - ok
15:35:11.0798 0x15b8  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:35:11.0829 0x15b8  rdbss - ok
15:35:11.0844 0x15b8  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
15:35:11.0860 0x15b8  rdpbus - ok
15:35:11.0876 0x15b8  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
15:35:11.0907 0x15b8  RDPDR - ok
15:35:11.0954 0x15b8  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:35:11.0985 0x15b8  RdpVideoMiniport - ok
15:35:12.0017 0x15b8  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
15:35:12.0048 0x15b8  rdyboost - ok
15:35:12.0079 0x15b8  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
15:35:12.0126 0x15b8  ReFSv1 - ok
15:35:12.0189 0x15b8  [ B91EE7363FDC2B0CB1C5E6190B46F7DC, 650EE0262F2EE242D99A5BE013A64F76CA3537274C0B9313F9BD7741ACF38017 ] RegSrvc        C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:35:12.0204 0x15b8  RegSrvc - ok
15:35:12.0251 0x15b8  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:35:12.0329 0x15b8  RemoteAccess - ok
15:35:12.0345 0x15b8  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
15:35:12.0376 0x15b8  RemoteRegistry - ok
15:35:12.0423 0x15b8  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
15:35:12.0470 0x15b8  RetailDemo - ok
15:35:12.0485 0x15b8  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
15:35:12.0532 0x15b8  RFCOMM - ok
15:35:12.0564 0x15b8  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc          C:\WINDOWS\System32\RMapi.dll
15:35:12.0610 0x15b8  RmSvc - ok
15:35:12.0626 0x15b8  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
15:35:12.0657 0x15b8  RpcEptMapper - ok
15:35:12.0689 0x15b8  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:35:12.0720 0x15b8  RpcLocator - ok
15:35:12.0767 0x15b8  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
15:35:12.0814 0x15b8  RpcSs - ok
15:35:12.0861 0x15b8  [ 8F08F9A2573B9EE9D187919B1FB636FB, DFC5DCDE70052EB08FD580BBDF553292D547D209E2583C21E47DF600719E8DB1 ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
15:35:12.0877 0x15b8  RSP2STOR - ok
15:35:12.0908 0x15b8  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
15:35:12.0939 0x15b8  rspndr - ok
15:35:12.0986 0x15b8  [ 909BEFE0B82DD2CDBAFD2A0C98E8E227, FCF0B863FF21B88F0F678455E3DCB3AC1DB4CF6D51FEE93B5752F72C6B1409EC ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
15:35:13.0033 0x15b8  rt640x64 - ok
15:35:13.0048 0x15b8  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
15:35:13.0064 0x15b8  s3cap - ok
15:35:13.0080 0x15b8  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs          C:\WINDOWS\system32\lsass.exe
15:35:13.0095 0x15b8  SamSs - ok
15:35:13.0127 0x15b8  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
15:35:13.0142 0x15b8  sbp2port - ok
15:35:13.0173 0x15b8  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
15:35:13.0205 0x15b8  SCardSvr - ok
15:35:13.0236 0x15b8  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
15:35:13.0283 0x15b8  ScDeviceEnum - ok
15:35:13.0314 0x15b8  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:35:13.0377 0x15b8  scfilter - ok
15:35:13.0455 0x15b8  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:35:13.0533 0x15b8  Schedule - ok
15:35:13.0549 0x15b8  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
15:35:13.0564 0x15b8  scmbus - ok
15:35:13.0595 0x15b8  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101    C:\WINDOWS\System32\drivers\scmdisk0101.sys
15:35:13.0627 0x15b8  scmdisk0101 - ok
15:35:13.0658 0x15b8  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
15:35:13.0689 0x15b8  SCPolicySvc - ok
15:35:13.0720 0x15b8  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
15:35:13.0736 0x15b8  sdbus - ok
15:35:13.0767 0x15b8  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
15:35:13.0814 0x15b8  SDRSVC - ok
15:35:13.0830 0x15b8  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
15:35:13.0845 0x15b8  sdstor - ok
15:35:13.0861 0x15b8  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
15:35:13.0892 0x15b8  seclogon - ok
15:35:13.0924 0x15b8  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
15:35:13.0939 0x15b8  SENS - ok
15:35:14.0033 0x15b8  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
15:35:14.0142 0x15b8  SensorDataService - ok
15:35:14.0174 0x15b8  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService  C:\WINDOWS\system32\SensorService.dll
15:35:14.0221 0x15b8  SensorService - ok
15:35:14.0252 0x15b8  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
15:35:14.0299 0x15b8  SensrSvc - ok
15:35:14.0314 0x15b8  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
15:35:14.0314 0x15b8  SerCx - ok
15:35:14.0346 0x15b8  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
15:35:14.0361 0x15b8  SerCx2 - ok
15:35:14.0392 0x15b8  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
15:35:14.0392 0x15b8  Serenum - ok
15:35:14.0408 0x15b8  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
15:35:14.0424 0x15b8  Serial - ok
15:35:14.0424 0x15b8  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
15:35:14.0455 0x15b8  sermouse - ok
15:35:14.0502 0x15b8  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
15:35:14.0533 0x15b8  SessionEnv - ok
15:35:14.0549 0x15b8  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
15:35:14.0564 0x15b8  sfloppy - ok
15:35:14.0596 0x15b8  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
15:35:14.0658 0x15b8  SharedAccess - ok
15:35:14.0705 0x15b8  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:35:14.0767 0x15b8  ShellHWDetection - ok
15:35:14.0783 0x15b8  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
15:35:14.0830 0x15b8  shpamsvc - ok
15:35:14.0861 0x15b8  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:35:14.0861 0x15b8  SiSRaid2 - ok
15:35:14.0877 0x15b8  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
15:35:14.0892 0x15b8  SiSRaid4 - ok
15:35:14.0939 0x15b8  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost        C:\WINDOWS\System32\smphost.dll
15:35:14.0971 0x15b8  smphost - ok
15:35:15.0017 0x15b8  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter      C:\WINDOWS\system32\SmsRouterSvc.dll
15:35:15.0064 0x15b8  SmsRouter - ok
15:35:15.0096 0x15b8  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
15:35:15.0127 0x15b8  SNMPTRAP - ok
15:35:15.0189 0x15b8  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
15:35:15.0221 0x15b8  spaceport - ok
15:35:15.0252 0x15b8  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
15:35:15.0267 0x15b8  SpbCx - ok
15:35:15.0330 0x15b8  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler        C:\WINDOWS\System32\spoolsv.exe
15:35:15.0408 0x15b8  Spooler - ok
15:35:15.0627 0x15b8  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
15:35:15.0893 0x15b8  sppsvc - ok
15:35:15.0956 0x15b8  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
15:35:16.0003 0x15b8  srv - ok
15:35:16.0034 0x15b8  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
15:35:16.0112 0x15b8  srv2 - ok
15:35:16.0143 0x15b8  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:35:16.0190 0x15b8  srvnet - ok
15:35:16.0237 0x15b8  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
15:35:16.0284 0x15b8  SSDPSRV - ok
15:35:16.0300 0x15b8  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
15:35:16.0331 0x15b8  SstpSvc - ok
15:35:16.0362 0x15b8  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
15:35:16.0378 0x15b8  ssudmdm - ok
15:35:16.0518 0x15b8  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
15:35:16.0753 0x15b8  StateRepository - ok
15:35:16.0784 0x15b8  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
15:35:16.0800 0x15b8  stexstor - ok
15:35:16.0831 0x15b8  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
15:35:16.0893 0x15b8  stisvc - ok
15:35:16.0925 0x15b8  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
15:35:16.0956 0x15b8  storahci - ok
15:35:16.0972 0x15b8  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt        C:\WINDOWS\system32\drivers\vmstorfl.sys
15:35:17.0003 0x15b8  storflt - ok
15:35:17.0018 0x15b8  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
15:35:17.0034 0x15b8  stornvme - ok
15:35:17.0065 0x15b8  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
15:35:17.0097 0x15b8  storqosflt - ok
15:35:17.0159 0x15b8  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc        C:\WINDOWS\system32\storsvc.dll
15:35:17.0222 0x15b8  StorSvc - ok
15:35:17.0237 0x15b8  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs        C:\WINDOWS\system32\drivers\storufs.sys
15:35:17.0253 0x15b8  storufs - ok
15:35:17.0268 0x15b8  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
15:35:17.0268 0x15b8  storvsc - ok
15:35:17.0300 0x15b8  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc          C:\WINDOWS\system32\svsvc.dll
15:35:17.0331 0x15b8  svsvc - ok
15:35:17.0347 0x15b8  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
15:35:17.0362 0x15b8  swenum - ok
15:35:17.0393 0x15b8  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv          C:\WINDOWS\System32\swprv.dll
15:35:17.0440 0x15b8  swprv - ok
15:35:17.0472 0x15b8  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
15:35:17.0503 0x15b8  Synth3dVsc - ok
15:35:17.0550 0x15b8  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain        C:\WINDOWS\system32\sysmain.dll
15:35:17.0659 0x15b8  SysMain - ok
15:35:17.0690 0x15b8  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:35:17.0722 0x15b8  SystemEventsBroker - ok
15:35:17.0753 0x15b8  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:35:17.0768 0x15b8  TabletInputService - ok
15:35:17.0800 0x15b8  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
15:35:17.0831 0x15b8  TapiSrv - ok
15:35:17.0956 0x15b8  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
15:35:18.0034 0x15b8  Tcpip - ok
15:35:18.0128 0x15b8  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
15:35:18.0206 0x15b8  Tcpip6 - ok
15:35:18.0222 0x15b8  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
15:35:18.0253 0x15b8  tcpipreg - ok
15:35:18.0284 0x15b8  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
15:35:18.0300 0x15b8  tdx - ok
15:35:18.0753 0x15b8  [ 44449A0EB8EBD8DCBC3ED4BB62BA3A5F, 168197015D1E5ED71775250084C224A1100E0F989A6D1CC4102004E5AAD74F3A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
15:35:19.0022 0x15b8  TeamViewer - ok
15:35:19.0069 0x15b8  [ D8420B070D035C30CC890981E3C4B567, C51C3B3F148097CCBD14B1D2F4E4DF2DA246B3B242701F2319E83B1C14675984 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
15:35:19.0069 0x15b8  TemproMonitoringService - ok
15:35:19.0100 0x15b8  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
15:35:19.0100 0x15b8  terminpt - ok
15:35:19.0163 0x15b8  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService    C:\WINDOWS\System32\termsrv.dll
15:35:19.0256 0x15b8  TermService - ok
15:35:19.0272 0x15b8  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
15:35:19.0303 0x15b8  Themes - ok
15:35:19.0319 0x15b8  [ 07C4E732255CA3666DC89BC15D6BBB6B, 811C458725D60C8747022BE57D22AE3E3F47F21EA5924D54BF2F2999ABA2D588 ] Thotkey        C:\WINDOWS\System32\drivers\Thotkey.sys
15:35:19.0334 0x15b8  Thotkey - ok
15:35:19.0366 0x15b8  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
15:35:19.0413 0x15b8  TieringEngineService - ok
15:35:19.0459 0x15b8  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
15:35:19.0522 0x15b8  tiledatamodelsvc - ok
15:35:19.0538 0x15b8  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc  C:\WINDOWS\System32\TimeBrokerServer.dll
15:35:19.0553 0x15b8  TimeBrokerSvc - ok
15:35:19.0631 0x15b8  [ 7421BB9A1B8C093B809FE1B0547F4A5D, 763C6AAC39D9FEF168A9C49057A2A14612903EE462DFD39EA52ED93C13D72FDB ] TMachInfo      C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
15:35:19.0647 0x15b8  TMachInfo - ok
15:35:19.0741 0x15b8  [ 9ADC6602F11F7A2BBB834D69FF00A813, 672B3FC8043F01FACC962E7C8573723E3131494B4BBC330731EF1C3CA38C0ED2 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
15:35:19.0772 0x15b8  TOSHIBA eco Utility Service - ok
15:35:19.0803 0x15b8  [ 3D69A41021DEA17019CBC8AE6271DD47, 161DE6766D617936296F56B5D2409B374C4F951DF5CA0685FC9AE39E71F05144 ] tosrfec        C:\WINDOWS\System32\drivers\tosrfec.sys
15:35:19.0803 0x15b8  tosrfec - ok
15:35:19.0850 0x15b8  [ 3A3493585DEC6EC8E003F0A81C5E2474, 6CF6039C6212AB4917307969BE8E3E8E36521BC0F3F14806FF3795474496F3DC ] TOSRMService    C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe
15:35:19.0866 0x15b8  TOSRMService - ok
15:35:19.0944 0x15b8  [ 341B683B22CF56462CC500A0A86FA5E5, 0610B813769045E9DA35DABDB16EA9DE6BC2E628A94B9A235E1218E15DBB7C8B ] TPCHSrv        C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
15:35:19.0959 0x15b8  TPCHSrv - ok
15:35:20.0006 0x15b8  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM            C:\WINDOWS\System32\drivers\tpm.sys
15:35:20.0022 0x15b8  TPM - ok
15:35:20.0053 0x15b8  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
15:35:20.0084 0x15b8  TrkWks - ok
15:35:20.0131 0x15b8  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:35:20.0194 0x15b8  TrustedInstaller - ok
15:35:20.0210 0x15b8  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
15:35:20.0241 0x15b8  tsusbflt - ok
15:35:20.0256 0x15b8  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:35:20.0272 0x15b8  TsUsbGD - ok
15:35:20.0303 0x15b8  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
15:35:20.0334 0x15b8  tunnel - ok
15:35:20.0366 0x15b8  [ 6A2A692F6A987D8C3BF758CA5A225BD1, 015A09D702277B6B79642227062D53ACA572E258E0C7FF6573A0E043C27531AD ] TVALZ          C:\WINDOWS\system32\drivers\TVALZ_O.SYS
15:35:20.0381 0x15b8  TVALZ - ok
15:35:20.0413 0x15b8  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
15:35:20.0460 0x15b8  tzautoupdate - ok
15:35:20.0475 0x15b8  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
15:35:20.0491 0x15b8  UASPStor - ok
15:35:20.0506 0x15b8  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101      C:\WINDOWS\system32\Drivers\UcmCx.sys
15:35:20.0553 0x15b8  UcmCx0101 - ok
15:35:20.0569 0x15b8  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
15:35:20.0585 0x15b8  UcmTcpciCx0101 - ok
15:35:20.0616 0x15b8  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi        C:\WINDOWS\System32\drivers\UcmUcsi.sys
15:35:20.0647 0x15b8  UcmUcsi - ok
15:35:20.0678 0x15b8  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
15:35:20.0694 0x15b8  Ucx01000 - ok
15:35:20.0709 0x15b8  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx          C:\WINDOWS\system32\drivers\udecx.sys
15:35:20.0756 0x15b8  UdeCx - ok
15:35:20.0772 0x15b8  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
15:35:20.0819 0x15b8  udfs - ok
15:35:20.0835 0x15b8  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
15:35:20.0850 0x15b8  UEFI - ok
15:35:20.0881 0x15b8  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
15:35:20.0897 0x15b8  Ufx01000 - ok
15:35:20.0913 0x15b8  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea    C:\WINDOWS\System32\drivers\UfxChipidea.sys
15:35:20.0928 0x15b8  UfxChipidea - ok
15:35:20.0959 0x15b8  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys    C:\WINDOWS\System32\drivers\ufxsynopsys.sys
15:35:20.0975 0x15b8  ufxsynopsys - ok
15:35:21.0006 0x15b8  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
15:35:21.0038 0x15b8  UI0Detect - ok
15:35:21.0053 0x15b8  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
15:35:21.0069 0x15b8  umbus - ok
15:35:21.0085 0x15b8  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
15:35:21.0100 0x15b8  UmPass - ok
15:35:21.0131 0x15b8  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
15:35:21.0163 0x15b8  UmRdpService - ok
15:35:21.0209 0x15b8  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc    C:\WINDOWS\System32\unistore.dll
15:35:21.0303 0x15b8  UnistoreSvc - ok
15:35:21.0366 0x15b8  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:35:21.0413 0x15b8  upnphost - ok
15:35:21.0444 0x15b8  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea    C:\WINDOWS\System32\drivers\urschipidea.sys
15:35:21.0460 0x15b8  UrsChipidea - ok
15:35:21.0475 0x15b8  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
15:35:21.0491 0x15b8  UrsCx01000 - ok
15:35:21.0491 0x15b8  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys    C:\WINDOWS\System32\drivers\urssynopsys.sys
15:35:21.0506 0x15b8  UrsSynopsys - ok
15:35:21.0538 0x15b8  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys
15:35:21.0554 0x15b8  usbccgp - ok
15:35:21.0559 0x15b8  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
15:35:21.0575 0x15b8  usbcir - ok
15:35:21.0591 0x15b8  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
15:35:21.0606 0x15b8  usbehci - ok
15:35:21.0638 0x15b8  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
15:35:21.0670 0x15b8  usbhub - ok
15:35:21.0701 0x15b8  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
15:35:21.0732 0x15b8  USBHUB3 - ok
15:35:21.0748 0x15b8  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
15:35:21.0763 0x15b8  usbohci - ok
15:35:21.0795 0x15b8  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
15:35:21.0841 0x15b8  usbprint - ok
15:35:21.0841 0x15b8  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
15:35:21.0888 0x15b8  usbser - ok
15:35:21.0935 0x15b8  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:35:21.0966 0x15b8  USBSTOR - ok
15:35:21.0982 0x15b8  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
15:35:21.0998 0x15b8  usbuhci - ok
15:35:22.0045 0x15b8  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
15:35:22.0091 0x15b8  usbvideo - ok
15:35:22.0123 0x15b8  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:35:22.0138 0x15b8  USBXHCI - ok
15:35:22.0216 0x15b8  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc    C:\WINDOWS\System32\userdataservice.dll
15:35:22.0310 0x15b8  UserDataSvc - ok
15:35:22.0373 0x15b8  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager    C:\WINDOWS\System32\usermgr.dll
15:35:22.0467 0x15b8  UserManager - ok
15:35:22.0513 0x15b8  [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
15:35:22.0576 0x15b8  UsoSvc - ok
15:35:22.0576 0x15b8  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
15:35:22.0591 0x15b8  VaultSvc - ok
15:35:22.0607 0x15b8  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
15:35:22.0623 0x15b8  vdrvroot - ok
15:35:22.0670 0x15b8  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds            C:\WINDOWS\System32\vds.exe
15:35:22.0716 0x15b8  vds - ok
15:35:22.0732 0x15b8  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
15:35:22.0748 0x15b8  VerifierExt - ok
15:35:22.0795 0x15b8  [ 46ADD0CD4473AAEF1C68266A803F704D, D521E46891253884CF8285E864FAE63F2E8E0974AD8D2EB4D910E8A35350844F ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
15:35:22.0841 0x15b8  vhdmp - ok
15:35:22.0857 0x15b8  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf            C:\WINDOWS\System32\drivers\vhf.sys
15:35:22.0873 0x15b8  vhf - ok
15:35:22.0888 0x15b8  virtual_file - ok
15:35:22.0904 0x15b8  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
15:35:22.0920 0x15b8  vmbus - ok
15:35:22.0920 0x15b8  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
15:35:22.0951 0x15b8  VMBusHID - ok
15:35:22.0967 0x15b8  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid          C:\WINDOWS\System32\drivers\vmgid.sys
15:35:23.0013 0x15b8  vmgid - ok
15:35:23.0045 0x15b8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
15:35:23.0091 0x15b8  vmicguestinterface - ok
15:35:23.0107 0x15b8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat  C:\WINDOWS\System32\icsvc.dll
15:35:23.0123 0x15b8  vmicheartbeat - ok
15:35:23.0138 0x15b8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
15:35:23.0154 0x15b8  vmickvpexchange - ok
15:35:23.0216 0x15b8  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv        C:\WINDOWS\System32\icsvcext.dll
15:35:23.0263 0x15b8  vmicrdv - ok
15:35:23.0263 0x15b8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
15:35:23.0295 0x15b8  vmicshutdown - ok
15:35:23.0310 0x15b8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
15:35:23.0326 0x15b8  vmictimesync - ok
15:35:23.0341 0x15b8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession  C:\WINDOWS\System32\icsvc.dll
15:35:23.0357 0x15b8  vmicvmsession - ok
15:35:23.0373 0x15b8  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss        C:\WINDOWS\System32\icsvcext.dll
15:35:23.0404 0x15b8  vmicvss - ok
15:35:23.0420 0x15b8  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
15:35:23.0435 0x15b8  volmgr - ok
15:35:23.0460 0x15b8  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
15:35:23.0489 0x15b8  volmgrx - ok
15:35:23.0505 0x15b8  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
15:35:23.0520 0x15b8  volsnap - ok
15:35:23.0551 0x15b8  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
15:35:23.0551 0x15b8  volume - ok
15:35:23.0583 0x15b8  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
15:35:23.0598 0x15b8  vpci - ok
15:35:23.0630 0x15b8  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
15:35:23.0645 0x15b8  vsmraid - ok
15:35:23.0723 0x15b8  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS            C:\WINDOWS\system32\vssvc.exe
15:35:23.0833 0x15b8  VSS - ok
15:35:23.0848 0x15b8  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
15:35:23.0880 0x15b8  VSTXRAID - ok
15:35:23.0895 0x15b8  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
15:35:23.0926 0x15b8  vwifibus - ok
15:35:23.0942 0x15b8  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
15:35:23.0958 0x15b8  vwififlt - ok
15:35:23.0973 0x15b8  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp        C:\WINDOWS\System32\drivers\vwifimp.sys
15:35:23.0989 0x15b8  vwifimp - ok
15:35:24.0051 0x15b8  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time        C:\WINDOWS\system32\w32time.dll
15:35:24.0114 0x15b8  W32Time - ok
15:35:24.0130 0x15b8  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
15:35:24.0161 0x15b8  WacomPen - ok
15:35:24.0208 0x15b8  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService  C:\WINDOWS\system32\WalletService.dll
15:35:24.0239 0x15b8  WalletService - ok
15:35:24.0270 0x15b8  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:35:24.0301 0x15b8  wanarp - ok
15:35:24.0301 0x15b8  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:35:24.0317 0x15b8  wanarpv6 - ok
15:35:24.0411 0x15b8  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
15:35:24.0520 0x15b8  wbengine - ok
15:35:24.0583 0x15b8  [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
15:35:24.0692 0x15b8  WbioSrvc - ok
15:35:24.0755 0x15b8  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs          C:\WINDOWS\system32\drivers\wcifs.sys
15:35:24.0827 0x15b8  wcifs - ok
15:35:24.0889 0x15b8  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
15:35:24.0952 0x15b8  Wcmsvc - ok
15:35:24.0999 0x15b8  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
15:35:25.0046 0x15b8  wcncsvc - ok
15:35:25.0077 0x15b8  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs          C:\WINDOWS\system32\drivers\wcnfs.sys
15:35:25.0092 0x15b8  wcnfs - ok
15:35:25.0108 0x15b8  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
15:35:25.0108 0x15b8  WdBoot - ok
15:35:25.0171 0x15b8  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
15:35:25.0217 0x15b8  Wdf01000 - ok
15:35:25.0249 0x15b8  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
15:35:25.0264 0x15b8  WdFilter - ok
15:35:25.0296 0x15b8  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
15:35:25.0311 0x15b8  WdiServiceHost - ok
15:35:25.0327 0x15b8  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
15:35:25.0342 0x15b8  WdiSystemHost - ok
15:35:25.0389 0x15b8  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi        C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
15:35:25.0467 0x15b8  wdiwifi - ok
15:35:25.0499 0x15b8  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:35:25.0514 0x15b8  WdNisDrv - ok
15:35:25.0546 0x15b8  WdNisSvc - ok
15:35:25.0561 0x15b8  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient      C:\WINDOWS\System32\webclnt.dll
15:35:25.0592 0x15b8  WebClient - ok
15:35:25.0608 0x15b8  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
15:35:25.0686 0x15b8  Wecsvc - ok
15:35:25.0717 0x15b8  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
15:35:25.0749 0x15b8  WEPHOSTSVC - ok
15:35:25.0780 0x15b8  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
15:35:25.0842 0x15b8  wercplsupport - ok
15:35:25.0874 0x15b8  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
15:35:25.0889 0x15b8  WerSvc - ok
15:35:25.0905 0x15b8  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS        C:\WINDOWS\system32\drivers\wfplwfs.sys
15:35:25.0921 0x15b8  WFPLWFS - ok
15:35:25.0936 0x15b8  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
15:35:25.0967 0x15b8  WiaRpc - ok
15:35:25.0983 0x15b8  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
15:35:25.0999 0x15b8  WIMMount - ok
15:35:25.0999 0x15b8  WinDefend - ok
15:35:26.0030 0x15b8  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
15:35:26.0046 0x15b8  WindowsTrustedRT - ok
15:35:26.0061 0x15b8  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
15:35:26.0077 0x15b8  WindowsTrustedRTProxy - ok
15:35:26.0131 0x15b8  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:35:26.0178 0x15b8  WinHttpAutoProxySvc - ok
15:35:26.0194 0x15b8  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
15:35:26.0210 0x15b8  WinMad - ok
15:35:26.0272 0x15b8  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
15:35:26.0319 0x15b8  Winmgmt - ok
15:35:26.0444 0x15b8  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
15:35:26.0616 0x15b8  WinRM - ok
15:35:26.0647 0x15b8  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
15:35:26.0678 0x15b8  WINUSB - ok
15:35:26.0694 0x15b8  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
15:35:26.0725 0x15b8  WinVerbs - ok
15:35:26.0803 0x15b8  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc          C:\WINDOWS\system32\flightsettings.dll
15:35:26.0897 0x15b8  wisvc - ok
15:35:27.0022 0x15b8  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
15:35:27.0022 0x116c  Object required for P2P: [ 44449A0EB8EBD8DCBC3ED4BB62BA3A5F ] TeamViewer
15:35:27.0163 0x15b8  WlanSvc - ok
15:35:27.0272 0x15b8  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
15:35:27.0397 0x15b8  wlidsvc - ok
15:35:27.0429 0x15b8  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
15:35:27.0444 0x15b8  WmiAcpi - ok
15:35:27.0475 0x15b8  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:35:27.0491 0x15b8  wmiApSrv - ok
15:35:27.0522 0x15b8  WMPNetworkSvc - ok
15:35:27.0538 0x15b8  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
15:35:27.0553 0x15b8  Wof - ok
15:35:27.0647 0x15b8  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
15:35:27.0803 0x15b8  workfolderssvc - ok
15:35:27.0819 0x15b8  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
15:35:27.0850 0x15b8  WPDBusEnum - ok
15:35:27.0882 0x15b8  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:35:27.0961 0x15b8  WpdUpFltr - ok
15:35:27.0977 0x15b8  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
15:35:28.0039 0x15b8  WpnService - ok
15:35:28.0055 0x15b8  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
15:35:28.0086 0x15b8  WpnUserService - ok
15:35:28.0133 0x15b8  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:35:28.0305 0x15b8  ws2ifsl - ok
15:35:28.0336 0x15b8  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
15:35:28.0399 0x15b8  wscsvc - ok
15:35:28.0414 0x15b8  [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
15:35:28.0430 0x15b8  WSDPrintDevice - ok
15:35:28.0461 0x15b8  [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan        C:\WINDOWS\system32\DRIVERS\WSDScan.sys
15:35:28.0477 0x15b8  WSDScan - ok
15:35:28.0477 0x15b8  WSearch - ok
15:35:28.0571 0x15b8  [ 5163F5BABAE1FF8CCC0AFD60B6EDD20A, E4F3FC2D7E9995DD34D6DD392D33B51649077985ECA0BF2AF0552D72DC3DF08E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
15:35:28.0711 0x15b8  wuauserv - ok
15:35:28.0742 0x15b8  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
15:35:28.0758 0x15b8  WudfPf - ok
15:35:28.0774 0x15b8  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
15:35:28.0805 0x15b8  WUDFRd - ok
15:35:28.0836 0x15b8  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
15:35:28.0867 0x15b8  wudfsvc - ok
15:35:28.0883 0x15b8  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:35:28.0899 0x15b8  WUDFWpdFs - ok
15:35:28.0899 0x15b8  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:35:28.0930 0x15b8  WUDFWpdMtp - ok
15:35:28.0977 0x15b8  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
15:35:29.0086 0x15b8  WwanSvc - ok
15:35:29.0149 0x15b8  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
15:35:29.0211 0x15b8  XblAuthManager - ok
15:35:29.0289 0x15b8  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave    C:\WINDOWS\System32\XblGameSave.dll
15:35:29.0399 0x15b8  XblGameSave - ok
15:35:29.0430 0x15b8  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip        C:\WINDOWS\System32\drivers\xboxgip.sys
15:35:29.0461 0x15b8  xboxgip - ok
15:35:29.0524 0x15b8  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc  C:\WINDOWS\system32\XboxNetApiSvc.dll
15:35:29.0586 0x15b8  XboxNetApiSvc - ok
15:35:29.0602 0x15b8  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid      C:\WINDOWS\System32\drivers\xinputhid.sys
15:35:29.0617 0x15b8  xinputhid - ok
15:35:29.0649 0x15b8  [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929FD454BC57E5A91 ] ZAM            C:\WINDOWS\System32\drivers\zam64.sys
15:35:29.0664 0x15b8  ZAM - ok
15:35:29.0742 0x15b8  [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929FD454BC57E5A91 ] ZAM_Guard      C:\WINDOWS\System32\drivers\zamguard64.sys
15:35:29.0774 0x15b8  ZAM_Guard - ok
15:35:29.0961 0x15b8  [ 65308E8DDBCA0A3D7A72E3404E194319, 93D51235D4CB50F3C73DE006843CB98B8940F92BBB84365443C9A31DEB2426A6 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
15:35:30.0071 0x15b8  ZeroConfigService - ok
15:35:30.0071 0x15b8  ================ Scan global ===============================
15:35:30.0149 0x15b8  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
15:35:30.0180 0x15b8  [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\WINDOWS\system32\winsrv.dll
15:35:30.0211 0x15b8  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
15:35:30.0258 0x15b8  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
15:35:30.0274 0x15b8  [ Global ] - ok
15:35:30.0274 0x15b8  ================ Scan MBR ==================================
15:35:30.0289 0x15b8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:35:30.0730 0x15b8  \Device\Harddisk0\DR0 - ok
15:35:30.0730 0x15b8  ================ Scan VBR ==================================
15:35:30.0761 0x15b8  [ 9770C1E6E2AB30647F01623D4464E71A ] \Device\Harddisk0\DR0\Partition1
15:35:30.0761 0x15b8  \Device\Harddisk0\DR0\Partition1 - ok
15:35:30.0777 0x15b8  [ FF7966F128B386972506692711953BDC ] \Device\Harddisk0\DR0\Partition2
15:35:30.0777 0x15b8  \Device\Harddisk0\DR0\Partition2 - ok
15:35:30.0793 0x15b8  [ DEBC2D9C07C08B245962DC757E79BA80 ] \Device\Harddisk0\DR0\Partition3
15:35:30.0793 0x15b8  \Device\Harddisk0\DR0\Partition3 - ok
15:35:30.0824 0x15b8  [ 17D26E3D5FB34B5180EACD31613643A4 ] \Device\Harddisk0\DR0\Partition4
15:35:30.0824 0x15b8  \Device\Harddisk0\DR0\Partition4 - ok
15:35:30.0839 0x15b8  [ 1723828BB21364B8D6D62016AD9C1B9F ] \Device\Harddisk0\DR0\Partition5
15:35:30.0839 0x15b8  \Device\Harddisk0\DR0\Partition5 - ok
15:35:30.0839 0x15b8  ================ Scan generic autorun ======================
15:35:30.0839 0x15b8  ETDCtrl - ok
15:35:30.0964 0x15b8  [ E0663A72DFA1F4F5845B63EB7C81AD48, 75A18A21FE25D3DE5B0018E250D71E5D6AE5438D4C9554E8E5A967028FE6DD3E ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
15:35:30.0980 0x15b8  cAudioFilterAgent - ok
15:35:31.0074 0x15b8  [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
15:35:31.0121 0x15b8  SmartAudio - ok
15:35:31.0136 0x15b8  [ 3B0AE1CCD1BE6A0A118331044DAA94AA, 2DB8F614B72B65BF8BB3C8B17AAE204615C047B2A061D1B16A161D9D2599567E ] C:\Program Files\TOSHIBA\Teco\TecoResident.exe
15:35:31.0152 0x15b8  TecoResident - ok
15:35:31.0152 0x15b8  TosWaitSrv - ok
15:35:31.0214 0x15b8  [ D79FBD277364AA1CCD6BCC6D3079E5CB, 04263E54EAA11BD984FA048E1F18ECB3A907F799D235837CC36C5FD52ADCCC58 ] C:\Program Files\Toshiba\System Setting\TCrdMain_Win8.exe
15:35:31.0246 0x15b8  TCrdMain - ok
15:35:31.0246 0x15b8  WindowsDefender - ok
15:35:31.0308 0x15b8  [ 38A4168B1A151C660B19F12C9AF871F1, 4B0DDC8C6DDF9246E96CD13C75FB578D96B23C4E0514ACBD40F3DDD20F9BC1F2 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
15:35:31.0339 0x15b8  TSVU - ok
15:35:31.0668 0x15b8  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:35:31.0887 0x15b8  OneDriveSetup - ok
15:35:32.0212 0x15b8  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:35:32.0431 0x15b8  OneDriveSetup - ok
15:35:32.0650 0x15b8  [ 44348495F9D6ED21F4EFB3FF80677D99, 05B76248764B2BF7F9229626D7EFAFF96B724D38A82969EBE376CBE879E30450 ] C:\Users\USER\AppData\Local\Microsoft\OneDrive\OneDrive.exe
15:35:32.0697 0x15b8  OneDrive - ok
15:35:32.0822 0x15b8  [ F8C3E11AF9997093C7687B4940A73705, 5A751661AEBFCDB418D008B6F5F61DA10FCEDD50B2E461EBA2EE7960C05B3F8A ] C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe
15:35:32.0884 0x15b8  Spotify Web Helper - ok
15:35:32.0884 0x15b8  Waiting for KSN requests completion. In queue: 157
15:35:33.0892 0x15b8  Waiting for KSN requests completion. In queue: 157
15:35:34.0336 0x116c  Object send P2P result: true
15:35:34.0914 0x15b8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
15:35:34.0992 0x15b8  Win FW state via NFP2: enabled ( trusted )
15:35:41.0700 0x15b8  ============================================================
15:35:41.0700 0x15b8  Scan finished
15:35:41.0700 0x15b8  ============================================================
15:35:41.0716 0x1b20  Detected object count: 0
15:35:41.0716 0x1b20  Actual detected object count: 0

cosinus 09.01.2017 15:57
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


Lausbua 09.01.2017 16:21
Code:
# AdwCleaner v6.042 - Bericht erstellt am 09/01/2017 um 16:13:01
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-09.2 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : USER - LAPTOP-ETAMG2VU
# Gestartet von : C:\Users\USER\Desktop\adwcleaner_6.042 (1).exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6943 Bytes] - [09/01/2017 06:24:05]
C:\AdwCleaner\AdwCleaner[S0].txt - [6715 Bytes] - [09/01/2017 06:21:54]
C:\AdwCleaner\AdwCleaner[S1].txt - [1491 Bytes] - [09/01/2017 07:01:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [1564 Bytes] - [09/01/2017 08:45:10]
C:\AdwCleaner\AdwCleaner[S3].txt - [1488 Bytes] - [09/01/2017 16:13:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1561 Bytes] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64
Ran by USER (Administrator) on 09.01.2017 at 16:18:38,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1A17635D-0397-4DDE-9D13-3E87CE987BD2} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.01.2017 at 16:21:03,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus 09.01.2017 16:43
Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

http://www.trojaner-board.de/picture...&pictureid=611

Lausbua 09.01.2017 16:57
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-01-2017
durchgeführt von USER (09-01-2017 16:46:19)
Gestartet von C:\Users\USER\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-29 03:15:18)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1589830459-1810594343-2398828008-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1589830459-1810594343-2398828008-503 - Limited - Disabled)
Gast (S-1-5-21-1589830459-1810594343-2398828008-501 - Limited - Disabled)
USER (S-1-5-21-1589830459-1810594343-2398828008-1001 - Administrator - Enabled) => C:\Users\USER

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
Bluetooth(R) Link (HKLM\...\{3F3DCC8C-2C93-4082-A6DE-BBDC74804FA0}) (Version: 4.3.03 - Toshiba Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.14.50 - Conexant)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5509.05 - CyberLink Corp.)
DTS Sound (HKLM-x32\...\{793B70D2-41E9-46AB-9DDC-B34C99D07DB5}) (Version: 1.02.4100 - DTS, Inc.)
ELAN Touchpad 15.8.12.5_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.12.5 - ELAN Microelectronic Corp.)
Get Dropbox (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4256 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{E8A2DA8A-CA1A-4F5A-B113-6C34FCC4B6D4}) (Version: 6.0.62.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (x32 Version: 3.4.1942 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1589830459-1810594343-2398828008-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
posterXXL Designer 5.3 (HKLM-x32\...\posterXXL Designer_is1) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10130.29089 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Spotify (HKLM-x32\...\Spotify) (Version: 1.0.5.186.ga9c24d6a - Spotify AB)
Symbaloo (HKLM-x32\...\Symbaloo) (Version: 1.1.0 - Symbaloo Launcher by Toshiba Europe GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 3.0.3.0 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{0B39C39A-3ECE-4582-9C91-842D22819A24}) (Version: 2.0.1.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.1.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.20 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 8.1.1.0 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 5.01.02.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.3.00.8003 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{55C30C5F-BDA9-459E-984D-BDD31BAA8CCF}) (Version: 3.1.2.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 2.00.0005 - Toshiba Corporation)
TOSHIBA System Settings (HKLM\...\{B040D5C9-C9AA-430A-A44E-696656012E61}) (Version: 3.0.6.6401 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {084C4F47-0CA3-4429-8A77-5AC80B098502} - System32\Tasks\BTSchedulerTask => C:\Program Files (x86)\TOSHIBA\Toshiba Bluetooth Device Profile Utility\TosBt_NotificationScheduler.exe [2015-07-08] (Toshiba Corporation)
Task: {1FC7571A-6C78-4120-87C2-F501CD549E2C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-10] (Google Inc.)
Task: {2A40B037-8D8C-4BB2-86D2-B227031ACFD9} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\USER\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {3A210F46-5BEB-4500-9E2F-4FA0EFA8FC27} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2015-07-30] (TOSHIBA Corporation)
Task: {3FEFCA17-F8CF-49C1-AB95-0C788C2B49ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-10] (Google Inc.)
Task: {7E6A4993-90A5-45B8-96B0-A3D6C4C72559} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {893CBE3A-D646-488F-AC95-4E5821B00314} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2015-06-12] (TOSHIBA Corporation)
Task: {8B050529-19BB-426B-A8C9-72E9DE49BDD6} - System32\Tasks\WRU => C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe [2016-02-24] ()
Task: {9B1D56B1-DFD2-4F96-AC72-DA362485C2A6} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [2015-05-27] ()
Task: {A04DF20C-3F64-41F9-85D5-E3E572ED1096} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {A331DAB3-4B46-49BB-BFE3-64EDCE0AFB17} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-08-12] (Intel Corporation)
Task: {A575B2A2-BD28-4BC8-8A63-5283E3B6BE6D} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-08-12] (Intel Corporation)
Task: {B16D1A14-295A-42D0-B022-48E6F1DD943F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {B2FA6788-5C80-4032-A3B8-6D766166609E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {C08D77CC-4343-4D2C-ADD8-5C06DB19751C} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-11-17] (Toshiba Europe GmbH)
Task: {C8B37A0F-E729-45A6-A554-66AF9F3D54D5} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {D289BDDB-BA0B-4447-95B2-3F69A2A387E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {D2F5C90B-B034-45C3-9490-A5D4762A1AB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {FB1939A8-AF77-444C-9049-849AF92411BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 09:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 09:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-17 16:31 - 2016-12-17 16:31 - 01678560 _____ () C:\Users\USER\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2015-05-27 11:46 - 2015-05-27 11:46 - 00019960 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2016-12-14 08:23 - 2016-12-14 08:24 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 08:23 - 2016-12-14 08:24 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 08:23 - 2016-12-14 08:24 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 08:23 - 2016-12-14 08:24 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-29 04:25 - 2016-09-29 04:25 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-14 09:17 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-14 19:32 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-14 19:32 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-14 19:32 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-14 19:32 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-14 19:32 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-16 16:35 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-16 16:35 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2016-07-25 19:31 - 00001168 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 activation.acronis.com
127.0.0.1 download.acronis.com
127.0.0.1 liveupdate.acronis.com
127.0.0.1 web-api-tih.acronis.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1589830459-1810594343-2398828008-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Toshiba\standard.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{332ED951-810C-43B9-9FEC-6E9CC1610737}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{9D47D749-72F4-427E-9C15-2BAFF56CEA73}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{ED45A621-ECEA-404F-846D-E58FD2208C9E}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F3800DC6-9B66-4E23-A650-0644FBFEACCD}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BEB0184A-2A38-4953-85F4-399E3A4CFAB4}] => C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{4CA74A6B-16A1-4806-A2BF-54E7DA9BD72F}] => C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{0B24238A-A471-4E2B-9A8F-B7F1DDDE7399}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{EA1FCAC5-E593-4DEC-B2D6-1486AEBC2A62}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{6D0DE794-2CC5-468F-BD08-6806A8254217}] => C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{F9A63019-60E7-4F6E-9626-E4CB4EB3E1AE}] => C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{9CBBC601-4FF2-4E78-AA81-6CDE9F628BD9}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{BF5F754A-1642-4412-9705-49BB754A239D}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{1B6DA395-D0EB-4A6D-AD3C-A85C1390E88E}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4139FC6F-8119-4339-AE92-3EC14B15A6F1}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{E52BB9D4-0FEE-4CA8-8C90-622D138EF15D}] => C:\Program Files (x86)\Spotify\Spotify.exe
FirewallRules: [{6BD20D02-C695-489B-8FFE-FDCD4532039C}] => C:\Program Files (x86)\Spotify\Spotify.exe
FirewallRules: [{77DD3658-90E9-42E5-9A03-2B410C4DD7D4}] => C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe
FirewallRules: [{452729DA-74A9-4933-AEFF-B733AB7C7328}] => C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe
FirewallRules: [{9C176610-F69A-407B-BB36-7861CC99E3E4}] => C:\Program Files (x86)\Spotify\SpotifyCrashService.exe
FirewallRules: [{63E68A9F-8FA5-4E63-A0B1-C3C8551E3F49}] => C:\Program Files (x86)\Spotify\SpotifyCrashService.exe
FirewallRules: [{29465517-3CDF-4B61-B155-9C4C0101A77A}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{66E35987-5BD2-4BE5-A7B0-E37BDF6A42EC}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B0ACBB03-E328-4E13-A1A2-C7C24991FDCF}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{891C60E8-3261-4F85-9681-4CB98A18D302}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FA1C6EDC-C3F7-4467-A555-76DC46503871}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Wiederherstellungspunkte =========================

21-12-2016 18:11:31 Geplanter Prüfpunkt
27-12-2016 09:52:59 Removed Google Drive
09-01-2017 14:08:26 Removed Adobe Acrobat DC.
09-01-2017 16:18:39 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/09/2017 04:18:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/09/2017 03:34:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: {A807CF2E-D377-45D3-A02C-958CB39C5D8E}.exe, Version: 3.1.0.12, Zeitstempel: 0x581ffeb3
Name des fehlerhaften Moduls: {A807CF2E-D377-45D3-A02C-958CB39C5D8E}.exe, Version: 3.1.0.12, Zeitstempel: 0x581ffeb3
Ausnahmecode: 0x40000015
Fehleroffset: 0x0014376c
ID des fehlerhaften Prozesses: 0x1cec
Startzeit der fehlerhaften Anwendung: 0x01d26a853ed30c01
Pfad der fehlerhaften Anwendung: C:\Users\USER\AppData\Local\Temp\{1FBD1D7B-4875-4A89-B750-955AED7A6FB3}\{A807CF2E-D377-45D3-A02C-958CB39C5D8E}.exe
Pfad des fehlerhaften Moduls: C:\Users\USER\AppData\Local\Temp\{1FBD1D7B-4875-4A89-B750-955AED7A6FB3}\{A807CF2E-D377-45D3-A02C-958CB39C5D8E}.exe
Berichtskennung: 676ab5e5-9dc7-4e5e-baf8-c0807206f4ae
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/09/2017 02:15:40 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: LAPTOP-ETAMG2VU)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe5

Error: (01/09/2017 02:08:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/09/2017 12:53:40 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Removed AVG 2016; Fehler = 0x80070005).

Error: (01/09/2017 12:53:40 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Removed AVG 2016; Fehler = 0x80070005).

Error: (01/09/2017 12:51:01 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Removed AVG; Fehler = 0x80070005).

Error: (01/09/2017 12:50:52 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\msiexec.exe /V; Beschreibung = Removed AVG; Fehler = 0x80070005).

Error: (01/09/2017 07:57:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000003bc,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000078633FF150.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.

Error: (01/09/2017 07:57:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000007fc,(null),0,REG_BINARY,0000004B6D19D870.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
  BackupShutdown-Ereignis

Kontext:
  Ausführungskontext: Writer
  Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
  Generatorname: MSSearch Service Writer
  Generatorinstanz-ID: {18a60bca-ca0b-42a9-ba2a-ad0e0f573a12}


Systemfehler:
=============
Error: (01/09/2017 04:43:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/09/2017 02:12:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/09/2017 02:12:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/09/2017 02:12:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/09/2017 02:12:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "virtual_file" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (01/09/2017 01:58:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/09/2017 12:55:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/09/2017 12:55:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/09/2017 12:55:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/09/2017 12:54:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "virtual_file" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2017-01-09 09:55:01.633
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-09 09:55:01.629
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-09 09:55:01.627
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-09 09:55:01.598
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-09 09:55:01.593
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-09 09:55:01.592
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-09 09:55:01.512
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-09 07:28:32.078
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-09 07:28:32.073
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-09 07:28:32.072
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8106.14 MB
Verfügbarer physikalischer RAM: 5758.37 MB
Summe virtueller Speicher: 10015.14 MB
Verfügbarer virtueller Speicher: 7630.28 MB

==================== Laufwerke ================================

Drive c: (TIH0049500A) (Fixed) (Total:919.31 GB) (Free:851.29 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2017
durchgeführt von USER (Administrator) auf LAPTOP-ETAMG2VU (09-01-2017 16:45:22)
Gestartet von C:\Users\USER\Desktop
Geladene Profile: USER (Verfügbare Profile: USER)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWififind.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3873000 2016-06-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599384 2015-06-05] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [180016 2015-06-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\Toshiba\System Setting\TCrdMain_Win8.exe [559920 2015-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516976 2015-06-09] (TOSHIBA)
HKU\S-1-5-21-1589830459-1810594343-2398828008-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe [2022968 2015-09-21] (Spotify Ltd)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3032889b-ad3b-4764-bb74-4268ac1199b0}: [DhcpNameServer] 10.0.0.254
Tcpip\..\Interfaces\{bbac6eb0-3873-4c6d-878a-5c528a6a7b74}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1589830459-1810594343-2398828008-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1589830459-1810594343-2398828008-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba15.msn.com/?pc=TBTE
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => Keine Datei

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultSearchKeyword: Default -> go
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default [2017-01-09]
CHR Extension: (Google Präsentationen) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-10]
CHR Extension: (Google Docs) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-10]
CHR Extension: (Google Drive) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-10]
CHR Extension: (YouTube) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-10]
CHR Extension: (Short URL Aliases) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbjelpidokgggpgbefbifhedhdnpleb [2017-01-02]
CHR Extension: (Google Tabellen) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-10]
CHR Extension: (Google Docs Offline) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-10]
CHR Extension: (Google Mail) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-10]
CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2218712 2016-12-13] (Adobe Systems, Incorporated)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19960 2015-05-27] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144608 2016-06-02] (ELAN Microelectronics Corp.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382440 2016-08-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
R2 TOSRMService; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe [326960 2015-06-24] (TOSHIBA)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31832 2016-06-02] (ELAN Microelectronic Corp.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
R1 MpKsl45812048; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EA4A17DB-F83C-4A1E-8736-27C1646A7B57}\MpKsl45812048.sys [44928 2017-01-09] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [301784 2015-06-02] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-17] (Realtek                                            )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2015-06-13] (Toshiba Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-01-09] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-01-09] (Zemana Ltd.)
S0 fltsrv; system32\DRIVERS\fltsrv.sys [X]
S2 virtual_file; system32\DRIVERS\virtual_file.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-09 16:21 - 2017-01-09 16:21 - 00000678 _____ C:\Users\USER\Desktop\JRT.txt
2017-01-09 16:18 - 2017-01-09 16:18 - 01663040 _____ (Malwarebytes) C:\Users\USER\Desktop\JRT.exe
2017-01-09 16:17 - 2017-01-09 16:17 - 01663040 _____ (Malwarebytes) C:\Users\USER\Downloads\JRT.exe
2017-01-09 16:09 - 2017-01-09 16:09 - 03988944 _____ C:\Users\USER\Desktop\adwcleaner_6.042 (1).exe
2017-01-09 15:34 - 2017-01-09 15:47 - 00260266 _____ C:\TDSSKiller.3.1.0.12_09.01.2017_15.34.25_log.txt
2017-01-09 15:32 - 2017-01-09 15:34 - 00012864 _____ C:\TDSSKiller.3.1.0.12_09.01.2017_15.32.47_log.txt
2017-01-09 15:32 - 2017-01-09 15:32 - 00250064 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\65104668.sys
2017-01-09 14:59 - 2017-01-09 15:32 - 04747704 _____ (AO Kaspersky Lab) C:\Users\USER\Desktop\tdsskiller.exe
2017-01-09 14:50 - 2017-01-09 15:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-09 14:48 - 2017-01-09 14:49 - 16563352 _____ (Malwarebytes Corp.) C:\Users\USER\Desktop\mbar-1.09.3.1001.exe
2017-01-09 13:34 - 2017-01-09 13:34 - 00032905 _____ C:\Users\USER\Desktop\Addition.txt
2017-01-09 10:49 - 2017-01-09 16:45 - 00012869 _____ C:\Users\USER\Desktop\FRST.txt
2017-01-09 10:18 - 2017-01-09 16:45 - 00000000 ____D C:\FRST
2017-01-09 10:17 - 2017-01-09 10:17 - 02419200 _____ (Farbar) C:\Users\USER\Downloads\FRST64.exe
2017-01-09 10:17 - 2017-01-09 10:17 - 02419200 _____ (Farbar) C:\Users\USER\Downloads\FRST64 (1).exe
2017-01-09 10:17 - 2017-01-09 10:17 - 02419200 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2017-01-09 08:57 - 2017-01-09 14:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-09 08:57 - 2017-01-09 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-09 08:57 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-09 08:22 - 2017-01-09 08:30 - 00277782 _____ C:\TDSSKiller.3.1.0.12_09.01.2017_08.22.59_log.txt
2017-01-09 08:22 - 2017-01-09 08:22 - 00002458 _____ C:\TDSSKiller.3.1.0.12_09.01.2017_08.22.11_log.txt
2017-01-09 08:21 - 2017-01-09 08:22 - 04747704 _____ (AO Kaspersky Lab) C:\Users\USER\Downloads\tdsskiller.exe
2017-01-09 08:20 - 2017-01-09 08:20 - 16563352 _____ (Malwarebytes Corp.) C:\Users\USER\Downloads\mbar-1.09.3.1001.exe
2017-01-09 08:15 - 2017-01-09 14:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-09 08:13 - 2017-01-09 15:32 - 00000000 ____D C:\Users\USER\Desktop\mbar
2017-01-09 08:13 - 2017-01-09 14:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-01-09 07:45 - 2017-01-09 07:45 - 00054736 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-01-09 07:44 - 2017-01-09 07:57 - 00000000 ____D C:\ProgramData\HitmanPro
2017-01-09 07:44 - 2017-01-09 07:44 - 11581544 _____ (SurfRight B.V.) C:\Users\USER\Downloads\hitmanpro_x64.exe
2017-01-09 07:23 - 2017-01-09 07:23 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-09 07:17 - 2017-01-09 07:22 - 54199488 _____ (Malwarebytes ) C:\Users\USER\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-09 07:11 - 2017-01-09 07:11 - 05234112 _____ (Zemana Ltd.) C:\Users\USER\Downloads\Zemana.AntiMalware.Portable.exe
2017-01-09 07:10 - 2017-01-09 16:45 - 00474551 _____ C:\WINDOWS\ZAM.krnl.trace
2017-01-09 07:10 - 2017-01-09 16:45 - 00463501 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-01-09 07:10 - 2017-01-09 07:10 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-01-09 07:10 - 2017-01-09 07:10 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-01-09 07:10 - 2017-01-09 07:10 - 00000000 ____D C:\Users\USER\AppData\Local\Zemana
2017-01-09 06:31 - 2017-01-09 06:31 - 00006946 _____ C:\Users\USER\Documents\AdwCleaner[C0].txt
2017-01-09 06:19 - 2017-01-09 16:13 - 00000000 ____D C:\AdwCleaner
2017-01-09 06:19 - 2017-01-09 06:20 - 03988944 _____ C:\Users\USER\Downloads\adwcleaner_6.042.exe
2016-12-27 09:49 - 2016-12-27 09:49 - 01065376 _____ (Google Inc.) C:\Users\USER\Downloads\googledrivesync (1).exe
2016-12-27 09:48 - 2016-12-27 09:49 - 01065376 _____ (Google Inc.) C:\Users\USER\Downloads\googledrivesync.exe
2016-12-17 16:31 - 2016-12-17 16:31 - 00003288 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-14 09:18 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-14 09:18 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-14 09:18 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-14 09:18 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-14 09:18 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 09:18 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-14 09:18 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 09:18 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-14 09:18 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-14 09:18 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-14 09:18 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-14 09:18 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-14 09:18 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-14 09:17 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-14 09:17 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-14 09:17 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-14 09:17 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-14 09:17 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-14 09:17 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-14 09:17 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-14 09:17 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 09:17 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 09:17 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-14 09:17 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-14 09:17 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 09:17 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-14 09:17 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 09:17 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-14 09:17 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-14 09:17 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-14 09:17 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 09:17 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-14 09:17 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-14 09:17 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-14 09:17 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-14 09:17 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 09:17 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-14 09:17 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-14 09:17 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-14 09:17 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-14 09:17 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 09:17 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-14 09:17 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 09:17 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-14 09:17 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 09:17 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-14 09:17 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-14 09:17 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-14 09:17 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-14 09:17 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 09:17 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-14 09:17 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-14 09:17 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 09:17 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-14 09:17 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-14 09:17 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-14 09:17 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-14 09:17 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-14 09:17 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-14 09:17 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-14 09:17 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-14 09:17 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-14 09:17 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-14 09:17 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-14 09:17 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-14 09:17 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-14 09:17 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-14 09:17 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-14 09:17 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-14 09:17 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-14 09:17 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 09:17 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-14 09:17 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 09:17 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 09:17 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-14 09:17 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-14 09:17 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 09:17 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 09:17 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-14 09:17 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-14 09:17 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 09:17 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-14 09:17 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-14 09:17 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-14 09:17 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 09:17 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-14 09:17 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-14 09:17 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 09:17 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 09:17 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 09:17 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 09:17 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-14 09:17 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 09:17 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-14 09:17 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 09:17 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-14 09:17 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-14 09:17 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-14 09:17 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-14 09:17 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-14 09:17 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-14 09:17 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-14 09:17 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 09:17 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-14 09:17 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-14 09:17 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-14 09:17 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-14 09:17 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-14 09:17 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-14 09:17 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-14 09:17 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-14 09:17 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-14 09:17 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-11 21:22 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-11 21:22 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-11 21:22 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-11 21:22 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-11 21:22 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-11 21:22 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-11 21:22 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-11 21:22 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-11 21:22 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-11 21:22 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-11 21:22 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-11 21:22 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-11 21:22 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-11 21:22 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-11 21:22 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-11 21:22 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-11 21:22 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-11 21:22 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-11 21:22 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-11 21:22 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-11 21:22 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-11 21:22 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-11 21:22 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-11 21:22 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-11 21:22 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-11 21:22 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-11 21:22 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-11 21:22 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-11 21:22 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-11 21:22 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-11 21:22 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-11 21:22 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-11 21:22 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-11 21:22 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-11 21:22 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-11 21:22 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-11 21:22 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-11 21:22 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-11 21:22 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-11 21:22 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-11 21:22 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-11 21:22 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-11 21:22 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-11 21:22 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-11 21:22 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-11 21:22 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-11 21:22 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-11 21:22 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-11 21:22 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-11 21:22 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-11 21:22 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-11 21:22 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-11 21:22 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-11 21:22 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-11 21:22 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-11 21:22 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-11 21:22 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-11 21:22 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-11 21:22 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-11 21:22 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-11 21:22 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-11 21:22 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-11 21:22 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-11 21:22 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-11 21:22 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-11 21:22 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-11 21:22 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-11 21:22 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-11 21:22 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-11 21:22 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-11 21:22 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-11 21:22 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-11 21:22 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-11 21:22 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-11 21:22 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-11 21:22 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-11 21:22 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-11 21:22 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-11 21:22 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-11 21:22 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-11 21:22 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-11 21:22 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-11 21:22 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-11 21:22 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-11 21:22 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-11 21:22 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-11 21:22 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-11 21:22 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-11 21:22 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-11 21:22 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-11 21:22 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-11 21:22 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-11 21:22 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-11 21:22 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-11 21:22 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-11 21:22 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-11 21:22 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-11 21:22 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-11 21:22 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-11 21:22 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-11 21:22 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-11 21:22 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-11 21:22 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-11 21:22 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-11 21:22 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-11 21:22 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-11 21:22 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-11 21:22 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-11 21:22 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-11 21:22 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-11 21:22 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-11 21:21 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-11 21:21 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-11 21:21 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-11 21:21 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-11 21:21 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-11 21:21 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-11 21:21 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-11 21:21 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-11 21:21 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-11 21:21 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-11 21:21 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-11 21:21 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-11 21:21 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-11 21:21 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-11 21:21 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-11 21:21 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-11 21:21 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-11 21:21 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-11 21:21 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-11 21:21 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-11 21:21 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-11 21:21 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-11 21:21 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-11 21:21 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-11 21:21 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-11 21:21 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-11 21:21 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-11 21:21 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-11 21:21 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-11 21:21 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-11 21:21 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-11 21:21 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-11 21:21 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-11 21:21 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-11 21:21 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-11 21:21 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-11 21:21 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-11 21:21 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-11 21:21 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-11 21:21 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-11 21:21 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-11 21:21 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-11 21:21 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-11 21:21 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-11 21:21 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-11 21:21 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-11 21:21 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-11 21:21 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-11 21:21 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-11 21:21 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-11 21:21 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-11 21:21 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-11 21:21 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-11 21:21 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-11 21:21 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-11 21:21 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-11 21:21 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-11 21:21 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-11 21:21 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-11 21:21 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-11 21:21 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-11 21:21 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-11 21:21 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-11 21:21 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-11 21:21 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-11 21:21 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-11 21:21 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-11 21:21 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-11 21:21 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-11 21:21 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-11 21:21 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-11 21:21 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-11 21:21 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-11 21:21 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-11 21:21 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-11 21:21 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-11 21:21 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-11 21:21 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-11 21:21 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-11 21:21 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-11 21:21 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-11 21:21 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-11 21:21 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-11 21:21 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-11 21:21 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-11 21:21 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-11 21:21 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-11 21:21 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-11 21:21 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-11 21:21 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-11 21:21 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-11 21:21 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-11 21:21 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-11 21:21 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-11 21:21 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-11 21:21 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-11 21:21 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-11 21:21 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-11 21:21 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-11 21:21 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-11 21:21 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-11 21:21 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-11 21:21 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-11 21:21 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-11 21:21 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-11 21:21 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-11 21:21 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-11 21:20 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-11 21:20 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-11 21:20 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-11 21:20 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-11 21:20 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-11 21:20 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-11 21:20 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-11 21:20 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-11 21:20 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-11 21:20 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-11 21:20 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-11 21:20 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-11 21:20 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-11 21:20 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-11 21:20 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-11 21:20 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-11 21:20 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-11 21:20 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-11 21:20 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-11 21:20 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-11 21:20 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-11 21:20 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-11 21:20 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-11 21:20 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-11 21:20 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-11 21:20 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-11 21:20 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-11 21:20 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-11 21:20 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-11 21:20 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-11 21:20 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-11 21:20 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-11 21:20 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-11 21:20 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-11 21:20 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-11 21:20 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-11 21:20 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-11 21:20 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-11 21:20 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-11 21:20 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-11 21:20 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-11 21:20 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-11 21:20 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-11 21:20 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-11 21:20 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-11 21:20 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-11 21:20 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-11 21:20 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-11 21:20 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-11 21:20 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-11 21:20 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-09 16:44 - 2016-09-29 03:33 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-09 14:13 - 2016-09-29 03:41 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-09 14:13 - 2016-05-27 12:12 - 00000000 __SHD C:\Users\USER\IntelGraphicsProfiles
2017-01-09 14:12 - 2016-09-29 04:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-09 14:12 - 2016-09-29 03:33 - 00339592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-09 14:11 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-01-09 14:10 - 2016-06-27 20:12 - 00000000 ____D C:\ProgramData\Adobe
2017-01-09 14:10 - 2016-06-27 20:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-09 14:09 - 2016-07-25 19:28 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-01-09 12:54 - 2016-06-27 20:19 - 00000000 ____D C:\ProgramData\MFAData
2017-01-09 12:54 - 2016-06-27 20:19 - 00000000 ____D C:\Program Files (x86)\AVG
2017-01-09 12:54 - 2016-06-27 20:18 - 00000000 ____D C:\Users\USER\AppData\Local\Avg
2017-01-09 12:53 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-01-09 12:53 - 2016-06-27 20:19 - 00000000 ___HD C:\$AVG
2017-01-09 12:53 - 2016-06-27 20:18 - 00000000 ____D C:\Users\USER\AppData\Local\AvgSetupLog
2017-01-09 07:32 - 2016-07-16 23:51 - 00669650 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-09 07:32 - 2016-07-16 23:51 - 00136444 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-09 07:32 - 2015-09-21 10:24 - 01783232 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-09 06:59 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-09 06:59 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-09 06:59 - 2016-05-27 12:12 - 00000000 ____D C:\Users\USER\AppData\Local\Packages
2017-01-03 09:37 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-02 20:47 - 2016-06-27 19:45 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-01-02 19:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-02 13:21 - 2016-12-03 08:34 - 00000000 ____D C:\neftonsicher
2016-12-31 10:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
2016-12-29 08:21 - 2016-06-07 10:28 - 01388432 _____ C:\Users\Public\VOIP.dat
2016-12-27 09:54 - 2016-06-10 08:33 - 00000000 ____D C:\Users\USER\AppData\Local\Google
2016-12-27 09:54 - 2016-06-10 08:33 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-22 11:06 - 2016-07-16 07:04 - 56360960 _____ C:\WINDOWS\system32\config\COMPONENTS
2016-12-22 11:06 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\config
2016-12-22 09:55 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-22 09:53 - 2016-09-29 03:45 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f8d8b5e2-4ba6-11e6-80cd-0026b955b121}.TMContainer00000000000000000002.regtrans-ms
2016-12-22 09:53 - 2016-09-29 03:45 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{f8d8b5e2-4ba6-11e6-80cd-0026b955b121}.TM.blf
2016-12-21 18:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-21 16:18 - 2016-09-29 03:45 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f8d8b5e2-4ba6-11e6-80cd-0026b955b121}.TMContainer00000000000000000001.regtrans-ms
2016-12-21 15:10 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-21 15:10 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-21 13:29 - 2016-11-14 14:08 - 00000000 ____D C:\Users\USER\AppData\Local\Diagnostics
2016-12-21 13:19 - 2016-11-11 09:23 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2016-12-21 13:19 - 2016-11-11 09:23 - 00001039 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2016-12-21 13:19 - 2016-09-13 10:14 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-21 09:19 - 2016-09-29 03:46 - 00524288 ___SH C:\Users\USER\NTUSER.DAT{6850e8f5-85f5-11e6-832a-9a2a25f002ed}.TMContainer00000000000000000002.regtrans-ms
2016-12-21 09:19 - 2016-09-29 03:46 - 00065536 ___SH C:\Users\USER\NTUSER.DAT{6850e8f5-85f5-11e6-832a-9a2a25f002ed}.TM.blf
2016-12-17 16:31 - 2016-05-27 12:16 - 00002395 _____ C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-17 16:31 - 2016-05-27 12:16 - 00000000 ___RD C:\Users\USER\OneDrive
2016-12-17 14:15 - 2016-09-29 04:10 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 14:15 - 2016-09-29 04:10 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 14:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-16 16:35 - 2016-06-10 08:34 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-16 16:35 - 2016-06-10 08:34 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-16 16:28 - 2016-09-29 04:16 - 00000174 ___SH C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-16 16:28 - 2016-05-27 12:12 - 00000402 ___SH C:\Users\USER\Documents\desktop.ini
2016-12-16 16:28 - 2016-05-27 12:12 - 00000282 ___SH C:\Users\USER\Downloads\desktop.ini
2016-12-16 16:28 - 2016-05-27 12:12 - 00000282 ___SH C:\Users\USER\Desktop\desktop.ini
2016-12-16 16:28 - 2016-05-27 12:12 - 00000174 ___SH C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-16 16:28 - 2016-05-27 12:12 - 00000000 ___RD C:\Users\USER\Videos
2016-12-16 16:28 - 2016-05-27 12:12 - 00000000 ___RD C:\Users\USER\Searches
2016-12-16 16:28 - 2016-05-27 12:12 - 00000000 ___RD C:\Users\USER\Saved Games
2016-12-16 16:28 - 2016-05-27 12:12 - 00000000 ___RD C:\Users\USER\Pictures
2016-12-16 16:28 - 2016-05-27 12:12 - 00000000 ___RD C:\Users\USER\Music
2016-12-16 16:28 - 2016-05-27 12:12 - 00000000 ___RD C:\Users\USER\Links
2016-12-16 16:28 - 2016-05-27 12:12 - 00000000 ___RD C:\Users\USER\Favorites
2016-12-16 16:28 - 2016-05-27 12:12 - 00000000 ___RD C:\Users\USER\Contacts
2016-12-16 16:28 - 2016-05-27 12:12 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-16 16:28 - 2016-05-27 12:12 - 00000000 ___RD C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-16 16:28 - 2016-04-27 06:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-16 16:27 - 2016-07-16 07:04 - 00016384 _____ C:\Users\Default\NTUSER.DAT
2016-12-16 16:24 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-15 14:51 - 2016-09-29 03:33 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f8d8b5e8-4ba6-11e6-80cd-0026b955b121}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 14:51 - 2016-09-29 03:33 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f8d8b5e8-4ba6-11e6-80cd-0026b955b121}.TM.blf
2016-12-15 14:50 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-15 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-15 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-15 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\de-DE
2016-12-15 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-15 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-15 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-15 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-15 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-15 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\de-DE
2016-12-15 14:50 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-15 14:50 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-15 14:50 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-15 14:49 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-15 14:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-15 14:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-15 14:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-15 14:49 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-15 14:49 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-15 14:49 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-15 14:49 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-15 14:48 - 2016-07-16 12:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 09:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 09:22 - 2016-06-01 14:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 09:20 - 2016-06-01 14:13 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 20:51 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Public\VOIP.dat


Einige Dateien in TEMP:
====================
C:\Users\USER\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-31 10:32

==================== Ende von FRST.txt ============================
reimage winkt noch immer :-(

cosinus 09.01.2017 23:04
FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => Keine Datei
C:\Users\Public\VOIP.dat
C:\Program Files (x86)\AVG
hosts:
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Lausbua 10.01.2017 07:53
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-01-2017
durchgeführt von USER (10-01-2017 07:31:39) Run:1
Gestartet von C:\Users\USER\Desktop
Geladene Profile: USER (Verfügbare Profile: USER)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => Keine Datei
C:\Users\Public\VOIP.dat
C:\Program Files (x86)\AVG
hosts:
emptytemp:
*****************

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Schlüssel nicht gefunden.
C:\Users\Public\VOIP.dat => erfolgreich verschoben
C:\Program Files (x86)\AVG => erfolgreich verschoben
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.

=========== EmptyTemp: ==========

BITS transfer queue => 820080 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 59413041 B
Java, Flash, Steam htmlcache => 610 B
Windows/system/drivers => 172662839 B
Edge => 7006310 B
Chrome => 246281587 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2944882 B
NetworkService => 6186 B
USER => 1305798678 B

RecycleBin => 3993712727 B
EmptyTemp: => 5.4 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 07:33:42 ====
Morgen Meister;
AVG wurde doch deinstalliert, trotzdem lese ich AVG Web tune up,
stört dasnoch?
Wie bekomm ich das weg?

Update:
nu hab ich beim Defender alles deaktiviert und nochmal drüberlaufen lassen.
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-01-2017
durchgeführt von USER (10-01-2017 07:48:53) Run:2
Gestartet von C:\Users\USER\Desktop
Geladene Profile: USER (Verfügbare Profile: USER)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => Keine Datei
C:\Users\Public\VOIP.dat
C:\Program Files (x86)\AVG
hosts:
emptytemp:
*****************

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => Schlüssel nicht gefunden.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Schlüssel nicht gefunden.
"C:\Users\Public\VOIP.dat" => nicht gefunden.
"C:\Program Files (x86)\AVG" => nicht gefunden.
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.

=========== EmptyTemp: ==========

BITS transfer queue => 294137 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11649026 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 8990 B
Edge => 0 B
Chrome => 10766251 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
USER => 213511 B

RecycleBin => 0 B
EmptyTemp: => 21.9 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 07:48:54 ====

cosinus 10.01.2017 09:49
Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

Lausbua 10.01.2017 12:43
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 10.01.2017
Suchlaufzeit: 10:17
Protokolldatei: MBAM.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.01.10.03
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: USER

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 312070
Abgelaufene Zeit: 15 Min., 59 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1b40a3753610054fb7fea32ef87017a0
# end=init
# utc_time=2017-01-10 09:36:18
# local_time=2017-01-10 10:36:18 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32012
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1b40a3753610054fb7fea32ef87017a0
# end=updated
# utc_time=2017-01-10 09:39:42
# local_time=2017-01-10 10:39:42 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1b40a3753610054fb7fea32ef87017a0
# engine=32012
# end=finished
Code:
Results of screen317's Security Check version 1.009 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 AVG Web TuneUp 
 Google Chrome (55.0.2883.87)
 Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent```````` 
 Windows Defender MSMpEng.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
 Windows Defender MSASCuiL.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

cosinus 10.01.2017 13:10
ESET Log sieht unvollständig aus

Lausbua 10.01.2017 13:36
dann muss ich nochmal ran,...ist alles gelöscht

cosinus 10.01.2017 13:43
Weißt du denn noch ob ESET was gefunden hat?

Lausbua 10.01.2017 15:16
ja, hatte er......

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1b40a3753610054fb7fea32ef87017a0
# end=init
# utc_time=2017-01-10 12:34:56
# local_time=2017-01-10 01:34:56 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32014
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1b40a3753610054fb7fea32ef87017a0
# end=updated
# utc_time=2017-01-10 12:38:14
# local_time=2017-01-10 01:38:14 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1b40a3753610054fb7fea32ef87017a0
# engine=32014
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-01-10 02:01:04
# local_time=2017-01-10 03:01:04 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 9280 15387480 0 0
# scanned=201960
# found=1
# cleaned=0
# scan_time=4969
sh=552464E3A61B57248E7ABBB9E78047923105E150 ft=1 fh=8e19f37ab9b5e3fe vn="Win32/InstallMonetizer.AQ eventuell unerwünschte Anwendung" ac=I fn="C:\Users\USER\Downloads\PDFCreator-2_3_0-Setup.exe"
Malwarebytes Anti Malware blockiert recht fleissig bösartige websites....

cosinus 10.01.2017 16:15
Was, nur diesen Fund hatte er, mehr nicht?

Zitat:
Malwarebytes Anti Malware blockiert recht fleissig bösartige websites....
Die Aussage ist ja mal echt informativ :glaskugel: :D


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:39 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2026, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58