Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Computerleistung stark eingeschränkt und Mauszeiger bewegt sich selbständig (https://www.trojaner-board.de/184327-computerleistung-stark-eingeschraenkt-mauszeiger-bewegt-selbstaendig.html)

Troja90 10.02.2017 11:14
Computerleistung stark eingeschränkt und Mauszeiger bewegt sich selbständig
 
Liste der Anhänge anzeigen (Anzahl: 2)
Hallo liebes Trojaner-Board,

ich habe schon seit längerem das Problem, dass mein Computer viel zu laut ist und nicht so funktioniert, wie er funktionieren sollte. Er lässt sich manchmal gar nicht mehr runterfahren, und fängt an aufs übelste zu laggen, selbst wenn ich nur im Internet Filme gestreamt habe oder mit Adobe eine Datei geöffnet hatte. Das ist echt nicht mehr normal. Ich habe das Gefühl ich werde über meinen Computer ausspioniert. Manchmal bewegt sich z.B. die Maus von selbst oder es öffnet sich ein Eingabefeld, in dem derjenige irgendeinen Unsinn reinschreibt. Bitte bitte helft mir die Kiste komplett zu säubern. Ist kein schönes Gefühl, wenn man denkt, man würde ausspioniert. Ich habe nun einige Virenprogramme von euch alles scannen lassen, und die Logs mit Funden angehängt. Eset und Emsisoft finden leider gar nichts.

Grüße und schonmal vielen Dank für eure tatkräftige Unterstützung

cosinus 10.02.2017 12:59
Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Troja90 10.02.2017 13:18
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 09.02.2017
Suchlaufzeit: 14:09
Protokolldatei: malwarebytes.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.02.09.03
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: pc

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 373044
Abgelaufene Zeit: 1 Std., 20 Min., 49 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 27
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [b433bfe11197a69038a63939d22e9b65],
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [b433bfe11197a69038a63939d22e9b65],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [b433bfe11197a69038a63939d22e9b65],
PUP.Optional.Reimage, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, , [f1f6564a990fc1756317500c2ed2a25e],
PUP.Optional.VLCUpdaterDE, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VLC Updater, , [a64180208c1c9a9cd5809b0c5aa6748c],
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Startfenster-Replace.de, , [01e6356b9d0b36000299f4cbe31dbe42],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, , [97503769a80057df22f182d30cf4a858],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [56913e62337547ef4b9cfb7901ff827e],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, , [9b4c208024842f079182d085956b6c94],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [20c70b9522867db9e601e88cc43cd030],
PUP.Optional.SpyHunter, HKLM\SOFTWARE\ENIGMASOFTWAREGROUP\SpyHunter, , [1bccc0e06e3a72c46012dd900df3fc04],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05A30DB2-1D4D-4B6E-8307-4374BABCCEA7}, , [6e79247cd7d12b0be0b32645b64dbc44],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D9E1F3D-E2EF-432E-A8EA-EEBF21419C78}, , [f7f0346c6345b5812e67c6a59b68c43c],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509E6558-F4B2-4FF7-9CE0-2160232EF0E5}, , [579060404d5bce68deb645262bd815eb],
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , , [c225f6aa4860072f5b9def94cb3815eb],
PUP.Optional.StartFenster, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Startfenster-Replace.exe, , [da0d069a565269cd07cebc02db25926e],
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, , [19ce2d733672c4724cc7282dc63a659b],
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [ba2d7d2391172c0a3daa373d08f814ec],
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\djhangopedggnlnicpbjklghlckmndge, , [6087d2ce7533cc6a6befc7f09d6340c0],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509E6558-F4B2-4FF7-9CE0-2160232EF0E5}, , [8e5980207b2dda5c464e1952d330e818],
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Startfenster-Replace.exe, , [4b9cbfe1bdeb8babce073e809f61f20e],
PUP.Optional.ASK, HKU\.DEFAULT\SOFTWARE\AskPartnerNetwork, , [2bbcecb4c0e8af872ac61c9d689824dc],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, , [d017920edfc9e155a67f9e3836ccc33d],
PUP.Optional.Reimage, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., , [5295930dffa968cec453a7c525dbe917],
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05A30DB2-1D4D-4B6E-8307-4374BABCCEA7}, , [2abd514f8820092dbac4c3a8f50e31cf],
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D9E1F3D-E2EF-432E-A8EA-EEBF21419C78}, , [26c1455b159378be057b630829da9868],
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509E6558-F4B2-4FF7-9CE0-2160232EF0E5}, , [edfaf1af9a0ec4724d32204be51ee21e],

Registrierungswerte: 15
PUP.Optional.VLCUpdaterDE, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|VLC Updater, C:\Program Files (x86)\VLC Updater\vlc-updater.exe /silent /wait 120, , [71767c244e5a84b2d11cc2e48d73e31d]
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [56913e62337547ef4b9cfb7901ff827e]
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [20c70b9522867db9e601e88cc43cd030]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05a30db2-1d4d-4b6e-8307-4374babccea7}|AppName, Plus-HD-5.5-bg.exe, , [6e79247cd7d12b0be0b32645b64dbc44]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1d9e1f3d-e2ef-432e-a8ea-eebf21419c78}|AppName, Plus-HD-5.5-codedownloader.exe, , [f7f0346c6345b5812e67c6a59b68c43c]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509e6558-f4b2-4ff7-9ce0-2160232ef0e5}|AppName, Plus-HD-5.5-buttonutil.exe, , [579060404d5bce68deb645262bd815eb]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130811775649434986, , [c225f6aa4860072f5b9def94cb3815eb]
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [ba2d7d2391172c0a3daa373d08f814ec]
PUP.Optional.Astromenda, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Astromenda\\, , [3bac5d43dfc949ed80421a4a7f843bc5]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509e6558-f4b2-4ff7-9ce0-2160232ef0e5}|AppName, Plus-HD-5.5-buttonutil.exe, , [8e5980207b2dda5c464e1952d330e818]
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|Plus-HD-5.5-bg.exe, 8000, , [c225326e07a1d1659ffad8e1f01359a7]
PUP.Optional.VLCUpdaterDE, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VLC UPDATER|URLInfoAbout, hxxp://www.vlc-updater.de/?from=about, , [e7007828b8f08ea896afb7f013ed2cd4]
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05a30db2-1d4d-4b6e-8307-4374babccea7}|AppName, Plus-HD-5.5-bg.exe, , [2abd514f8820092dbac4c3a8f50e31cf]
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1d9e1f3d-e2ef-432e-a8ea-eebf21419c78}|AppName, Plus-HD-5.5-codedownloader.exe, , [26c1455b159378be057b630829da9868]
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509e6558-f4b2-4ff7-9ce0-2160232ef0e5}|AppName, Plus-HD-5.5-buttonutil.exe, , [edfaf1af9a0ec4724d32204be51ee21e]

Registrierungsdaten: 1
PUP.Optional.Conduit, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.bing.com/?pc=COSP&ptag=D031316-AF69C3D636C&form=CONMHP&conlogo=CT3335177, Gut: (www.google.com), Schlecht: (hxxp://www.bing.com/?pc=COSP&ptag=D031316-AF69C3D636C&form=CONMHP&conlogo=CT3335177),,[07e0dbc5357378bea5ec26e4bf4523dd]

Ordner: 7
PUP.Optional.VLCUpdaterDE, C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC Updater, , [9750f6aa4d5bf93dea208f16748cfe02],
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater, , [a64180208c1c9a9cd5809b0c5aa6748c],
PUP.Optional.StartFenster, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster Symbol, , [cc1befb1b5f30135f8c93d8115eb9070],
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster-Replace, , [01e6356b9d0b36000299f4cbe31dbe42],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter, , [47a00799317782b44af3442daf51cc34],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Log, , [47a00799317782b44af3442daf51cc34],
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster Symbol, , [be29c0e0ddcbe056c6effdcdc23e8b75],

Dateien: 22
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater\vlc-updater.exe, , [71767c244e5a84b2d11cc2e48d73e31d],
PUP.Optional.VLCUpdaterDE, C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC Updater\Software deinstallieren.lnk, , [9750f6aa4d5bf93dea208f16748cfe02],
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater\setup.ico, , [a64180208c1c9a9cd5809b0c5aa6748c],
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater\uninstall.exe, , [a64180208c1c9a9cd5809b0c5aa6748c],
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater\vlc.ico, , [a64180208c1c9a9cd5809b0c5aa6748c],
PUP.Optional.StartFenster.ShrtCln, C:\Users\pc\Favorites\Startfenster.lnk, , [b730752bb0f83afc59f708af8878738d],
PUP.Optional.StartFenster.ShrtCln, C:\ProgramData\Microsoft\Windows\Start Menu\Startfenster.lnk, , [a93ec9d7b6f22e08de730daa9e62fe02],
PUP.Optional.StartFenster, C:\Users\pc\AppData\Roaming\Mozilla\Extensions\startfensterde-0.0.1-an+fx-linux.xpi, , [a34479272484bb7b5b00338427d9aa56],
PUP.Optional.StartFenster.ShrtCln, C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk, , [ebfc693768401c1aeae301b7728eb749],
PUP.Optional.StartFenster.ShrtCln, C:\Users\pc\Favorites\Links\Startfenster.lnk, , [a1466040bdeb1f1701d06b4dee125fa1],
PUP.Optional.StartFenster, C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster Symbol.lnk, , [e205128ea8001b1bca5a338b31cf5ca4],
PUP.Optional.StartFenster, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster Symbol\Startfenster.lnk, , [cc1befb1b5f30135f8c93d8115eb9070],
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster-Replace\logo.ico, , [01e6356b9d0b36000299f4cbe31dbe42],
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster-Replace\uninstall.exe, , [01e6356b9d0b36000299f4cbe31dbe42],
PUP.Optional.GoodGame, C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GoodGame.lnk, , [6f78019f396f3bfb0d3a03c088781ce4],
PUP.Optional.StartFenster, C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk, , [8e59f2ae288078be7d2f844509f7e51b],
PUP.Optional.StartFenster, C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Startfenster.lnk, , [ab3c1789278146f0fff328a2699754ac],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\gil.dat, , [47a00799317782b44af3442daf51cc34],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\gas.dat, , [47a00799317782b44af3442daf51cc34],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20140918_050344.log, , [47a00799317782b44af3442daf51cc34],
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster Symbol\logo.ico, , [be29c0e0ddcbe056c6effdcdc23e8b75],
PUP.Optional.Conduit, C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.bing.com/?pc=COSP&ptag=D031316-AF69C3D636C&form=CONMHP&conlogo=CT3335177");), ,[73741888921671c58d5dbd5fc0445aa6]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 09.02.2017
Suchlaufzeit: 14:09
Protokolldatei: malwarebytes2.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.02.09.03
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: pc

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 373044
Abgelaufene Zeit: 1 Std., 20 Min., 49 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 27
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [b433bfe11197a69038a63939d22e9b65],
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [b433bfe11197a69038a63939d22e9b65],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, , [b433bfe11197a69038a63939d22e9b65],
PUP.Optional.Reimage, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, , [f1f6564a990fc1756317500c2ed2a25e],
PUP.Optional.VLCUpdaterDE, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VLC Updater, , [a64180208c1c9a9cd5809b0c5aa6748c],
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Startfenster-Replace.de, , [01e6356b9d0b36000299f4cbe31dbe42],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, , [97503769a80057df22f182d30cf4a858],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [56913e62337547ef4b9cfb7901ff827e],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, , [9b4c208024842f079182d085956b6c94],
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [20c70b9522867db9e601e88cc43cd030],
PUP.Optional.SpyHunter, HKLM\SOFTWARE\ENIGMASOFTWAREGROUP\SpyHunter, , [1bccc0e06e3a72c46012dd900df3fc04],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05A30DB2-1D4D-4B6E-8307-4374BABCCEA7}, , [6e79247cd7d12b0be0b32645b64dbc44],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D9E1F3D-E2EF-432E-A8EA-EEBF21419C78}, , [f7f0346c6345b5812e67c6a59b68c43c],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509E6558-F4B2-4FF7-9CE0-2160232EF0E5}, , [579060404d5bce68deb645262bd815eb],
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , , [c225f6aa4860072f5b9def94cb3815eb],
PUP.Optional.StartFenster, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Startfenster-Replace.exe, , [da0d069a565269cd07cebc02db25926e],
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, , [19ce2d733672c4724cc7282dc63a659b],
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, , [ba2d7d2391172c0a3daa373d08f814ec],
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\djhangopedggnlnicpbjklghlckmndge, , [6087d2ce7533cc6a6befc7f09d6340c0],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509E6558-F4B2-4FF7-9CE0-2160232EF0E5}, , [8e5980207b2dda5c464e1952d330e818],
PUP.Optional.StartFenster, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Startfenster-Replace.exe, , [4b9cbfe1bdeb8babce073e809f61f20e],
PUP.Optional.ASK, HKU\.DEFAULT\SOFTWARE\AskPartnerNetwork, , [2bbcecb4c0e8af872ac61c9d689824dc],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, , [d017920edfc9e155a67f9e3836ccc33d],
PUP.Optional.Reimage, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., , [5295930dffa968cec453a7c525dbe917],
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05A30DB2-1D4D-4B6E-8307-4374BABCCEA7}, , [2abd514f8820092dbac4c3a8f50e31cf],
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D9E1F3D-E2EF-432E-A8EA-EEBF21419C78}, , [26c1455b159378be057b630829da9868],
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509E6558-F4B2-4FF7-9CE0-2160232EF0E5}, , [edfaf1af9a0ec4724d32204be51ee21e],

Registrierungswerte: 15
PUP.Optional.VLCUpdaterDE, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|VLC Updater, C:\Program Files (x86)\VLC Updater\vlc-updater.exe /silent /wait 120, , [71767c244e5a84b2d11cc2e48d73e31d]
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [56913e62337547ef4b9cfb7901ff827e]
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [20c70b9522867db9e601e88cc43cd030]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05a30db2-1d4d-4b6e-8307-4374babccea7}|AppName, Plus-HD-5.5-bg.exe, , [6e79247cd7d12b0be0b32645b64dbc44]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1d9e1f3d-e2ef-432e-a8ea-eebf21419c78}|AppName, Plus-HD-5.5-codedownloader.exe, , [f7f0346c6345b5812e67c6a59b68c43c]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509e6558-f4b2-4ff7-9ce0-2160232ef0e5}|AppName, Plus-HD-5.5-buttonutil.exe, , [579060404d5bce68deb645262bd815eb]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130811775649434986, , [c225f6aa4860072f5b9def94cb3815eb]
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}\1.0, REI_AxControl 1.0 Type Library, , [ba2d7d2391172c0a3daa373d08f814ec]
PUP.Optional.Astromenda, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Astromenda\\, , [3bac5d43dfc949ed80421a4a7f843bc5]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509e6558-f4b2-4ff7-9ce0-2160232ef0e5}|AppName, Plus-HD-5.5-buttonutil.exe, , [8e5980207b2dda5c464e1952d330e818]
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|Plus-HD-5.5-bg.exe, 8000, , [c225326e07a1d1659ffad8e1f01359a7]
PUP.Optional.VLCUpdaterDE, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VLC UPDATER|URLInfoAbout, hxxp://www.vlc-updater.de/?from=about, , [e7007828b8f08ea896afb7f013ed2cd4]
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{05a30db2-1d4d-4b6e-8307-4374babccea7}|AppName, Plus-HD-5.5-bg.exe, , [2abd514f8820092dbac4c3a8f50e31cf]
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1d9e1f3d-e2ef-432e-a8ea-eebf21419c78}|AppName, Plus-HD-5.5-codedownloader.exe, , [26c1455b159378be057b630829da9868]
PUP.Optional.CrossRider, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{509e6558-f4b2-4ff7-9ce0-2160232ef0e5}|AppName, Plus-HD-5.5-buttonutil.exe, , [edfaf1af9a0ec4724d32204be51ee21e]

Registrierungsdaten: 1
PUP.Optional.Conduit, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.bing.com/?pc=COSP&ptag=D031316-AF69C3D636C&form=CONMHP&conlogo=CT3335177, Gut: (www.google.com), Schlecht: (hxxp://www.bing.com/?pc=COSP&ptag=D031316-AF69C3D636C&form=CONMHP&conlogo=CT3335177),,[07e0dbc5357378bea5ec26e4bf4523dd]

Ordner: 7
PUP.Optional.VLCUpdaterDE, C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC Updater, , [9750f6aa4d5bf93dea208f16748cfe02],
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater, , [a64180208c1c9a9cd5809b0c5aa6748c],
PUP.Optional.StartFenster, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster Symbol, , [cc1befb1b5f30135f8c93d8115eb9070],
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster-Replace, , [01e6356b9d0b36000299f4cbe31dbe42],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter, , [47a00799317782b44af3442daf51cc34],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Log, , [47a00799317782b44af3442daf51cc34],
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster Symbol, , [be29c0e0ddcbe056c6effdcdc23e8b75],

Dateien: 22
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater\vlc-updater.exe, , [71767c244e5a84b2d11cc2e48d73e31d],
PUP.Optional.VLCUpdaterDE, C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC Updater\Software deinstallieren.lnk, , [9750f6aa4d5bf93dea208f16748cfe02],
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater\setup.ico, , [a64180208c1c9a9cd5809b0c5aa6748c],
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater\uninstall.exe, , [a64180208c1c9a9cd5809b0c5aa6748c],
PUP.Optional.VLCUpdaterDE, C:\Program Files (x86)\VLC Updater\vlc.ico, , [a64180208c1c9a9cd5809b0c5aa6748c],
PUP.Optional.StartFenster.ShrtCln, C:\Users\pc\Favorites\Startfenster.lnk, , [b730752bb0f83afc59f708af8878738d],
PUP.Optional.StartFenster.ShrtCln, C:\ProgramData\Microsoft\Windows\Start Menu\Startfenster.lnk, , [a93ec9d7b6f22e08de730daa9e62fe02],
PUP.Optional.StartFenster, C:\Users\pc\AppData\Roaming\Mozilla\Extensions\startfensterde-0.0.1-an+fx-linux.xpi, , [a34479272484bb7b5b00338427d9aa56],
PUP.Optional.StartFenster.ShrtCln, C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk, , [ebfc693768401c1aeae301b7728eb749],
PUP.Optional.StartFenster.ShrtCln, C:\Users\pc\Favorites\Links\Startfenster.lnk, , [a1466040bdeb1f1701d06b4dee125fa1],
PUP.Optional.StartFenster, C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster Symbol.lnk, , [e205128ea8001b1bca5a338b31cf5ca4],
PUP.Optional.StartFenster, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster Symbol\Startfenster.lnk, , [cc1befb1b5f30135f8c93d8115eb9070],
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster-Replace\logo.ico, , [01e6356b9d0b36000299f4cbe31dbe42],
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster-Replace\uninstall.exe, , [01e6356b9d0b36000299f4cbe31dbe42],
PUP.Optional.GoodGame, C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GoodGame.lnk, , [6f78019f396f3bfb0d3a03c088781ce4],
PUP.Optional.StartFenster, C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk, , [8e59f2ae288078be7d2f844509f7e51b],
PUP.Optional.StartFenster, C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Startfenster.lnk, , [ab3c1789278146f0fff328a2699754ac],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\gil.dat, , [47a00799317782b44af3442daf51cc34],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\gas.dat, , [47a00799317782b44af3442daf51cc34],
PUP.Optional.SpyHunter, C:\Program Files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20140918_050344.log, , [47a00799317782b44af3442daf51cc34],
PUP.Optional.StartFenster, C:\Program Files (x86)\Startfenster Symbol\logo.ico, , [be29c0e0ddcbe056c6effdcdc23e8b75],
PUP.Optional.Conduit, C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.bing.com/?pc=COSP&ptag=D031316-AF69C3D636C&form=CONMHP&conlogo=CT3335177");), ,[73741888921671c58d5dbd5fc0445aa6]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 10.02.2017
Suchlaufzeit: 09:47
Protokolldatei: malwarebytes.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.02.10.01
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: pc

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 407332
Abgelaufene Zeit: 24 Min., 49 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Conduit, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.BAK\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [4aff70317038be78e12d8ddd63a0649c],

Registrierungswerte: 1
PUP.Optional.Conduit, HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.bing.com/search?pc=COSP&ptag=D031316-AF69C3D636C&form=CONBDF&conlogo=CT3335177&q={searchTerms}, , [4aff70317038be78e12d8ddd63a0649c]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.Conduit, C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.bing.com/?pc=COSP&ptag=D031316-AF69C3D636C&form=CONMHP&conlogo=CT3335177");), ,[3d0c3d64cbdd1f17684af528f311eb15]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus 10.02.2017 13:34
Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Troja90 10.02.2017 13:50
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-02-2017
durchgeführt von pc (10-02-2017 13:42:39)
Gestartet von C:\Users\TEMP\Downloads
Windows 10 Pro Version 1607 (X64) (2017-02-05 06:20:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3981403820-1071516951-1015314759-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3981403820-1071516951-1015314759-503 - Limited - Disabled)
Gast (S-1-5-21-3981403820-1071516951-1015314759-501 - Limited - Disabled)
pc (S-1-5-21-3981403820-1071516951-1015314759-1000 - Administrator - Enabled) => C:\Users\TEMP

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {701CB209-EBBC-AADC-11E6-DE73E7AF4C9D}
AV: ESET Internet Security 10.0.390.0 (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {CB7D53ED-CD86-A552-2B56-E5019C280620}
AS: ESET Internet Security 10.0.390.0 (Disabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
BIOS Update (HKLM-x32\...\{28FFFE19-141E-47CF-8E9B-DD75B43C4B06}) (Version:  - )
Dropbox (HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.1 - Emsisoft Ltd.)
ESET Internet Security (HKLM\...\{93B15ACC-6918-4F66-BB9C-E6C5816279D1}) (Version: 10.0.390.0 - ESET, spol. s r.o.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{ECC840AB-FC9C-4DFA-A26A-C639CDA005BD}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3981403820-1071516951-1015314759-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Startfenster (HKLM-x32\...\Startfenster.de) (Version: 1.0 - Startfenster) <==== ACHTUNG
Studie zur Verbesserung von HP Deskjet 1050 J410 series Produkten (HKLM\...\{32F69C20-FB09-4C40-A7B2-0E055D26867A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5 - VideoLAN)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0274893F-1EF9-44BD-BDAD-46D608028FB3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05B55282-1F9D-4731-AA1A-5E1BB0E0A57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B70A578-0426-4752-849A-6A4AB6715F13} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E347927-D47D-4492-AC4D-B49BABDF0BFD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {0FB172E3-24AE-43F5-96EB-A82A56DCDD38} - System32\Tasks\HP Deskjet 1050 J410 series.exe => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HP Deskjet 1050 J410 series.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {11BD22EF-3B58-452A-9910-21DED479CAD5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {11FF9B93-B14A-4147-AA8B-DDC4E104CA3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.)
Task: {19457666-402B-498E-B5E8-D6617E06856F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19CC5F0C-E18C-4C01-AF3A-D418506FEECF} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1FAC2BE1-C831-4440-8245-DEE3AA69A7D9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {2347F8BE-ECDB-44AC-B3EB-144E5C1A5CCA} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2520172F-A6CA-4B53-B7DA-7A0543B63F7B} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe
Task: {259B8D63-6F22-44ED-8145-BF7BE1880286} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe
Task: {36E6C1F9-9FB1-42FC-A507-48FBD37748AC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {3DCD9653-7C5D-4356-A9D9-AEAA15ED4287} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe
Task: {43093E68-CF08-4621-B371-CC8B7473306F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {452552C4-9041-40D6-97B7-56978322DEFB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4B3C722E-BBFD-474C-B6B6-BDD79B3FCEF1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {50FA58DD-9282-4109-8009-3EB1911EF53C} - System32\Tasks\SuperbGameBoost => C:\Program Files (x86)\SuperBoost\Superb Game Boost\SuperbGameBoostMain.exe
Task: {51CF68BF-9E52-420D-A121-3DB2264BC0F4} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {52267A4B-6A1E-43B0-BE94-B8792345C4A6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {57BFC9C3-9BC0-45AE-9D8F-056FBD2A18CA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6F020EFC-2124-408A-BFAB-B318BE543689} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
Task: {7239F502-00AC-479D-9789-464BF87D003A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {7C4527A9-3114-4279-881A-F67D05B5947F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-14] (Microsoft Corporation)
Task: {7C948F14-D700-4192-9393-3FAB96D403D5} - System32\Tasks\ASC10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {7D2D4C32-06FC-4D50-8553-63840357D700} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {81481079-B9D8-424D-A086-A7ED59DC6D46} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {827C9269-AF8B-4960-89C9-F48B1FE741D8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {82AF28DB-FCEE-4BFE-B6A1-E5EF77F389BF} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2017-02-10] (Microsoft Corporation) <==== ACHTUNG
Task: {863203B0-B532-4AE8-BEF4-2EF9B1E857A8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-14] (Microsoft Corporation)
Task: {86C4D2A6-3CDF-4968-B92A-682FA200E0C0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {884132ED-6BF3-4B6D-B2EA-D50F3C144A96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-14] (Microsoft Corporation)
Task: {8B056039-B68A-489B-8425-4D70A939BC76} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12] (Hewlett-Packard)
Task: {8ED0E1B7-0B61-43A2-B18A-318624417DAF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A0729F03-9656-47BE-B236-B8D07C60D95E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A272A335-413A-4704-9EE4-9376F6058208} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {A3844174-1BCB-49BF-A9F4-7B3F56CC0086} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000Core => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {A72D0D8B-7A6C-4268-BEB3-FA300E009CCA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A8527F9A-B698-4A16-A736-0AFBBA38586E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000UA => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {AA881718-CC52-4AAF-AC87-084A57A4A017} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AAB9DAEB-BD54-406A-8B75-5D22501E295E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {AADA15BF-F5F9-4223-9729-BC1B0106B463} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {AB3EDDF4-DE93-4B7F-8F60-5696028F2B92} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B253AEA3-BA80-4485-A6C9-9CA440DB6468} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation)
Task: {B940F34A-9E17-4719-B18B-0B989802DBCA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {BF7FEF7E-9C68-4571-B9C4-51864F34A7CC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {C06ADBA9-FC9A-4B1F-AAAD-ECDBC74E6A10} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1CE1BEE-A998-4DC1-BBD4-42D3BF3F39E8} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {C83C91D4-FF56-4FB8-AF02-4E8E13252E65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.)
Task: {CC012857-C3E9-4B84-943A-E9AD4A996CDA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {DA60C8D1-BB6B-4471-B0E3-779C01E586B8} - System32\Tasks\ASC10_SkipUac_pc => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {DD76FF96-1411-4350-8BB0-348FBD351DE7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {DE761EC7-0A6C-4EC7-831C-4ADED2C98FB1} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe
Task: {DFAED316-BBA8-4252-BD49-F7897E6214D2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E1D68888-D006-4FBF-A1A3-CA6DBCDF5F51} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {EAA49932-6F57-4BA1-AB3B-05921ABB84DC} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F5183DE3-FF23-46DC-AC3F-628E496EFF2C} - System32\Tasks\Driver Booster SkipUAC (pc) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
Task: {F58E3AC9-8CAF-4DDC-ACFC-58BAECA1477F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FC9EAA54-86C5-4261-B5B5-51574B6858DC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000Core.job => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000UA.job => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-09 23:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-01-14 21:46 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-02-09 23:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-20 22:06 - 2016-11-20 22:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-09 23:49 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-02-09 23:28 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-09 23:28 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-09 23:28 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-09 23:28 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-09 23:28 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-09 23:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 01872384 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [134]
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [141]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-07-30 09:10 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: WinPatrol => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot
HKLM\...\StartupApproved\Run: => "emsisoft anti-malware"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\StartupApproved\Run: => "Advanced SystemCare 10"
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Advanced SystemCare 10"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{9F32A2AA-758F-4995-812E-B2B637EDC4FE}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{DC307441-D3D1-40F8-B1A9-F760FE824D73}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [UDP Query User{17E7F625-8794-4102-8ECF-E2E62A22A117}C:\users\pc\appdata\local\akamai\netsession_win.exe] => C:\users\pc\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{12AF9742-1EA2-463B-AE07-5E882E9221A3}C:\users\pc\appdata\local\akamai\netsession_win.exe] => C:\users\pc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B839F2FF-8298-41E2-9AF9-2FABC9BF7F24}C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{380A071D-66F4-402E-B39D-A138639EC290}C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{750F7E39-8E06-4A14-9578-3B97E4C93635}C:\windows\system32\mobsync.exe] => C:\windows\system32\mobsync.exe
FirewallRules: [TCP Query User{D63BBF92-BED8-4494-95A1-D2461BB1922B}C:\windows\system32\mobsync.exe] => C:\windows\system32\mobsync.exe
FirewallRules: [UDP Query User{AB89B350-38D3-467B-B6FF-AD5E7D1A90DB}C:\windows\system32\sihost.exe] => C:\windows\system32\sihost.exe
FirewallRules: [TCP Query User{612C0E22-F88E-4837-BAD5-E654C8879793}C:\windows\system32\sihost.exe] => C:\windows\system32\sihost.exe
FirewallRules: [UDP Query User{BEC1CC13-7B4E-41D7-B3BB-DCD53598A8B8}C:\windows\system32\dllhost.exe] => C:\windows\system32\dllhost.exe
FirewallRules: [TCP Query User{A2A1C245-EF89-49B0-B5C7-139A7D75A58A}C:\windows\system32\dllhost.exe] => C:\windows\system32\dllhost.exe
FirewallRules: [UDP Query User{2E795BE5-EC19-498E-8278-39EF526C5DA1}C:\windows\explorer.exe] => C:\windows\explorer.exe
FirewallRules: [TCP Query User{7BB94C04-1425-46AA-B77D-29C1B712EF9D}C:\windows\explorer.exe] => C:\windows\explorer.exe
FirewallRules: [{B802E5D9-F0D2-4E85-95E9-89EC8FCD82A1}] => C:\AeriaGames\DragomonHunter-US\Game.bin
FirewallRules: [{9D7612E6-E89B-475E-B933-8A65EBFB52C3}] => C:\AeriaGames\DragomonHunter-US\Game.bin
FirewallRules: [UDP Query User{FC17483B-425C-4984-95C3-F560D711F086}C:\users\pc\appdata\local\akamai\netsession_win.exe] => C:\users\pc\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E87BC14B-8F86-4469-AC7C-9D41DDCE2857}C:\users\pc\appdata\local\akamai\netsession_win.exe] => C:\users\pc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C8B97016-15A8-4977-ACAA-B9E6FB9007DC}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{69C84397-C5BA-4665-8851-38777ECFBBE0}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{C1A75B18-CA44-42FB-A0CE-6B48E5CBBCFA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D162D7-DAB5-4037-AC31-D555D138494E}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{515FF2A9-C39B-4DD9-B49C-481957E45E5C}] => C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9B9E4CA4-5701-416A-AB17-57237169C87C}] => C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8B2CE32A-60FA-4D77-A915-585B5E5AEFFA}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5080F835-1E38-426C-82CA-17336DC6CFAC}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{373C7E9B-1796-461E-A412-CCC93CEEE83C}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{76F9F863-6B93-404C-8DE6-0C3076ED3BCC}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E27750FB-4891-456B-9298-72071F66F732}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C40645F3-E3DA-458D-9483-6478D8F17AA1}] => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{101D079D-1BD8-422C-B438-0A6CFB2557D4}] => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{543BA4D6-63FB-41FE-A85A-58D716C598D8}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E99978CA-DBE9-4A38-A4CA-29797A297098}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CE4FD77A-5582-48F8-A82C-53906C896488}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{EA6DE4BD-97D4-4113-A0E9-255B92C1105B}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{0021C2A3-96CF-4DF8-A58F-F20E341196F2}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{ED9F831E-DB9F-4F45-A940-626B03F8AD63}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{CE07B46B-5421-4424-A2B9-1EAEE4FE16C9}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{812FDBBD-9256-4DDF-A1D5-F598AEA0F984}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{D053CD43-2232-41AD-8706-BF49874B6DAA}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

10-02-2017 02:04:02 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/10/2017 09:34:40 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/10/2017 09:26:51 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: pc-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (02/10/2017 09:26:51 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: pc-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.

Error: (02/10/2017 09:26:51 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: pc-PC)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (02/10/2017 09:26:51 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 for C:\Users\pc\ntuser.dat

Error: (02/10/2017 09:24:32 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/10/2017 09:21:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x10f0
Startzeit der fehlerhaften Anwendung: 0x01d28376b3888de9
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: edc66d1d-9632-48d6-855a-47230605b146
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (02/10/2017 09:21:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x10f0
Startzeit der fehlerhaften Anwendung: 0x01d28376b3888de9
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: c027f9b0-fbfb-4ef5-8f8b-127d6b3f5fb1
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (02/10/2017 09:21:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x1b00
Startzeit der fehlerhaften Anwendung: 0x01d28376b38caf2c
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: d7e7ff4f-d6cd-4ae4-95f7-f19c3969aee7
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (02/10/2017 09:20:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: pc-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (02/10/2017 10:04:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Facebook

Error: (02/10/2017 10:00:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Twitter

Error: (02/10/2017 09:57:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Microsoft Engagement Framework

Error: (02/10/2017 09:56:54 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Xbox Identity Provider

Error: (02/10/2017 09:52:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d01 fehlgeschlagen: Netflix

Error: (02/10/2017 09:34:05 AM) (Source: DCOM) (EventID: 10016) (User: pc-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "pc-PC\pc" (SID: S-1-5-21-3981403820-1071516951-1015314759-1000) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}
 und der APPID
{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}
 im Anwendungscontainer "Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/10/2017 09:33:45 AM) (Source: DCOM) (EventID: 10010) (User: pc-PC)
Description: Der Server "{4661626C-9F41-40A9-B3F5-5580E80CB347}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/10/2017 09:31:45 AM) (Source: DCOM) (EventID: 10010) (User: pc-PC)
Description: Der Server "{4661626C-9F41-40A9-B3F5-5580E80CB347}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/10/2017 09:29:41 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/10/2017 09:27:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sgbupt" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2017-02-10 09:28:02.904
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2017-02-10 00:44:14.075
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:44:14.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:44:14.053
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:44:14.043
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:44:14.033
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:44:14.021
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:37:04.465
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2017-02-09 19:52:00.462
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-09 19:51:45.378
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen ===========================

Prozessor: AMD Athlon(tm) II X2 250 Processor
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 3071.3 MB
Verfügbarer physikalischer RAM: 1199.44 MB
Summe virtueller Speicher: 6143.3 MB
Verfügbarer virtueller Speicher: 3800.37 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:311.96 GB) (Free:44.01 GB) NTFS
Drive d: () (Fixed) (Total:153.26 GB) (Free:152.02 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F8096D02)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=312 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=153.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Troja90 10.02.2017 13:51
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017
durchgeführt von pc (Administrator) auf PC-PC (10-02-2017 13:40:06)
Gestartet von C:\Users\TEMP\Downloads
Geladene Profile: pc &  (Verfügbare Profile: pc) <==== ACHTUNG (Temporäres Profil?)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(ESET) C:\Program Files\ESET\ESET Internet Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Internet Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ESET) C:\Program Files\ESET\ESET Internet Security\eOPPFrame.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [8154184 2017-02-06] (Emsisoft Ltd)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IObit Malware Fighter] => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\Run: [OneDrive] => C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1517280 2017-02-10] (Microsoft Corporation) <===== ACHTUNG
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDrive] => C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe [1517280 2017-02-10] (Microsoft Corporation) <===== ACHTUNG
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Dropbox Update] => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Akamai NetSession Interface] => C:\Users\pc\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Advanced SystemCare 10] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\pc\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Advanced SystemCare 10] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0474583c-a2d6-475b-9c4f-e8f3ebca82c5}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D031316-AF69C3D636C&form=CONBDF&conlogo=CT3335177&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D031316-AF69C3D636C&form=CONBDF&conlogo=CT3335177&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-01-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-09] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-01-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-09] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-01-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-01-14] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: a0by246n.default
FF ProfilePath: C:\Users\TEMP\AppData\Roaming\Mozilla\Firefox\Profiles\a0by246n.default [2017-02-10]
FF HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\extensions\cliqz@cliqz.com => nicht gefunden
FF HKU\S-1-5-21-3981403820-1071516951-1015314759-1000.bak-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.0.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-01-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-14] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9483200 2017-02-06] (Emsisoft Ltd)
R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2016-12-12] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-06] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Internet Security\ekrn.exe [2836296 2016-12-14] (ESET)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-20] (Microsoft Corporation)
S3 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-30] () [Datei ist nicht signiert]
S3 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [41952 2016-12-19] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 IMFservice; "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" [X]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
S2 sgbupt; C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2016-12-01] (Advanced Micro Devices Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-12-06] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-12-06] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [28272 2016-12-06] (Avira Operations GmbH & Co. KG)
R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
R1 BSMEM; C:\Windows\SysWOW64\drivers\BSMEM.sys [17024 2012-07-26] (BIOSTAR Group) [Datei ist nicht signiert]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2017-01-17] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2017-01-17] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2017-01-17] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2017-01-17] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2017-01-17] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2017-01-17] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2017-01-17] (ESET)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-01] (REALiX(tm))
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 nusb3hub; C:\WINDOWS\system32\drivers\nusb3hub.sys [80384 2010-09-30] (Renesas Electronics Corporation) [Datei ist nicht signiert]
S3 nusb3xhc; C:\WINDOWS\system32\drivers\nusb3xhc.sys [180736 2010-09-30] (Renesas Electronics Corporation) [Datei ist nicht signiert]
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-07-27] (IObit.com)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2016-12-19] (Realtek                                            )
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-08-28] (Wellbia.com Co., Ltd.)
U4 aspnet_state; kein ImagePath
U0 aswVmm; kein ImagePath
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-10 13:40 - 2017-02-10 13:41 - 00024018 _____ C:\Users\TEMP\Downloads\FRST.txt
2017-02-10 13:39 - 2017-02-10 13:40 - 00000000 ____D C:\FRST
2017-02-10 13:38 - 2017-02-10 13:38 - 02421248 _____ (Farbar) C:\Users\TEMP\Downloads\FRST64.exe
2017-02-10 11:27 - 2017-02-10 11:27 - 00004070 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4F3F3B81-042D-4DFE-A105-32E27F667464}
2017-02-10 11:24 - 2017-02-10 11:24 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2017-02-10 11:24 - 2017-02-10 11:24 - 00000000 ____D C:\Users\TEMP\AppData\Local\Macromedia
2017-02-10 11:07 - 2017-02-10 13:40 - 00000000 ____D C:\Users\TEMP\AppData\LocalLow\Mozilla
2017-02-10 11:04 - 2017-02-10 11:13 - 00000000 ____D C:\Users\TEMP\AppData\Local\Mozilla
2017-02-10 11:04 - 2017-02-10 11:07 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Mozilla
2017-02-10 11:02 - 2017-02-10 11:02 - 00000424 _____ C:\Users\TEMP\Desktop\Dieser PC - Verknüpfung.lnk
2017-02-10 10:53 - 2017-02-10 10:54 - 00000000 ____D C:\Users\TEMP\Desktop\Neuer Ordner
2017-02-10 10:47 - 2017-02-10 12:08 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\vlc
2017-02-10 10:12 - 2017-02-10 10:12 - 00001908 _____ C:\Users\TEMP\Desktop\malwarebytes3.txt
2017-02-10 09:41 - 2017-02-10 09:41 - 00003264 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-10 09:41 - 2017-02-10 09:41 - 00002419 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-10 09:41 - 2017-02-10 09:41 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Avira
2017-02-10 09:40 - 2017-02-10 09:40 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Skype
2017-02-10 09:39 - 2017-02-10 09:41 - 00000000 ___RD C:\Users\TEMP\OneDrive
2017-02-10 09:38 - 2017-02-10 09:38 - 00001213 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-02-10 09:31 - 2017-02-10 09:31 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2017-02-10 09:30 - 2017-02-10 09:31 - 00000000 ____D C:\Users\TEMP\AppData\Local\packages
2017-02-10 09:29 - 2017-02-10 09:34 - 00000000 ____D C:\Users\TEMP\AppData\Local\ConnectedDevicesPlatform
2017-02-10 09:29 - 2017-02-10 09:29 - 00000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2017-02-10 09:29 - 2017-02-10 09:29 - 00000000 ____D C:\Users\TEMP\AppData\Local\TileDataLayer
2017-02-10 09:29 - 2017-02-10 09:29 - 00000000 ____D C:\Users\TEMP\AppData\Local\ESET
2017-02-10 09:28 - 2017-02-10 09:28 - 00000000 ____D C:\Users\TEMP\AppData\LocalLow\IObit
2017-02-10 09:27 - 2017-02-10 09:27 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\IObit
2017-02-10 09:26 - 2017-02-10 09:39 - 00000000 ____D C:\Users\TEMP
2017-02-10 09:26 - 2017-02-10 09:31 - 00000000 ____D C:\Users\TEMP\AppData\Local\Google
2017-02-10 09:26 - 2017-02-10 09:26 - 00000020 ___SH C:\Users\TEMP\ntuser.ini
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\Vorlagen
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\Startmenü
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\Netzwerkumgebung
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\Lokale Einstellungen
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\Eigene Dateien
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\Druckumgebung
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Videos
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Musik
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\Documents\Eigene Bilder
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Verlauf
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Anwendungsdaten
2017-02-10 09:26 - 2017-02-10 09:26 - 00000000 _SHDL C:\Users\TEMP\Anwendungsdaten
2017-02-10 09:26 - 2017-02-04 18:11 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\TuneUp Software
2017-02-10 09:26 - 2017-02-04 18:11 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Media Center Programs
2017-02-10 09:26 - 2017-02-04 18:11 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Apple Computer
2017-02-10 09:26 - 2017-02-04 18:11 - 00000000 ____D C:\Users\TEMP\AppData\Local\Apple Computer
2017-02-10 09:26 - 2017-02-04 18:11 - 00000000 ____D C:\Users\TEMP\AppData\Local\Apple
2017-02-10 09:08 - 2016-12-06 16:01 - 00153904 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-02-10 09:08 - 2016-12-06 16:01 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-02-10 09:08 - 2016-12-06 16:01 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-02-10 09:08 - 2016-12-06 16:01 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-02-10 09:08 - 2016-12-06 16:01 - 00028272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-02-10 04:21 - 2017-02-10 04:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-10 01:36 - 2017-02-10 01:36 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-02-10 01:29 - 2017-02-10 01:29 - 00000000 ____D C:\Users\pc\AppData\Local\Avira
2017-02-10 01:27 - 2017-02-10 09:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-02-10 01:27 - 2017-02-10 09:36 - 00000000 ____D C:\Program Files (x86)\Avira
2017-02-10 01:24 - 2017-02-10 01:26 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\pc\Downloads\avira_de_fass0_589d07ec11f50__adw.exe
2017-02-10 00:23 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-02-10 00:23 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-02-10 00:23 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-02-10 00:23 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-02-10 00:23 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-02-10 00:23 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-02-10 00:23 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-02-10 00:23 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-02-10 00:23 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-02-10 00:23 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-02-10 00:23 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-02-10 00:23 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-02-10 00:23 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-02-10 00:23 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-02-10 00:23 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-02-10 00:23 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-02-10 00:23 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-02-10 00:23 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-02-10 00:23 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-02-10 00:23 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-02-10 00:23 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-02-10 00:23 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-02-10 00:23 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-02-10 00:23 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-02-10 00:23 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-02-10 00:23 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-02-10 00:23 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-02-10 00:23 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-02-10 00:23 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-02-10 00:23 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-02-10 00:23 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-02-10 00:23 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-10 00:23 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-02-10 00:23 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-02-10 00:23 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-02-10 00:23 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-02-10 00:23 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-02-10 00:23 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-02-10 00:23 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-02-10 00:23 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-02-10 00:23 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-02-10 00:22 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-02-10 00:22 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-02-10 00:22 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-02-10 00:22 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-02-10 00:22 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-02-10 00:22 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-02-10 00:22 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-02-10 00:22 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-02-10 00:22 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-02-10 00:22 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-02-10 00:22 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-02-10 00:22 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-02-10 00:22 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-02-10 00:22 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-02-10 00:22 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-02-10 00:22 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-02-10 00:22 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-02-10 00:22 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-02-10 00:22 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-02-10 00:22 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-02-10 00:22 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-02-10 00:22 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-02-10 00:22 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-02-10 00:22 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-02-10 00:22 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-02-10 00:22 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-02-10 00:22 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-02-10 00:22 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-02-10 00:22 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-02-10 00:22 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-02-10 00:22 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-02-10 00:22 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-02-10 00:21 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-02-10 00:21 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-02-10 00:21 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-02-10 00:21 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-02-10 00:21 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-02-10 00:21 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-02-10 00:21 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-02-10 00:21 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-02-10 00:21 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-02-10 00:21 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-02-10 00:21 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-02-10 00:21 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-02-10 00:21 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-02-10 00:21 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-02-10 00:21 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-02-10 00:21 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-02-10 00:21 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-02-10 00:21 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-02-10 00:20 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-02-10 00:20 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-02-10 00:20 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-02-10 00:20 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-02-10 00:20 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-02-10 00:20 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-02-10 00:20 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-02-10 00:20 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-02-10 00:20 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-02-10 00:20 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-02-10 00:20 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-02-10 00:20 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-02-10 00:20 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-02-10 00:20 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-02-10 00:20 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-02-10 00:20 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-02-10 00:20 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-02-10 00:20 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-02-10 00:20 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-02-10 00:20 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-02-10 00:20 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-10 00:20 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-02-10 00:20 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-02-10 00:20 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-02-10 00:20 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-02-10 00:19 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-02-10 00:19 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-02-10 00:19 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-02-10 00:19 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-02-10 00:19 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-02-10 00:19 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-02-10 00:19 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-02-10 00:19 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-02-10 00:19 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-02-10 00:19 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-02-10 00:19 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-02-10 00:19 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-02-10 00:19 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-02-10 00:19 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-02-10 00:19 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-02-10 00:19 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-02-10 00:19 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-02-10 00:19 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-02-10 00:19 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-02-10 00:19 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-02-10 00:19 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-02-10 00:19 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-02-10 00:19 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-02-10 00:19 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-02-10 00:19 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-02-10 00:18 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-02-10 00:18 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-02-10 00:18 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-02-10 00:18 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-02-10 00:18 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-02-10 00:18 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-02-10 00:18 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-02-10 00:18 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-02-10 00:18 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-10 00:18 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-02-10 00:18 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-02-10 00:18 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-02-10 00:18 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-02-10 00:18 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-02-10 00:18 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-02-10 00:18 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-02-10 00:18 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-02-10 00:18 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-02-10 00:18 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-02-10 00:18 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-02-10 00:18 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-02-10 00:18 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-02-10 00:18 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-02-10 00:18 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-02-10 00:18 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-02-10 00:18 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-02-10 00:18 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-02-10 00:18 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-02-10 00:18 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-02-09 23:52 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-02-09 23:52 - 2016-12-14 05:44 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-02-09 23:52 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-02-09 23:52 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-02-09 23:52 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-02-09 23:52 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-02-09 23:52 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-02-09 23:52 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-02-09 23:52 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-02-09 23:51 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-02-09 23:51 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-02-09 23:51 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-02-09 23:51 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-02-09 23:51 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-02-09 23:51 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-02-09 23:51 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-02-09 23:51 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-02-09 23:51 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-02-09 23:51 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-02-09 23:51 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-02-09 23:51 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-02-09 23:51 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-02-09 23:51 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-02-09 23:50 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-02-09 23:50 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-02-09 23:50 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-02-09 23:50 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-02-09 23:50 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-02-09 23:50 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-02-09 23:50 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-02-09 23:50 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-02-09 23:50 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-02-09 23:50 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-02-09 23:50 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-02-09 23:50 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-02-09 23:50 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-02-09 23:49 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-02-09 23:49 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-02-09 23:49 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-02-09 23:49 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-02-09 23:49 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-02-09 23:49 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-02-09 23:49 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-02-09 23:49 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-02-09 23:49 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-02-09 23:49 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-02-09 23:49 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-02-09 23:49 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-02-09 23:49 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-02-09 23:49 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-02-09 23:49 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-02-09 23:49 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-02-09 23:49 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-02-09 23:49 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-02-09 23:49 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-02-09 23:49 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-09 23:49 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-02-09 23:49 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-02-09 23:49 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-02-09 23:49 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-02-09 23:49 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-02-09 23:49 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-02-09 23:49 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-02-09 23:48 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-02-09 23:48 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-02-09 23:48 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-02-09 23:48 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-02-09 23:48 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-02-09 23:48 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-02-09 23:48 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-02-09 23:48 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-02-09 23:48 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-02-09 23:48 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-02-09 23:48 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-02-09 23:48 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-02-09 23:48 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-02-09 23:48 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-02-09 23:48 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-02-09 23:48 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-02-09 23:48 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-02-09 23:48 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-02-09 23:48 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-02-09 23:48 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-02-09 23:48 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-02-09 23:48 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-02-09 23:48 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-02-09 23:48 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-02-09 23:47 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-02-09 23:47 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-02-09 23:47 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-02-09 23:47 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-02-09 23:47 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-02-09 23:47 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-02-09 23:47 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-02-09 23:47 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-02-09 23:47 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-02-09 23:46 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-02-09 23:46 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-02-09 23:46 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-02-09 23:46 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-02-09 23:46 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-02-09 23:46 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-02-09 23:46 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-02-09 23:46 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-02-09 23:46 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-02-09 23:46 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-02-09 23:46 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-02-09 23:46 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-02-09 23:45 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-02-09 23:45 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-02-09 23:45 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-02-09 23:45 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-02-09 23:45 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-02-09 23:45 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-02-09 23:45 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-02-09 23:45 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-02-09 23:45 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-02-09 23:45 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-02-09 23:45 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-02-09 23:45 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-02-09 23:45 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-02-09 23:45 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-02-09 23:45 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-02-09 23:44 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-02-09 23:44 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-02-09 23:44 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-02-09 23:44 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-02-09 23:44 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-02-09 23:44 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-02-09 23:44 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-02-09 23:44 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-02-09 23:44 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-02-09 23:44 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-02-09 23:44 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-02-09 23:43 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-02-09 23:43 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-02-09 23:43 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-02-09 23:43 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-02-09 23:43 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-02-09 23:43 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-02-09 23:43 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-02-09 23:43 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-02-09 23:43 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-02-09 23:43 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-02-09 23:43 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-02-09 23:43 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-02-09 23:43 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-02-09 23:43 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-09 23:43 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-02-09 23:43 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-02-09 23:43 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-02-09 23:42 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-02-09 23:42 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-02-09 23:42 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-02-09 23:42 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-02-09 23:42 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-02-09 23:42 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-02-09 23:42 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-02-09 23:42 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-02-09 23:42 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-02-09 23:42 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-02-09 23:42 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-02-09 23:42 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-02-09 23:42 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-02-09 23:42 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-02-09 23:42 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-02-09 23:42 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-02-09 23:42 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-02-09 23:42 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-02-09 23:42 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-02-09 23:42 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-02-09 23:41 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-02-09 23:41 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-02-09 23:41 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-02-09 23:41 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-02-09 23:41 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-02-09 23:41 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-02-09 23:41 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-02-09 23:41 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-02-09 23:41 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-02-09 23:41 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-02-09 23:40 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-02-09 23:40 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-02-09 23:40 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-02-09 23:40 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-02-09 23:40 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-02-09 23:40 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-02-09 23:40 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-02-09 23:40 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-02-09 23:40 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-02-09 23:40 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-02-09 23:40 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-02-09 23:39 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-02-09 23:39 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-02-09 23:38 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-02-09 23:38 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-02-09 23:32 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-09 23:32 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-02-09 23:32 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-02-09 23:32 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-02-09 23:32 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-02-09 23:32 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-02-09 23:31 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-02-09 23:31 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-02-09 23:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-02-09 23:31 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-02-09 23:31 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-02-09 23:31 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-02-09 23:31 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-02-09 23:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-02-09 23:31 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-02-09 23:31 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-02-09 23:30 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-02-09 23:30 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-02-09 23:30 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-02-09 23:30 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-02-09 23:30 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-02-09 23:30 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-02-09 23:30 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-02-09 23:30 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-02-09 23:30 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-02-09 23:30 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-02-09 23:30 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-02-09 23:30 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-02-09 23:30 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-02-09 23:30 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-02-09 23:30 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-02-09 23:30 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-02-09 23:30 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-02-09 23:30 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-02-09 23:30 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-02-09 23:30 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-02-09 23:30 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-02-09 23:30 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-02-09 23:29 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-02-09 23:29 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-02-09 23:29 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-02-09 23:29 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-02-09 23:29 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-02-09 23:29 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-02-09 23:29 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-02-09 23:29 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-09 23:29 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-02-09 23:29 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-02-09 23:29 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-02-09 23:29 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-02-09 23:29 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-02-09 23:29 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-02-09 23:29 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-02-09 23:29 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-02-09 23:29 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-02-09 23:29 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-02-09 23:29 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-02-09 23:29 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-02-09 23:29 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-02-09 23:29 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-02-09 23:28 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-02-09 23:28 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-02-09 23:28 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-02-09 23:28 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-02-09 23:28 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-02-09 23:28 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-02-09 23:28 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-02-09 23:28 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-02-09 23:28 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-02-09 23:27 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-02-09 23:27 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-02-09 23:27 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-02-09 23:27 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-02-09 23:27 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-02-09 23:27 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-02-09 23:27 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-02-09 23:27 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-02-09 23:27 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-02-09 23:27 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-02-09 23:27 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-02-09 23:27 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-02-09 23:27 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-02-09 23:27 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-02-09 23:27 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-02-09 23:27 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-02-09 23:27 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-02-09 23:27 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-02-09 23:27 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-02-09 23:27 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-02-09 23:27 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-02-09 23:27 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-02-09 23:27 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-02-09 23:27 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-02-09 23:27 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-02-09 23:27 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-02-09 23:27 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-02-09 23:27 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-02-09 23:27 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-02-09 23:27 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-02-09 23:26 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-02-09 23:26 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-02-09 23:26 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-02-09 23:26 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-02-09 23:26 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-02-09 21:33 - 2017-02-09 21:33 - 00012803 _____ C:\Users\TEMP\Desktop\malwarebytes2.txt
2017-02-09 19:49 - 2017-02-09 19:49 - 00000000 ____D C:\Users\pc\AppData\Local\ESET
2017-02-09 19:44 - 2017-02-09 19:44 - 00002135 _____ C:\Users\Public\Desktop\Sicheres Online-Banking und Bezahlen.lnk
2017-02-09 19:44 - 2017-02-09 19:44 - 00000949 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2017-02-09 19:44 - 2017-02-09 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-02-09 19:44 - 2017-02-09 19:44 - 00000000 ____D C:\ProgramData\ESET
2017-02-09 19:44 - 2017-02-09 19:44 - 00000000 ____D C:\Program Files\ESET
2017-02-09 19:43 - 2017-02-10 13:19 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2017-02-09 19:40 - 2017-02-09 19:40 - 00002229 _____ C:\Users\pc\Downloads\EmsiClean_2017.02.09_19.40.05.txt
2017-02-09 19:39 - 2017-02-09 19:39 - 00641240 _____ (Emsisoft Ltd) C:\Users\pc\Downloads\emsiclean.exe
2017-02-09 19:32 - 2017-02-09 19:32 - 01132704 _____ (ESET spol. s r.o.) C:\Users\pc\Downloads\eset_av_remover.exe
2017-02-09 18:55 - 2017-02-09 18:55 - 00000830 _____ C:\Users\pc\Documents\Ereignisse3.txt
2017-02-09 18:55 - 2017-02-09 18:55 - 00000826 _____ C:\Users\pc\Documents\Ereignisse2.txt
2017-02-09 18:54 - 2017-02-09 18:55 - 00000660 _____ C:\Users\pc\Documents\Ereignisse.txt
2017-02-09 16:15 - 2017-02-09 16:12 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-02-09 16:00 - 2017-02-09 16:04 - 03136128 _____ (ESET) C:\Users\pc\Downloads\eset_internet_security_live_installer.exe
2017-02-09 15:53 - 2017-02-09 15:53 - 00012802 _____ C:\Users\TEMP\Desktop\malwarebytes.txt
2017-02-09 14:28 - 2017-02-09 20:34 - 00000000 ____D C:\ProgramData\Emsisoft
2017-02-09 14:24 - 2017-02-09 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2017-02-09 14:20 - 2017-02-09 14:22 - 243057312 _____ (Emsisoft Ltd. ) C:\Users\pc\Downloads\EmsisoftAntiMalwareSetup.exe
2017-02-09 14:07 - 2017-02-09 19:06 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-02-09 14:07 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-09 14:07 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-02-09 14:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-09 14:04 - 2017-02-09 14:06 - 22851472 _____ (Malwarebytes ) C:\Users\pc\Downloads\mbam-setup-2.2.1.1043.exe
2017-02-09 11:06 - 2017-02-09 19:05 - 00001254 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Defrag.lnk
2017-02-09 11:00 - 2017-02-09 11:00 - 00003006 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (pc)
2017-02-08 15:14 - 2017-02-08 15:14 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2017-02-08 15:13 - 2017-02-08 15:13 - 00002870 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_pc
2017-02-08 15:12 - 2017-02-08 15:12 - 00003370 _____ C:\WINDOWS\System32\Tasks\SuperbGameBoost
2017-02-08 15:12 - 2017-02-08 15:12 - 00003232 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
2017-02-08 15:12 - 2017-02-08 15:12 - 00003072 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Startup
2017-02-08 15:12 - 2017-02-08 15:12 - 00003072 _____ C:\WINDOWS\System32\Tasks\IObitSelfCheckTask
2017-02-08 15:12 - 2017-02-08 15:12 - 00003068 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2017-02-08 15:12 - 2017-02-08 15:12 - 00000000 ____D C:\ProgramData\SuperBoost
2017-02-08 15:12 - 2017-02-08 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2017-02-08 15:12 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2017-02-08 15:12 - 2016-03-22 11:02 - 00036824 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2017-02-08 15:12 - 2016-03-22 11:02 - 00021360 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2017-02-08 15:11 - 2017-02-08 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-02-08 15:11 - 2017-02-08 15:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\SuperBoost
2017-02-08 15:11 - 2017-02-08 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Superb Game Boost
2017-02-08 15:11 - 2016-01-29 15:21 - 00276800 _____ C:\WINDOWS\SysWOW64\D3DX8Wrapper.dll
2017-02-08 15:11 - 2016-01-29 15:21 - 00229184 _____ (easyhook.codeplex.com) C:\WINDOWS\SysWOW64\EasyHook32.dll
2017-02-08 15:11 - 2014-08-07 09:54 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-02-08 15:11 - 2014-07-22 13:25 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-02-08 15:11 - 2014-07-22 13:25 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-02-08 15:11 - 2014-07-22 13:25 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-02-08 15:05 - 2017-02-08 15:05 - 00003368 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2017-02-08 15:03 - 2017-02-08 15:03 - 17628560 _____ (IObit ) C:\Users\pc\Downloads\driver_booster_setup.exe
2017-02-08 13:04 - 2017-02-08 13:04 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-08 13:04 - 2017-02-08 13:04 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-08 12:34 - 2017-02-08 12:34 - 100298752 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2017-02-08 12:34 - 2017-02-08 12:34 - 00458752 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2017-02-08 12:34 - 2017-02-08 12:34 - 00065536 _____ C:\WINDOWS\system32\config\SAM.iobit
2017-02-08 12:34 - 2017-02-08 12:34 - 00032768 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2017-02-05 22:13 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-05 22:12 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-05 21:11 - 2017-02-05 21:11 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-02-05 08:53 - 2017-02-09 19:05 - 00002413 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-05 07:53 - 2017-02-05 18:27 - 00000000 ____D C:\Users\pc\AppData\Local\ConnectedDevicesPlatform
2017-02-05 07:47 - 2017-02-05 07:47 - 00000020 ___SH C:\Users\pc\ntuser.ini
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-02-05 06:18 - 2017-02-05 06:28 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-02-05 06:18 - 2017-02-05 06:28 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-02-05 05:47 - 2017-02-05 05:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-02-05 05:35 - 2017-02-05 05:52 - 00002420 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2017-02-05 05:35 - 2017-02-05 05:52 - 00002394 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2017-02-05 05:35 - 2017-02-05 05:51 - 00002392 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2017-02-05 05:35 - 2017-02-05 05:45 - 00002378 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2017-02-05 05:35 - 2017-02-05 05:45 - 00002376 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2017-02-05 05:35 - 2017-02-05 05:35 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-02-05 05:34 - 2017-02-08 15:13 - 00003082 _____ C:\WINDOWS\System32\Tasks\ASC10_PerformanceMonitor
2017-02-05 05:34 - 2017-02-05 05:52 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-05 05:34 - 2017-02-05 05:52 - 00002668 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series
2017-02-05 05:34 - 2017-02-05 05:51 - 00003892 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000UA
2017-02-05 05:34 - 2017-02-05 05:51 - 00003624 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000Core
2017-02-05 05:34 - 2017-02-05 05:51 - 00003110 _____ C:\WINDOWS\System32\Tasks\Java Update Scheduler
2017-02-05 05:34 - 2017-02-05 05:51 - 00003100 _____ C:\WINDOWS\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2017-02-05 05:34 - 2017-02-05 05:48 - 00003142 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-05 05:34 - 2017-02-05 05:48 - 00003082 _____ C:\WINDOWS\System32\Tasks\HP-Online-Aktualisierungsprogramm
2017-02-05 05:34 - 2017-02-05 05:45 - 00002266 _____ C:\WINDOWS\System32\Tasks\HP Deskjet 1050 J410 series.exe
2017-02-05 05:34 - 2017-02-05 05:45 - 00002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-05 05:34 - 2017-02-05 05:44 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-02-05 05:34 - 2017-02-05 05:44 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-05 05:34 - 2017-02-05 05:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-02-04 18:11 - 2017-02-09 19:06 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Local\Apple
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple
2017-02-04 18:05 - 2017-02-04 18:05 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-02-04 18:04 - 2017-02-04 18:12 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-02-04 18:02 - 2017-02-10 09:26 - 00000000 ____D C:\Users\pc
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Vorlagen
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Startmenü
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Netzwerkumgebung
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Lokale Einstellungen
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Eigene Dateien
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Druckumgebung
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Documents\Eigene Videos
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Documents\Eigene Musik
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Documents\Eigene Bilder
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\AppData\Local\Verlauf
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\AppData\Local\Anwendungsdaten
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Anwendungsdaten
2017-02-04 18:01 - 2017-02-09 14:26 - 00000000 ____D C:\Users\DefaultAppPool
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-02-04 17:57 - 2017-02-04 17:57 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2017-02-04 17:56 - 2017-02-04 17:56 - 00000000 ____D C:\Program Files\VIA
2017-02-04 17:53 - 2017-02-08 13:02 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-04 17:49 - 2017-02-04 18:05 - 00000000 ____D C:\Windows.old
2017-02-04 17:48 - 2017-02-04 17:48 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-02-04 13:04 - 2017-02-04 13:04 - 00000017 _____ C:\Users\pc\AppData\Local\resmon.resmoncfg
2017-01-29 14:45 - 2017-01-29 14:45 - 00000000 _____ C:\Users\pc\AppData\Local\{1C840261-B373-4740-83CA-587CE4CE050F}
2017-01-21 16:52 - 2017-02-09 19:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-17 09:15 - 2017-01-17 09:15 - 00180544 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2017-01-17 09:15 - 2017-01-17 09:15 - 00132272 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2017-01-17 09:15 - 2017-01-17 09:15 - 00106768 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2017-01-17 09:15 - 2017-01-17 09:15 - 00096856 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2017-01-17 09:15 - 2017-01-17 09:15 - 00077616 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2017-01-17 09:15 - 2017-01-17 09:15 - 00049672 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2017-01-17 09:15 - 2017-01-17 09:15 - 00015488 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2017-01-16 04:18 - 2017-01-16 04:18 - 00000000 ____D C:\Users\pc\AppData\Roaming\Sun
2017-01-11 22:34 - 2017-01-30 13:44 - 00000228 _____ C:\WINDOWS\SysWOW64\SoftwareCache.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-10 10:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-10 09:52 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-10 09:47 - 2014-09-23 03:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-10 09:38 - 2014-09-23 10:11 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-10 09:36 - 2013-07-19 10:22 - 00000000 ____D C:\ProgramData\Avira
2017-02-10 09:31 - 2016-11-20 22:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-10 09:26 - 2016-11-20 22:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-10 09:25 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-02-10 09:23 - 2016-11-18 16:33 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2017-02-10 09:10 - 2016-11-20 22:46 - 01585918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-10 09:10 - 2016-11-20 22:00 - 00546634 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-10 09:10 - 2016-11-20 22:00 - 00113784 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-10 09:04 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-10 09:01 - 2016-11-20 13:36 - 00373648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-02-10 08:57 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-02-10 08:57 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-10 08:57 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-02-10 08:57 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2017-02-10 08:46 - 2016-11-20 13:36 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-10 04:22 - 2015-01-15 11:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\Dropbox
2017-02-10 01:52 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-10 00:32 - 2016-06-13 10:54 - 00000000 ____D C:\Users\pc\AppData\Roaming\vlc
2017-02-09 19:46 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-09 19:35 - 2014-09-23 10:18 - 00000000 ____D C:\Users\pc\AppData\Roaming\Avira
2017-02-09 19:06 - 2016-10-09 09:21 - 00000954 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-02-09 19:06 - 2016-06-17 10:19 - 00000593 _____ C:\Users\Public\Desktop\Fraps.lnk
2017-02-09 19:06 - 2016-06-08 14:34 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-09 19:06 - 2016-06-08 14:34 - 00002246 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-09 19:06 - 2015-01-15 11:35 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2017-02-09 19:06 - 2013-03-27 16:47 - 00001850 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BIOS Update.lnk
2017-02-09 19:06 - 2013-03-27 13:13 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
2017-02-09 19:05 - 2015-07-29 22:01 - 00001051 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-09 19:02 - 2016-12-01 02:02 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-09 17:55 - 2016-12-01 02:02 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-09 17:24 - 2013-07-22 16:19 - 00000000 ____D C:\Users\pc\AppData\Local\Facebook
2017-02-09 16:16 - 2014-09-21 12:56 - 00000000 ____D C:\ProgramData\Oracle
2017-02-09 16:15 - 2014-09-21 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-09 16:15 - 2014-09-21 12:56 - 00000000 ____D C:\Program Files\Java
2017-02-09 15:52 - 2014-09-18 03:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2017-02-09 14:07 - 2014-09-23 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-02-09 14:07 - 2014-09-23 02:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-02-09 11:06 - 2016-12-01 02:02 - 00000000 ____D C:\Users\pc\AppData\Roaming\IObit
2017-02-08 15:14 - 2016-12-01 02:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\ProductData
2017-02-08 15:13 - 2016-12-01 02:05 - 00000000 ____D C:\ProgramData\ProductData
2017-02-08 15:12 - 2016-12-01 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2017-02-08 15:12 - 2016-12-01 02:02 - 00000000 ____D C:\ProgramData\IObit
2017-02-08 15:04 - 2016-12-01 03:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-02-08 14:57 - 2013-04-16 09:54 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-08 12:17 - 2015-01-25 15:18 - 00000000 ____D C:\ProgramData\mwas
2017-02-06 08:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-02-05 18:54 - 2015-07-29 21:58 - 00000000 ____D C:\Users\pc\AppData\Local\Packages
2017-02-05 09:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-05 08:55 - 2015-07-29 22:04 - 00000000 ___RD C:\Users\pc\OneDrive
2017-02-05 06:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-05 06:36 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows NT
2017-02-05 06:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-02-05 06:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-02-05 05:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
2017-02-05 05:17 - 2015-07-29 21:53 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-02-04 22:53 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\Media
2017-02-04 20:34 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-04 18:12 - 2016-10-09 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster
2017-02-04 18:12 - 2016-08-28 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DragomonHunter-US
2017-02-04 18:12 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-02-04 18:12 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-04 18:12 - 2016-06-17 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2017-02-04 18:12 - 2016-06-13 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-02-04 18:12 - 2016-05-22 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Der Schreibtrainer
2017-02-04 18:12 - 2015-04-02 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2017-02-04 18:12 - 2015-01-14 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-02-04 18:12 - 2015-01-07 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-04 18:12 - 2014-08-17 19:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-02-04 18:12 - 2013-12-21 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2017-02-04 18:12 - 2013-03-29 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-02-04 18:12 - 2013-03-27 13:40 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-04 18:12 - 2013-03-27 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-04 18:11 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-02-04 18:07 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-02-04 18:07 - 2016-08-28 12:24 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\IME
2017-02-04 18:07 - 2015-12-14 04:47 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2017-02-04 18:07 - 2015-12-14 04:33 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-02-04 18:07 - 2015-12-14 04:33 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-02-04 18:06 - 2016-11-20 22:07 - 00000000 ____D C:\WINDOWS\OCR
2017-02-04 18:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\schemas
2017-02-04 18:06 - 2015-12-14 04:33 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-02-04 18:06 - 2013-07-19 10:11 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-02-04 18:05 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-02-04 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Help
2017-02-04 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-04 18:05 - 2015-12-14 04:33 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-02-04 18:05 - 2015-12-14 04:33 - 00000000 ____D C:\Program Files\MSBuild
2017-02-04 18:05 - 2015-12-14 04:33 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-02-04 18:05 - 2015-12-14 04:33 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-04 18:05 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-02-04 17:53 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-02-04 16:44 - 2016-12-02 23:15 - 00000000 ___HD C:\$WINDOWS.~BT
2017-02-04 16:28 - 2013-04-16 09:54 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-04 16:18 - 2015-06-18 09:43 - 00001212 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000UA.job
2017-02-04 15:15 - 2014-09-21 14:00 - 00000000 ____D C:\Users\pc\AppData\Local\ElevatedDiagnostics
2017-02-01 19:10 - 2016-11-17 23:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-01 19:10 - 2014-09-21 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-01 04:18 - 2015-06-18 09:43 - 00001160 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000Core.job
2017-01-23 06:08 - 2016-08-28 11:47 - 00000000 ____D C:\Users\pc\AppData\Local\Akamai
2017-01-11 03:51 - 2013-07-14 23:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 03:43 - 2013-03-27 14:44 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-05-22 20:22 - 2016-05-22 20:22 - 0000000 _____ () C:\ProgramData\Typing.access
2016-05-22 20:22 - 2016-05-22 20:22 - 0000000 _____ () C:\ProgramData\Typing.change

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe


Einige Dateien in TEMP:
====================
2017-02-09 16:10 - 2017-02-09 16:10 - 0739904 _____ (Oracle Corporation) C:\Users\pc\AppData\Local\Temp\jre-8u121-windows-au.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-05 07:41

==================== Ende von FRST.txt ============================

cosinus 10.02.2017 14:01
Zitat:
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {701CB209-EBBC-AADC-11E6-DE73E7AF4C9D}
AV: ESET Internet Security 10.0.390.0 (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
:balla: :wtf:

Da muss man wohl nix mehr zu sagen. Wenn du deinen Rechner so zukleisterst mit AVs dann läuft das System wie mit festgetzogener Handbremse.

Welche Software ist davon lizenziert bzw noch nicht abgelaufen?

Troja90 10.02.2017 14:06
Das sind nur die von euch vorgeschlagenen Antiviren Programme. Die hatte ich mir einfach mal alle runtergeladen und scannen lassen. Leider haben die nicht wirklich was gefunden. Bis auf malwarebytes halt.

cosinus 10.02.2017 14:09
Dann hast du leider nicht richtig gelesen.

1. Avira wird hier schon ewig nicht mehr empfohlen
2. niemals wird hier gesagt, du sollst mehr als einen der AVs installieren
3. als Kontrollscanner wird immer nur gesagt: Malwarebytes, Emsisoft Emergeny oder ESET Online


Avira auf jeden Fall deinstallieren. Die anderen beiden auch da offensichtlich alles eh nur Testversionen sind.

Troja90 10.02.2017 14:40
Habe alle deinstalliert.
Nach der Deinstallation von Eset habe ich den Pc rebootet, und stellt fest, dass Dateien von meinem Desktop gelöscht wurden und der Mauszeiger bewegte sich erneut. Echt merkwürdig die ganze Geschichte. Hab auch das Gefühl, es kämen Stimmen aus meinem PC. Nicht, dass du mich jetzt für verrückt erklärst.

cosinus 10.02.2017 14:50
neue FRST Logs erstellen + posten

Troja90 10.02.2017 15:07
Alles klar. Mach ich. Mom FRST haben die auch gelöscht -.-

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017
durchgeführt von pc (Administrator) auf PC-PC (10-02-2017 15:03:45)
Gestartet von C:\Users\pc\Downloads
Geladene Profile: pc (Verfügbare Profile: pc)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Akamai Technologies, Inc.) C:\Users\pc\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\pc\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IObit Malware Fighter] => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\Run: [Dropbox Update] => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\Run: [Akamai NetSession Interface] => C:\Users\pc\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\Run: [Advanced SystemCare 10] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0474583c-a2d6-475b-9c4f-e8f3ebca82c5}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-01-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-09] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-01-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-09] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-01-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-01-14] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: rpwyd2zo.default-1411303491127
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127 [2017-02-10]
FF user.js: detected! => C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\user.js [2017-02-08]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127 -> Bing®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127 -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127 -> hxxps://www.google.de/
FF Extension: (Cliqz) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\Extensions\cliqz@cliqz.com.xpi [2017-02-05]
FF Extension: (Dashlane) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\Extensions\jetpack-extension@dashlane.com.xpi [2017-01-05]
FF Extension: (Video DownloadHelper) - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF SearchPlugin: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\searchplugins\bing-lavasoft.xml [2016-03-13]
FF HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rpwyd2zo.default-1411303491127\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-09] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.0.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-01-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-14] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-11-10] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.startfenster.de/suche/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Startfenster
CHR DefaultSuggestURL: Default -> hxxp://www.startfenster.de/api/?q={searchTerms}&language={lang}
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2017-02-10]
CHR Extension: (Google Präsentationen) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-08]
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-08]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-08]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-08]
CHR Extension: (Adobe Acrobat) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Tabellen) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-08]
CHR Extension: (Avira Browserschutz) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-21]
CHR Extension: (Google Docs Offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-08]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2016-12-12] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-20] (Microsoft Corporation)
S3 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-30] () [Datei ist nicht signiert]
S3 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [41952 2016-12-19] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 IMFservice; "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe" [X]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
S2 sgbupt; C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2016-12-01] (Advanced Micro Devices Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 BSMEM; C:\Windows\system32\drivers\BSMEM.sys [29344 2012-07-26] (BIOSTAR Group)
R1 BSMEM; C:\Windows\SysWOW64\drivers\BSMEM.sys [17024 2012-07-26] (BIOSTAR Group) [Datei ist nicht signiert]
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-01] (REALiX(tm))
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 nusb3hub; C:\WINDOWS\system32\drivers\nusb3hub.sys [80384 2010-09-30] (Renesas Electronics Corporation) [Datei ist nicht signiert]
S3 nusb3xhc; C:\WINDOWS\system32\drivers\nusb3xhc.sys [180736 2010-09-30] (Renesas Electronics Corporation) [Datei ist nicht signiert]
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-07-27] (IObit.com)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2016-12-19] (Realtek                                            )
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-08-28] (Wellbia.com Co., Ltd.)
U4 aspnet_state; kein ImagePath
U0 aswVmm; kein ImagePath
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-10 15:03 - 2017-02-10 15:04 - 00020661 _____ C:\Users\pc\Downloads\FRST.txt
2017-02-10 15:03 - 2017-02-10 15:03 - 02421248 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2017-02-10 13:39 - 2017-02-10 15:03 - 00000000 ____D C:\FRST
2017-02-10 11:27 - 2017-02-10 11:27 - 00004070 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4F3F3B81-042D-4DFE-A105-32E27F667464}
2017-02-10 09:41 - 2017-02-10 09:41 - 00003264 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-10 09:30 - 2017-02-10 14:14 - 00000000 ____D C:\Users\TEMP\AppData\Local\packages
2017-02-10 09:26 - 2017-02-10 14:16 - 00000000 ____D C:\Users\TEMP
2017-02-10 04:21 - 2017-02-10 04:21 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-10 01:36 - 2017-02-10 01:36 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-02-10 01:29 - 2017-02-10 01:29 - 00000000 ____D C:\Users\pc\AppData\Local\Avira
2017-02-10 01:24 - 2017-02-10 01:26 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\pc\Downloads\avira_de_fass0_589d07ec11f50__adw.exe
2017-02-10 00:23 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-02-10 00:23 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-02-10 00:23 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-02-10 00:23 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-02-10 00:23 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-02-10 00:23 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-02-10 00:23 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-02-10 00:23 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-02-10 00:23 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-02-10 00:23 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-02-10 00:23 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-02-10 00:23 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-02-10 00:23 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-02-10 00:23 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-02-10 00:23 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-02-10 00:23 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-02-10 00:23 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-02-10 00:23 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-02-10 00:23 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-02-10 00:23 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-02-10 00:23 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-02-10 00:23 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-02-10 00:23 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-02-10 00:23 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-02-10 00:23 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-02-10 00:23 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-02-10 00:23 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-02-10 00:23 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-02-10 00:23 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-02-10 00:23 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-02-10 00:23 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-02-10 00:23 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-10 00:23 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-02-10 00:23 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-02-10 00:23 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-02-10 00:23 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-02-10 00:23 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-02-10 00:23 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-02-10 00:23 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-02-10 00:23 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-02-10 00:23 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-02-10 00:22 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-02-10 00:22 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-02-10 00:22 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-02-10 00:22 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-02-10 00:22 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-02-10 00:22 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-02-10 00:22 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-02-10 00:22 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-02-10 00:22 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-02-10 00:22 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-02-10 00:22 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-02-10 00:22 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-02-10 00:22 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-02-10 00:22 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-02-10 00:22 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-02-10 00:22 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-02-10 00:22 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-02-10 00:22 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-02-10 00:22 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-02-10 00:22 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-02-10 00:22 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-02-10 00:22 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-02-10 00:22 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-02-10 00:22 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-02-10 00:22 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-02-10 00:22 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-02-10 00:22 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-02-10 00:22 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-02-10 00:22 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-02-10 00:22 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-02-10 00:22 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-02-10 00:22 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-02-10 00:21 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-02-10 00:21 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-02-10 00:21 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-02-10 00:21 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-02-10 00:21 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-02-10 00:21 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-02-10 00:21 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-02-10 00:21 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-02-10 00:21 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-02-10 00:21 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-02-10 00:21 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-02-10 00:21 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-02-10 00:21 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-02-10 00:21 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-02-10 00:21 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-02-10 00:21 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-02-10 00:21 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-02-10 00:21 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-02-10 00:20 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-02-10 00:20 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-02-10 00:20 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-02-10 00:20 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-02-10 00:20 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-02-10 00:20 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-02-10 00:20 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-02-10 00:20 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-02-10 00:20 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-02-10 00:20 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-02-10 00:20 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-02-10 00:20 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-02-10 00:20 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-02-10 00:20 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-02-10 00:20 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-02-10 00:20 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-02-10 00:20 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-02-10 00:20 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-02-10 00:20 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-02-10 00:20 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-02-10 00:20 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-10 00:20 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-02-10 00:20 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-02-10 00:20 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-02-10 00:20 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-02-10 00:19 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-02-10 00:19 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-02-10 00:19 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-02-10 00:19 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-02-10 00:19 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-02-10 00:19 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-02-10 00:19 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-02-10 00:19 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-02-10 00:19 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-02-10 00:19 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-02-10 00:19 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-02-10 00:19 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-02-10 00:19 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-02-10 00:19 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-02-10 00:19 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-02-10 00:19 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-02-10 00:19 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-02-10 00:19 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-02-10 00:19 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-02-10 00:19 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-02-10 00:19 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-02-10 00:19 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-02-10 00:19 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-02-10 00:19 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-02-10 00:19 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-02-10 00:18 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-02-10 00:18 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-02-10 00:18 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-02-10 00:18 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-02-10 00:18 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-02-10 00:18 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-02-10 00:18 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-02-10 00:18 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-02-10 00:18 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-10 00:18 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-02-10 00:18 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-02-10 00:18 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-02-10 00:18 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-02-10 00:18 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-02-10 00:18 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-02-10 00:18 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-02-10 00:18 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-02-10 00:18 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-02-10 00:18 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-02-10 00:18 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-02-10 00:18 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-02-10 00:18 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-02-10 00:18 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-02-10 00:18 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-02-10 00:18 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-02-10 00:18 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-02-10 00:18 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-02-10 00:18 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-02-10 00:18 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-02-09 23:52 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-02-09 23:52 - 2016-12-14 05:44 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-02-09 23:52 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-02-09 23:52 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-02-09 23:52 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-02-09 23:52 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-02-09 23:52 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-02-09 23:52 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-02-09 23:52 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-02-09 23:51 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-02-09 23:51 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-02-09 23:51 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-02-09 23:51 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-02-09 23:51 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-02-09 23:51 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-02-09 23:51 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-02-09 23:51 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-02-09 23:51 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-02-09 23:51 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-02-09 23:51 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-02-09 23:51 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-02-09 23:51 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-02-09 23:51 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-02-09 23:50 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-02-09 23:50 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-02-09 23:50 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-02-09 23:50 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-02-09 23:50 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-02-09 23:50 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-02-09 23:50 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-02-09 23:50 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-02-09 23:50 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-02-09 23:50 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-02-09 23:50 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-02-09 23:50 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-02-09 23:50 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-02-09 23:49 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-02-09 23:49 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-02-09 23:49 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-02-09 23:49 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-02-09 23:49 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-02-09 23:49 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-02-09 23:49 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-02-09 23:49 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-02-09 23:49 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-02-09 23:49 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-02-09 23:49 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-02-09 23:49 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-02-09 23:49 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-02-09 23:49 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-02-09 23:49 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-02-09 23:49 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-02-09 23:49 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-02-09 23:49 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-02-09 23:49 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-02-09 23:49 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-09 23:49 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-02-09 23:49 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-02-09 23:49 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-02-09 23:49 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-02-09 23:49 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-02-09 23:49 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-02-09 23:49 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-02-09 23:48 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-02-09 23:48 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-02-09 23:48 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-02-09 23:48 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-02-09 23:48 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-02-09 23:48 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-02-09 23:48 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-02-09 23:48 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-02-09 23:48 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-02-09 23:48 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-02-09 23:48 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-02-09 23:48 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-02-09 23:48 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-02-09 23:48 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-02-09 23:48 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-02-09 23:48 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-02-09 23:48 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-02-09 23:48 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-02-09 23:48 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-02-09 23:48 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-02-09 23:48 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-02-09 23:48 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-02-09 23:48 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-02-09 23:48 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-02-09 23:47 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-02-09 23:47 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-02-09 23:47 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-02-09 23:47 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-02-09 23:47 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-02-09 23:47 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-02-09 23:47 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-02-09 23:47 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-02-09 23:47 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-02-09 23:46 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-02-09 23:46 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-02-09 23:46 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-02-09 23:46 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-02-09 23:46 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-02-09 23:46 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-02-09 23:46 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-02-09 23:46 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-02-09 23:46 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-02-09 23:46 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-02-09 23:46 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-02-09 23:46 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-02-09 23:45 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-02-09 23:45 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-02-09 23:45 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-02-09 23:45 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-02-09 23:45 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-02-09 23:45 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-02-09 23:45 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-02-09 23:45 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-02-09 23:45 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-02-09 23:45 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-02-09 23:45 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-02-09 23:45 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-02-09 23:45 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-02-09 23:45 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-02-09 23:45 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-02-09 23:44 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-02-09 23:44 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-02-09 23:44 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-02-09 23:44 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-02-09 23:44 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-02-09 23:44 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-02-09 23:44 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-02-09 23:44 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-02-09 23:44 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-02-09 23:44 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-02-09 23:44 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-02-09 23:43 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-02-09 23:43 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-02-09 23:43 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-02-09 23:43 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-02-09 23:43 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-02-09 23:43 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-02-09 23:43 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-02-09 23:43 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-02-09 23:43 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-02-09 23:43 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-02-09 23:43 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-02-09 23:43 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-02-09 23:43 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-02-09 23:43 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-09 23:43 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-02-09 23:43 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-02-09 23:43 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-02-09 23:42 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-02-09 23:42 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-02-09 23:42 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-02-09 23:42 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-02-09 23:42 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-02-09 23:42 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-02-09 23:42 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-02-09 23:42 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-02-09 23:42 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-02-09 23:42 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-02-09 23:42 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-02-09 23:42 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-02-09 23:42 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-02-09 23:42 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-02-09 23:42 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-02-09 23:42 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-02-09 23:42 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-02-09 23:42 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-02-09 23:42 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-02-09 23:42 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-02-09 23:41 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-02-09 23:41 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-02-09 23:41 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-02-09 23:41 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-02-09 23:41 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-02-09 23:41 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-02-09 23:41 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-02-09 23:41 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-02-09 23:41 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-02-09 23:41 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-02-09 23:40 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-02-09 23:40 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-02-09 23:40 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-02-09 23:40 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-02-09 23:40 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-02-09 23:40 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-02-09 23:40 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-02-09 23:40 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-02-09 23:40 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-02-09 23:40 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-02-09 23:40 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-02-09 23:39 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-02-09 23:39 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-02-09 23:38 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-02-09 23:38 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-02-09 23:32 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-09 23:32 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-02-09 23:32 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-02-09 23:32 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-02-09 23:32 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-02-09 23:32 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-02-09 23:31 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-02-09 23:31 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-02-09 23:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-02-09 23:31 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-02-09 23:31 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-02-09 23:31 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-02-09 23:31 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-02-09 23:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-02-09 23:31 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-02-09 23:31 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-02-09 23:30 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-02-09 23:30 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-02-09 23:30 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-02-09 23:30 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-02-09 23:30 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-02-09 23:30 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-02-09 23:30 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-02-09 23:30 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-02-09 23:30 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-02-09 23:30 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-02-09 23:30 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-02-09 23:30 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-02-09 23:30 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-02-09 23:30 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-02-09 23:30 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-02-09 23:30 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-02-09 23:30 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-02-09 23:30 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-02-09 23:30 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-02-09 23:30 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-02-09 23:30 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-02-09 23:30 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-02-09 23:29 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-02-09 23:29 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-02-09 23:29 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-02-09 23:29 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-02-09 23:29 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-02-09 23:29 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-02-09 23:29 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-02-09 23:29 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-09 23:29 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-02-09 23:29 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-02-09 23:29 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-02-09 23:29 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-02-09 23:29 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-02-09 23:29 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-02-09 23:29 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-02-09 23:29 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-02-09 23:29 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-02-09 23:29 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-02-09 23:29 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-02-09 23:29 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-02-09 23:29 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-02-09 23:29 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-02-09 23:28 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-02-09 23:28 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-02-09 23:28 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-02-09 23:28 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-02-09 23:28 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-02-09 23:28 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-02-09 23:28 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-02-09 23:28 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-02-09 23:28 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-02-09 23:27 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-02-09 23:27 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-02-09 23:27 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-02-09 23:27 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-02-09 23:27 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-02-09 23:27 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-02-09 23:27 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-02-09 23:27 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-02-09 23:27 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-02-09 23:27 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-02-09 23:27 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-02-09 23:27 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-02-09 23:27 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-02-09 23:27 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-02-09 23:27 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-02-09 23:27 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-02-09 23:27 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-02-09 23:27 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-02-09 23:27 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-02-09 23:27 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-02-09 23:27 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-02-09 23:27 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-02-09 23:27 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-02-09 23:27 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-02-09 23:27 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-02-09 23:27 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-02-09 23:27 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-02-09 23:27 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-02-09 23:27 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-02-09 23:27 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-02-09 23:27 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-02-09 23:26 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-02-09 23:26 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-02-09 23:26 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-02-09 23:26 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-02-09 23:26 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-02-09 19:49 - 2017-02-09 19:49 - 00000000 ____D C:\Users\pc\AppData\Local\ESET
2017-02-09 19:40 - 2017-02-09 19:40 - 00002229 _____ C:\Users\pc\Downloads\EmsiClean_2017.02.09_19.40.05.txt
2017-02-09 19:39 - 2017-02-09 19:39 - 00641240 _____ (Emsisoft Ltd) C:\Users\pc\Downloads\emsiclean.exe
2017-02-09 19:32 - 2017-02-09 19:32 - 01132704 _____ (ESET spol. s r.o.) C:\Users\pc\Downloads\eset_av_remover.exe
2017-02-09 18:55 - 2017-02-09 18:55 - 00000830 _____ C:\Users\pc\Documents\Ereignisse3.txt
2017-02-09 18:55 - 2017-02-09 18:55 - 00000826 _____ C:\Users\pc\Documents\Ereignisse2.txt
2017-02-09 18:54 - 2017-02-09 18:55 - 00000660 _____ C:\Users\pc\Documents\Ereignisse.txt
2017-02-09 16:15 - 2017-02-09 16:12 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-02-09 16:00 - 2017-02-09 16:04 - 03136128 _____ (ESET) C:\Users\pc\Downloads\eset_internet_security_live_installer.exe
2017-02-09 14:28 - 2017-02-10 14:55 - 00000000 ____D C:\ProgramData\Emsisoft
2017-02-09 14:20 - 2017-02-09 14:22 - 243057312 _____ (Emsisoft Ltd. ) C:\Users\pc\Downloads\EmsisoftAntiMalwareSetup.exe
2017-02-09 14:07 - 2017-02-09 19:06 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-02-09 14:07 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-09 14:07 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-02-09 14:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-09 14:04 - 2017-02-09 14:06 - 22851472 _____ (Malwarebytes ) C:\Users\pc\Downloads\mbam-setup-2.2.1.1043.exe
2017-02-09 11:06 - 2017-02-09 19:05 - 00001254 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Defrag.lnk
2017-02-09 11:00 - 2017-02-09 11:00 - 00003006 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (pc)
2017-02-08 15:14 - 2017-02-08 15:14 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2017-02-08 15:13 - 2017-02-08 15:13 - 00002870 _____ C:\WINDOWS\System32\Tasks\ASC10_SkipUac_pc
2017-02-08 15:12 - 2017-02-08 15:12 - 00003370 _____ C:\WINDOWS\System32\Tasks\SuperbGameBoost
2017-02-08 15:12 - 2017-02-08 15:12 - 00003232 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_AutoAnalyze
2017-02-08 15:12 - 2017-02-08 15:12 - 00003072 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Startup
2017-02-08 15:12 - 2017-02-08 15:12 - 00003072 _____ C:\WINDOWS\System32\Tasks\IObitSelfCheckTask
2017-02-08 15:12 - 2017-02-08 15:12 - 00003068 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2017-02-08 15:12 - 2017-02-08 15:12 - 00000000 ____D C:\ProgramData\SuperBoost
2017-02-08 15:12 - 2017-02-08 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2017-02-08 15:12 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2017-02-08 15:12 - 2016-03-22 11:02 - 00036824 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2017-02-08 15:12 - 2016-03-22 11:02 - 00021360 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2017-02-08 15:11 - 2017-02-08 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-02-08 15:11 - 2017-02-08 15:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\SuperBoost
2017-02-08 15:11 - 2017-02-08 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Superb Game Boost
2017-02-08 15:11 - 2016-01-29 15:21 - 00276800 _____ C:\WINDOWS\SysWOW64\D3DX8Wrapper.dll
2017-02-08 15:11 - 2016-01-29 15:21 - 00229184 _____ (easyhook.codeplex.com) C:\WINDOWS\SysWOW64\EasyHook32.dll
2017-02-08 15:11 - 2014-08-07 09:54 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-02-08 15:11 - 2014-07-22 13:25 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-02-08 15:11 - 2014-07-22 13:25 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-02-08 15:11 - 2014-07-22 13:25 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-02-08 15:05 - 2017-02-08 15:05 - 00003368 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2017-02-08 15:03 - 2017-02-08 15:03 - 17628560 _____ (IObit ) C:\Users\pc\Downloads\driver_booster_setup.exe
2017-02-08 13:04 - 2017-02-08 13:04 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-08 13:04 - 2017-02-08 13:04 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-08 12:34 - 2017-02-08 12:34 - 100298752 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2017-02-08 12:34 - 2017-02-08 12:34 - 00458752 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2017-02-08 12:34 - 2017-02-08 12:34 - 00065536 _____ C:\WINDOWS\system32\config\SAM.iobit
2017-02-08 12:34 - 2017-02-08 12:34 - 00032768 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2017-02-05 22:13 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-05 22:12 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-05 21:11 - 2017-02-05 21:11 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-02-05 08:53 - 2017-02-09 19:05 - 00002413 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-05 07:53 - 2017-02-05 18:27 - 00000000 ____D C:\Users\pc\AppData\Local\ConnectedDevicesPlatform
2017-02-05 07:47 - 2017-02-05 07:47 - 00000020 ___SH C:\Users\pc\ntuser.ini
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-02-05 06:36 - 2017-02-05 06:36 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-02-05 06:18 - 2017-02-05 06:28 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-02-05 06:18 - 2017-02-05 06:28 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-02-05 05:47 - 2017-02-05 05:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-02-05 05:35 - 2017-02-05 05:52 - 00002420 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2017-02-05 05:35 - 2017-02-05 05:52 - 00002394 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2017-02-05 05:35 - 2017-02-05 05:51 - 00002392 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2017-02-05 05:35 - 2017-02-05 05:45 - 00002378 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2017-02-05 05:35 - 2017-02-05 05:45 - 00002376 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2017-02-05 05:35 - 2017-02-05 05:35 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-02-05 05:34 - 2017-02-08 15:13 - 00003082 _____ C:\WINDOWS\System32\Tasks\ASC10_PerformanceMonitor
2017-02-05 05:34 - 2017-02-05 05:52 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-05 05:34 - 2017-02-05 05:52 - 00002668 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series
2017-02-05 05:34 - 2017-02-05 05:51 - 00003892 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000UA
2017-02-05 05:34 - 2017-02-05 05:51 - 00003624 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000Core
2017-02-05 05:34 - 2017-02-05 05:51 - 00003110 _____ C:\WINDOWS\System32\Tasks\Java Update Scheduler
2017-02-05 05:34 - 2017-02-05 05:51 - 00003100 _____ C:\WINDOWS\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2017-02-05 05:34 - 2017-02-05 05:48 - 00003142 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-02-05 05:34 - 2017-02-05 05:48 - 00003082 _____ C:\WINDOWS\System32\Tasks\HP-Online-Aktualisierungsprogramm
2017-02-05 05:34 - 2017-02-05 05:45 - 00002266 _____ C:\WINDOWS\System32\Tasks\HP Deskjet 1050 J410 series.exe
2017-02-05 05:34 - 2017-02-05 05:45 - 00002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-05 05:34 - 2017-02-05 05:44 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-02-05 05:34 - 2017-02-05 05:44 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-05 05:34 - 2017-02-05 05:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-02-04 18:11 - 2017-02-09 19:06 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default\AppData\Local\Apple
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2017-02-04 18:11 - 2017-02-04 18:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Apple
2017-02-04 18:05 - 2017-02-04 18:05 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-02-04 18:04 - 2017-02-04 18:12 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-02-04 18:02 - 2017-02-10 09:26 - 00000000 ____D C:\Users\pc
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Vorlagen
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Startmenü
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Netzwerkumgebung
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Lokale Einstellungen
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Eigene Dateien
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Druckumgebung
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Documents\Eigene Videos
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Documents\Eigene Musik
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Documents\Eigene Bilder
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\AppData\Local\Verlauf
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\AppData\Local\Anwendungsdaten
2017-02-04 18:02 - 2017-02-04 18:02 - 00000000 _SHDL C:\Users\pc\Anwendungsdaten
2017-02-04 18:01 - 2017-02-09 14:26 - 00000000 ____D C:\Users\DefaultAppPool
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-02-04 18:01 - 2017-02-04 18:01 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-02-04 17:57 - 2017-02-04 17:57 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2017-02-04 17:56 - 2017-02-04 17:56 - 00000000 ____D C:\Program Files\VIA
2017-02-04 17:53 - 2017-02-08 13:02 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-04 17:49 - 2017-02-04 18:05 - 00000000 ____D C:\Windows.old
2017-02-04 17:48 - 2017-02-04 17:48 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-02-04 13:04 - 2017-02-04 13:04 - 00000017 _____ C:\Users\pc\AppData\Local\resmon.resmoncfg
2017-01-29 14:45 - 2017-01-29 14:45 - 00000000 _____ C:\Users\pc\AppData\Local\{1C840261-B373-4740-83CA-587CE4CE050F}
2017-01-21 16:52 - 2017-02-09 19:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-16 04:18 - 2017-01-16 04:18 - 00000000 ____D C:\Users\pc\AppData\Roaming\Sun
2017-01-11 22:34 - 2017-01-30 13:44 - 00000228 _____ C:\WINDOWS\SysWOW64\SoftwareCache.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-10 15:01 - 2016-11-18 16:33 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Mozilla
2017-02-10 14:56 - 2016-11-20 22:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-10 14:56 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-02-10 14:33 - 2014-09-23 03:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-10 14:30 - 2014-09-23 10:11 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-10 14:30 - 2013-07-19 10:22 - 00000000 ____D C:\ProgramData\Avira
2017-02-10 14:25 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-10 14:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-10 14:12 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-10 14:12 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-10 09:31 - 2016-11-20 22:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-10 09:10 - 2016-11-20 22:46 - 01585918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-10 09:10 - 2016-11-20 22:00 - 00546634 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-10 09:10 - 2016-11-20 22:00 - 00113784 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-10 09:01 - 2016-11-20 13:36 - 00373648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-02-10 08:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-02-10 08:57 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-02-10 08:57 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-10 08:57 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-02-10 08:57 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2017-02-10 08:46 - 2016-11-20 13:36 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-10 04:22 - 2015-01-15 11:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\Dropbox
2017-02-10 01:52 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-10 00:32 - 2016-06-13 10:54 - 00000000 ____D C:\Users\pc\AppData\Roaming\vlc
2017-02-09 19:35 - 2014-09-23 10:18 - 00000000 ____D C:\Users\pc\AppData\Roaming\Avira
2017-02-09 19:06 - 2016-10-09 09:21 - 00000954 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-02-09 19:06 - 2016-06-17 10:19 - 00000593 _____ C:\Users\Public\Desktop\Fraps.lnk
2017-02-09 19:06 - 2016-06-08 14:34 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-09 19:06 - 2016-06-08 14:34 - 00002246 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-09 19:06 - 2015-01-15 11:35 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2017-02-09 19:06 - 2013-03-27 16:47 - 00001850 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BIOS Update.lnk
2017-02-09 19:06 - 2013-03-27 13:13 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
2017-02-09 19:05 - 2015-07-29 22:01 - 00001051 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-02-09 19:02 - 2016-12-01 02:02 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-09 17:55 - 2016-12-01 02:02 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-09 17:24 - 2013-07-22 16:19 - 00000000 ____D C:\Users\pc\AppData\Local\Facebook
2017-02-09 16:16 - 2014-09-21 12:56 - 00000000 ____D C:\ProgramData\Oracle
2017-02-09 16:15 - 2014-09-21 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-09 16:15 - 2014-09-21 12:56 - 00000000 ____D C:\Program Files\Java
2017-02-09 15:52 - 2014-09-18 03:51 - 00000000 ____D C:\Program Files\Enigma Software Group
2017-02-09 14:07 - 2014-09-23 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-02-09 14:07 - 2014-09-23 02:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-02-09 11:06 - 2016-12-01 02:02 - 00000000 ____D C:\Users\pc\AppData\Roaming\IObit
2017-02-08 15:14 - 2016-12-01 02:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\ProductData
2017-02-08 15:13 - 2016-12-01 02:05 - 00000000 ____D C:\ProgramData\ProductData
2017-02-08 15:12 - 2016-12-01 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2017-02-08 15:12 - 2016-12-01 02:02 - 00000000 ____D C:\ProgramData\IObit
2017-02-08 15:04 - 2016-12-01 03:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-02-08 14:57 - 2013-04-16 09:54 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-08 12:17 - 2015-01-25 15:18 - 00000000 ____D C:\ProgramData\mwas
2017-02-06 08:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-02-05 18:54 - 2015-07-29 21:58 - 00000000 ____D C:\Users\pc\AppData\Local\Packages
2017-02-05 09:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-05 08:55 - 2015-07-29 22:04 - 00000000 ___RD C:\Users\pc\OneDrive
2017-02-05 06:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-05 06:36 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows NT
2017-02-05 06:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-02-05 06:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-02-05 05:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
2017-02-05 05:17 - 2015-07-29 21:53 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-02-04 22:53 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\Media
2017-02-04 20:34 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-04 18:12 - 2016-10-09 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startfenster
2017-02-04 18:12 - 2016-08-28 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DragomonHunter-US
2017-02-04 18:12 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-02-04 18:12 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-04 18:12 - 2016-06-17 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2017-02-04 18:12 - 2016-06-13 10:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-02-04 18:12 - 2016-05-22 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Der Schreibtrainer
2017-02-04 18:12 - 2015-04-02 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2017-02-04 18:12 - 2015-01-14 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-02-04 18:12 - 2015-01-07 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-04 18:12 - 2014-08-17 19:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-02-04 18:12 - 2013-12-21 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2017-02-04 18:12 - 2013-03-29 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-02-04 18:12 - 2013-03-27 13:40 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-04 18:12 - 2013-03-27 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-04 18:11 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-02-04 18:07 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-02-04 18:07 - 2016-08-28 12:24 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-02-04 18:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\IME
2017-02-04 18:07 - 2015-12-14 04:47 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2017-02-04 18:07 - 2015-12-14 04:33 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-02-04 18:07 - 2015-12-14 04:33 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-02-04 18:06 - 2016-11-20 22:07 - 00000000 ____D C:\WINDOWS\OCR
2017-02-04 18:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\schemas
2017-02-04 18:06 - 2015-12-14 04:33 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-02-04 18:06 - 2013-07-19 10:11 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-02-04 18:05 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-02-04 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Help
2017-02-04 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-04 18:05 - 2015-12-14 04:33 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-02-04 18:05 - 2015-12-14 04:33 - 00000000 ____D C:\Program Files\MSBuild
2017-02-04 18:05 - 2015-12-14 04:33 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-02-04 18:05 - 2015-12-14 04:33 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-04 18:05 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-02-04 17:53 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-02-04 16:44 - 2016-12-02 23:15 - 00000000 ___HD C:\$WINDOWS.~BT
2017-02-04 16:28 - 2013-04-16 09:54 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-04 16:18 - 2015-06-18 09:43 - 00001212 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000UA.job
2017-02-04 15:15 - 2014-09-21 14:00 - 00000000 ____D C:\Users\pc\AppData\Local\ElevatedDiagnostics
2017-02-01 19:10 - 2016-11-17 23:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-01 19:10 - 2014-09-21 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-01 04:18 - 2015-06-18 09:43 - 00001160 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000Core.job
2017-01-23 06:08 - 2016-08-28 11:47 - 00000000 ____D C:\Users\pc\AppData\Local\Akamai
2017-01-11 03:51 - 2013-07-14 23:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 03:43 - 2013-03-27 14:44 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-04 13:04 - 2017-02-04 13:04 - 0000017 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
2017-01-29 14:45 - 2017-01-29 14:45 - 0000000 _____ () C:\Users\pc\AppData\Local\{1C840261-B373-4740-83CA-587CE4CE050F}
2016-05-22 20:22 - 2016-05-22 20:22 - 0000000 _____ () C:\ProgramData\Typing.access
2016-05-22 20:22 - 2016-05-22 20:22 - 0000000 _____ () C:\ProgramData\Typing.change

Einige Dateien in TEMP:
====================
2017-02-09 16:10 - 2017-02-09 16:10 - 0739904 _____ (Oracle Corporation) C:\Users\pc\AppData\Local\Temp\jre-8u121-windows-au.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-05 07:41

==================== Ende von FRST.txt ============================

Troja90 10.02.2017 15:08
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-02-2017
durchgeführt von pc (10-02-2017 15:05:55)
Gestartet von C:\Users\pc\Downloads
Windows 10 Pro Version 1607 (X64) (2017-02-05 06:20:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3981403820-1071516951-1015314759-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3981403820-1071516951-1015314759-503 - Limited - Disabled)
Gast (S-1-5-21-3981403820-1071516951-1015314759-501 - Limited - Disabled)
pc (S-1-5-21-3981403820-1071516951-1015314759-1000 - Administrator - Enabled) => C:\Users\pc

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
BIOS Update (HKLM-x32\...\{28FFFE19-141E-47CF-8E9B-DD75B43C4B06}) (Version:  - )
Dropbox (HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{ECC840AB-FC9C-4DFA-A26A-C639CDA005BD}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Startfenster (HKLM-x32\...\Startfenster.de) (Version: 1.0 - Startfenster) <==== ACHTUNG
Studie zur Verbesserung von HP Deskjet 1050 J410 series Produkten (HKLM\...\{32F69C20-FB09-4C40-A7B2-0E055D26867A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5 - VideoLAN)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\pc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0274893F-1EF9-44BD-BDAD-46D608028FB3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05B55282-1F9D-4731-AA1A-5E1BB0E0A57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B70A578-0426-4752-849A-6A4AB6715F13} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E347927-D47D-4492-AC4D-B49BABDF0BFD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {0FB172E3-24AE-43F5-96EB-A82A56DCDD38} - System32\Tasks\HP Deskjet 1050 J410 series.exe => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HP Deskjet 1050 J410 series.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {11BD22EF-3B58-452A-9910-21DED479CAD5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {11FF9B93-B14A-4147-AA8B-DDC4E104CA3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.)
Task: {19457666-402B-498E-B5E8-D6617E06856F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19CC5F0C-E18C-4C01-AF3A-D418506FEECF} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1FAC2BE1-C831-4440-8245-DEE3AA69A7D9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {2347F8BE-ECDB-44AC-B3EB-144E5C1A5CCA} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2520172F-A6CA-4B53-B7DA-7A0543B63F7B} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe
Task: {259B8D63-6F22-44ED-8145-BF7BE1880286} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe
Task: {36E6C1F9-9FB1-42FC-A507-48FBD37748AC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {3DCD9653-7C5D-4356-A9D9-AEAA15ED4287} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe
Task: {43093E68-CF08-4621-B371-CC8B7473306F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {452552C4-9041-40D6-97B7-56978322DEFB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4B3C722E-BBFD-474C-B6B6-BDD79B3FCEF1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {50FA58DD-9282-4109-8009-3EB1911EF53C} - System32\Tasks\SuperbGameBoost => C:\Program Files (x86)\SuperBoost\Superb Game Boost\SuperbGameBoostMain.exe
Task: {51CF68BF-9E52-420D-A121-3DB2264BC0F4} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {52267A4B-6A1E-43B0-BE94-B8792345C4A6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {57BFC9C3-9BC0-45AE-9D8F-056FBD2A18CA} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6F020EFC-2124-408A-BFAB-B318BE543689} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
Task: {7239F502-00AC-479D-9789-464BF87D003A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {7C4527A9-3114-4279-881A-F67D05B5947F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-14] (Microsoft Corporation)
Task: {7C948F14-D700-4192-9393-3FAB96D403D5} - System32\Tasks\ASC10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {7D2D4C32-06FC-4D50-8553-63840357D700} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {81481079-B9D8-424D-A086-A7ED59DC6D46} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {827C9269-AF8B-4960-89C9-F48B1FE741D8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {82AF28DB-FCEE-4BFE-B6A1-E5EF77F389BF} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\pc\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {863203B0-B532-4AE8-BEF4-2EF9B1E857A8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-14] (Microsoft Corporation)
Task: {86C4D2A6-3CDF-4968-B92A-682FA200E0C0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {884132ED-6BF3-4B6D-B2EA-D50F3C144A96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-14] (Microsoft Corporation)
Task: {8B056039-B68A-489B-8425-4D70A939BC76} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12] (Hewlett-Packard)
Task: {8ED0E1B7-0B61-43A2-B18A-318624417DAF} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A0729F03-9656-47BE-B236-B8D07C60D95E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A272A335-413A-4704-9EE4-9376F6058208} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {A3844174-1BCB-49BF-A9F4-7B3F56CC0086} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000Core => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {A72D0D8B-7A6C-4268-BEB3-FA300E009CCA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A8527F9A-B698-4A16-A736-0AFBBA38586E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000UA => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {AA881718-CC52-4AAF-AC87-084A57A4A017} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AAB9DAEB-BD54-406A-8B75-5D22501E295E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {AADA15BF-F5F9-4223-9729-BC1B0106B463} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {AB3EDDF4-DE93-4B7F-8F60-5696028F2B92} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B253AEA3-BA80-4485-A6C9-9CA440DB6468} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation)
Task: {B940F34A-9E17-4719-B18B-0B989802DBCA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {BF7FEF7E-9C68-4571-B9C4-51864F34A7CC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {C06ADBA9-FC9A-4B1F-AAAD-ECDBC74E6A10} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1CE1BEE-A998-4DC1-BBD4-42D3BF3F39E8} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {C83C91D4-FF56-4FB8-AF02-4E8E13252E65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.)
Task: {CC012857-C3E9-4B84-943A-E9AD4A996CDA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {DA60C8D1-BB6B-4471-B0E3-779C01E586B8} - System32\Tasks\ASC10_SkipUac_pc => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {DD76FF96-1411-4350-8BB0-348FBD351DE7} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {DE761EC7-0A6C-4EC7-831C-4ADED2C98FB1} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe
Task: {DFAED316-BBA8-4252-BD49-F7897E6214D2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E1D68888-D006-4FBF-A1A3-CA6DBCDF5F51} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {EAA49932-6F57-4BA1-AB3B-05921ABB84DC} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F5183DE3-FF23-46DC-AC3F-628E496EFF2C} - System32\Tasks\Driver Booster SkipUAC (pc) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
Task: {F58E3AC9-8CAF-4DDC-ACFC-58BAECA1477F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FC9EAA54-86C5-4261-B5B5-51574B6858DC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000Core.job => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3981403820-1071516951-1015314759-1000UA.job => C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-09 23:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-01-14 21:46 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-02-09 23:29 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-02-05 08:49 - 2017-02-05 08:51 - 00959168 _____ () C:\Users\pc\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-11-20 22:06 - 2016-11-20 22:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-09 23:49 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-02-09 23:28 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-09 23:28 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-09 23:28 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-09 23:28 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-09 23:28 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-09 23:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [134]
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [141]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\Software\Classes\exefile:  <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-07-30 09:10 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: WinPatrol => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe -expressboot
HKLM\...\StartupApproved\Run: => "emsisoft anti-malware"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-3981403820-1071516951-1015314759-1000\...\StartupApproved\Run: => "Advanced SystemCare 10"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{9F32A2AA-758F-4995-812E-B2B637EDC4FE}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{DC307441-D3D1-40F8-B1A9-F760FE824D73}] => C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\FFNativeMessage.exe
FirewallRules: [UDP Query User{17E7F625-8794-4102-8ECF-E2E62A22A117}C:\users\pc\appdata\local\akamai\netsession_win.exe] => C:\users\pc\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{12AF9742-1EA2-463B-AE07-5E882E9221A3}C:\users\pc\appdata\local\akamai\netsession_win.exe] => C:\users\pc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B839F2FF-8298-41E2-9AF9-2FABC9BF7F24}C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{380A071D-66F4-402E-B39D-A138639EC290}C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{750F7E39-8E06-4A14-9578-3B97E4C93635}C:\windows\system32\mobsync.exe] => C:\windows\system32\mobsync.exe
FirewallRules: [TCP Query User{D63BBF92-BED8-4494-95A1-D2461BB1922B}C:\windows\system32\mobsync.exe] => C:\windows\system32\mobsync.exe
FirewallRules: [UDP Query User{AB89B350-38D3-467B-B6FF-AD5E7D1A90DB}C:\windows\system32\sihost.exe] => C:\windows\system32\sihost.exe
FirewallRules: [TCP Query User{612C0E22-F88E-4837-BAD5-E654C8879793}C:\windows\system32\sihost.exe] => C:\windows\system32\sihost.exe
FirewallRules: [UDP Query User{BEC1CC13-7B4E-41D7-B3BB-DCD53598A8B8}C:\windows\system32\dllhost.exe] => C:\windows\system32\dllhost.exe
FirewallRules: [TCP Query User{A2A1C245-EF89-49B0-B5C7-139A7D75A58A}C:\windows\system32\dllhost.exe] => C:\windows\system32\dllhost.exe
FirewallRules: [UDP Query User{2E795BE5-EC19-498E-8278-39EF526C5DA1}C:\windows\explorer.exe] => C:\windows\explorer.exe
FirewallRules: [TCP Query User{7BB94C04-1425-46AA-B77D-29C1B712EF9D}C:\windows\explorer.exe] => C:\windows\explorer.exe
FirewallRules: [{B802E5D9-F0D2-4E85-95E9-89EC8FCD82A1}] => C:\AeriaGames\DragomonHunter-US\Game.bin
FirewallRules: [{9D7612E6-E89B-475E-B933-8A65EBFB52C3}] => C:\AeriaGames\DragomonHunter-US\Game.bin
FirewallRules: [UDP Query User{FC17483B-425C-4984-95C3-F560D711F086}C:\users\pc\appdata\local\akamai\netsession_win.exe] => C:\users\pc\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E87BC14B-8F86-4469-AC7C-9D41DDCE2857}C:\users\pc\appdata\local\akamai\netsession_win.exe] => C:\users\pc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C8B97016-15A8-4977-ACAA-B9E6FB9007DC}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{69C84397-C5BA-4665-8851-38777ECFBBE0}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{C1A75B18-CA44-42FB-A0CE-6B48E5CBBCFA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D162D7-DAB5-4037-AC31-D555D138494E}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{515FF2A9-C39B-4DD9-B49C-481957E45E5C}] => C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9B9E4CA4-5701-416A-AB17-57237169C87C}] => C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8B2CE32A-60FA-4D77-A915-585B5E5AEFFA}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5080F835-1E38-426C-82CA-17336DC6CFAC}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{373C7E9B-1796-461E-A412-CCC93CEEE83C}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{76F9F863-6B93-404C-8DE6-0C3076ED3BCC}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E27750FB-4891-456B-9298-72071F66F732}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C40645F3-E3DA-458D-9483-6478D8F17AA1}] => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{101D079D-1BD8-422C-B438-0A6CFB2557D4}] => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{543BA4D6-63FB-41FE-A85A-58D716C598D8}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E99978CA-DBE9-4A38-A4CA-29797A297098}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CE4FD77A-5582-48F8-A82C-53906C896488}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{EA6DE4BD-97D4-4113-A0E9-255B92C1105B}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{0021C2A3-96CF-4DF8-A58F-F20E341196F2}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{ED9F831E-DB9F-4F45-A940-626B03F8AD63}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{CE07B46B-5421-4424-A2B9-1EAEE4FE16C9}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{812FDBBD-9256-4DDF-A1D5-F598AEA0F984}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{D053CD43-2232-41AD-8706-BF49874B6DAA}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

10-02-2017 02:04:02 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/10/2017 02:16:18 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: NT-AUTORITÄT)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\TEMP. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.

 DETAIL - Das Verzeichnis ist nicht leer.

Error: (02/10/2017 02:13:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.14393.0, Zeitstempel: 0x57899ac7
Name des fehlerhaften Moduls: MSID991.tmp, Version: 10.0.386.0, Zeitstempel: 0x5850f6fd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018cb4
ID des fehlerhaften Prozesses: 0x538
Startzeit der fehlerhaften Anwendung: 0x01d2839f5fdcb860
Pfad der fehlerhaften Anwendung: C:\Windows\System32\MsiExec.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\Installer\MSID991.tmp
Berichtskennung: e2440ec7-b042-42a4-a207-6838c2e6fc49
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (02/10/2017 09:34:40 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/10/2017 09:26:51 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: pc-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (02/10/2017 09:26:51 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: pc-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.

Error: (02/10/2017 09:26:51 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: pc-PC)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (02/10/2017 09:26:51 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 for C:\Users\pc\ntuser.dat

Error: (02/10/2017 09:24:32 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/10/2017 09:21:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x10f0
Startzeit der fehlerhaften Anwendung: 0x01d28376b3888de9
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: edc66d1d-9632-48d6-855a-47230605b146
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (02/10/2017 09:21:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x10f0
Startzeit der fehlerhaften Anwendung: 0x01d28376b3888de9
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: c027f9b0-fbfb-4ef5-8f8b-127d6b3f5fb1
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge


Systemfehler:
=============
Error: (02/10/2017 02:57:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LiveUpdateSvc" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (02/10/2017 02:57:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sgbupt" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (02/10/2017 02:56:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IMFservice" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (02/10/2017 02:27:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/10/2017 02:27:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LiveUpdateSvc" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (02/10/2017 02:27:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sgbupt" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (02/10/2017 02:26:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IMFservice" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (02/10/2017 02:25:57 PM) (Source: DCOM) (EventID: 10010) (User: pc-PC)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/10/2017 02:20:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/10/2017 02:18:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira.ServiceHost erreicht.


CodeIntegrity:
===================================
  Date: 2017-02-10 09:28:02.904
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2017-02-10 00:44:14.075
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:44:14.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:44:14.053
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:44:14.043
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:44:14.033
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:44:14.021
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-02-10 00:37:04.465
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2017-02-09 19:52:00.462
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\xhunter1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-02-09 19:51:45.378
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen ===========================

Prozessor: AMD Athlon(tm) II X2 250 Processor
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 3071.3 MB
Verfügbarer physikalischer RAM: 1728.99 MB
Summe virtueller Speicher: 6143.3 MB
Verfügbarer virtueller Speicher: 4848.08 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:311.96 GB) (Free:199.3 GB) NTFS
Drive d: () (Fixed) (Total:153.26 GB) (Free:152.02 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F8096D02)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=312 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=153.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

cosinus 10.02.2017 15:16
1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Troja90 10.02.2017 16:04
Code:
15:53:03.0771 0x04b4  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
15:53:06.0792 0x04b4  ============================================================
15:53:06.0792 0x04b4  Current date / time: 2017/02/10 15:53:06.0792
15:53:06.0792 0x04b4  SystemInfo:
15:53:06.0792 0x04b4 
15:53:06.0792 0x04b4  OS Version: 10.0.14393 ServicePack: 0.0
15:53:06.0793 0x04b4  Product type: Workstation
15:53:06.0793 0x04b4  ComputerName: PC-PC
15:53:06.0793 0x04b4  UserName: pc
15:53:06.0793 0x04b4  Windows directory: C:\WINDOWS
15:53:06.0793 0x04b4  System windows directory: C:\WINDOWS
15:53:06.0793 0x04b4  Running under WOW64
15:53:06.0793 0x04b4  Processor architecture: Intel x64
15:53:06.0793 0x04b4  Number of processors: 2
15:53:06.0793 0x04b4  Page size: 0x1000
15:53:06.0793 0x04b4  Boot type: Normal boot
15:53:06.0793 0x04b4  CodeIntegrityOptions = 0x00000001
15:53:06.0793 0x04b4  ============================================================
15:53:06.0797 0x04b4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
15:53:07.0051 0x04b4  System UUID: {3EF31A04-2CD2-7BAA-4DD7-B924348B9B9B}
15:53:07.0342 0x04b4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
15:53:07.0345 0x04b4  ============================================================
15:53:07.0345 0x04b4  \Device\Harddisk0\DR0:
15:53:07.0346 0x04b4  MBR partitions:
15:53:07.0346 0x04b4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:53:07.0346 0x04b4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x26FED000
15:53:07.0346 0x04b4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27100800, BlocksNum 0x13285000
15:53:07.0346 0x04b4  ============================================================
15:53:07.0358 0x04b4  C: <-> \Device\Harddisk0\DR0\Partition2
15:53:07.0402 0x04b4  D: <-> \Device\Harddisk0\DR0\Partition3
15:53:07.0402 0x04b4  ============================================================
15:53:07.0402 0x04b4  Initialize success
15:53:07.0402 0x04b4  ============================================================
15:53:17.0137 0x02dc  ============================================================
15:53:17.0137 0x02dc  Scan started
15:53:17.0137 0x02dc  Mode: Manual; SigCheck; TDLFS;
15:53:17.0137 0x02dc  ============================================================
15:53:17.0137 0x02dc  KSN ping started
15:53:17.0191 0x02dc  KSN ping finished: true
15:53:18.0356 0x02dc  ================ Scan system memory ========================
15:53:18.0356 0x02dc  System memory - ok
15:53:18.0365 0x02dc  ================ Scan services =============================
15:53:18.0589 0x02dc  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
15:53:18.0642 0x02dc  1394ohci - ok
15:53:18.0668 0x02dc  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
15:53:18.0682 0x02dc  3ware - ok
15:53:18.0720 0x02dc  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
15:53:18.0750 0x02dc  ACPI - ok
15:53:18.0771 0x02dc  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev        C:\WINDOWS\System32\drivers\AcpiDev.sys
15:53:18.0785 0x02dc  AcpiDev - ok
15:53:18.0807 0x02dc  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
15:53:18.0822 0x02dc  acpiex - ok
15:53:18.0849 0x02dc  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
15:53:18.0860 0x02dc  acpipagr - ok
15:53:18.0894 0x02dc  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
15:53:18.0907 0x02dc  AcpiPmi - ok
15:53:18.0931 0x02dc  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
15:53:18.0943 0x02dc  acpitime - ok
15:53:19.0078 0x02dc  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:53:19.0094 0x02dc  AdobeARMservice - ok
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.02.10.04
  rootkit: v2016.11.20.01

Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
pc :: PC-PC [administrator]

10.02.2017 15:21:28
mbar-log-2017-02-10 (15-21-28).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 387641
Time elapsed: 25 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus 11.02.2017 02:58
Log vom tdsskiller ist unvollständig

Troja90 11.02.2017 11:21
Code:
10:34:12.0527 0x0de4  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
10:34:19.0262 0x0de4  ============================================================
10:34:19.0262 0x0de4  Current date / time: 2017/02/11 10:34:19.0262
10:34:19.0262 0x0de4  SystemInfo:
10:34:19.0262 0x0de4 
10:34:19.0262 0x0de4  OS Version: 10.0.14393 ServicePack: 0.0
10:34:19.0262 0x0de4  Product type: Workstation
10:34:19.0262 0x0de4  ComputerName: PC-PC
10:34:19.0262 0x0de4  UserName: pc
10:34:19.0262 0x0de4  Windows directory: C:\WINDOWS
10:34:19.0262 0x0de4  System windows directory: C:\WINDOWS
10:34:19.0262 0x0de4  Running under WOW64
10:34:19.0262 0x0de4  Processor architecture: Intel x64
10:34:19.0262 0x0de4  Number of processors: 2
10:34:19.0262 0x0de4  Page size: 0x1000
10:34:19.0262 0x0de4  Boot type: Normal boot
10:34:19.0262 0x0de4  CodeIntegrityOptions = 0x00000001
10:34:19.0262 0x0de4  ============================================================
10:34:19.0684 0x0de4  KLMD registered as C:\WINDOWS\system32\drivers\67912384.sys
10:34:19.0684 0x0de4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
10:34:20.0605 0x0de4  System UUID: {3EF31A04-2CD2-7BAA-4DD7-B924348B9B9B}
10:34:21.0465 0x0de4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
10:34:21.0480 0x0de4  ============================================================
10:34:21.0480 0x0de4  \Device\Harddisk0\DR0:
10:34:21.0480 0x0de4  MBR partitions:
10:34:21.0480 0x0de4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:34:21.0480 0x0de4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x26FED000
10:34:21.0480 0x0de4  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27100800, BlocksNum 0x13285000
10:34:21.0480 0x0de4  ============================================================
10:34:21.0527 0x0de4  C: <-> \Device\Harddisk0\DR0\Partition2
10:34:21.0637 0x0de4  D: <-> \Device\Harddisk0\DR0\Partition3
10:34:21.0637 0x0de4  ============================================================
10:34:21.0637 0x0de4  Initialize success
10:34:21.0637 0x0de4  ============================================================
10:34:52.0965 0x1ee8  ============================================================
10:34:52.0965 0x1ee8  Scan started
10:34:52.0965 0x1ee8  Mode: Manual;
10:34:52.0965 0x1ee8  ============================================================
10:34:52.0965 0x1ee8  KSN ping started
10:34:53.0043 0x1ee8  KSN ping finished: false
10:34:55.0934 0x1ee8  ================ Scan system memory ========================
10:34:55.0934 0x1ee8  Scan was interrupted by user!
10:34:56.0105 0x1ee8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
10:34:56.0105 0x1ee8  Win FW state via NFP2: enabled ( trusted )
Code:
10:34:56.0137 0x1ee8  ============================================================
10:34:56.0137 0x1ee8  Scan finished
10:34:56.0137 0x1ee8  ============================================================
10:34:56.0137 0x1e68  Detected object count: 0
10:34:56.0137 0x1e68  Actual detected object count: 0
10:35:08.0262 0x02d8  ============================================================
10:35:08.0262 0x02d8  Scan started
10:35:08.0262 0x02d8  Mode: Manual; SigCheck; TDLFS;
10:35:08.0262 0x02d8  ============================================================
10:35:08.0262 0x02d8  KSN ping started
10:35:08.0277 0x02d8  KSN ping finished: false
10:35:09.0059 0x02d8  ================ Scan system memory ========================
10:35:09.0059 0x02d8  System memory - ok
10:35:09.0059 0x02d8  ================ Scan services =============================
10:35:09.0309 0x02d8  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
10:35:09.0543 0x02d8  1394ohci - ok
10:35:09.0574 0x02d8  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
10:35:09.0590 0x02d8  3ware - ok
10:35:09.0621 0x02d8  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
10:35:09.0652 0x02d8  ACPI - ok
10:35:09.0684 0x02d8  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev        C:\WINDOWS\System32\drivers\AcpiDev.sys
10:35:09.0762 0x02d8  AcpiDev - ok
10:35:09.0793 0x02d8  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
10:35:09.0824 0x02d8  acpiex - ok
10:35:09.0856 0x02d8  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
10:35:09.0918 0x02d8  acpipagr - ok
10:35:09.0949 0x02d8  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
10:35:10.0027 0x02d8  AcpiPmi - ok
10:35:10.0059 0x02d8  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
10:35:10.0106 0x02d8  acpitime - ok
10:35:10.0277 0x02d8  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:35:10.0293 0x02d8  AdobeARMservice - ok
10:35:10.0402 0x02d8  [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:35:10.0418 0x02d8  AdobeFlashPlayerUpdateSvc - ok
10:35:10.0481 0x02d8  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX        C:\WINDOWS\system32\drivers\ADP80XX.SYS
10:35:10.0527 0x02d8  ADP80XX - ok
10:35:10.0606 0x02d8  [ D40F71605B47F744C76A47ADAB28468C, 1AA92D56E3D7910F4AAE86E469AB3750C7BF3964FBD4D71C3723B30F57117279 ] AdvancedSystemCareService10 C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
10:35:10.0621 0x02d8  AdvancedSystemCareService10 - ok
10:35:10.0652 0x02d8  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD            C:\WINDOWS\system32\drivers\afd.sys
10:35:10.0684 0x02d8  AFD - ok
10:35:10.0762 0x02d8  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache        C:\WINDOWS\system32\DRIVERS\ahcache.sys
10:35:10.0871 0x02d8  ahcache - ok
10:35:10.0934 0x02d8  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
10:35:11.0090 0x02d8  AJRouter - ok
10:35:11.0137 0x02d8  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG            C:\WINDOWS\System32\alg.exe
10:35:11.0262 0x02d8  ALG - ok
10:35:11.0324 0x02d8  [ 7FE59496114A48A64E98E3218664A3E6, 1C11EE3686CB7F57783A5A5F56CCED71F61A46B26B0F4C4D04B1B37E8AC5A7D1 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
10:35:11.0715 0x02d8  AMD External Events Utility - ok
10:35:11.0777 0x02d8  AMD FUEL Service - ok
10:35:11.0840 0x02d8  [ D65F2BC90169CCC5265955A496D526C3, 5C4371D9A61810098167FE5E16ABB25F2CCCF452490A15773678D5239810D6FB ] amdide64        C:\WINDOWS\system32\drivers\amdide64.sys
10:35:11.0856 0x02d8  amdide64 - ok
10:35:11.0902 0x02d8  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\WINDOWS\System32\drivers\amdiox64.sys
10:35:11.0949 0x02d8  amdiox64 - ok
10:35:11.0965 0x02d8  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
10:35:12.0090 0x02d8  AmdK8 - ok
10:35:12.0527 0x02d8  [ E66C25946B3D9268D8E10D3769CF4719, C273A59D3A29549E3C8BBF896015CA0E5D64A4ECCD6C2FF360927773DA736022 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
10:35:13.0059 0x02d8  amdkmdag - ok
10:35:13.0137 0x02d8  [ D1D66D1D42E53B53AFC7598058E71796, 12A1C8D895891F89745493091174D3FF5A9953F21427E7E1BE1120DA762E0CBD ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
10:35:13.0215 0x02d8  amdkmdap - ok
10:35:13.0262 0x02d8  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
10:35:13.0324 0x02d8  AmdPPM - ok
10:35:13.0340 0x02d8  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
10:35:13.0371 0x02d8  amdsata - ok
10:35:13.0387 0x02d8  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
10:35:13.0402 0x02d8  amdsbs - ok
10:35:13.0418 0x02d8  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
10:35:13.0434 0x02d8  amdxata - ok
10:35:13.0496 0x02d8  [ 5B25D1A753CC3A3EDB909BB759AC1098, 1B931342D8D36C8D177D6D9BFFFD8CDC0C6E6F82BA552DC8E5CDC1CAF528D0B0 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:35:13.0496 0x02d8  AODDriver4.1 - ok
10:35:13.0543 0x02d8  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID          C:\WINDOWS\system32\drivers\appid.sys
10:35:13.0559 0x02d8  AppID - ok
10:35:13.0606 0x02d8  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
10:35:13.0715 0x02d8  AppIDSvc - ok
10:35:13.0777 0x02d8  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo        C:\WINDOWS\System32\appinfo.dll
10:35:13.0965 0x02d8  Appinfo - ok
10:35:13.0996 0x02d8  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr  C:\WINDOWS\system32\drivers\applockerfltr.sys
10:35:14.0106 0x02d8  applockerfltr - ok
10:35:14.0152 0x02d8  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt        C:\WINDOWS\System32\appmgmts.dll
10:35:14.0246 0x02d8  AppMgmt - ok
10:35:14.0309 0x02d8  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
10:35:14.0465 0x02d8  AppReadiness - ok
10:35:14.0512 0x02d8  [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
10:35:14.0559 0x02d8  AppVClient - ok
10:35:14.0590 0x02d8  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
10:35:14.0606 0x02d8  AppvStrm - ok
10:35:14.0652 0x02d8  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr      C:\WINDOWS\system32\drivers\AppvVemgr.sys
10:35:14.0684 0x02d8  AppvVemgr - ok
10:35:14.0699 0x02d8  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs        C:\WINDOWS\system32\drivers\AppvVfs.sys
10:35:14.0715 0x02d8  AppvVfs - ok
10:35:14.0856 0x02d8  [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc        C:\WINDOWS\system32\appxdeploymentserver.dll
10:35:15.0043 0x02d8  AppXSvc - ok
10:35:15.0074 0x02d8  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
10:35:15.0090 0x02d8  arcsas - ok
10:35:15.0168 0x02d8  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
10:35:15.0277 0x02d8  AsyncMac - ok
Code:
10:35:15.0309 0x02d8  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
10:35:15.0324 0x02d8  atapi - ok
10:35:15.0387 0x02d8  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
10:35:15.0559 0x02d8  AudioEndpointBuilder - ok
10:35:15.0668 0x02d8  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
10:35:15.0746 0x02d8  Audiosrv - ok
10:35:15.0793 0x02d8  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
10:35:15.0824 0x02d8  AxInstSV - ok
10:35:15.0918 0x02d8  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
10:35:15.0949 0x02d8  b06bdrv - ok
10:35:15.0981 0x02d8  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
10:35:16.0106 0x02d8  BasicDisplay - ok
10:35:16.0121 0x02d8  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
10:35:16.0152 0x02d8  BasicRender - ok
10:35:16.0199 0x02d8  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn          C:\WINDOWS\System32\drivers\bcmfn.sys
10:35:16.0231 0x02d8  bcmfn - ok
10:35:16.0262 0x02d8  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
10:35:16.0293 0x02d8  bcmfn2 - ok
10:35:16.0324 0x02d8  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
10:35:16.0449 0x02d8  BDESVC - ok
10:35:16.0481 0x02d8  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:35:16.0574 0x02d8  Beep - ok
10:35:16.0652 0x02d8  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE            C:\WINDOWS\System32\bfe.dll
10:35:16.0762 0x02d8  BFE - ok
10:35:16.0824 0x02d8  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
10:35:16.0981 0x02d8  BITS - ok
10:35:17.0012 0x02d8  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
10:35:17.0106 0x02d8  bowser - ok
10:35:17.0199 0x02d8  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
10:35:17.0293 0x02d8  BrokerInfrastructure - ok
10:35:17.0356 0x02d8  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser        C:\WINDOWS\System32\browser.dll
10:35:17.0434 0x02d8  Browser - ok
10:35:17.0496 0x02d8  [ 49FE3D1F3D5C2E50A0DF0F6E8436D778, F929BEAD59E9424AB90427B379DCDD63FBFE0C4FB5E1792E3A1685541CD5EC65 ] BSMEM          C:\Windows\system32\drivers\BSMEM.sys
10:35:17.0527 0x02d8  BSMEM - ok
10:35:17.0574 0x02d8  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
10:35:17.0652 0x02d8  BthAvrcpTg - ok
10:35:17.0668 0x02d8  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
10:35:17.0699 0x02d8  BthHFEnum - ok
10:35:17.0731 0x02d8  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
10:35:17.0746 0x02d8  bthhfhid - ok
10:35:17.0809 0x02d8  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
10:35:17.0871 0x02d8  BthHFSrv - ok
10:35:17.0918 0x02d8  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
10:35:17.0965 0x02d8  BTHMODEM - ok
10:35:17.0996 0x02d8  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv        C:\WINDOWS\system32\bthserv.dll
10:35:18.0106 0x02d8  bthserv - ok
10:35:18.0137 0x02d8  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
10:35:18.0215 0x02d8  buttonconverter - ok
10:35:18.0246 0x02d8  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
10:35:18.0340 0x02d8  CapImg - ok
10:35:18.0356 0x02d8  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:35:18.0465 0x02d8  cdfs - ok
10:35:18.0512 0x02d8  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
10:35:18.0637 0x02d8  CDPSvc - ok
10:35:18.0684 0x02d8  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
10:35:18.0731 0x02d8  CDPUserSvc - ok
10:35:18.0840 0x02d8  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
10:35:18.0902 0x02d8  cdrom - ok
10:35:18.0934 0x02d8  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
10:35:19.0027 0x02d8  CertPropSvc - ok
10:35:19.0090 0x02d8  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi      C:\WINDOWS\system32\drivers\cht4sx64.sys
10:35:19.0137 0x02d8  cht4iscsi - ok
10:35:19.0184 0x02d8  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd        C:\WINDOWS\System32\drivers\cht4vx64.sys
10:35:19.0262 0x02d8  cht4vbd - ok
10:35:19.0293 0x02d8  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
10:35:19.0356 0x02d8  circlass - ok
10:35:19.0387 0x02d8  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
10:35:19.0418 0x02d8  CLFS - ok
10:35:19.0543 0x02d8  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc  C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
10:35:19.0621 0x02d8  ClickToRunSvc - ok
10:35:19.0684 0x02d8  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC        C:\WINDOWS\System32\ClipSVC.dll
10:35:19.0715 0x02d8  ClipSVC - ok
10:35:19.0746 0x02d8  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg          C:\WINDOWS\System32\drivers\registry.sys
10:35:19.0871 0x02d8  clreg - ok
10:35:19.0902 0x02d8  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
10:35:19.0949 0x02d8  CmBatt - ok
10:35:19.0996 0x02d8  [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
10:35:20.0027 0x02d8  CNG - ok
10:35:20.0059 0x02d8  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist    C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
10:35:20.0074 0x02d8  cnghwassist - ok
10:35:20.0137 0x02d8  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
10:35:20.0152 0x02d8  CompositeBus - ok
10:35:20.0152 0x02d8  COMSysApp - ok
10:35:20.0184 0x02d8  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
10:35:20.0199 0x02d8  condrv - ok
10:35:20.0277 0x02d8  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
10:35:20.0324 0x02d8  CoreMessagingRegistrar - ok
10:35:20.0356 0x02d8  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
10:35:20.0465 0x02d8  CryptSvc - ok
10:35:20.0543 0x02d8  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC            C:\WINDOWS\system32\drivers\csc.sys
10:35:20.0668 0x02d8  CSC - ok
10:35:20.0762 0x02d8  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
10:35:20.0824 0x02d8  CscService - ok
10:35:20.0856 0x02d8  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam            C:\WINDOWS\system32\drivers\dam.sys
10:35:20.0871 0x02d8  dam - ok
10:35:20.0934 0x02d8  [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
10:35:20.0981 0x02d8  dc3d - ok
10:35:21.0043 0x02d8  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:35:21.0106 0x02d8  DcomLaunch - ok
10:35:21.0168 0x02d8  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
10:35:21.0231 0x02d8  DcpSvc - ok
10:35:21.0277 0x02d8  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
10:35:21.0340 0x02d8  defragsvc - ok
10:35:21.0387 0x02d8  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
10:35:21.0481 0x02d8  DeviceAssociationService - ok
10:35:21.0512 0x02d8  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
10:35:21.0559 0x02d8  DeviceInstall - ok
10:35:21.0606 0x02d8  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
10:35:21.0668 0x02d8  DevQueryBroker - ok
10:35:21.0699 0x02d8  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
10:35:21.0793 0x02d8  Dfsc - ok
10:35:21.0824 0x02d8  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
10:35:21.0840 0x02d8  dg_ssudbus - ok
10:35:21.0918 0x02d8  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
10:35:22.0121 0x02d8  Dhcp - ok
10:35:22.0168 0x02d8  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
10:35:22.0262 0x02d8  diagnosticshub.standardcollector.service - ok
10:35:22.0356 0x02d8  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack      C:\WINDOWS\system32\diagtrack.dll
10:35:22.0512 0x02d8  DiagTrack - ok
10:35:22.0527 0x02d8  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
10:35:22.0543 0x02d8  disk - ok
10:35:22.0606 0x02d8  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
10:35:22.0746 0x02d8  DmEnrollmentSvc - ok
10:35:22.0777 0x02d8  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
10:35:22.0887 0x02d8  dmvsc - ok
10:35:22.0934 0x02d8  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
10:35:23.0012 0x02d8  dmwappushservice - ok
10:35:23.0059 0x02d8  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:35:23.0231 0x02d8  Dnscache - ok
10:35:23.0262 0x02d8  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
10:35:23.0387 0x02d8  dot3svc - ok
10:35:23.0402 0x02d8  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS            C:\WINDOWS\system32\dps.dll
10:35:23.0527 0x02d8  DPS - ok
10:35:23.0590 0x02d8  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud        C:\WINDOWS\system32\DRIVERS\drmkaud.sys
10:35:23.0621 0x02d8  drmkaud - ok
10:35:23.0668 0x02d8  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
10:35:23.0762 0x02d8  DsmSvc - ok
10:35:23.0793 0x02d8  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc          C:\WINDOWS\System32\DsSvc.dll
10:35:23.0840 0x02d8  DsSvc - ok
10:35:23.0934 0x02d8  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:35:24.0012 0x02d8  DXGKrnl - ok
10:35:24.0059 0x02d8  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost        C:\WINDOWS\System32\eapsvc.dll
10:35:24.0106 0x02d8  EapHost - ok
10:35:24.0262 0x02d8  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
10:35:24.0356 0x02d8  ebdrv - ok
10:35:24.0402 0x02d8  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS            C:\WINDOWS\System32\lsass.exe
10:35:24.0418 0x02d8  EFS - ok
10:35:24.0449 0x02d8  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
10:35:24.0465 0x02d8  EhStorClass - ok
10:35:24.0481 0x02d8  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
10:35:24.0496 0x02d8  EhStorTcgDrv - ok
10:35:24.0559 0x02d8  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
10:35:24.0606 0x02d8  embeddedmode - ok
10:35:24.0652 0x02d8  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc      C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
10:35:24.0699 0x02d8  EntAppSvc - ok
10:35:24.0731 0x02d8  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
10:35:24.0824 0x02d8  ErrDev - ok
10:35:24.0918 0x02d8  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem    C:\WINDOWS\system32\es.dll
10:35:25.0043 0x02d8  EventSystem - ok
10:35:25.0090 0x02d8  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
10:35:25.0137 0x02d8  exfat - ok
10:35:25.0184 0x02d8  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
10:35:25.0215 0x02d8  fastfat - ok
10:35:25.0262 0x02d8  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax            C:\WINDOWS\system32\fxssvc.exe
10:35:25.0387 0x02d8  Fax - ok
10:35:25.0418 0x02d8  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
10:35:25.0449 0x02d8  fdc - ok
10:35:25.0496 0x02d8  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
10:35:25.0590 0x02d8  fdPHost - ok
10:35:25.0606 0x02d8  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
10:35:25.0652 0x02d8  FDResPub - ok
10:35:25.0684 0x02d8  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
10:35:25.0809 0x02d8  fhsvc - ok
10:35:25.0856 0x02d8  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt      C:\WINDOWS\system32\drivers\filecrypt.sys
10:35:25.0934 0x02d8  FileCrypt - ok
10:35:25.0965 0x02d8  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
10:35:25.0996 0x02d8  FileInfo - ok
10:35:26.0012 0x02d8  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
10:35:26.0043 0x02d8  Filetrace - ok
10:35:26.0059 0x02d8  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
10:35:26.0090 0x02d8  flpydisk - ok
10:35:26.0137 0x02d8  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:35:26.0152 0x02d8  FltMgr - ok
10:35:26.0231 0x02d8  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache      C:\WINDOWS\system32\FntCache.dll
10:35:26.0402 0x02d8  FontCache - ok
10:35:26.0481 0x02d8  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer    C:\WINDOWS\system32\FrameServer.dll
10:35:26.0621 0x02d8  FrameServer - ok
10:35:26.0668 0x02d8  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
10:35:26.0684 0x02d8  FsDepends - ok
10:35:26.0699 0x02d8  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:35:26.0715 0x02d8  Fs_Rec - ok
10:35:26.0746 0x02d8  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:35:26.0777 0x02d8  fvevol - ok
10:35:26.0824 0x02d8  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
10:35:26.0918 0x02d8  gencounter - ok
10:35:26.0949 0x02d8  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
10:35:27.0043 0x02d8  genericusbfn - ok
10:35:27.0074 0x02d8  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
10:35:27.0090 0x02d8  GPIOClx0101 - ok
10:35:27.0152 0x02d8  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
10:35:27.0309 0x02d8  gpsvc - ok
Code:
10:35:27.0356 0x02d8  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
10:35:27.0434 0x02d8  GpuEnergyDrv - ok
10:35:27.0543 0x02d8  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:35:27.0574 0x02d8  gupdate - ok
10:35:27.0590 0x02d8  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:35:27.0590 0x02d8  gupdatem - ok
10:35:27.0637 0x02d8  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
10:35:27.0731 0x02d8  HDAudBus - ok
10:35:27.0762 0x02d8  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
10:35:27.0762 0x02d8  HidBatt - ok
10:35:27.0793 0x02d8  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
10:35:27.0856 0x02d8  HidBth - ok
10:35:27.0871 0x02d8  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
10:35:27.0918 0x02d8  hidi2c - ok
10:35:27.0996 0x02d8  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
10:35:28.0027 0x02d8  hidinterrupt - ok
10:35:28.0059 0x02d8  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
10:35:28.0121 0x02d8  HidIr - ok
10:35:28.0152 0x02d8  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv        C:\WINDOWS\system32\hidserv.dll
10:35:28.0246 0x02d8  hidserv - ok
10:35:28.0277 0x02d8  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
10:35:28.0356 0x02d8  HidUsb - ok
10:35:28.0402 0x02d8  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:35:28.0512 0x02d8  HomeGroupListener - ok
10:35:28.0559 0x02d8  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:35:28.0684 0x02d8  HomeGroupProvider - ok
10:35:28.0715 0x02d8  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
10:35:28.0731 0x02d8  HpSAMD - ok
10:35:28.0809 0x02d8  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
10:35:28.0856 0x02d8  HTTP - ok
10:35:28.0918 0x02d8  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
10:35:29.0027 0x02d8  HvHost - ok
10:35:29.0059 0x02d8  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice      C:\WINDOWS\system32\drivers\hvservice.sys
10:35:29.0074 0x02d8  hvservice - ok
10:35:29.0168 0x02d8  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
10:35:29.0184 0x02d8  HWiNFO32 - ok
10:35:29.0231 0x02d8  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
10:35:29.0246 0x02d8  hwpolicy - ok
10:35:29.0277 0x02d8  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
10:35:29.0340 0x02d8  hyperkbd - ok
10:35:29.0371 0x02d8  [ 6A0B9F5662598D229F62CD317292E8F3, AF33D3FFACF72A15EEE37A4998DF0C1F9595B949D1AB4FAFA8AF278DB41E0455 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
10:35:29.0434 0x02d8  HyperVideo - ok
10:35:29.0465 0x02d8  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
10:35:29.0559 0x02d8  i8042prt - ok
10:35:29.0559 0x02d8  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
10:35:29.0652 0x02d8  iagpio - ok
10:35:29.0684 0x02d8  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c          C:\WINDOWS\System32\drivers\iai2c.sys
10:35:29.0746 0x02d8  iai2c - ok
10:35:29.0777 0x02d8  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
10:35:29.0856 0x02d8  iaLPSS2i_GPIO2 - ok
10:35:29.0871 0x02d8  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
10:35:29.0887 0x02d8  iaLPSS2i_I2C - ok
10:35:29.0902 0x02d8  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
10:35:29.0918 0x02d8  iaLPSSi_GPIO - ok
10:35:29.0934 0x02d8  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
10:35:29.0949 0x02d8  iaLPSSi_I2C - ok
10:35:29.0981 0x02d8  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
10:35:30.0012 0x02d8  iaStorAV - ok
10:35:30.0027 0x02d8  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
10:35:30.0059 0x02d8  iaStorV - ok
10:35:30.0090 0x02d8  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus          C:\WINDOWS\System32\drivers\ibbus.sys
10:35:30.0106 0x02d8  ibbus - ok
10:35:30.0168 0x02d8  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
10:35:30.0277 0x02d8  icssvc - ok
10:35:30.0340 0x02d8  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
10:35:30.0387 0x02d8  IKEEXT - ok
10:35:30.0481 0x02d8  IMFFilter - ok
10:35:30.0574 0x02d8  IMFservice - ok
10:35:30.0621 0x02d8  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd    C:\WINDOWS\System32\drivers\IndirectKmd.sys
10:35:30.0699 0x02d8  IndirectKmd - ok
10:35:30.0746 0x02d8  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
10:35:30.0762 0x02d8  intelide - ok
10:35:30.0793 0x02d8  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
10:35:30.0793 0x02d8  intelpep - ok
10:35:30.0824 0x02d8  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
10:35:30.0856 0x02d8  intelppm - ok
10:35:30.0887 0x02d8  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
10:35:30.0902 0x02d8  iorate - ok
10:35:30.0934 0x02d8  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:35:31.0012 0x02d8  IpFilterDriver - ok
10:35:31.0074 0x02d8  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
10:35:31.0246 0x02d8  iphlpsvc - ok
10:35:31.0277 0x02d8  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
10:35:31.0277 0x02d8  IPMIDRV - ok
10:35:31.0309 0x02d8  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
10:35:31.0340 0x02d8  IPNAT - ok
10:35:31.0371 0x02d8  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
10:35:31.0402 0x02d8  irda - ok
10:35:31.0449 0x02d8  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
10:35:31.0465 0x02d8  IRENUM - ok
10:35:31.0512 0x02d8  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon          C:\WINDOWS\System32\irmon.dll
10:35:31.0574 0x02d8  irmon - ok
10:35:31.0606 0x02d8  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
10:35:31.0621 0x02d8  isapnp - ok
10:35:31.0652 0x02d8  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
10:35:31.0684 0x02d8  iScsiPrt - ok
10:35:31.0699 0x02d8  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
10:35:31.0715 0x02d8  kbdclass - ok
10:35:31.0715 0x02d8  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
10:35:31.0762 0x02d8  kbdhid - ok
10:35:31.0777 0x02d8  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic          C:\WINDOWS\System32\drivers\kdnic.sys
10:35:31.0824 0x02d8  kdnic - ok
10:35:31.0856 0x02d8  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
10:35:31.0871 0x02d8  KeyIso - ok
10:35:31.0902 0x02d8  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
10:35:31.0918 0x02d8  KSecDD - ok
10:35:31.0949 0x02d8  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:35:31.0965 0x02d8  KSecPkg - ok
10:35:31.0965 0x02d8  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
10:35:32.0012 0x02d8  ksthunk - ok
10:35:32.0074 0x02d8  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
10:35:32.0168 0x02d8  KtmRm - ok
10:35:32.0199 0x02d8  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
10:35:32.0246 0x02d8  LanmanServer - ok
10:35:32.0309 0x02d8  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:35:32.0402 0x02d8  LanmanWorkstation - ok
10:35:32.0449 0x02d8  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc          C:\WINDOWS\System32\lfsvc.dll
10:35:32.0543 0x02d8  lfsvc - ok
10:35:32.0606 0x02d8  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
10:35:32.0715 0x02d8  LicenseManager - ok
10:35:32.0715 0x02d8  LiveUpdateSvc - ok
10:35:32.0746 0x02d8  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
10:35:32.0793 0x02d8  lltdio - ok
10:35:32.0840 0x02d8  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
10:35:32.0887 0x02d8  lltdsvc - ok
10:35:32.0918 0x02d8  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
10:35:32.0934 0x02d8  lmhosts - ok
10:35:32.0965 0x02d8  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
10:35:32.0981 0x02d8  LSI_SAS - ok
10:35:32.0996 0x02d8  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i      C:\WINDOWS\system32\drivers\lsi_sas2i.sys
10:35:33.0012 0x02d8  LSI_SAS2i - ok
10:35:33.0027 0x02d8  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i      C:\WINDOWS\system32\drivers\lsi_sas3i.sys
10:35:33.0043 0x02d8  LSI_SAS3i - ok
10:35:33.0059 0x02d8  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
10:35:33.0074 0x02d8  LSI_SSS - ok
10:35:33.0137 0x02d8  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM            C:\WINDOWS\System32\lsm.dll
10:35:33.0199 0x02d8  LSM - ok
10:35:33.0246 0x02d8  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
10:35:33.0277 0x02d8  luafv - ok
10:35:33.0324 0x02d8  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\WINDOWS\System32\moshost.dll
10:35:33.0402 0x02d8  MapsBroker - ok
10:35:33.0449 0x02d8  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
10:35:33.0496 0x02d8  megasas - ok
10:35:33.0512 0x02d8  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i      C:\WINDOWS\system32\drivers\MegaSas2i.sys
10:35:33.0543 0x02d8  megasas2i - ok
10:35:33.0574 0x02d8  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
10:35:33.0606 0x02d8  megasr - ok
10:35:33.0652 0x02d8  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
10:35:33.0668 0x02d8  MessagingService - ok
Code:
10:35:33.0746 0x02d8  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
10:35:33.0777 0x02d8  mlx4_bus - ok
10:35:33.0824 0x02d8  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS          C:\WINDOWS\system32\drivers\mmcss.sys
10:35:33.0902 0x02d8  MMCSS - ok
10:35:33.0949 0x02d8  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem          C:\WINDOWS\system32\drivers\modem.sys
10:35:33.0981 0x02d8  Modem - ok
10:35:33.0996 0x02d8  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
10:35:34.0027 0x02d8  monitor - ok
10:35:34.0059 0x02d8  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
10:35:34.0074 0x02d8  mouclass - ok
10:35:34.0074 0x02d8  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
10:35:34.0168 0x02d8  mouhid - ok
10:35:34.0199 0x02d8  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
10:35:34.0215 0x02d8  mountmgr - ok
10:35:34.0262 0x02d8  [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:35:34.0277 0x02d8  MozillaMaintenance - ok
10:35:34.0293 0x02d8  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
10:35:34.0356 0x02d8  mpsdrv - ok
10:35:34.0434 0x02d8  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
10:35:34.0481 0x02d8  MpsSvc - ok
10:35:34.0512 0x02d8  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
10:35:34.0606 0x02d8  MRxDAV - ok
10:35:34.0637 0x02d8  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:35:34.0668 0x02d8  mrxsmb - ok
10:35:34.0731 0x02d8  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:35:34.0762 0x02d8  mrxsmb10 - ok
10:35:34.0793 0x02d8  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:35:34.0809 0x02d8  mrxsmb20 - ok
10:35:34.0856 0x02d8  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
10:35:34.0871 0x02d8  MsBridge - ok
10:35:34.0902 0x02d8  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC          C:\WINDOWS\System32\msdtc.exe
10:35:34.0934 0x02d8  MSDTC - ok
10:35:34.0981 0x02d8  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:35:35.0106 0x02d8  Msfs - ok
10:35:35.0137 0x02d8  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
10:35:35.0152 0x02d8  msgpiowin32 - ok
10:35:35.0168 0x02d8  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:35:35.0231 0x02d8  mshidkmdf - ok
10:35:35.0246 0x02d8  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
10:35:35.0309 0x02d8  mshidumdf - ok
10:35:35.0324 0x02d8  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
10:35:35.0340 0x02d8  msisadrv - ok
10:35:35.0387 0x02d8  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
10:35:35.0496 0x02d8  MSiSCSI - ok
10:35:35.0512 0x02d8  msiserver - ok
10:35:35.0527 0x02d8  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV        C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
10:35:35.0574 0x02d8  MSKSSRV - ok
10:35:35.0590 0x02d8  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
10:35:35.0684 0x02d8  MsLldp - ok
10:35:35.0715 0x02d8  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
10:35:35.0762 0x02d8  MSPCLOCK - ok
10:35:35.0793 0x02d8  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM          C:\WINDOWS\system32\DRIVERS\MSPQM.sys
10:35:35.0824 0x02d8  MSPQM - ok
10:35:35.0856 0x02d8  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
10:35:35.0871 0x02d8  MsRPC - ok
10:35:35.0902 0x02d8  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
10:35:35.0918 0x02d8  MsSecFlt - ok
10:35:35.0934 0x02d8  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
10:35:35.0949 0x02d8  mssmbios - ok
10:35:35.0965 0x02d8  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE          C:\WINDOWS\system32\DRIVERS\MSTEE.sys
10:35:36.0012 0x02d8  MSTEE - ok
10:35:36.0027 0x02d8  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
10:35:36.0059 0x02d8  MTConfig - ok
10:35:36.0090 0x02d8  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
10:35:36.0106 0x02d8  Mup - ok
10:35:36.0121 0x02d8  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
10:35:36.0137 0x02d8  mvumis - ok
10:35:36.0184 0x02d8  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:35:36.0340 0x02d8  NativeWifiP - ok
10:35:36.0418 0x02d8  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
10:35:36.0481 0x02d8  NcaSvc - ok
10:35:36.0543 0x02d8  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
10:35:36.0590 0x02d8  NcbService - ok
10:35:36.0606 0x02d8  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
10:35:36.0746 0x02d8  NcdAutoSetup - ok
10:35:36.0777 0x02d8  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
10:35:36.0824 0x02d8  ndfltr - ok
10:35:36.0871 0x02d8  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
10:35:36.0918 0x02d8  NDIS - ok
10:35:36.0949 0x02d8  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap        C:\WINDOWS\system32\drivers\ndiscap.sys
10:35:37.0043 0x02d8  NdisCap - ok
10:35:37.0090 0x02d8  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
10:35:37.0215 0x02d8  NdisImPlatform - ok
10:35:37.0246 0x02d8  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:35:37.0262 0x02d8  NdisTapi - ok
10:35:37.0324 0x02d8  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio        C:\WINDOWS\system32\drivers\ndisuio.sys
10:35:37.0371 0x02d8  Ndisuio - ok
10:35:37.0387 0x02d8  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
10:35:37.0418 0x02d8  NdisVirtualBus - ok
10:35:37.0465 0x02d8  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan        C:\WINDOWS\System32\drivers\ndiswan.sys
10:35:37.0512 0x02d8  NdisWan - ok
10:35:37.0512 0x02d8  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:35:37.0543 0x02d8  ndiswanlegacy - ok
10:35:37.0574 0x02d8  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy        C:\WINDOWS\system32\DRIVERS\NDProxy.sys
10:35:37.0590 0x02d8  ndproxy - ok
10:35:37.0606 0x02d8  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
10:35:37.0652 0x02d8  Ndu - ok
10:35:37.0684 0x02d8  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
10:35:37.0746 0x02d8  NetAdapterCx - ok
10:35:37.0762 0x02d8  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS        C:\WINDOWS\system32\drivers\netbios.sys
10:35:37.0777 0x02d8  NetBIOS - ok
10:35:37.0824 0x02d8  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
10:35:37.0887 0x02d8  NetBT - ok
10:35:37.0902 0x02d8  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:35:37.0918 0x02d8  Netlogon - ok
10:35:37.0981 0x02d8  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
10:35:38.0027 0x02d8  Netman - ok
10:35:38.0074 0x02d8  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
10:35:38.0199 0x02d8  netprofm - ok
10:35:38.0215 0x02d8  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc    C:\WINDOWS\System32\NetSetupSvc.dll
10:35:38.0356 0x02d8  NetSetupSvc - ok
10:35:38.0465 0x02d8  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:35:38.0527 0x02d8  NetTcpPortSharing - ok
10:35:38.0559 0x02d8  [ 6138F9D9B03DCC28E93220809B28F964, E22517EE0EF41DA05DA5962F137AE1CDC266F4E0F243DE598CBB91F507E17195 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
10:35:38.0637 0x02d8  netvsc - ok
10:35:38.0699 0x02d8  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
10:35:38.0824 0x02d8  NgcCtnrSvc - ok
10:35:38.0887 0x02d8  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
10:35:39.0043 0x02d8  NgcSvc - ok
10:35:39.0074 0x02d8  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
10:35:39.0215 0x02d8  NlaSvc - ok
10:35:39.0262 0x02d8  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:35:39.0277 0x02d8  Npfs - ok
10:35:39.0277 0x02d8  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
10:35:39.0324 0x02d8  npsvctrig - ok
10:35:39.0387 0x02d8  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi            C:\WINDOWS\system32\nsisvc.dll
10:35:39.0496 0x02d8  nsi - ok
10:35:39.0512 0x02d8  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
10:35:39.0574 0x02d8  nsiproxy - ok
10:35:39.0668 0x02d8  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
10:35:39.0746 0x02d8  NTFS - ok
10:35:39.0777 0x02d8  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:35:39.0809 0x02d8  Null - ok
10:35:39.0840 0x02d8  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\WINDOWS\system32\drivers\nusb3hub.sys
10:35:39.0934 0x02d8  nusb3hub - detected UnsignedFile.Multi.Generic ( 1 )
10:35:39.0996 0x02d8  nusb3hub ( UnsignedFile.Multi.Generic ) - warning
10:35:40.0043 0x02d8  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\WINDOWS\system32\drivers\nusb3xhc.sys
10:35:40.0090 0x02d8  nusb3xhc - detected UnsignedFile.Multi.Generic ( 1 )
10:35:40.0090 0x02d8  nusb3xhc ( UnsignedFile.Multi.Generic ) - warning
10:35:40.0137 0x02d8  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
10:35:40.0152 0x02d8  nvraid - ok
10:35:40.0168 0x02d8  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
10:35:40.0184 0x02d8  nvstor - ok
10:35:40.0215 0x02d8  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
10:35:40.0277 0x02d8  OneSyncSvc - ok
10:35:40.0340 0x02d8  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:35:40.0387 0x02d8  ose - ok
10:35:40.0621 0x02d8  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:35:40.0809 0x02d8  osppsvc - ok
10:35:40.0856 0x02d8  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
10:35:40.0934 0x02d8  p2pimsvc - ok
10:35:40.0965 0x02d8  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
10:35:40.0996 0x02d8  p2psvc - ok
10:35:41.0012 0x02d8  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport        C:\WINDOWS\System32\drivers\parport.sys
10:35:41.0121 0x02d8  Parport - ok
10:35:41.0168 0x02d8  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys
10:35:41.0184 0x02d8  partmgr - ok
10:35:41.0246 0x02d8  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
10:35:41.0277 0x02d8  PcaSvc - ok
10:35:41.0309 0x02d8  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci            C:\WINDOWS\system32\drivers\pci.sys
10:35:41.0324 0x02d8  pci - ok
10:35:41.0356 0x02d8  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
10:35:41.0371 0x02d8  pciide - ok
10:35:41.0387 0x02d8  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
10:35:41.0402 0x02d8  pcmcia - ok
10:35:41.0418 0x02d8  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
10:35:41.0434 0x02d8  pcw - ok
10:35:41.0434 0x02d8  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
10:35:41.0449 0x02d8  pdc - ok
10:35:41.0512 0x02d8  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
10:35:41.0574 0x02d8  PEAUTH - ok
10:35:41.0668 0x02d8  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc    C:\WINDOWS\system32\peerdistsvc.dll
10:35:41.0824 0x02d8  PeerDistSvc - ok
10:35:41.0871 0x02d8  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i      C:\WINDOWS\system32\drivers\percsas2i.sys
10:35:41.0918 0x02d8  percsas2i - ok
10:35:41.0918 0x02d8  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i      C:\WINDOWS\system32\drivers\percsas3i.sys
10:35:41.0934 0x02d8  percsas3i - ok
10:35:42.0027 0x02d8  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
10:35:42.0137 0x02d8  PerfHost - ok
10:35:42.0199 0x02d8  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
10:35:42.0293 0x02d8  PhoneSvc - ok
10:35:42.0324 0x02d8  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
10:35:42.0434 0x02d8  PimIndexMaintenanceSvc - ok
10:35:42.0512 0x02d8  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla            C:\WINDOWS\system32\pla.dll
10:35:42.0668 0x02d8  pla - ok
10:35:42.0715 0x02d8  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
10:35:42.0762 0x02d8  PlugPlay - ok
10:35:42.0809 0x02d8  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
10:35:42.0840 0x02d8  PNRPAutoReg - ok
10:35:42.0902 0x02d8  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
10:35:42.0934 0x02d8  PNRPsvc - ok
10:35:42.0949 0x02d8  [ 4C2985DAAF5859A670AE2AF478AF58C6, 3B62D04255FC9C9D46B76B740D9DEFB6F382ADB1C5D27948FABDE71E9F7CA768 ] Point64        C:\WINDOWS\System32\drivers\point64.sys
10:35:42.0965 0x02d8  Point64 - ok
10:35:42.0996 0x02d8  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
10:35:43.0043 0x02d8  PolicyAgent - ok
10:35:43.0090 0x02d8  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power          C:\WINDOWS\system32\umpo.dll
10:35:43.0121 0x02d8  Power - ok
10:35:43.0152 0x02d8  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
10:35:43.0199 0x02d8  PptpMiniport - ok
10:35:43.0402 0x02d8  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify    C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
10:35:43.0606 0x02d8  PrintNotify - ok
10:35:43.0652 0x02d8  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor      C:\WINDOWS\System32\drivers\processr.sys
10:35:43.0715 0x02d8  Processor - ok
10:35:43.0762 0x02d8  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
10:35:43.0871 0x02d8  ProfSvc - ok
10:35:43.0902 0x02d8  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
10:35:43.0918 0x02d8  Psched - ok
10:35:43.0965 0x02d8  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI            C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys
10:35:43.0981 0x02d8  PSI - ok
10:35:44.0059 0x02d8  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE          C:\WINDOWS\system32\qwave.dll
10:35:44.0168 0x02d8  QWAVE - ok
10:35:44.0231 0x02d8  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
10:35:44.0277 0x02d8  QWAVEdrv - ok
10:35:44.0324 0x02d8  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:35:44.0387 0x02d8  RasAcd - ok
10:35:44.0418 0x02d8  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn    C:\WINDOWS\System32\drivers\AgileVpn.sys
10:35:44.0527 0x02d8  RasAgileVpn - ok
10:35:44.0559 0x02d8  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
10:35:44.0606 0x02d8  RasAuto - ok
Code:
10:35:44.0637 0x02d8  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp        C:\WINDOWS\System32\drivers\rasl2tp.sys
10:35:44.0668 0x02d8  Rasl2tp - ok
10:35:44.0715 0x02d8  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:35:44.0824 0x02d8  RasMan - ok
10:35:44.0840 0x02d8  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
10:35:44.0856 0x02d8  RasPppoe - ok
10:35:44.0871 0x02d8  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp        C:\WINDOWS\System32\drivers\rassstp.sys
10:35:44.0918 0x02d8  RasSstp - ok
10:35:44.0965 0x02d8  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:35:44.0981 0x02d8  rdbss - ok
10:35:45.0027 0x02d8  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
10:35:45.0106 0x02d8  rdpbus - ok
10:35:45.0121 0x02d8  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
10:35:45.0168 0x02d8  RDPDR - ok
10:35:45.0215 0x02d8  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:35:45.0246 0x02d8  RdpVideoMiniport - ok
10:35:45.0293 0x02d8  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
10:35:45.0309 0x02d8  rdyboost - ok
10:35:45.0356 0x02d8  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
10:35:45.0402 0x02d8  ReFSv1 - ok
10:35:45.0574 0x02d8  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter      C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
10:35:45.0606 0x02d8  RegFilter - ok
10:35:45.0699 0x02d8  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:35:45.0793 0x02d8  RemoteAccess - ok
10:35:45.0824 0x02d8  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:35:45.0856 0x02d8  RemoteRegistry - ok
10:35:45.0902 0x02d8  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
10:35:46.0027 0x02d8  RetailDemo - ok
10:35:46.0074 0x02d8  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc          C:\WINDOWS\System32\RMapi.dll
10:35:46.0090 0x02d8  RmSvc - ok
10:35:46.0106 0x02d8  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
10:35:46.0152 0x02d8  RpcEptMapper - ok
10:35:46.0184 0x02d8  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:35:46.0199 0x02d8  RpcLocator - ok
10:35:46.0277 0x02d8  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
10:35:46.0324 0x02d8  RpcSs - ok
10:35:46.0356 0x02d8  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
10:35:46.0387 0x02d8  rspndr - ok
10:35:46.0465 0x02d8  [ 39FC08BE0FBCBF40A67C22FFB671A96F, B9B942A0AEF03E4E9D4A61C9F042CDC97BAD98912369CD0E0D8B0FFC08D124A3 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
10:35:46.0512 0x02d8  rt640x64 - ok
10:35:46.0543 0x02d8  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
10:35:46.0543 0x02d8  s3cap - ok
10:35:46.0590 0x02d8  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs          C:\WINDOWS\system32\lsass.exe
10:35:46.0590 0x02d8  SamSs - ok
10:35:46.0637 0x02d8  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
10:35:46.0652 0x02d8  sbp2port - ok
10:35:46.0715 0x02d8  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
10:35:46.0762 0x02d8  SCardSvr - ok
10:35:46.0809 0x02d8  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
10:35:46.0840 0x02d8  ScDeviceEnum - ok
10:35:46.0887 0x02d8  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:35:46.0949 0x02d8  scfilter - ok
10:35:47.0074 0x02d8  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:35:47.0137 0x02d8  Schedule - ok
10:35:47.0184 0x02d8  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
10:35:47.0199 0x02d8  scmbus - ok
10:35:47.0215 0x02d8  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101    C:\WINDOWS\System32\drivers\scmdisk0101.sys
10:35:47.0231 0x02d8  scmdisk0101 - ok
10:35:47.0262 0x02d8  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
10:35:47.0277 0x02d8  SCPolicySvc - ok
10:35:47.0309 0x02d8  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
10:35:47.0324 0x02d8  sdbus - ok
10:35:47.0387 0x02d8  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
10:35:47.0481 0x02d8  SDRSVC - ok
10:35:47.0543 0x02d8  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
10:35:47.0559 0x02d8  sdstor - ok
10:35:47.0574 0x02d8  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
10:35:47.0637 0x02d8  seclogon - ok
10:35:47.0762 0x02d8  [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
10:35:47.0809 0x02d8  Secunia PSI Agent - ok
10:35:47.0840 0x02d8  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
10:35:47.0918 0x02d8  SENS - ok
10:35:47.0918 0x02d8  Sense - ok
10:35:48.0043 0x02d8  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
10:35:48.0121 0x02d8  SensorDataService - ok
10:35:48.0199 0x02d8  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService  C:\WINDOWS\system32\SensorService.dll
10:35:48.0340 0x02d8  SensorService - ok
10:35:48.0371 0x02d8  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
10:35:48.0418 0x02d8  SensrSvc - ok
10:35:48.0449 0x02d8  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
10:35:48.0449 0x02d8  SerCx - ok
10:35:48.0481 0x02d8  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
10:35:48.0496 0x02d8  SerCx2 - ok
10:35:48.0527 0x02d8  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
10:35:48.0559 0x02d8  Serenum - ok
10:35:48.0574 0x02d8  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
10:35:48.0590 0x02d8  Serial - ok
10:35:48.0606 0x02d8  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
10:35:48.0637 0x02d8  sermouse - ok
10:35:48.0699 0x02d8  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
10:35:48.0762 0x02d8  SessionEnv - ok
10:35:48.0793 0x02d8  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
10:35:48.0809 0x02d8  sfloppy - ok
10:35:48.0809 0x02d8  sgbupt - ok
10:35:48.0856 0x02d8  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:35:48.0996 0x02d8  SharedAccess - ok
10:35:49.0090 0x02d8  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:35:49.0137 0x02d8  ShellHWDetection - ok
10:35:49.0184 0x02d8  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
10:35:49.0324 0x02d8  shpamsvc - ok
10:35:49.0356 0x02d8  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:35:49.0371 0x02d8  SiSRaid2 - ok
10:35:49.0402 0x02d8  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
10:35:49.0418 0x02d8  SiSRaid4 - ok
10:35:49.0449 0x02d8  [ 306EE29C824E85BB28D4579B23EFA55A, 0F60C3625482410EE0F5C7FE08E116B97BDE2ACB4C594A57276F4DB2A628A7EB ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
10:35:49.0449 0x02d8  SmartDefragDriver - ok
10:35:49.0496 0x02d8  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost        C:\WINDOWS\System32\smphost.dll
10:35:49.0559 0x02d8  smphost - ok
10:35:49.0590 0x02d8  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter      C:\WINDOWS\system32\SmsRouterSvc.dll
10:35:49.0684 0x02d8  SmsRouter - ok
10:35:49.0746 0x02d8  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
10:35:49.0777 0x02d8  SNMPTRAP - ok
10:35:49.0824 0x02d8  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
10:35:49.0856 0x02d8  spaceport - ok
10:35:49.0887 0x02d8  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
10:35:49.0902 0x02d8  SpbCx - ok
10:35:49.0949 0x02d8  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler        C:\WINDOWS\System32\spoolsv.exe
10:35:50.0043 0x02d8  Spooler - ok
10:35:50.0246 0x02d8  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
10:35:50.0449 0x02d8  sppsvc - ok
10:35:50.0481 0x02d8  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
10:35:50.0590 0x02d8  srv - ok
10:35:50.0652 0x02d8  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
10:35:50.0699 0x02d8  srv2 - ok
10:35:50.0731 0x02d8  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:35:50.0793 0x02d8  srvnet - ok
10:35:50.0840 0x02d8  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
10:35:50.0918 0x02d8  SSDPSRV - ok
10:35:50.0996 0x02d8  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
10:35:51.0059 0x02d8  SstpSvc - ok
10:35:51.0090 0x02d8  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
10:35:51.0106 0x02d8  ssudmdm - ok
10:35:51.0356 0x02d8  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
10:35:51.0715 0x02d8  StateRepository - ok
10:35:51.0746 0x02d8  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
10:35:51.0762 0x02d8  stexstor - ok
10:35:51.0824 0x02d8  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
10:35:51.0934 0x02d8  stisvc - ok
10:35:51.0965 0x02d8  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
10:35:51.0981 0x02d8  storahci - ok
10:35:52.0012 0x02d8  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt        C:\WINDOWS\system32\drivers\vmstorfl.sys
10:35:52.0027 0x02d8  storflt - ok
10:35:52.0043 0x02d8  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
10:35:52.0059 0x02d8  stornvme - ok
10:35:52.0074 0x02d8  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
10:35:52.0184 0x02d8  storqosflt - ok
10:35:52.0231 0x02d8  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc        C:\WINDOWS\system32\storsvc.dll
10:35:52.0356 0x02d8  StorSvc - ok
10:35:52.0402 0x02d8  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs        C:\WINDOWS\system32\drivers\storufs.sys
10:35:52.0402 0x02d8  storufs - ok
10:35:52.0418 0x02d8  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
10:35:52.0434 0x02d8  storvsc - ok
10:35:52.0465 0x02d8  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc          C:\WINDOWS\system32\svsvc.dll
10:35:52.0481 0x02d8  svsvc - ok
10:35:52.0496 0x02d8  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
10:35:52.0512 0x02d8  swenum - ok
10:35:52.0543 0x02d8  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv          C:\WINDOWS\System32\swprv.dll
10:35:52.0574 0x02d8  swprv - ok
10:35:52.0621 0x02d8  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
10:35:52.0715 0x02d8  Synth3dVsc - ok
10:35:52.0793 0x02d8  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain        C:\WINDOWS\system32\sysmain.dll
10:35:52.0871 0x02d8  SysMain - ok
10:35:52.0918 0x02d8  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
10:35:52.0965 0x02d8  SystemEventsBroker - ok
10:35:52.0996 0x02d8  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:35:53.0027 0x02d8  TabletInputService - ok
10:35:53.0059 0x02d8  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
10:35:53.0106 0x02d8  TapiSrv - ok
10:35:53.0231 0x02d8  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
10:35:53.0309 0x02d8  Tcpip - ok
10:35:53.0387 0x02d8  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
10:35:53.0465 0x02d8  Tcpip6 - ok
10:35:53.0496 0x02d8  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
10:35:53.0559 0x02d8  tcpipreg - ok
10:35:53.0574 0x02d8  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
10:35:53.0590 0x02d8  tdx - ok
10:35:53.0621 0x02d8  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
10:35:53.0637 0x02d8  terminpt - ok
10:35:53.0715 0x02d8  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService    C:\WINDOWS\System32\termsrv.dll
10:35:53.0871 0x02d8  TermService - ok
10:35:53.0949 0x02d8  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
10:35:53.0996 0x02d8  Themes - ok
10:35:54.0043 0x02d8  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
10:35:54.0090 0x02d8  TieringEngineService - ok
10:35:54.0137 0x02d8  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
10:35:54.0246 0x02d8  tiledatamodelsvc - ok
10:35:54.0324 0x02d8  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc  C:\WINDOWS\System32\TimeBrokerServer.dll
10:35:54.0371 0x02d8  TimeBrokerSvc - ok
10:35:54.0512 0x02d8  [ 506B0B498216371D64ABB69145B70E4C, 94FE0E8A61C506FBA45D14571A14DC259E1D52778CEF8366CE8CBDCD871E28DB ] tor            C:\Program Files (x86)\Tor\tor.exe
10:35:54.0840 0x02d8  tor - detected UnsignedFile.Multi.Generic ( 1 )
10:35:54.0840 0x02d8  tor ( UnsignedFile.Multi.Generic ) - warning
10:35:54.0871 0x02d8  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM            C:\WINDOWS\System32\drivers\tpm.sys
10:35:54.0887 0x02d8  TPM - ok
10:35:54.0934 0x02d8  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
10:35:54.0965 0x02d8  TrkWks - ok
10:35:55.0043 0x02d8  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:35:55.0199 0x02d8  TrustedInstaller - ok
10:35:55.0231 0x02d8  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
10:35:55.0277 0x02d8  tsusbflt - ok
10:35:55.0309 0x02d8  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
10:35:55.0340 0x02d8  TsUsbGD - ok
10:35:55.0356 0x02d8  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\System32\drivers\tsusbhub.sys
10:35:55.0418 0x02d8  tsusbhub - ok
10:35:55.0465 0x02d8  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
10:35:55.0512 0x02d8  tunnel - ok
10:35:55.0574 0x02d8  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
10:35:55.0715 0x02d8  tzautoupdate - ok
10:35:55.0746 0x02d8  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
10:35:55.0762 0x02d8  UASPStor - ok
10:35:55.0793 0x02d8  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101      C:\WINDOWS\system32\Drivers\UcmCx.sys
10:35:55.0871 0x02d8  UcmCx0101 - ok
10:35:55.0902 0x02d8  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
10:35:55.0934 0x02d8  UcmTcpciCx0101 - ok
10:35:55.0949 0x02d8  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi        C:\WINDOWS\System32\drivers\UcmUcsi.sys
10:35:55.0965 0x02d8  UcmUcsi - ok
10:35:55.0981 0x02d8  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
10:35:55.0996 0x02d8  Ucx01000 - ok
10:35:56.0027 0x02d8  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx          C:\WINDOWS\system32\drivers\udecx.sys
10:35:56.0106 0x02d8  UdeCx - ok
10:35:56.0137 0x02d8  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
10:35:56.0168 0x02d8  udfs - ok
10:35:56.0184 0x02d8  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
10:35:56.0199 0x02d8  UEFI - ok
10:35:56.0215 0x02d8  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
10:35:56.0231 0x02d8  UevAgentDriver - ok
10:35:56.0293 0x02d8  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
10:35:56.0434 0x02d8  UevAgentService - ok
10:35:56.0481 0x02d8  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
10:35:56.0496 0x02d8  Ufx01000 - ok
10:35:56.0527 0x02d8  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea    C:\WINDOWS\System32\drivers\UfxChipidea.sys
10:35:56.0543 0x02d8  UfxChipidea - ok
10:35:56.0590 0x02d8  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys    C:\WINDOWS\System32\drivers\ufxsynopsys.sys
10:35:56.0606 0x02d8  ufxsynopsys - ok
10:35:56.0652 0x02d8  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
10:35:56.0715 0x02d8  UI0Detect - ok
10:35:56.0731 0x02d8  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
10:35:56.0762 0x02d8  umbus - ok
10:35:56.0777 0x02d8  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
10:35:56.0793 0x02d8  UmPass - ok
10:35:56.0824 0x02d8  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
10:35:56.0871 0x02d8  UmRdpService - ok
10:35:56.0934 0x02d8  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc    C:\WINDOWS\System32\unistore.dll
10:35:57.0043 0x02d8  UnistoreSvc - ok
10:35:57.0199 0x02d8  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:35:57.0246 0x02d8  upnphost - ok
10:35:57.0277 0x02d8  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea    C:\WINDOWS\System32\drivers\urschipidea.sys
10:35:57.0293 0x02d8  UrsChipidea - ok
10:35:57.0293 0x02d8  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
10:35:57.0309 0x02d8  UrsCx01000 - ok
10:35:57.0324 0x02d8  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys    C:\WINDOWS\System32\drivers\urssynopsys.sys
10:35:57.0340 0x02d8  UrsSynopsys - ok
10:35:57.0371 0x02d8  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64      C:\WINDOWS\system32\Drivers\usbaapl64.sys
10:35:57.0449 0x02d8  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
10:35:57.0449 0x02d8  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
10:35:57.0496 0x02d8  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys
10:35:57.0527 0x02d8  usbccgp - ok
10:35:57.0574 0x02d8  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
10:35:57.0590 0x02d8  usbcir - ok
10:35:57.0606 0x02d8  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
10:35:57.0621 0x02d8  usbehci - ok
10:35:57.0652 0x02d8  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
10:35:57.0668 0x02d8  usbhub - ok
10:35:57.0699 0x02d8  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
10:35:57.0731 0x02d8  USBHUB3 - ok
10:35:57.0762 0x02d8  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
10:35:57.0777 0x02d8  usbohci - ok
10:35:57.0809 0x02d8  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
10:35:57.0809 0x02d8  usbprint - ok
10:35:57.0840 0x02d8  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
10:35:57.0871 0x02d8  usbser - ok
10:35:57.0902 0x02d8  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
10:35:57.0918 0x02d8  USBSTOR - ok
10:35:57.0934 0x02d8  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
10:35:57.0965 0x02d8  usbuhci - ok
10:35:57.0996 0x02d8  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
10:35:58.0012 0x02d8  USBXHCI - ok
10:35:58.0106 0x02d8  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc    C:\WINDOWS\System32\userdataservice.dll
10:35:58.0168 0x02d8  UserDataSvc - ok
10:35:58.0231 0x02d8  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager    C:\WINDOWS\System32\usermgr.dll
10:35:58.0324 0x02d8  UserManager - ok
10:35:58.0371 0x02d8  [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc          C:\WINDOWS\system32\usocore.dll
10:35:58.0512 0x02d8  UsoSvc - ok
10:35:58.0527 0x02d8  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
10:35:58.0543 0x02d8  VaultSvc - ok
10:35:58.0559 0x02d8  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
10:35:58.0574 0x02d8  vdrvroot - ok
10:35:58.0621 0x02d8  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds            C:\WINDOWS\System32\vds.exe
10:35:58.0684 0x02d8  vds - ok
10:35:58.0715 0x02d8  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
10:35:58.0731 0x02d8  VerifierExt - ok
10:35:58.0777 0x02d8  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
10:35:58.0809 0x02d8  vhdmp - ok
10:35:58.0840 0x02d8  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf            C:\WINDOWS\System32\drivers\vhf.sys
10:35:58.0887 0x02d8  vhf - ok
10:35:58.0934 0x02d8  [ 1916D8565B95F93D696067C01280937E, 0DA15AE1729F2D0F37A00751871F68F07724B14B07AC3257B2636C7F171FF660 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
10:35:58.0949 0x02d8  VIAHdAudAddService - ok
10:35:58.0981 0x02d8  [ 26F9E6EC387A35B9C0543F10A0E8E798, 7A324A635C8B94D2463E140EF8FD4ECFB3ACAAC7EC5D1C9FCC49BB63F2F56ABD ] VIAKaraokeService C:\WINDOWS\system32\viakaraokesrv.exe
10:35:58.0996 0x02d8  VIAKaraokeService - ok
10:35:59.0027 0x02d8  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
10:35:59.0043 0x02d8  vmbus - ok
10:35:59.0059 0x02d8  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
10:35:59.0074 0x02d8  VMBusHID - ok
10:35:59.0106 0x02d8  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid          C:\WINDOWS\System32\drivers\vmgid.sys
10:35:59.0121 0x02d8  vmgid - ok
10:35:59.0184 0x02d8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
10:35:59.0277 0x02d8  vmicguestinterface - ok
10:35:59.0309 0x02d8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat  C:\WINDOWS\System32\icsvc.dll
10:35:59.0324 0x02d8  vmicheartbeat - ok
10:35:59.0356 0x02d8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
10:35:59.0371 0x02d8  vmickvpexchange - ok
10:35:59.0402 0x02d8  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv        C:\WINDOWS\System32\icsvcext.dll
10:35:59.0527 0x02d8  vmicrdv - ok
10:35:59.0543 0x02d8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
10:35:59.0574 0x02d8  vmicshutdown - ok
10:35:59.0590 0x02d8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
10:35:59.0606 0x02d8  vmictimesync - ok
10:35:59.0621 0x02d8  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession  C:\WINDOWS\System32\icsvc.dll
10:35:59.0652 0x02d8  vmicvmsession - ok
10:35:59.0668 0x02d8  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss        C:\WINDOWS\System32\icsvcext.dll
10:35:59.0684 0x02d8  vmicvss - ok
10:35:59.0731 0x02d8  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
10:35:59.0746 0x02d8  volmgr - ok
10:35:59.0762 0x02d8  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
10:35:59.0777 0x02d8  volmgrx - ok
10:35:59.0809 0x02d8  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
10:35:59.0824 0x02d8  volsnap - ok
10:35:59.0840 0x02d8  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
10:35:59.0856 0x02d8  volume - ok
10:35:59.0902 0x02d8  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
10:35:59.0918 0x02d8  vpci - ok
10:35:59.0949 0x02d8  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
10:35:59.0965 0x02d8  vsmraid - ok
10:36:00.0027 0x02d8  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS            C:\WINDOWS\system32\vssvc.exe
10:36:00.0121 0x02d8  VSS - ok
10:36:00.0152 0x02d8  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
10:36:00.0184 0x02d8  VSTXRAID - ok
10:36:00.0215 0x02d8  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
10:36:00.0262 0x02d8  vwifibus - ok
10:36:00.0293 0x02d8  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
10:36:00.0324 0x02d8  vwififlt - ok
10:36:00.0402 0x02d8  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time        C:\WINDOWS\system32\w32time.dll
10:36:00.0481 0x02d8  W32Time - ok

Troja90 11.02.2017 11:23
Code:
10:36:00.0512 0x02d8  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
10:36:00.0527 0x02d8  WacomPen - ok
10:36:00.0559 0x02d8  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService  C:\WINDOWS\system32\WalletService.dll
10:36:00.0684 0x02d8  WalletService - ok
10:36:00.0715 0x02d8  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:36:00.0762 0x02d8  wanarp - ok
10:36:00.0777 0x02d8  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:36:00.0793 0x02d8  wanarpv6 - ok
10:36:00.0871 0x02d8  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
10:36:01.0027 0x02d8  wbengine - ok
10:36:01.0090 0x02d8  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
10:36:01.0215 0x02d8  WbioSrvc - ok
10:36:01.0246 0x02d8  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs          C:\WINDOWS\system32\drivers\wcifs.sys
10:36:01.0262 0x02d8  wcifs - ok
10:36:01.0324 0x02d8  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
10:36:01.0371 0x02d8  Wcmsvc - ok
10:36:01.0418 0x02d8  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
10:36:01.0496 0x02d8  wcncsvc - ok
10:36:01.0512 0x02d8  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs          C:\WINDOWS\system32\drivers\wcnfs.sys
10:36:01.0574 0x02d8  wcnfs - ok
10:36:01.0590 0x02d8  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
10:36:01.0621 0x02d8  WdBoot - ok
10:36:01.0652 0x02d8  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
10:36:01.0684 0x02d8  Wdf01000 - ok
10:36:01.0731 0x02d8  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
10:36:01.0746 0x02d8  WdFilter - ok
10:36:01.0793 0x02d8  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
10:36:01.0809 0x02d8  WdiServiceHost - ok
10:36:01.0809 0x02d8  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
10:36:01.0840 0x02d8  WdiSystemHost - ok
10:36:01.0871 0x02d8  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi        C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
10:36:01.0934 0x02d8  wdiwifi - ok
10:36:01.0981 0x02d8  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
10:36:01.0996 0x02d8  WdNisDrv - ok
10:36:02.0012 0x02d8  WdNisSvc - ok
10:36:02.0090 0x02d8  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient      C:\WINDOWS\System32\webclnt.dll
10:36:02.0152 0x02d8  WebClient - ok
10:36:02.0184 0x02d8  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
10:36:02.0246 0x02d8  Wecsvc - ok
10:36:02.0277 0x02d8  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
10:36:02.0309 0x02d8  WEPHOSTSVC - ok
10:36:02.0356 0x02d8  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
10:36:02.0465 0x02d8  wercplsupport - ok
10:36:02.0496 0x02d8  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
10:36:02.0590 0x02d8  WerSvc - ok
10:36:02.0621 0x02d8  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS        C:\WINDOWS\system32\drivers\wfplwfs.sys
10:36:02.0652 0x02d8  WFPLWFS - ok
10:36:02.0684 0x02d8  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
10:36:02.0731 0x02d8  WiaRpc - ok
10:36:02.0762 0x02d8  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
10:36:02.0777 0x02d8  WIMMount - ok
10:36:02.0777 0x02d8  WinDefend - ok
10:36:02.0824 0x02d8  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
10:36:02.0840 0x02d8  WindowsTrustedRT - ok
10:36:02.0871 0x02d8  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
10:36:02.0887 0x02d8  WindowsTrustedRTProxy - ok
10:36:02.0934 0x02d8  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
10:36:03.0043 0x02d8  WinHttpAutoProxySvc - ok
10:36:03.0090 0x02d8  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
10:36:03.0106 0x02d8  WinMad - ok
10:36:03.0168 0x02d8  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
10:36:03.0340 0x02d8  Winmgmt - ok
10:36:03.0543 0x02d8  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
10:36:03.0746 0x02d8  WinRM - ok
10:36:03.0793 0x02d8  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
10:36:03.0809 0x02d8  WINUSB - ok
10:36:03.0840 0x02d8  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
10:36:03.0856 0x02d8  WinVerbs - ok
10:36:03.0887 0x02d8  [ 3A627A24EAC6CEC3BA59548AA70BAD6E, C4B908CEB2D6F7F14C635AE02E20B16DAF795073975AE3967627D27E8ABAB015 ] WirelessKeyboardFilter C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys
10:36:03.0902 0x02d8  WirelessKeyboardFilter - ok
10:36:03.0934 0x02d8  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc          C:\WINDOWS\system32\flightsettings.dll
10:36:04.0027 0x02d8  wisvc - ok
10:36:04.0152 0x02d8  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
10:36:04.0277 0x02d8  WlanSvc - ok
10:36:04.0543 0x02d8  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
10:36:04.0715 0x02d8  wlidsvc - ok
10:36:04.0731 0x02d8  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
10:36:04.0746 0x02d8  WmiAcpi - ok
10:36:04.0777 0x02d8  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:36:04.0809 0x02d8  wmiApSrv - ok
10:36:04.0840 0x02d8  WMPNetworkSvc - ok
10:36:04.0856 0x02d8  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
10:36:04.0871 0x02d8  Wof - ok
10:36:05.0012 0x02d8  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
10:36:05.0199 0x02d8  workfolderssvc - ok
10:36:05.0231 0x02d8  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
10:36:05.0293 0x02d8  WPDBusEnum - ok
10:36:05.0324 0x02d8  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
10:36:05.0340 0x02d8  WpdUpFltr - ok
10:36:05.0356 0x02d8  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
10:36:05.0465 0x02d8  WpnService - ok
10:36:05.0512 0x02d8  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
10:36:05.0574 0x02d8  WpnUserService - ok
10:36:05.0621 0x02d8  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:36:05.0684 0x02d8  ws2ifsl - ok
10:36:05.0715 0x02d8  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
10:36:05.0824 0x02d8  wscsvc - ok
10:36:05.0824 0x02d8  WSearch - ok
10:36:05.0981 0x02d8  [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
10:36:06.0121 0x02d8  wuauserv - ok
10:36:06.0137 0x02d8  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
10:36:06.0168 0x02d8  WudfPf - ok
10:36:06.0199 0x02d8  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
10:36:06.0215 0x02d8  WUDFRd - ok
10:36:06.0262 0x02d8  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
10:36:06.0277 0x02d8  wudfsvc - ok
10:36:06.0340 0x02d8  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
10:36:06.0481 0x02d8  WwanSvc - ok
10:36:06.0574 0x02d8  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
10:36:06.0699 0x02d8  XblAuthManager - ok
10:36:06.0777 0x02d8  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave    C:\WINDOWS\System32\XblGameSave.dll
10:36:06.0903 0x02d8  XblGameSave - ok
10:36:06.0949 0x02d8  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip        C:\WINDOWS\System32\drivers\xboxgip.sys
10:36:06.0996 0x02d8  xboxgip - ok
10:36:07.0059 0x02d8  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc  C:\WINDOWS\system32\XboxNetApiSvc.dll
10:36:07.0121 0x02d8  XboxNetApiSvc - ok
10:36:07.0152 0x02d8  [ 7439DCAF71314B1D85E452B3F2E1138A, DAAF67C90C35DC1839CEC6962AD001961EFDE00DDFCDC702882AFA234D71248B ] xhunter1        C:\WINDOWS\xhunter1.sys
10:36:07.0184 0x02d8  xhunter1 - ok
10:36:07.0215 0x02d8  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid      C:\WINDOWS\System32\drivers\xinputhid.sys
10:36:07.0293 0x02d8  xinputhid - ok
10:36:07.0293 0x02d8  ================ Scan global ===============================
10:36:07.0356 0x02d8  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
10:36:07.0387 0x02d8  [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\WINDOWS\system32\winsrv.dll
10:36:07.0418 0x02d8  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
10:36:07.0465 0x02d8  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
10:36:07.0465 0x02d8  [ Global ] - ok
10:36:07.0465 0x02d8  ================ Scan MBR ==================================
10:36:07.0481 0x02d8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:36:07.0996 0x02d8  \Device\Harddisk0\DR0 - ok
10:36:07.0996 0x02d8  ================ Scan VBR ==================================
10:36:08.0012 0x02d8  [ 1093870764C806551B0BC89A8D226D43 ] \Device\Harddisk0\DR0\Partition1
10:36:08.0027 0x02d8  \Device\Harddisk0\DR0\Partition1 - ok
10:36:08.0043 0x02d8  [ ED8B84697D5104BA7FB09A4A12539F5B ] \Device\Harddisk0\DR0\Partition2
10:36:08.0043 0x02d8  \Device\Harddisk0\DR0\Partition2 - ok
10:36:08.0074 0x02d8  [ CFC2060111B251D866D8DA30D69EA353 ] \Device\Harddisk0\DR0\Partition3
10:36:08.0074 0x02d8  \Device\Harddisk0\DR0\Partition3 - ok
10:36:08.0074 0x02d8  ================ Scan generic autorun ======================
10:36:08.0074 0x02d8  WindowsDefender - ok
10:36:08.0449 0x02d8  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:36:08.0746 0x02d8  OneDriveSetup - ok
10:36:09.0027 0x02d8  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:36:09.0215 0x02d8  OneDriveSetup - ok
10:36:09.0387 0x02d8  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
10:36:09.0403 0x02d8  Dropbox Update - ok
10:36:09.0574 0x02d8  [ 7F3D0BC2FE61C249302E0515989C59E2, 18613B1D861D7289EF050EE1C0384FCF70F40FDF7E3CB586D36B5D19A7591F8F ] C:\Users\pc\AppData\Local\Akamai\netsession_win.exe
10:36:09.0668 0x02d8  Akamai NetSession Interface - ok
10:36:09.0715 0x02d8  Advanced SystemCare 10 - ok
10:36:09.0981 0x02d8  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:36:10.0184 0x02d8  OneDriveSetup - ok
10:36:10.0293 0x02d8  [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe
10:36:10.0387 0x02d8  WAB Migrate - ok
10:36:10.0403 0x02d8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
10:36:10.0403 0x02d8  Win FW state via NFP2: enabled ( trusted )
10:36:10.0403 0x02d8  ============================================================
10:36:10.0403 0x02d8  Scan finished
10:36:10.0403 0x02d8  ============================================================
10:36:10.0418 0x19dc  Detected object count: 4
10:36:10.0418 0x19dc  Actual detected object count: 4
10:36:39.0449 0x19dc  nusb3hub ( UnsignedFile.Multi.Generic ) - skipped by user
10:36:39.0449 0x19dc  nusb3hub ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:36:39.0449 0x19dc  nusb3xhc ( UnsignedFile.Multi.Generic ) - skipped by user
10:36:39.0449 0x19dc  nusb3xhc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:36:39.0465 0x19dc  tor ( UnsignedFile.Multi.Generic ) - skipped by user
10:36:39.0465 0x19dc  tor ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:36:39.0465 0x19dc  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
10:36:39.0465 0x19dc  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:41:15.0689 0x1f94  ============================================================
10:41:15.0689 0x1f94  Scan started
10:41:15.0689 0x1f94  Mode: Manual; SigCheck; TDLFS;
10:41:15.0689 0x1f94  ============================================================
10:41:15.0689 0x1f94  KSN ping started
10:41:15.0689 0x1f94  KSN ping finished: false
10:41:16.0564 0x1f94  ================ Scan system memory ========================
10:41:16.0564 0x1f94  System memory - ok
10:41:16.0564 0x1f94  ================ Scan services =============================
10:41:16.0783 0x1f94  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
10:41:16.0814 0x1f94  1394ohci - ok
10:41:16.0830 0x1f94  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
10:41:16.0846 0x1f94  3ware - ok
10:41:16.0877 0x1f94  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
10:41:16.0908 0x1f94  ACPI - ok
10:41:16.0939 0x1f94  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev        C:\WINDOWS\System32\drivers\AcpiDev.sys
10:41:16.0955 0x1f94  AcpiDev - ok
10:41:16.0971 0x1f94  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
10:41:16.0986 0x1f94  acpiex - ok
10:41:17.0018 0x1f94  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
10:41:17.0033 0x1f94  acpipagr - ok
10:41:17.0064 0x1f94  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
10:41:17.0080 0x1f94  AcpiPmi - ok
10:41:17.0096 0x1f94  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
10:41:17.0111 0x1f94  acpitime - ok
10:41:17.0268 0x1f94  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:41:17.0283 0x1f94  AdobeARMservice - ok
10:41:17.0393 0x1f94  [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:41:17.0424 0x1f94  AdobeFlashPlayerUpdateSvc - ok
10:41:17.0486 0x1f94  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX        C:\WINDOWS\system32\drivers\ADP80XX.SYS
10:41:17.0533 0x1f94  ADP80XX - ok
10:41:17.0627 0x1f94  [ D40F71605B47F744C76A47ADAB28468C, 1AA92D56E3D7910F4AAE86E469AB3750C7BF3964FBD4D71C3723B30F57117279 ] AdvancedSystemCareService10 C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
10:41:17.0658 0x1f94  AdvancedSystemCareService10 - ok
10:41:17.0689 0x1f94  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD            C:\WINDOWS\system32\drivers\afd.sys
10:41:17.0721 0x1f94  AFD - ok
10:41:17.0783 0x1f94  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache        C:\WINDOWS\system32\DRIVERS\ahcache.sys
10:41:17.0799 0x1f94  ahcache - ok
10:41:17.0861 0x1f94  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
10:41:17.0877 0x1f94  AJRouter - ok
10:41:17.0908 0x1f94  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG            C:\WINDOWS\System32\alg.exe
10:41:17.0955 0x1f94  ALG - ok
10:41:18.0018 0x1f94  [ 7FE59496114A48A64E98E3218664A3E6, 1C11EE3686CB7F57783A5A5F56CCED71F61A46B26B0F4C4D04B1B37E8AC5A7D1 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
10:41:18.0049 0x1f94  AMD External Events Utility - ok
10:41:18.0096 0x1f94  AMD FUEL Service - ok
10:41:18.0174 0x1f94  [ D65F2BC90169CCC5265955A496D526C3, 5C4371D9A61810098167FE5E16ABB25F2CCCF452490A15773678D5239810D6FB ] amdide64        C:\WINDOWS\system32\drivers\amdide64.sys
10:41:18.0221 0x1f94  amdide64 - ok
10:41:18.0268 0x1f94  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\WINDOWS\System32\drivers\amdiox64.sys
10:41:18.0283 0x1f94  amdiox64 - ok
10:41:18.0299 0x1f94  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
10:41:18.0330 0x1f94  AmdK8 - ok
10:41:18.0736 0x1f94  [ E66C25946B3D9268D8E10D3769CF4719, C273A59D3A29549E3C8BBF896015CA0E5D64A4ECCD6C2FF360927773DA736022 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
10:41:19.0143 0x1f94  amdkmdag - ok
10:41:19.0236 0x1f94  [ D1D66D1D42E53B53AFC7598058E71796, 12A1C8D895891F89745493091174D3FF5A9953F21427E7E1BE1120DA762E0CBD ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
10:41:19.0268 0x1f94  amdkmdap - ok
10:41:19.0299 0x1f94  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
10:41:19.0314 0x1f94  AmdPPM - ok
10:41:19.0330 0x1f94  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
10:41:19.0346 0x1f94  amdsata - ok
10:41:19.0377 0x1f94  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
10:41:19.0393 0x1f94  amdsbs - ok
10:41:19.0408 0x1f94  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
10:41:19.0424 0x1f94  amdxata - ok
10:41:19.0486 0x1f94  [ 5B25D1A753CC3A3EDB909BB759AC1098, 1B931342D8D36C8D177D6D9BFFFD8CDC0C6E6F82BA552DC8E5CDC1CAF528D0B0 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:41:19.0502 0x1f94  AODDriver4.1 - ok
10:41:19.0549 0x1f94  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID          C:\WINDOWS\system32\drivers\appid.sys
10:41:19.0564 0x1f94  AppID - ok
10:41:19.0611 0x1f94  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
10:41:19.0627 0x1f94  AppIDSvc - ok
10:41:19.0689 0x1f94  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo        C:\WINDOWS\System32\appinfo.dll
10:41:19.0705 0x1f94  Appinfo - ok
Code:
10:41:19.0721 0x1f94  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr  C:\WINDOWS\system32\drivers\applockerfltr.sys
10:41:19.0752 0x1f94  applockerfltr - ok
10:41:19.0783 0x1f94  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt        C:\WINDOWS\System32\appmgmts.dll
10:41:19.0799 0x1f94  AppMgmt - ok
10:41:19.0877 0x1f94  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
10:41:19.0908 0x1f94  AppReadiness - ok
10:41:19.0955 0x1f94  [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
10:41:19.0986 0x1f94  AppVClient - ok
10:41:20.0018 0x1f94  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
10:41:20.0033 0x1f94  AppvStrm - ok
10:41:20.0080 0x1f94  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr      C:\WINDOWS\system32\drivers\AppvVemgr.sys
10:41:20.0096 0x1f94  AppvVemgr - ok
10:41:20.0127 0x1f94  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs        C:\WINDOWS\system32\drivers\AppvVfs.sys
10:41:20.0127 0x1f94  AppvVfs - ok
10:41:20.0221 0x1f94  [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc        C:\WINDOWS\system32\appxdeploymentserver.dll
10:41:20.0314 0x1f94  AppXSvc - ok
10:41:20.0361 0x1f94  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
10:41:20.0377 0x1f94  arcsas - ok
10:41:20.0439 0x1f94  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
10:41:20.0455 0x1f94  AsyncMac - ok
10:41:20.0471 0x1f94  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
10:41:20.0486 0x1f94  atapi - ok
10:41:20.0549 0x1f94  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
10:41:20.0611 0x1f94  AudioEndpointBuilder - ok
10:41:20.0643 0x1f94  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
10:41:20.0689 0x1f94  Audiosrv - ok
10:41:20.0768 0x1f94  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
10:41:20.0799 0x1f94  AxInstSV - ok
10:41:20.0861 0x1f94  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
10:41:20.0893 0x1f94  b06bdrv - ok
10:41:20.0924 0x1f94  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
10:41:20.0939 0x1f94  BasicDisplay - ok
10:41:20.0939 0x1f94  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
10:41:20.0955 0x1f94  BasicRender - ok
10:41:20.0986 0x1f94  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn          C:\WINDOWS\System32\drivers\bcmfn.sys
10:41:21.0002 0x1f94  bcmfn - ok
10:41:21.0018 0x1f94  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
10:41:21.0033 0x1f94  bcmfn2 - ok
10:41:21.0064 0x1f94  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
10:41:21.0096 0x1f94  BDESVC - ok
10:41:21.0127 0x1f94  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:41:21.0143 0x1f94  Beep - ok
10:41:21.0221 0x1f94  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE            C:\WINDOWS\System32\bfe.dll
10:41:21.0252 0x1f94  BFE - ok
10:41:21.0314 0x1f94  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
10:41:21.0361 0x1f94  BITS - ok
10:41:21.0377 0x1f94  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
10:41:21.0393 0x1f94  bowser - ok
10:41:21.0471 0x1f94  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
10:41:21.0518 0x1f94  BrokerInfrastructure - ok
10:41:21.0564 0x1f94  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser        C:\WINDOWS\System32\browser.dll
10:41:21.0580 0x1f94  Browser - ok
10:41:21.0643 0x1f94  [ 49FE3D1F3D5C2E50A0DF0F6E8436D778, F929BEAD59E9424AB90427B379DCDD63FBFE0C4FB5E1792E3A1685541CD5EC65 ] BSMEM          C:\Windows\system32\drivers\BSMEM.sys
10:41:21.0658 0x1f94  BSMEM - ok
10:41:21.0705 0x1f94  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
10:41:21.0736 0x1f94  BthAvrcpTg - ok
10:41:21.0752 0x1f94  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
10:41:21.0768 0x1f94  BthHFEnum - ok
10:41:21.0783 0x1f94  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
10:41:21.0799 0x1f94  bthhfhid - ok
10:41:21.0846 0x1f94  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
10:41:21.0861 0x1f94  BthHFSrv - ok
10:41:21.0893 0x1f94  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
10:41:21.0908 0x1f94  BTHMODEM - ok
10:41:21.0955 0x1f94  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv        C:\WINDOWS\system32\bthserv.dll
10:41:21.0971 0x1f94  bthserv - ok
10:41:22.0002 0x1f94  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
10:41:22.0018 0x1f94  buttonconverter - ok
10:41:22.0033 0x1f94  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
10:41:22.0049 0x1f94  CapImg - ok
10:41:22.0064 0x1f94  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:41:22.0096 0x1f94  cdfs - ok
10:41:22.0127 0x1f94  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
10:41:22.0158 0x1f94  CDPSvc - ok
10:41:22.0174 0x1f94  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
10:41:22.0205 0x1f94  CDPUserSvc - ok
10:41:22.0330 0x1f94  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
10:41:22.0361 0x1f94  cdrom - ok
10:41:22.0408 0x1f94  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
10:41:22.0439 0x1f94  CertPropSvc - ok
10:41:22.0486 0x1f94  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi      C:\WINDOWS\system32\drivers\cht4sx64.sys
10:41:22.0533 0x1f94  cht4iscsi - ok
10:41:22.0580 0x1f94  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd        C:\WINDOWS\System32\drivers\cht4vx64.sys
10:41:22.0658 0x1f94  cht4vbd - ok
10:41:22.0689 0x1f94  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
10:41:22.0705 0x1f94  circlass - ok
10:41:22.0752 0x1f94  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
10:41:22.0768 0x1f94  CLFS - ok
10:41:22.0877 0x1f94  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc  C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
10:41:22.0939 0x1f94  ClickToRunSvc - ok
10:41:23.0002 0x1f94  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC        C:\WINDOWS\System32\ClipSVC.dll
10:41:23.0033 0x1f94  ClipSVC - ok
10:41:23.0080 0x1f94  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg          C:\WINDOWS\System32\drivers\registry.sys
10:41:23.0096 0x1f94  clreg - ok
10:41:23.0127 0x1f94  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
10:41:23.0143 0x1f94  CmBatt - ok
10:41:23.0174 0x1f94  [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
10:41:23.0205 0x1f94  CNG - ok
10:41:23.0236 0x1f94  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist    C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
10:41:23.0252 0x1f94  cnghwassist - ok
10:41:23.0314 0x1f94  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
10:41:23.0346 0x1f94  CompositeBus - ok
10:41:23.0361 0x1f94  COMSysApp - ok
10:41:23.0408 0x1f94  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
10:41:23.0424 0x1f94  condrv - ok
10:41:23.0502 0x1f94  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
10:41:23.0533 0x1f94  CoreMessagingRegistrar - ok
10:41:23.0564 0x1f94  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
10:41:23.0580 0x1f94  CryptSvc - ok
10:41:23.0627 0x1f94  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC            C:\WINDOWS\system32\drivers\csc.sys
10:41:23.0658 0x1f94  CSC - ok
10:41:23.0768 0x1f94  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
10:41:23.0814 0x1f94  CscService - ok
10:41:23.0830 0x1f94  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam            C:\WINDOWS\system32\drivers\dam.sys
10:41:23.0846 0x1f94  dam - ok
10:41:23.0908 0x1f94  [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
10:41:23.0924 0x1f94  dc3d - ok
10:41:23.0971 0x1f94  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:41:24.0002 0x1f94  DcomLaunch - ok
10:41:24.0049 0x1f94  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
10:41:24.0080 0x1f94  DcpSvc - ok
10:41:24.0143 0x1f94  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
10:41:24.0189 0x1f94  defragsvc - ok
10:41:24.0205 0x1f94  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
10:41:24.0236 0x1f94  DeviceAssociationService - ok
10:41:24.0268 0x1f94  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
10:41:24.0283 0x1f94  DeviceInstall - ok
10:41:24.0330 0x1f94  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
10:41:24.0346 0x1f94  DevQueryBroker - ok
10:41:24.0377 0x1f94  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
10:41:24.0408 0x1f94  Dfsc - ok
10:41:24.0424 0x1f94  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
10:41:24.0439 0x1f94  dg_ssudbus - ok
10:41:24.0502 0x1f94  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
10:41:24.0518 0x1f94  Dhcp - ok
10:41:24.0564 0x1f94  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
10:41:24.0580 0x1f94  diagnosticshub.standardcollector.service - ok
10:41:24.0643 0x1f94  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack      C:\WINDOWS\system32\diagtrack.dll
10:41:24.0721 0x1f94  DiagTrack - ok
10:41:24.0736 0x1f94  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
10:41:24.0752 0x1f94  disk - ok
10:41:24.0799 0x1f94  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
10:41:24.0830 0x1f94  DmEnrollmentSvc - ok
10:41:24.0861 0x1f94  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
10:41:24.0877 0x1f94  dmvsc - ok
10:41:24.0924 0x1f94  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
10:41:24.0939 0x1f94  dmwappushservice - ok
10:41:25.0002 0x1f94  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:41:25.0018 0x1f94  Dnscache - ok
10:41:25.0049 0x1f94  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
10:41:25.0064 0x1f94  dot3svc - ok
10:41:25.0096 0x1f94  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS            C:\WINDOWS\system32\dps.dll
10:41:25.0111 0x1f94  DPS - ok
10:41:25.0158 0x1f94  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud        C:\WINDOWS\system32\DRIVERS\drmkaud.sys
10:41:25.0205 0x1f94  drmkaud - ok
10:41:25.0236 0x1f94  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
10:41:25.0268 0x1f94  DsmSvc - ok
10:41:25.0299 0x1f94  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc          C:\WINDOWS\System32\DsSvc.dll
10:41:25.0330 0x1f94  DsSvc - ok
10:41:25.0424 0x1f94  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:41:25.0486 0x1f94  DXGKrnl - ok
10:41:25.0549 0x1f94  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost        C:\WINDOWS\System32\eapsvc.dll
10:41:25.0596 0x1f94  EapHost - ok
10:41:25.0736 0x1f94  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
10:41:25.0846 0x1f94  ebdrv - ok
10:41:25.0893 0x1f94  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS            C:\WINDOWS\System32\lsass.exe
10:41:25.0924 0x1f94  EFS - ok
10:41:25.0971 0x1f94  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
10:41:25.0986 0x1f94  EhStorClass - ok
10:41:26.0002 0x1f94  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
10:41:26.0018 0x1f94  EhStorTcgDrv - ok
10:41:26.0080 0x1f94  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
10:41:26.0127 0x1f94  embeddedmode - ok
10:41:26.0174 0x1f94  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc      C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
10:41:26.0189 0x1f94  EntAppSvc - ok
10:41:26.0205 0x1f94  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
10:41:26.0221 0x1f94  ErrDev - ok
10:41:26.0299 0x1f94  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem    C:\WINDOWS\system32\es.dll
10:41:26.0314 0x1f94  EventSystem - ok
10:41:26.0361 0x1f94  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
10:41:26.0393 0x1f94  exfat - ok
10:41:26.0455 0x1f94  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
10:41:26.0486 0x1f94  fastfat - ok
10:41:26.0533 0x1f94  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax            C:\WINDOWS\system32\fxssvc.exe
10:41:26.0564 0x1f94  Fax - ok
10:41:26.0596 0x1f94  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
10:41:26.0611 0x1f94  fdc - ok
10:41:26.0658 0x1f94  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
10:41:26.0674 0x1f94  fdPHost - ok
10:41:26.0689 0x1f94  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
10:41:26.0705 0x1f94  FDResPub - ok
10:41:26.0721 0x1f94  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
10:41:26.0736 0x1f94  fhsvc - ok
10:41:26.0783 0x1f94  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt      C:\WINDOWS\system32\drivers\filecrypt.sys
10:41:26.0799 0x1f94  FileCrypt - ok
10:41:26.0830 0x1f94  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
10:41:26.0846 0x1f94  FileInfo - ok
10:41:26.0861 0x1f94  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
10:41:26.0877 0x1f94  Filetrace - ok
10:41:26.0893 0x1f94  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
10:41:26.0908 0x1f94  flpydisk - ok
10:41:26.0924 0x1f94  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:41:26.0939 0x1f94  FltMgr - ok
10:41:27.0018 0x1f94  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache      C:\WINDOWS\system32\FntCache.dll
10:41:27.0096 0x1f94  FontCache - ok
10:41:27.0189 0x1f94  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer    C:\WINDOWS\system32\FrameServer.dll
10:41:27.0236 0x1f94  FrameServer - ok
10:41:27.0283 0x1f94  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
10:41:27.0299 0x1f94  FsDepends - ok
10:41:27.0314 0x1f94  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:41:27.0330 0x1f94  Fs_Rec - ok
10:41:27.0346 0x1f94  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:41:27.0377 0x1f94  fvevol - ok
10:41:27.0439 0x1f94  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
10:41:27.0455 0x1f94  gencounter - ok
10:41:27.0486 0x1f94  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
10:41:27.0502 0x1f94  genericusbfn - ok
10:41:27.0518 0x1f94  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
10:41:27.0533 0x1f94  GPIOClx0101 - ok
10:41:27.0596 0x1f94  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
10:41:27.0643 0x1f94  gpsvc - ok
10:41:27.0689 0x1f94  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
10:41:27.0689 0x1f94  GpuEnergyDrv - ok
10:41:27.0799 0x1f94  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:41:27.0799 0x1f94  gupdate - ok
10:41:27.0814 0x1f94  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:41:27.0830 0x1f94  gupdatem - ok
10:41:27.0877 0x1f94  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
10:41:27.0908 0x1f94  HDAudBus - ok
10:41:27.0924 0x1f94  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
10:41:27.0939 0x1f94  HidBatt - ok
10:41:27.0955 0x1f94  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
10:41:27.0971 0x1f94  HidBth - ok
10:41:27.0986 0x1f94  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
10:41:28.0002 0x1f94  hidi2c - ok
10:41:28.0049 0x1f94  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
10:41:28.0064 0x1f94  hidinterrupt - ok
10:41:28.0096 0x1f94  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
10:41:28.0111 0x1f94  HidIr - ok
10:41:28.0158 0x1f94  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv        C:\WINDOWS\system32\hidserv.dll
10:41:28.0174 0x1f94  hidserv - ok
10:41:28.0189 0x1f94  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
10:41:28.0205 0x1f94  HidUsb - ok
10:41:28.0236 0x1f94  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:41:28.0268 0x1f94  HomeGroupListener - ok
10:41:28.0393 0x1f94  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:41:28.0424 0x1f94  HomeGroupProvider - ok
10:41:28.0471 0x1f94  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
10:41:28.0486 0x1f94  HpSAMD - ok
10:41:28.0564 0x1f94  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
10:41:28.0611 0x1f94  HTTP - ok
10:41:28.0674 0x1f94  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
10:41:28.0721 0x1f94  HvHost - ok
10:41:28.0736 0x1f94  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice      C:\WINDOWS\system32\drivers\hvservice.sys
10:41:28.0752 0x1f94  hvservice - ok
10:41:28.0830 0x1f94  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
10:41:28.0846 0x1f94  HWiNFO32 - ok
10:41:28.0877 0x1f94  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
10:41:28.0924 0x1f94  hwpolicy - ok
10:41:28.0955 0x1f94  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
10:41:28.0971 0x1f94  hyperkbd - ok
10:41:28.0986 0x1f94  [ 6A0B9F5662598D229F62CD317292E8F3, AF33D3FFACF72A15EEE37A4998DF0C1F9595B949D1AB4FAFA8AF278DB41E0455 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
10:41:29.0002 0x1f94  HyperVideo - ok
10:41:29.0033 0x1f94  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
10:41:29.0049 0x1f94  i8042prt - ok
10:41:29.0049 0x1f94  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
10:41:29.0064 0x1f94  iagpio - ok
10:41:29.0080 0x1f94  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c          C:\WINDOWS\System32\drivers\iai2c.sys
10:41:29.0096 0x1f94  iai2c - ok
10:41:29.0111 0x1f94  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
10:41:29.0127 0x1f94  iaLPSS2i_GPIO2 - ok
10:41:29.0143 0x1f94  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
10:41:29.0158 0x1f94  iaLPSS2i_I2C - ok
10:41:29.0174 0x1f94  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
10:41:29.0174 0x1f94  iaLPSSi_GPIO - ok
10:41:29.0205 0x1f94  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
10:41:29.0221 0x1f94  iaLPSSi_I2C - ok
10:41:29.0252 0x1f94  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
10:41:29.0283 0x1f94  iaStorAV - ok
10:41:29.0299 0x1f94  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
10:41:29.0330 0x1f94  iaStorV - ok
10:41:29.0361 0x1f94  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus          C:\WINDOWS\System32\drivers\ibbus.sys
10:41:29.0377 0x1f94  ibbus - ok
10:41:29.0439 0x1f94  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
10:41:29.0471 0x1f94  icssvc - ok
10:41:29.0518 0x1f94  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
10:41:29.0564 0x1f94  IKEEXT - ok
10:41:29.0658 0x1f94  IMFFilter - ok
10:41:29.0689 0x1f94  IMFservice - ok
10:41:29.0736 0x1f94  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd    C:\WINDOWS\System32\drivers\IndirectKmd.sys
10:41:29.0768 0x1f94  IndirectKmd - ok
10:41:29.0814 0x1f94  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
10:41:29.0846 0x1f94  intelide - ok
10:41:29.0877 0x1f94  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
10:41:29.0893 0x1f94  intelpep - ok
10:41:29.0924 0x1f94  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
10:41:29.0939 0x1f94  intelppm - ok
10:41:29.0971 0x1f94  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
10:41:29.0971 0x1f94  iorate - ok
10:41:30.0018 0x1f94  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:41:30.0033 0x1f94  IpFilterDriver - ok
10:41:30.0096 0x1f94  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
10:41:30.0143 0x1f94  iphlpsvc - ok
10:41:30.0158 0x1f94  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
10:41:30.0174 0x1f94  IPMIDRV - ok
10:41:30.0189 0x1f94  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
10:41:30.0205 0x1f94  IPNAT - ok
10:41:30.0236 0x1f94  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
10:41:30.0252 0x1f94  irda - ok
10:41:30.0283 0x1f94  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
10:41:30.0299 0x1f94  IRENUM - ok
10:41:30.0346 0x1f94  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon          C:\WINDOWS\System32\irmon.dll
10:41:30.0361 0x1f94  irmon - ok
10:41:30.0393 0x1f94  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
10:41:30.0408 0x1f94  isapnp - ok
10:41:30.0424 0x1f94  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
10:41:30.0439 0x1f94  iScsiPrt - ok
10:41:30.0471 0x1f94  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
10:41:30.0471 0x1f94  kbdclass - ok
10:41:30.0486 0x1f94  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
10:41:30.0502 0x1f94  kbdhid - ok
10:41:30.0518 0x1f94  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic          C:\WINDOWS\System32\drivers\kdnic.sys
10:41:30.0533 0x1f94  kdnic - ok
10:41:30.0549 0x1f94  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
10:41:30.0564 0x1f94  KeyIso - ok
10:41:30.0611 0x1f94  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
10:41:30.0627 0x1f94  KSecDD - ok
10:41:30.0643 0x1f94  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:41:30.0658 0x1f94  KSecPkg - ok
10:41:30.0658 0x1f94  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
10:41:30.0689 0x1f94  ksthunk - ok
10:41:30.0752 0x1f94  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
10:41:30.0783 0x1f94  KtmRm - ok
10:41:30.0799 0x1f94  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
10:41:30.0830 0x1f94  LanmanServer - ok
10:41:30.0893 0x1f94  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:41:30.0924 0x1f94  LanmanWorkstation - ok
10:41:30.0971 0x1f94  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc          C:\WINDOWS\System32\lfsvc.dll
10:41:31.0002 0x1f94  lfsvc - ok
10:41:31.0064 0x1f94  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
10:41:31.0080 0x1f94  LicenseManager - ok
10:41:31.0080 0x1f94  LiveUpdateSvc - ok
10:41:31.0127 0x1f94  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
10:41:31.0143 0x1f94  lltdio - ok
10:41:31.0174 0x1f94  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
10:41:31.0189 0x1f94  lltdsvc - ok
10:41:31.0221 0x1f94  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
10:41:31.0236 0x1f94  lmhosts - ok
10:41:31.0283 0x1f94  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
10:41:31.0283 0x1f94  LSI_SAS - ok
10:41:31.0299 0x1f94  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i      C:\WINDOWS\system32\drivers\lsi_sas2i.sys
10:41:31.0314 0x1f94  LSI_SAS2i - ok
10:41:31.0330 0x1f94  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i      C:\WINDOWS\system32\drivers\lsi_sas3i.sys
10:41:31.0346 0x1f94  LSI_SAS3i - ok
10:41:31.0361 0x1f94  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
10:41:31.0377 0x1f94  LSI_SSS - ok
10:41:31.0439 0x1f94  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM            C:\WINDOWS\System32\lsm.dll
10:41:31.0486 0x1f94  LSM - ok
10:41:31.0502 0x1f94  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
10:41:31.0533 0x1f94  luafv - ok
10:41:31.0564 0x1f94  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\WINDOWS\System32\moshost.dll
10:41:31.0580 0x1f94  MapsBroker - ok
10:41:31.0627 0x1f94  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
10:41:31.0643 0x1f94  megasas - ok
10:41:31.0658 0x1f94  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i      C:\WINDOWS\system32\drivers\MegaSas2i.sys
10:41:31.0674 0x1f94  megasas2i - ok
10:41:31.0705 0x1f94  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
10:41:31.0736 0x1f94  megasr - ok
10:41:31.0783 0x1f94  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
10:41:31.0830 0x1f94  MessagingService - ok
10:41:31.0893 0x1f94  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
10:41:31.0924 0x1f94  mlx4_bus - ok
10:41:31.0955 0x1f94  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS          C:\WINDOWS\system32\drivers\mmcss.sys
10:41:31.0971 0x1f94  MMCSS - ok
10:41:32.0018 0x1f94  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem          C:\WINDOWS\system32\drivers\modem.sys
10:41:32.0018 0x1f94  Modem - ok
10:41:32.0033 0x1f94  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
10:41:32.0049 0x1f94  monitor - ok
10:41:32.0096 0x1f94  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
10:41:32.0096 0x1f94  mouclass - ok
10:41:32.0111 0x1f94  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
10:41:32.0127 0x1f94  mouhid - ok
10:41:32.0143 0x1f94  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
10:41:32.0158 0x1f94  mountmgr - ok

Troja90 11.02.2017 11:24
Code:
10:41:32.0252 0x1f94  [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:41:32.0268 0x1f94  MozillaMaintenance - ok
10:41:32.0299 0x1f94  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
10:41:32.0314 0x1f94  mpsdrv - ok
10:41:32.0377 0x1f94  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
10:41:32.0424 0x1f94  MpsSvc - ok
10:41:32.0471 0x1f94  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
10:41:32.0502 0x1f94  MRxDAV - ok
10:41:32.0549 0x1f94  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:41:32.0564 0x1f94  mrxsmb - ok
10:41:32.0611 0x1f94  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:41:32.0627 0x1f94  mrxsmb10 - ok
10:41:32.0643 0x1f94  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:41:32.0658 0x1f94  mrxsmb20 - ok
10:41:32.0674 0x1f94  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
10:41:32.0705 0x1f94  MsBridge - ok
10:41:32.0736 0x1f94  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC          C:\WINDOWS\System32\msdtc.exe
10:41:32.0752 0x1f94  MSDTC - ok
10:41:32.0799 0x1f94  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:41:32.0814 0x1f94  Msfs - ok
10:41:32.0846 0x1f94  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
10:41:32.0861 0x1f94  msgpiowin32 - ok
10:41:32.0877 0x1f94  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:41:32.0893 0x1f94  mshidkmdf - ok
10:41:32.0924 0x1f94  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
10:41:32.0939 0x1f94  mshidumdf - ok
10:41:32.0939 0x1f94  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
10:41:32.0955 0x1f94  msisadrv - ok
10:41:32.0986 0x1f94  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
10:41:33.0018 0x1f94  MSiSCSI - ok
10:41:33.0018 0x1f94  msiserver - ok
10:41:33.0033 0x1f94  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV        C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
10:41:33.0064 0x1f94  MSKSSRV - ok
10:41:33.0080 0x1f94  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
10:41:33.0096 0x1f94  MsLldp - ok
10:41:33.0143 0x1f94  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
10:41:33.0158 0x1f94  MSPCLOCK - ok
10:41:33.0174 0x1f94  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM          C:\WINDOWS\system32\DRIVERS\MSPQM.sys
10:41:33.0189 0x1f94  MSPQM - ok
10:41:33.0221 0x1f94  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
10:41:33.0252 0x1f94  MsRPC - ok
10:41:33.0268 0x1f94  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
10:41:33.0283 0x1f94  MsSecFlt - ok
10:41:33.0299 0x1f94  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
10:41:33.0314 0x1f94  mssmbios - ok
10:41:33.0330 0x1f94  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE          C:\WINDOWS\system32\DRIVERS\MSTEE.sys
10:41:33.0346 0x1f94  MSTEE - ok
10:41:33.0377 0x1f94  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
10:41:33.0377 0x1f94  MTConfig - ok
10:41:33.0408 0x1f94  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
10:41:33.0424 0x1f94  Mup - ok
10:41:33.0455 0x1f94  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
10:41:33.0455 0x1f94  mvumis - ok
10:41:33.0518 0x1f94  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:41:33.0549 0x1f94  NativeWifiP - ok
10:41:33.0580 0x1f94  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
10:41:33.0611 0x1f94  NcaSvc - ok
10:41:33.0658 0x1f94  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
10:41:33.0674 0x1f94  NcbService - ok
10:41:33.0689 0x1f94  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
10:41:33.0721 0x1f94  NcdAutoSetup - ok
10:41:33.0752 0x1f94  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
10:41:33.0768 0x1f94  ndfltr - ok
10:41:33.0814 0x1f94  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
10:41:33.0861 0x1f94  NDIS - ok
10:41:33.0893 0x1f94  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap        C:\WINDOWS\system32\drivers\ndiscap.sys
10:41:33.0908 0x1f94  NdisCap - ok
10:41:33.0955 0x1f94  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
10:41:33.0971 0x1f94  NdisImPlatform - ok
10:41:33.0986 0x1f94  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:41:34.0002 0x1f94  NdisTapi - ok
10:41:34.0049 0x1f94  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio        C:\WINDOWS\system32\drivers\ndisuio.sys
10:41:34.0096 0x1f94  Ndisuio - ok
10:41:34.0127 0x1f94  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
10:41:34.0127 0x1f94  NdisVirtualBus - ok
10:41:34.0158 0x1f94  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan        C:\WINDOWS\System32\drivers\ndiswan.sys
10:41:34.0174 0x1f94  NdisWan - ok
10:41:34.0189 0x1f94  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:41:34.0221 0x1f94  ndiswanlegacy - ok
10:41:34.0236 0x1f94  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy        C:\WINDOWS\system32\DRIVERS\NDProxy.sys
10:41:34.0252 0x1f94  ndproxy - ok
10:41:34.0268 0x1f94  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
10:41:34.0299 0x1f94  Ndu - ok
10:41:34.0314 0x1f94  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
10:41:34.0330 0x1f94  NetAdapterCx - ok
10:41:34.0346 0x1f94  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS        C:\WINDOWS\system32\drivers\netbios.sys
10:41:34.0346 0x1f94  NetBIOS - ok
10:41:34.0393 0x1f94  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
10:41:34.0424 0x1f94  NetBT - ok
10:41:34.0439 0x1f94  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:41:34.0455 0x1f94  Netlogon - ok
10:41:34.0502 0x1f94  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
10:41:34.0533 0x1f94  Netman - ok
10:41:34.0580 0x1f94  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
10:41:34.0611 0x1f94  netprofm - ok
10:41:34.0627 0x1f94  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc    C:\WINDOWS\System32\NetSetupSvc.dll
10:41:34.0658 0x1f94  NetSetupSvc - ok
10:41:34.0752 0x1f94  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:41:34.0783 0x1f94  NetTcpPortSharing - ok
10:41:34.0830 0x1f94  [ 6138F9D9B03DCC28E93220809B28F964, E22517EE0EF41DA05DA5962F137AE1CDC266F4E0F243DE598CBB91F507E17195 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
10:41:34.0846 0x1f94  netvsc - ok
10:41:34.0877 0x1f94  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
10:41:34.0908 0x1f94  NgcCtnrSvc - ok
10:41:34.0939 0x1f94  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
10:41:34.0986 0x1f94  NgcSvc - ok
10:41:35.0018 0x1f94  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
10:41:35.0049 0x1f94  NlaSvc - ok
10:41:35.0096 0x1f94  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:41:35.0111 0x1f94  Npfs - ok
10:41:35.0111 0x1f94  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
10:41:35.0127 0x1f94  npsvctrig - ok
10:41:35.0189 0x1f94  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi            C:\WINDOWS\system32\nsisvc.dll
10:41:35.0205 0x1f94  nsi - ok
10:41:35.0236 0x1f94  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
10:41:35.0252 0x1f94  nsiproxy - ok
10:41:35.0330 0x1f94  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
10:41:35.0408 0x1f94  NTFS - ok
10:41:35.0439 0x1f94  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:41:35.0455 0x1f94  Null - ok
10:41:35.0471 0x1f94  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\WINDOWS\system32\drivers\nusb3hub.sys
10:41:35.0486 0x1f94  nusb3hub - detected UnsignedFile.Multi.Generic ( 1 )
10:41:35.0486 0x1f94  nusb3hub ( UnsignedFile.Multi.Generic ) - warning
10:41:35.0549 0x1f94  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\WINDOWS\system32\drivers\nusb3xhc.sys
10:41:35.0564 0x1f94  nusb3xhc - detected UnsignedFile.Multi.Generic ( 1 )
10:41:35.0564 0x1f94  nusb3xhc ( UnsignedFile.Multi.Generic ) - warning
10:41:35.0611 0x1f94  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
10:41:35.0627 0x1f94  nvraid - ok
10:41:35.0643 0x1f94  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
10:41:35.0658 0x1f94  nvstor - ok
10:41:35.0705 0x1f94  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
10:41:35.0721 0x1f94  OneSyncSvc - ok
10:41:35.0783 0x1f94  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:41:35.0799 0x1f94  ose - ok
10:41:36.0018 0x1f94  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:41:36.0143 0x1f94  osppsvc - ok
10:41:36.0205 0x1f94  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
10:41:36.0236 0x1f94  p2pimsvc - ok
10:41:36.0283 0x1f94  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
10:41:36.0299 0x1f94  p2psvc - ok
10:41:36.0330 0x1f94  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport        C:\WINDOWS\System32\drivers\parport.sys
10:41:36.0346 0x1f94  Parport - ok
10:41:36.0393 0x1f94  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys
10:41:36.0424 0x1f94  partmgr - ok
10:41:36.0471 0x1f94  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
10:41:36.0502 0x1f94  PcaSvc - ok
10:41:36.0533 0x1f94  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci            C:\WINDOWS\system32\drivers\pci.sys
10:41:36.0564 0x1f94  pci - ok
10:41:36.0596 0x1f94  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
10:41:36.0596 0x1f94  pciide - ok
10:41:36.0611 0x1f94  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
10:41:36.0627 0x1f94  pcmcia - ok
10:41:36.0643 0x1f94  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
10:41:36.0658 0x1f94  pcw - ok
10:41:36.0674 0x1f94  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
10:41:36.0689 0x1f94  pdc - ok
10:41:36.0736 0x1f94  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
10:41:36.0783 0x1f94  PEAUTH - ok
10:41:36.0877 0x1f94  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc    C:\WINDOWS\system32\peerdistsvc.dll
10:41:36.0955 0x1f94  PeerDistSvc - ok
10:41:37.0002 0x1f94  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i      C:\WINDOWS\system32\drivers\percsas2i.sys
10:41:37.0018 0x1f94  percsas2i - ok
10:41:37.0033 0x1f94  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i      C:\WINDOWS\system32\drivers\percsas3i.sys
10:41:37.0049 0x1f94  percsas3i - ok
10:41:37.0143 0x1f94  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
10:41:37.0174 0x1f94  PerfHost - ok
10:41:37.0330 0x1f94  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
10:41:37.0377 0x1f94  PhoneSvc - ok
10:41:37.0408 0x1f94  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
10:41:37.0439 0x1f94  PimIndexMaintenanceSvc - ok
10:41:37.0486 0x1f94  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla            C:\WINDOWS\system32\pla.dll
10:41:37.0549 0x1f94  pla - ok
10:41:37.0611 0x1f94  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
10:41:37.0627 0x1f94  PlugPlay - ok
10:41:37.0658 0x1f94  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
10:41:37.0674 0x1f94  PNRPAutoReg - ok
10:41:37.0705 0x1f94  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
10:41:37.0736 0x1f94  PNRPsvc - ok
10:41:37.0768 0x1f94  [ 4C2985DAAF5859A670AE2AF478AF58C6, 3B62D04255FC9C9D46B76B740D9DEFB6F382ADB1C5D27948FABDE71E9F7CA768 ] Point64        C:\WINDOWS\System32\drivers\point64.sys
10:41:37.0768 0x1f94  Point64 - ok
10:41:37.0814 0x1f94  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
10:41:37.0846 0x1f94  PolicyAgent - ok
10:41:37.0877 0x1f94  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power          C:\WINDOWS\system32\umpo.dll
10:41:37.0893 0x1f94  Power - ok
10:41:37.0924 0x1f94  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
10:41:37.0939 0x1f94  PptpMiniport - ok
10:41:38.0127 0x1f94  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify    C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
10:41:38.0252 0x1f94  PrintNotify - ok
10:41:38.0299 0x1f94  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor      C:\WINDOWS\System32\drivers\processr.sys
10:41:38.0314 0x1f94  Processor - ok
10:41:38.0346 0x1f94  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
10:41:38.0361 0x1f94  ProfSvc - ok
10:41:38.0377 0x1f94  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
10:41:38.0393 0x1f94  Psched - ok
10:41:38.0439 0x1f94  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI            C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys
10:41:38.0439 0x1f94  PSI - ok
10:41:38.0518 0x1f94  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE          C:\WINDOWS\system32\qwave.dll
10:41:38.0533 0x1f94  QWAVE - ok
10:41:38.0580 0x1f94  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
10:41:38.0596 0x1f94  QWAVEdrv - ok
10:41:38.0627 0x1f94  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:41:38.0643 0x1f94  RasAcd - ok
10:41:38.0674 0x1f94  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn    C:\WINDOWS\System32\drivers\AgileVpn.sys
10:41:38.0689 0x1f94  RasAgileVpn - ok
10:41:38.0752 0x1f94  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
10:41:38.0768 0x1f94  RasAuto - ok
10:41:38.0783 0x1f94  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp        C:\WINDOWS\System32\drivers\rasl2tp.sys
10:41:38.0799 0x1f94  Rasl2tp - ok
10:41:38.0861 0x1f94  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:41:38.0893 0x1f94  RasMan - ok
10:41:38.0908 0x1f94  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
10:41:38.0939 0x1f94  RasPppoe - ok
10:41:38.0939 0x1f94  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp        C:\WINDOWS\System32\drivers\rassstp.sys
10:41:38.0971 0x1f94  RasSstp - ok
10:41:39.0002 0x1f94  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:41:39.0018 0x1f94  rdbss - ok
10:41:39.0064 0x1f94  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
10:41:39.0080 0x1f94  rdpbus - ok
10:41:39.0096 0x1f94  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
10:41:39.0111 0x1f94  RDPDR - ok
10:41:39.0158 0x1f94  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:41:39.0189 0x1f94  RdpVideoMiniport - ok
10:41:39.0221 0x1f94  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
10:41:39.0236 0x1f94  rdyboost - ok
10:41:39.0283 0x1f94  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
10:41:39.0330 0x1f94  ReFSv1 - ok
10:41:39.0471 0x1f94  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter      C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
10:41:39.0502 0x1f94  RegFilter - ok
10:41:39.0596 0x1f94  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:41:39.0643 0x1f94  RemoteAccess - ok
10:41:39.0674 0x1f94  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:41:39.0705 0x1f94  RemoteRegistry - ok
10:41:39.0752 0x1f94  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
10:41:39.0783 0x1f94  RetailDemo - ok
10:41:39.0814 0x1f94  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc          C:\WINDOWS\System32\RMapi.dll
10:41:39.0830 0x1f94  RmSvc - ok
10:41:39.0846 0x1f94  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
10:41:39.0861 0x1f94  RpcEptMapper - ok
10:41:39.0908 0x1f94  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:41:39.0924 0x1f94  RpcLocator - ok
10:41:40.0002 0x1f94  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
10:41:40.0049 0x1f94  RpcSs - ok
10:41:40.0096 0x1f94  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
10:41:40.0111 0x1f94  rspndr - ok
10:41:40.0236 0x1f94  [ 39FC08BE0FBCBF40A67C22FFB671A96F, B9B942A0AEF03E4E9D4A61C9F042CDC97BAD98912369CD0E0D8B0FFC08D124A3 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
10:41:40.0268 0x1f94  rt640x64 - ok
10:41:40.0299 0x1f94  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
10:41:40.0314 0x1f94  s3cap - ok
10:41:40.0346 0x1f94  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs          C:\WINDOWS\system32\lsass.exe
10:41:40.0361 0x1f94  SamSs - ok
10:41:40.0408 0x1f94  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
10:41:40.0408 0x1f94  sbp2port - ok
10:41:40.0471 0x1f94  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
10:41:40.0502 0x1f94  SCardSvr - ok
10:41:40.0549 0x1f94  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
10:41:40.0580 0x1f94  ScDeviceEnum - ok
10:41:40.0627 0x1f94  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:41:40.0643 0x1f94  scfilter - ok
10:41:40.0674 0x1f94  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:41:40.0721 0x1f94  Schedule - ok
10:41:40.0768 0x1f94  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
10:41:40.0783 0x1f94  scmbus - ok
10:41:40.0799 0x1f94  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101    C:\WINDOWS\System32\drivers\scmdisk0101.sys
10:41:40.0814 0x1f94  scmdisk0101 - ok
10:41:40.0846 0x1f94  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
10:41:40.0861 0x1f94  SCPolicySvc - ok
10:41:40.0893 0x1f94  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
10:41:40.0908 0x1f94  sdbus - ok
10:41:40.0971 0x1f94  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
10:41:41.0002 0x1f94  SDRSVC - ok
10:41:41.0033 0x1f94  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
10:41:41.0049 0x1f94  sdstor - ok
10:41:41.0064 0x1f94  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
10:41:41.0080 0x1f94  seclogon - ok
10:41:41.0189 0x1f94  [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
10:41:41.0236 0x1f94  Secunia PSI Agent - ok
10:41:41.0283 0x1f94  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
10:41:41.0314 0x1f94  SENS - ok
10:41:41.0314 0x1f94  Sense - ok
10:41:41.0393 0x1f94  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
10:41:41.0455 0x1f94  SensorDataService - ok
10:41:41.0518 0x1f94  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService  C:\WINDOWS\system32\SensorService.dll
10:41:41.0564 0x1f94  SensorService - ok
10:41:41.0596 0x1f94  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
10:41:41.0627 0x1f94  SensrSvc - ok
10:41:41.0643 0x1f94  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
10:41:41.0658 0x1f94  SerCx - ok
10:41:41.0689 0x1f94  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
10:41:41.0705 0x1f94  SerCx2 - ok
10:41:41.0721 0x1f94  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
10:41:41.0736 0x1f94  Serenum - ok
10:41:41.0768 0x1f94  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
10:41:41.0783 0x1f94  Serial - ok
10:41:41.0783 0x1f94  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
10:41:41.0799 0x1f94  sermouse - ok
10:41:41.0846 0x1f94  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
10:41:41.0877 0x1f94  SessionEnv - ok
10:41:41.0924 0x1f94  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
10:41:41.0939 0x1f94  sfloppy - ok
10:41:41.0939 0x1f94  sgbupt - ok
10:41:41.0986 0x1f94  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:41:42.0018 0x1f94  SharedAccess - ok
10:41:42.0127 0x1f94  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:41:42.0174 0x1f94  ShellHWDetection - ok
10:41:42.0221 0x1f94  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
10:41:42.0236 0x1f94  shpamsvc - ok
10:41:42.0268 0x1f94  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:41:42.0268 0x1f94  SiSRaid2 - ok
10:41:42.0299 0x1f94  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
10:41:42.0314 0x1f94  SiSRaid4 - ok
10:41:42.0346 0x1f94  [ 306EE29C824E85BB28D4579B23EFA55A, 0F60C3625482410EE0F5C7FE08E116B97BDE2ACB4C594A57276F4DB2A628A7EB ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
10:41:42.0361 0x1f94  SmartDefragDriver - ok
10:41:42.0408 0x1f94  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost        C:\WINDOWS\System32\smphost.dll
10:41:42.0424 0x1f94  smphost - ok
10:41:42.0471 0x1f94  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter      C:\WINDOWS\system32\SmsRouterSvc.dll
10:41:42.0502 0x1f94  SmsRouter - ok
10:41:42.0549 0x1f94  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
10:41:42.0564 0x1f94  SNMPTRAP - ok
10:41:42.0643 0x1f94  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
10:41:42.0674 0x1f94  spaceport - ok
10:41:42.0689 0x1f94  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
10:41:42.0705 0x1f94  SpbCx - ok
10:41:42.0752 0x1f94  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler        C:\WINDOWS\System32\spoolsv.exe
10:41:42.0783 0x1f94  Spooler - ok
10:41:42.0986 0x1f94  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
10:41:43.0158 0x1f94  sppsvc - ok
10:41:43.0205 0x1f94  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
10:41:43.0221 0x1f94  srv - ok
10:41:43.0283 0x1f94  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
10:41:43.0314 0x1f94  srv2 - ok
10:41:43.0361 0x1f94  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:41:43.0393 0x1f94  srvnet - ok
10:41:43.0424 0x1f94  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
10:41:43.0455 0x1f94  SSDPSRV - ok
10:41:43.0502 0x1f94  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
10:41:43.0533 0x1f94  SstpSvc - ok
10:41:43.0564 0x1f94  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
10:41:43.0580 0x1f94  ssudmdm - ok
10:41:43.0799 0x1f94  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
10:41:43.0939 0x1f94  StateRepository - ok
10:41:43.0986 0x1f94  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
10:41:43.0986 0x1f94  stexstor - ok
10:41:44.0064 0x1f94  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
10:41:44.0096 0x1f94  stisvc - ok
10:41:44.0111 0x1f94  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
10:41:44.0127 0x1f94  storahci - ok
10:41:44.0158 0x1f94  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt        C:\WINDOWS\system32\drivers\vmstorfl.sys
10:41:44.0174 0x1f94  storflt - ok
10:41:44.0189 0x1f94  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
10:41:44.0189 0x1f94  stornvme - ok
10:41:44.0221 0x1f94  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
10:41:44.0236 0x1f94  storqosflt - ok
10:41:44.0299 0x1f94  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc        C:\WINDOWS\system32\storsvc.dll
10:41:44.0346 0x1f94  StorSvc - ok
10:41:44.0377 0x1f94  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs        C:\WINDOWS\system32\drivers\storufs.sys
10:41:44.0393 0x1f94  storufs - ok
10:41:44.0408 0x1f94  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
10:41:44.0408 0x1f94  storvsc - ok
10:41:44.0439 0x1f94  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc          C:\WINDOWS\system32\svsvc.dll
10:41:44.0471 0x1f94  svsvc - ok
10:41:44.0471 0x1f94  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
10:41:44.0486 0x1f94  swenum - ok
10:41:44.0518 0x1f94  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv          C:\WINDOWS\System32\swprv.dll
10:41:44.0549 0x1f94  swprv - ok
10:41:44.0611 0x1f94  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
10:41:44.0627 0x1f94  Synth3dVsc - ok
10:41:44.0689 0x1f94  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain        C:\WINDOWS\system32\sysmain.dll
10:41:44.0736 0x1f94  SysMain - ok
10:41:44.0799 0x1f94  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
10:41:44.0830 0x1f94  SystemEventsBroker - ok
10:41:44.0861 0x1f94  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:41:44.0893 0x1f94  TabletInputService - ok
10:41:44.0908 0x1f94  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
10:41:44.0939 0x1f94  TapiSrv - ok
10:41:45.0033 0x1f94  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
10:41:45.0111 0x1f94  Tcpip - ok
10:41:45.0174 0x1f94  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
10:41:45.0252 0x1f94  Tcpip6 - ok
10:41:45.0283 0x1f94  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
10:41:45.0299 0x1f94  tcpipreg - ok
10:41:45.0330 0x1f94  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
10:41:45.0346 0x1f94  tdx - ok
10:41:45.0361 0x1f94  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
10:41:45.0377 0x1f94  terminpt - ok
10:41:45.0439 0x1f94  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService    C:\WINDOWS\System32\termsrv.dll
10:41:45.0486 0x1f94  TermService - ok
10:41:45.0533 0x1f94  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
10:41:45.0564 0x1f94  Themes - ok
10:41:45.0611 0x1f94  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
10:41:45.0643 0x1f94  TieringEngineService - ok
10:41:45.0689 0x1f94  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
10:41:45.0721 0x1f94  tiledatamodelsvc - ok
10:41:45.0752 0x1f94  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc  C:\WINDOWS\System32\TimeBrokerServer.dll
10:41:45.0768 0x1f94  TimeBrokerSvc - ok
10:41:45.0877 0x1f94  [ 506B0B498216371D64ABB69145B70E4C, 94FE0E8A61C506FBA45D14571A14DC259E1D52778CEF8366CE8CBDCD871E28DB ] tor            C:\Program Files (x86)\Tor\tor.exe
10:41:45.0986 0x1f94  tor - detected UnsignedFile.Multi.Generic ( 1 )
10:41:45.0986 0x1f94  tor ( UnsignedFile.Multi.Generic ) - warning
10:41:46.0080 0x1f94  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM            C:\WINDOWS\System32\drivers\tpm.sys
10:41:46.0111 0x1f94  TPM - ok
10:41:46.0143 0x1f94  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
10:41:46.0174 0x1f94  TrkWks - ok
10:41:46.0221 0x1f94  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:41:46.0236 0x1f94  TrustedInstaller - ok
10:41:46.0252 0x1f94  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
10:41:46.0268 0x1f94  tsusbflt - ok
10:41:46.0314 0x1f94  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
10:41:46.0314 0x1f94  TsUsbGD - ok
10:41:46.0330 0x1f94  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\System32\drivers\tsusbhub.sys
10:41:46.0346 0x1f94  tsusbhub - ok
10:41:46.0393 0x1f94  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
10:41:46.0408 0x1f94  tunnel - ok
10:41:46.0471 0x1f94  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
10:41:46.0486 0x1f94  tzautoupdate - ok
10:41:46.0518 0x1f94  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
10:41:46.0533 0x1f94  UASPStor - ok
10:41:46.0564 0x1f94  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101      C:\WINDOWS\system32\Drivers\UcmCx.sys
10:41:46.0580 0x1f94  UcmCx0101 - ok
10:41:46.0596 0x1f94  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
10:41:46.0611 0x1f94  UcmTcpciCx0101 - ok
10:41:46.0611 0x1f94  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi        C:\WINDOWS\System32\drivers\UcmUcsi.sys
10:41:46.0627 0x1f94  UcmUcsi - ok
10:41:46.0658 0x1f94  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
10:41:46.0674 0x1f94  Ucx01000 - ok
10:41:46.0689 0x1f94  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx          C:\WINDOWS\system32\drivers\udecx.sys
10:41:46.0705 0x1f94  UdeCx - ok
10:41:46.0721 0x1f94  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
10:41:46.0752 0x1f94  udfs - ok
10:41:46.0768 0x1f94  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
10:41:46.0783 0x1f94  UEFI - ok
10:41:46.0799 0x1f94  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
10:41:46.0814 0x1f94  UevAgentDriver - ok
10:41:46.0877 0x1f94  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
10:41:46.0924 0x1f94  UevAgentService - ok
10:41:46.0971 0x1f94  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
10:41:46.0986 0x1f94  Ufx01000 - ok
10:41:47.0018 0x1f94  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea    C:\WINDOWS\System32\drivers\UfxChipidea.sys
10:41:47.0033 0x1f94  UfxChipidea - ok
10:41:47.0080 0x1f94  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys    C:\WINDOWS\System32\drivers\ufxsynopsys.sys
10:41:47.0080 0x1f94  ufxsynopsys - ok
10:41:47.0127 0x1f94  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
10:41:47.0143 0x1f94  UI0Detect - ok
10:41:47.0158 0x1f94  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
10:41:47.0174 0x1f94  umbus - ok
10:41:47.0189 0x1f94  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
10:41:47.0205 0x1f94  UmPass - ok
10:41:47.0252 0x1f94  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
10:41:47.0268 0x1f94  UmRdpService - ok
10:41:47.0346 0x1f94  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc    C:\WINDOWS\System32\unistore.dll
10:41:47.0393 0x1f94  UnistoreSvc - ok
10:41:47.0549 0x1f94  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:41:47.0580 0x1f94  upnphost - ok
10:41:47.0611 0x1f94  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea    C:\WINDOWS\System32\drivers\urschipidea.sys
10:41:47.0627 0x1f94  UrsChipidea - ok
10:41:47.0643 0x1f94  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
10:41:47.0658 0x1f94  UrsCx01000 - ok
10:41:47.0658 0x1f94  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys    C:\WINDOWS\System32\drivers\urssynopsys.sys
10:41:47.0674 0x1f94  UrsSynopsys - ok
10:41:47.0705 0x1f94  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64      C:\WINDOWS\system32\Drivers\usbaapl64.sys
10:41:47.0721 0x1f94  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
10:41:47.0721 0x1f94  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
10:41:47.0768 0x1f94  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys
10:41:47.0799 0x1f94  usbccgp - ok
10:41:47.0846 0x1f94  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
10:41:47.0861 0x1f94  usbcir - ok
10:41:47.0893 0x1f94  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
10:41:47.0908 0x1f94  usbehci - ok
10:41:47.0939 0x1f94  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
10:41:47.0971 0x1f94  usbhub - ok
10:41:48.0002 0x1f94  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
10:41:48.0018 0x1f94  USBHUB3 - ok
10:41:48.0049 0x1f94  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
10:41:48.0064 0x1f94  usbohci - ok
10:41:48.0096 0x1f94  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
10:41:48.0111 0x1f94  usbprint - ok
10:41:48.0127 0x1f94  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
10:41:48.0143 0x1f94  usbser - ok
10:41:48.0158 0x1f94  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
10:41:48.0174 0x1f94  USBSTOR - ok
10:41:48.0189 0x1f94  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
10:41:48.0205 0x1f94  usbuhci - ok
10:41:48.0221 0x1f94  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
10:41:48.0252 0x1f94  USBXHCI - ok
10:41:48.0361 0x1f94  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc    C:\WINDOWS\System32\userdataservice.dll
10:41:48.0439 0x1f94  UserDataSvc - ok
10:41:48.0486 0x1f94  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager    C:\WINDOWS\System32\usermgr.dll
10:41:48.0533 0x1f94  UserManager - ok
10:41:48.0580 0x1f94  [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc          C:\WINDOWS\system32\usocore.dll
10:41:48.0611 0x1f94  UsoSvc - ok
10:41:48.0627 0x1f94  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
10:41:48.0643 0x1f94  VaultSvc - ok
10:41:48.0658 0x1f94  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
10:41:48.0674 0x1f94  vdrvroot - ok
10:41:48.0721 0x1f94  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds            C:\WINDOWS\System32\vds.exe
10:41:48.0752 0x1f94  vds - ok
10:41:48.0768 0x1f94  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
10:41:48.0783 0x1f94  VerifierExt - ok
10:41:48.0846 0x1f94  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
10:41:48.0877 0x1f94  vhdmp - ok
10:41:48.0908 0x1f94  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf            C:\WINDOWS\System32\drivers\vhf.sys
10:41:48.0924 0x1f94  vhf - ok
10:41:48.0955 0x1f94  [ 1916D8565B95F93D696067C01280937E, 0DA15AE1729F2D0F37A00751871F68F07724B14B07AC3257B2636C7F171FF660 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
10:41:48.0986 0x1f94  VIAHdAudAddService - ok
10:41:49.0018 0x1f94  [ 26F9E6EC387A35B9C0543F10A0E8E798, 7A324A635C8B94D2463E140EF8FD4ECFB3ACAAC7EC5D1C9FCC49BB63F2F56ABD ] VIAKaraokeService C:\WINDOWS\system32\viakaraokesrv.exe
10:41:49.0018 0x1f94  VIAKaraokeService - ok
10:41:49.0049 0x1f94  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
10:41:49.0064 0x1f94  vmbus - ok
10:41:49.0080 0x1f94  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
10:41:49.0080 0x1f94  VMBusHID - ok
10:41:49.0111 0x1f94  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid          C:\WINDOWS\System32\drivers\vmgid.sys
10:41:49.0127 0x1f94  vmgid - ok
10:41:49.0189 0x1f94  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
10:41:49.0205 0x1f94  vmicguestinterface - ok
10:41:49.0221 0x1f94  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat  C:\WINDOWS\System32\icsvc.dll
10:41:49.0236 0x1f94  vmicheartbeat - ok
10:41:49.0252 0x1f94  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
10:41:49.0283 0x1f94  vmickvpexchange - ok
10:41:49.0299 0x1f94  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv        C:\WINDOWS\System32\icsvcext.dll
10:41:49.0330 0x1f94  vmicrdv - ok
10:41:49.0346 0x1f94  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
10:41:49.0361 0x1f94  vmicshutdown - ok
10:41:49.0377 0x1f94  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
10:41:49.0393 0x1f94  vmictimesync - ok
10:41:49.0408 0x1f94  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession  C:\WINDOWS\System32\icsvc.dll
10:41:49.0439 0x1f94  vmicvmsession - ok
10:41:49.0439 0x1f94  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss        C:\WINDOWS\System32\icsvcext.dll
10:41:49.0471 0x1f94  vmicvss - ok
10:41:49.0518 0x1f94  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
10:41:49.0518 0x1f94  volmgr - ok
10:41:49.0549 0x1f94  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
10:41:49.0580 0x1f94  volmgrx - ok
10:41:49.0596 0x1f94  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
10:41:49.0627 0x1f94  volsnap - ok
10:41:49.0643 0x1f94  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
10:41:49.0643 0x1f94  volume - ok
10:41:49.0689 0x1f94  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
10:41:49.0705 0x1f94  vpci - ok
10:41:49.0736 0x1f94  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
10:41:49.0752 0x1f94  vsmraid - ok
10:41:49.0814 0x1f94  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS            C:\WINDOWS\system32\vssvc.exe
10:41:49.0893 0x1f94  VSS - ok
10:41:49.0908 0x1f94  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
10:41:49.0939 0x1f94  VSTXRAID - ok
10:41:49.0971 0x1f94  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
10:41:49.0971 0x1f94  vwifibus - ok
10:41:50.0002 0x1f94  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
10:41:50.0002 0x1f94  vwififlt - ok
10:41:50.0080 0x1f94  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time        C:\WINDOWS\system32\w32time.dll
10:41:50.0111 0x1f94  W32Time - ok
10:41:50.0127 0x1f94  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
10:41:50.0143 0x1f94  WacomPen - ok
10:41:50.0189 0x1f94  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService  C:\WINDOWS\system32\WalletService.dll
10:41:50.0205 0x1f94  WalletService - ok
10:41:50.0252 0x1f94  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:41:50.0268 0x1f94  wanarp - ok
10:41:50.0268 0x1f94  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:41:50.0299 0x1f94  wanarpv6 - ok
10:41:50.0361 0x1f94  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
10:41:50.0424 0x1f94  wbengine - ok
10:41:50.0486 0x1f94  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
10:41:50.0533 0x1f94  WbioSrvc - ok
10:41:50.0564 0x1f94  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs          C:\WINDOWS\system32\drivers\wcifs.sys
10:41:50.0580 0x1f94  wcifs - ok
10:41:50.0627 0x1f94  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
10:41:50.0674 0x1f94  Wcmsvc - ok
10:41:50.0736 0x1f94  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
10:41:50.0752 0x1f94  wcncsvc - ok
10:41:50.0783 0x1f94  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs          C:\WINDOWS\system32\drivers\wcnfs.sys
10:41:50.0783 0x1f94  wcnfs - ok
10:41:50.0814 0x1f94  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
10:41:50.0814 0x1f94  WdBoot - ok
10:41:50.0861 0x1f94  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
10:41:50.0893 0x1f94  Wdf01000 - ok
10:41:50.0924 0x1f94  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
10:41:50.0955 0x1f94  WdFilter - ok
10:41:50.0986 0x1f94  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
10:41:51.0018 0x1f94  WdiServiceHost - ok
10:41:51.0033 0x1f94  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
10:41:51.0064 0x1f94  WdiSystemHost - ok
10:41:51.0096 0x1f94  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi        C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
10:41:51.0127 0x1f94  wdiwifi - ok
10:41:51.0174 0x1f94  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
10:41:51.0189 0x1f94  WdNisDrv - ok
10:41:51.0205 0x1f94  WdNisSvc - ok
10:41:51.0268 0x1f94  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient      C:\WINDOWS\System32\webclnt.dll
10:41:51.0299 0x1f94  WebClient - ok
10:41:51.0314 0x1f94  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
10:41:51.0346 0x1f94  Wecsvc - ok
10:41:51.0361 0x1f94  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
10:41:51.0377 0x1f94  WEPHOSTSVC - ok
10:41:51.0393 0x1f94  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
10:41:51.0408 0x1f94  wercplsupport - ok
10:41:51.0486 0x1f94  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
10:41:51.0518 0x1f94  WerSvc - ok
10:41:51.0533 0x1f94  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS        C:\WINDOWS\system32\drivers\wfplwfs.sys
10:41:51.0549 0x1f94  WFPLWFS - ok
10:41:51.0580 0x1f94  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
10:41:51.0596 0x1f94  WiaRpc - ok
10:41:51.0627 0x1f94  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
10:41:51.0643 0x1f94  WIMMount - ok
10:41:51.0643 0x1f94  WinDefend - ok
10:41:51.0705 0x1f94  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
10:41:51.0721 0x1f94  WindowsTrustedRT - ok
10:41:51.0768 0x1f94  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
10:41:51.0768 0x1f94  WindowsTrustedRTProxy - ok
10:41:51.0814 0x1f94  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
10:41:51.0861 0x1f94  WinHttpAutoProxySvc - ok
10:41:51.0893 0x1f94  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
10:41:51.0908 0x1f94  WinMad - ok
10:41:51.0971 0x1f94  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
10:41:51.0986 0x1f94  Winmgmt - ok
10:41:52.0174 0x1f94  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
10:41:52.0283 0x1f94  WinRM - ok
10:41:52.0330 0x1f94  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
10:41:52.0346 0x1f94  WINUSB - ok
10:41:52.0377 0x1f94  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
10:41:52.0377 0x1f94  WinVerbs - ok
10:41:52.0424 0x1f94  [ 3A627A24EAC6CEC3BA59548AA70BAD6E, C4B908CEB2D6F7F14C635AE02E20B16DAF795073975AE3967627D27E8ABAB015 ] WirelessKeyboardFilter C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys
10:41:52.0424 0x1f94  WirelessKeyboardFilter - ok
10:41:52.0471 0x1f94  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc          C:\WINDOWS\system32\flightsettings.dll
10:41:52.0502 0x1f94  wisvc - ok
10:41:52.0643 0x1f94  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
10:41:52.0752 0x1f94  WlanSvc - ok
10:41:52.0924 0x1f94  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
10:41:53.0002 0x1f94  wlidsvc - ok
10:41:53.0033 0x1f94  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
10:41:53.0049 0x1f94  WmiAcpi - ok
10:41:53.0096 0x1f94  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:41:53.0111 0x1f94  wmiApSrv - ok
10:41:53.0143 0x1f94  WMPNetworkSvc - ok
10:41:53.0158 0x1f94  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
10:41:53.0174 0x1f94  Wof - ok
10:41:53.0283 0x1f94  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
10:41:53.0361 0x1f94  workfolderssvc - ok
10:41:53.0377 0x1f94  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
10:41:53.0393 0x1f94  WPDBusEnum - ok
10:41:53.0424 0x1f94  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
10:41:53.0439 0x1f94  WpdUpFltr - ok
10:41:53.0471 0x1f94  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
10:41:53.0502 0x1f94  WpnService - ok
10:41:53.0564 0x1f94  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
10:41:53.0580 0x1f94  WpnUserService - ok
10:41:53.0643 0x1f94  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:41:53.0658 0x1f94  ws2ifsl - ok
10:41:53.0689 0x1f94  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
10:41:53.0705 0x1f94  wscsvc - ok
10:41:53.0721 0x1f94  WSearch - ok
10:41:53.0830 0x1f94  [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
10:41:53.0924 0x1f94  wuauserv - ok
10:41:53.0955 0x1f94  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
10:41:53.0971 0x1f94  WudfPf - ok
10:41:54.0002 0x1f94  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
10:41:54.0018 0x1f94  WUDFRd - ok
10:41:54.0064 0x1f94  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
10:41:54.0080 0x1f94  wudfsvc - ok
10:41:54.0143 0x1f94  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
10:41:54.0205 0x1f94  WwanSvc - ok
10:41:54.0252 0x1f94  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
10:41:54.0299 0x1f94  XblAuthManager - ok
10:41:54.0377 0x1f94  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave    C:\WINDOWS\System32\XblGameSave.dll
10:41:54.0439 0x1f94  XblGameSave - ok
10:41:54.0471 0x1f94  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip        C:\WINDOWS\System32\drivers\xboxgip.sys
10:41:54.0502 0x1f94  xboxgip - ok
10:41:54.0549 0x1f94  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc  C:\WINDOWS\system32\XboxNetApiSvc.dll
10:41:54.0596 0x1f94  XboxNetApiSvc - ok
10:41:54.0643 0x1f94  [ 7439DCAF71314B1D85E452B3F2E1138A, DAAF67C90C35DC1839CEC6962AD001961EFDE00DDFCDC702882AFA234D71248B ] xhunter1        C:\WINDOWS\xhunter1.sys
10:41:54.0643 0x1f94  xhunter1 - ok
10:41:54.0674 0x1f94  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid      C:\WINDOWS\System32\drivers\xinputhid.sys
10:41:54.0674 0x1f94  xinputhid - ok
10:41:54.0689 0x1f94  ================ Scan global ===============================
10:41:54.0736 0x1f94  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
10:41:54.0768 0x1f94  [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\WINDOWS\system32\winsrv.dll
10:41:54.0814 0x1f94  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
10:41:54.0877 0x1f94  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
10:41:54.0908 0x1f94  [ Global ] - ok
10:41:54.0908 0x1f94  ================ Scan MBR ==================================
10:41:54.0924 0x1f94  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:41:55.0408 0x1f94  \Device\Harddisk0\DR0 - ok
10:41:55.0408 0x1f94  ================ Scan VBR ==================================
10:41:55.0439 0x1f94  [ 1093870764C806551B0BC89A8D226D43 ] \Device\Harddisk0\DR0\Partition1
10:41:55.0439 0x1f94  \Device\Harddisk0\DR0\Partition1 - ok
10:41:55.0455 0x1f94  [ ED8B84697D5104BA7FB09A4A12539F5B ] \Device\Harddisk0\DR0\Partition2
10:41:55.0455 0x1f94  \Device\Harddisk0\DR0\Partition2 - ok
10:41:55.0486 0x1f94  [ CFC2060111B251D866D8DA30D69EA353 ] \Device\Harddisk0\DR0\Partition3
10:41:55.0486 0x1f94  \Device\Harddisk0\DR0\Partition3 - ok
10:41:55.0502 0x1f94  ================ Scan generic autorun ======================
10:41:55.0502 0x1f94  WindowsDefender - ok
10:41:55.0939 0x1f94  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:41:56.0143 0x1f94  OneDriveSetup - ok
10:41:56.0424 0x1f94  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:41:56.0627 0x1f94  OneDriveSetup - ok
10:41:56.0799 0x1f94  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
10:41:56.0814 0x1f94  Dropbox Update - ok
10:41:56.0955 0x1f94  [ 7F3D0BC2FE61C249302E0515989C59E2, 18613B1D861D7289EF050EE1C0384FCF70F40FDF7E3CB586D36B5D19A7591F8F ] C:\Users\pc\AppData\Local\Akamai\netsession_win.exe
10:41:57.0064 0x1f94  Akamai NetSession Interface - ok
10:41:57.0096 0x1f94  Advanced SystemCare 10 - ok
10:41:57.0361 0x1f94  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:41:57.0549 0x1f94  OneDriveSetup - ok
10:41:57.0658 0x1f94  [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe
10:41:57.0689 0x1f94  WAB Migrate - ok
10:41:57.0705 0x1f94  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
10:41:57.0705 0x1f94  Win FW state via NFP2: enabled ( trusted )
10:41:57.0705 0x1f94  ============================================================
10:41:57.0705 0x1f94  Scan finished
10:41:57.0705 0x1f94  ============================================================
10:41:57.0721 0x0020  Detected object count: 4
10:41:57.0721 0x0020  Actual detected object count: 4
10:50:46.0254 0x0020  nusb3hub ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:46.0255 0x0020  nusb3hub ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:50:46.0255 0x0020  nusb3xhc ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:46.0255 0x0020  nusb3xhc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:50:46.0258 0x0020  tor ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:46.0258 0x0020  tor ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:50:46.0261 0x0020  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
10:50:46.0261 0x0020  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 12.02.2017 14:56
Ich versteh dich nicht.

Wieso machst du einen neuen Scan mit dem tdsskiller, du solltest doch nur das vorhandene Log vollständig posten. Obendrein zeigt das letzte Log falsche Scaneinstellungen.

Troja90 12.02.2017 15:07
Ich habe den ersten Scan durchgeführt als Internet an war und nichts gefunden. Den 2. Scan habe ich offline durchgeführt mit Einstellungen, wie in der Anleitung. Aber wie gesagt irgendjemand hat Zugriff auf meinen PC und hat die Einstellungen vllt geändert. Ich habe mittlerweile den Verdacht, dass ein Keylogger dahintersteckt, da ich gestern in WoW on war und seitdem keinen Zugriff mehr auf meinen Account habe. Zudem scheint derjenige sich mir i.wie verbal mitteilen können, und spricht permanent Beleidigungen aus. Ich frage mich auf welchem Weg das funktionieren könnte. Selbst jetzt, wo mein PC aus ist. Bin gerade mit Laptop on. Aber ich denke der ist genauso infiziert. Meinen Pc habe ich über einen LCD-TV mit VGA verbunden, da mein Monitor geschrottet ist, hat das damit vllt was zu tun?? Alles sehr merkwürdig..

cosinus 12.02.2017 15:25
Zitat:
Aber wie gesagt irgendjemand hat Zugriff auf meinen PC und hat die Einstellungen vllt geändert.
Das ist doch totoaler Blödsinn. Du hast einfach die Einstellungen nicht richtig gemacht.

Troja90 12.02.2017 15:40
ok. ich lass den gleich nochmal offline durchlaufen, und stell sicher, dass alles korrekt eingestellt ist. sry... das ganze bringt mich nur zur Verzweiflung.

cosinus 12.02.2017 15:58
EINFACH die Anleitung richtig lesen und umsetzen und nicht irgendeinen Blödsinn hineindichten! :wtf:
Das MUSST online sein, sonst kann das Tool keine Updates fahren!

Troja90 12.02.2017 16:57
Code:
16:51:49.0227 0x1404  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
16:51:53.0133 0x1404  ============================================================
16:51:53.0133 0x1404  Current date / time: 2017/02/12 16:51:53.0133
16:51:53.0133 0x1404  SystemInfo:
16:51:53.0133 0x1404 
16:51:53.0133 0x1404  OS Version: 10.0.14393 ServicePack: 0.0
16:51:53.0133 0x1404  Product type: Workstation
16:51:53.0133 0x1404  ComputerName: PC-PC
16:51:53.0133 0x1404  UserName: pc
16:51:53.0133 0x1404  Windows directory: C:\WINDOWS
16:51:53.0133 0x1404  System windows directory: C:\WINDOWS
16:51:53.0133 0x1404  Running under WOW64
16:51:53.0133 0x1404  Processor architecture: Intel x64
16:51:53.0133 0x1404  Number of processors: 2
16:51:53.0133 0x1404  Page size: 0x1000
16:51:53.0133 0x1404  Boot type: Normal boot
16:51:53.0133 0x1404  CodeIntegrityOptions = 0x00000001
16:51:53.0133 0x1404  ============================================================
16:51:53.0539 0x1404  KLMD registered as C:\WINDOWS\system32\drivers\96029729.sys
16:51:53.0539 0x1404  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
16:51:54.0789 0x1404  System UUID: {3EF31A04-2CD2-7BAA-4DD7-B924348B9B9B}
16:51:55.0570 0x1404  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
16:51:55.0586 0x1404  ============================================================
16:51:55.0586 0x1404  \Device\Harddisk0\DR0:
16:51:55.0586 0x1404  MBR partitions:
16:51:55.0586 0x1404  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:51:55.0586 0x1404  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x26FED000
16:51:55.0586 0x1404  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27100800, BlocksNum 0x13285000
16:51:55.0586 0x1404  ============================================================
16:51:55.0602 0x1404  C: <-> \Device\Harddisk0\DR0\Partition2
16:51:55.0664 0x1404  D: <-> \Device\Harddisk0\DR0\Partition3
16:51:55.0664 0x1404  ============================================================
16:51:55.0664 0x1404  Initialize success
16:51:55.0664 0x1404  ============================================================
16:52:04.0992 0x19dc  ============================================================
16:52:04.0992 0x19dc  Scan started
16:52:04.0992 0x19dc  Mode: Manual; SigCheck; TDLFS;
16:52:04.0992 0x19dc  ============================================================
16:52:04.0992 0x19dc  KSN ping started
16:52:05.0117 0x19dc  KSN ping finished: true
16:52:07.0086 0x19dc  ================ Scan system memory ========================
16:52:07.0086 0x19dc  System memory - ok
16:52:07.0086 0x19dc  ================ Scan services =============================
16:52:07.0586 0x19dc  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
16:52:07.0867 0x19dc  1394ohci - ok
16:52:07.0961 0x19dc  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
16:52:08.0023 0x19dc  3ware - ok
16:52:08.0133 0x19dc  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
16:52:08.0164 0x19dc  ACPI - ok
16:52:08.0195 0x19dc  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev        C:\WINDOWS\System32\drivers\AcpiDev.sys
16:52:08.0273 0x19dc  AcpiDev - ok
16:52:08.0289 0x19dc  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
16:52:08.0320 0x19dc  acpiex - ok
16:52:08.0383 0x19dc  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
16:52:08.0508 0x19dc  acpipagr - ok
16:52:08.0586 0x19dc  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
16:52:08.0695 0x19dc  AcpiPmi - ok
16:52:08.0727 0x19dc  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
16:52:08.0773 0x19dc  acpitime - ok
16:52:08.0945 0x19dc  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:52:08.0977 0x19dc  AdobeARMservice - ok
16:52:09.0227 0x19dc  [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:52:09.0289 0x19dc  AdobeFlashPlayerUpdateSvc - ok
16:52:09.0523 0x19dc  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX        C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:52:09.0602 0x19dc  ADP80XX - ok
16:52:09.0820 0x19dc  [ D40F71605B47F744C76A47ADAB28468C, 1AA92D56E3D7910F4AAE86E469AB3750C7BF3964FBD4D71C3723B30F57117279 ] AdvancedSystemCareService10 C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
16:52:09.0852 0x19dc  AdvancedSystemCareService10 - ok
16:52:09.0914 0x19dc  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD            C:\WINDOWS\system32\drivers\afd.sys
16:52:09.0961 0x19dc  AFD - ok
16:52:10.0039 0x19dc  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache        C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:52:10.0148 0x19dc  ahcache - ok
16:52:10.0211 0x19dc  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
16:52:10.0320 0x19dc  AJRouter - ok
16:52:10.0367 0x19dc  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG            C:\WINDOWS\System32\alg.exe
16:52:10.0477 0x19dc  ALG - ok
16:52:10.0523 0x19dc  [ 7FE59496114A48A64E98E3218664A3E6, 1C11EE3686CB7F57783A5A5F56CCED71F61A46B26B0F4C4D04B1B37E8AC5A7D1 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
16:52:10.0758 0x19dc  AMD External Events Utility - ok
16:52:10.0914 0x19dc  AMD FUEL Service - ok
16:52:10.0961 0x19dc  [ D65F2BC90169CCC5265955A496D526C3, 5C4371D9A61810098167FE5E16ABB25F2CCCF452490A15773678D5239810D6FB ] amdide64        C:\WINDOWS\system32\drivers\amdide64.sys
16:52:10.0992 0x19dc  amdide64 - ok
16:52:11.0023 0x19dc  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\WINDOWS\System32\drivers\amdiox64.sys
16:52:11.0055 0x19dc  amdiox64 - ok
16:52:11.0070 0x19dc  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
16:52:11.0180 0x19dc  AmdK8 - ok
16:52:11.0727 0x19dc  [ E66C25946B3D9268D8E10D3769CF4719, C273A59D3A29549E3C8BBF896015CA0E5D64A4ECCD6C2FF360927773DA736022 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
16:52:12.0430 0x19dc  amdkmdag - ok
16:52:12.0523 0x19dc  [ D1D66D1D42E53B53AFC7598058E71796, 12A1C8D895891F89745493091174D3FF5A9953F21427E7E1BE1120DA762E0CBD ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
16:52:12.0602 0x19dc  amdkmdap - ok
16:52:12.0680 0x19dc  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
16:52:12.0727 0x19dc  AmdPPM - ok
16:52:12.0742 0x19dc  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
16:52:12.0773 0x19dc  amdsata - ok
16:52:12.0789 0x19dc  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
16:52:12.0805 0x19dc  amdsbs - ok
16:52:12.0820 0x19dc  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
16:52:12.0836 0x19dc  amdxata - ok
16:52:12.0867 0x19dc  [ 5B25D1A753CC3A3EDB909BB759AC1098, 1B931342D8D36C8D177D6D9BFFFD8CDC0C6E6F82BA552DC8E5CDC1CAF528D0B0 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:52:12.0867 0x19dc  AODDriver4.1 - ok
16:52:12.0914 0x19dc  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID          C:\WINDOWS\system32\drivers\appid.sys
16:52:12.0930 0x19dc  AppID - ok
16:52:12.0992 0x19dc  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
16:52:13.0070 0x19dc  AppIDSvc - ok
16:52:13.0086 0x19dc  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo        C:\WINDOWS\System32\appinfo.dll
16:52:13.0180 0x19dc  Appinfo - ok
16:52:13.0195 0x19dc  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr  C:\WINDOWS\system32\drivers\applockerfltr.sys
16:52:13.0305 0x19dc  applockerfltr - ok
16:52:13.0352 0x19dc  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt        C:\WINDOWS\System32\appmgmts.dll
16:52:13.0414 0x19dc  AppMgmt - ok
16:52:13.0445 0x19dc  [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
16:52:13.0523 0x19dc  AppReadiness - ok
16:52:13.0570 0x19dc  [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
16:52:13.0617 0x19dc  AppVClient - ok
16:52:13.0633 0x19dc  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
16:52:13.0648 0x19dc  AppvStrm - ok
16:52:13.0695 0x19dc  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr      C:\WINDOWS\system32\drivers\AppvVemgr.sys
16:52:13.0727 0x19dc  AppvVemgr - ok
16:52:13.0742 0x19dc  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs        C:\WINDOWS\system32\drivers\AppvVfs.sys
16:52:13.0758 0x19dc  AppvVfs - ok
16:52:13.0836 0x19dc  [ D70B1453ADA82A92E76EAE72D936A0F6, 439DBC5818025887343D4B5B509C7D2C97ED0FFA4641A5178EA5719C50E5013F ] AppXSvc        C:\WINDOWS\system32\appxdeploymentserver.dll
16:52:13.0977 0x19dc  AppXSvc - ok
16:52:14.0055 0x19dc  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
16:52:14.0070 0x19dc  arcsas - ok
16:52:14.0117 0x19dc  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
16:52:14.0258 0x19dc  AsyncMac - ok
16:52:14.0273 0x19dc  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
16:52:14.0289 0x19dc  atapi - ok
16:52:14.0383 0x19dc  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:52:14.0617 0x19dc  AudioEndpointBuilder - ok
16:52:14.0695 0x19dc  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
16:52:14.0773 0x19dc  Audiosrv - ok
16:52:14.0820 0x19dc  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
16:52:14.0867 0x19dc  AxInstSV - ok
16:52:14.0930 0x19dc  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
16:52:14.0945 0x19dc  b06bdrv - ok
16:52:14.0977 0x19dc  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:52:15.0008 0x19dc  BasicDisplay - ok
16:52:15.0039 0x19dc  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
16:52:15.0070 0x19dc  BasicRender - ok
16:52:15.0102 0x19dc  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn          C:\WINDOWS\System32\drivers\bcmfn.sys
16:52:15.0148 0x19dc  bcmfn - ok
16:52:15.0164 0x19dc  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
16:52:15.0211 0x19dc  bcmfn2 - ok
16:52:15.0273 0x19dc  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
16:52:15.0430 0x19dc  BDESVC - ok
16:52:15.0492 0x19dc  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:52:15.0555 0x19dc  Beep - ok
16:52:15.0602 0x19dc  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE            C:\WINDOWS\System32\bfe.dll
16:52:15.0695 0x19dc  BFE - ok
16:52:15.0773 0x19dc  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
16:52:15.0914 0x19dc  BITS - ok
16:52:15.0945 0x19dc  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
16:52:16.0023 0x19dc  bowser - ok
16:52:16.0180 0x19dc  [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:52:16.0320 0x19dc  BrokerInfrastructure - ok
16:52:16.0367 0x19dc  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser        C:\WINDOWS\System32\browser.dll
16:52:16.0430 0x19dc  Browser - ok
16:52:16.0445 0x19dc  [ 49FE3D1F3D5C2E50A0DF0F6E8436D778, F929BEAD59E9424AB90427B379DCDD63FBFE0C4FB5E1792E3A1685541CD5EC65 ] BSMEM          C:\Windows\system32\drivers\BSMEM.sys
16:52:16.0461 0x19dc  BSMEM - ok
16:52:16.0508 0x19dc  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:52:16.0586 0x19dc  BthAvrcpTg - ok
16:52:16.0602 0x19dc  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
16:52:16.0633 0x19dc  BthHFEnum - ok
16:52:16.0648 0x19dc  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
16:52:16.0664 0x19dc  bthhfhid - ok
16:52:16.0711 0x19dc  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
16:52:16.0758 0x19dc  BthHFSrv - ok
16:52:16.0820 0x19dc  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
16:52:16.0852 0x19dc  BTHMODEM - ok
16:52:16.0883 0x19dc  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv        C:\WINDOWS\system32\bthserv.dll
16:52:16.0961 0x19dc  bthserv - ok
16:52:17.0008 0x19dc  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
16:52:17.0086 0x19dc  buttonconverter - ok
16:52:17.0102 0x19dc  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
16:52:17.0180 0x19dc  CapImg - ok
16:52:17.0195 0x19dc  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:52:17.0273 0x19dc  cdfs - ok
16:52:17.0305 0x19dc  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
16:52:17.0383 0x19dc  CDPSvc - ok
16:52:17.0414 0x19dc  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
16:52:17.0461 0x19dc  CDPUserSvc - ok
16:52:17.0523 0x19dc  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
16:52:17.0555 0x19dc  cdrom - ok
16:52:17.0602 0x19dc  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
16:52:17.0680 0x19dc  CertPropSvc - ok
16:52:17.0742 0x19dc  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi      C:\WINDOWS\system32\drivers\cht4sx64.sys
16:52:17.0758 0x19dc  cht4iscsi - ok
16:52:17.0820 0x19dc  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd        C:\WINDOWS\System32\drivers\cht4vx64.sys
16:52:17.0898 0x19dc  cht4vbd - ok
16:52:17.0945 0x19dc  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
16:52:17.0992 0x19dc  circlass - ok
16:52:18.0039 0x19dc  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
16:52:18.0055 0x19dc  CLFS - ok
16:52:18.0367 0x19dc  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc  C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
16:52:18.0461 0x19dc  ClickToRunSvc - ok
16:52:18.0523 0x19dc  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC        C:\WINDOWS\System32\ClipSVC.dll
16:52:18.0555 0x19dc  ClipSVC - ok
16:52:18.0602 0x19dc  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg          C:\WINDOWS\System32\drivers\registry.sys
16:52:18.0648 0x19dc  clreg - ok
16:52:18.0695 0x19dc  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
16:52:18.0727 0x19dc  CmBatt - ok
16:52:18.0820 0x19dc  [ 90C07EB909C42316982E753BDAA7860D, 438581FD3468FAF01D35529672201A920E8821EC80E30E59A43645DA57738F21 ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
16:52:18.0867 0x19dc  CNG - ok
16:52:18.0898 0x19dc  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist    C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
16:52:18.0914 0x19dc  cnghwassist - ok
16:52:19.0008 0x19dc  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
16:52:19.0055 0x19dc  CompositeBus - ok
16:52:19.0070 0x19dc  COMSysApp - ok
16:52:19.0117 0x19dc  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
16:52:19.0117 0x19dc  condrv - ok
16:52:19.0164 0x19dc  [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
16:52:19.0195 0x19dc  CoreMessagingRegistrar - ok
16:52:19.0227 0x19dc  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
16:52:19.0289 0x19dc  CryptSvc - ok
16:52:19.0352 0x19dc  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC            C:\WINDOWS\system32\drivers\csc.sys
16:52:19.0430 0x19dc  CSC - ok
16:52:19.0492 0x19dc  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
16:52:19.0555 0x19dc  CscService - ok
16:52:19.0586 0x19dc  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam            C:\WINDOWS\system32\drivers\dam.sys
16:52:19.0602 0x19dc  dam - ok
16:52:19.0633 0x19dc  [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
16:52:19.0648 0x19dc  dc3d - ok
16:52:19.0711 0x19dc  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:52:19.0773 0x19dc  DcomLaunch - ok
16:52:19.0820 0x19dc  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
16:52:19.0867 0x19dc  DcpSvc - ok
16:52:19.0914 0x19dc  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
16:52:19.0961 0x19dc  defragsvc - ok
16:52:20.0023 0x19dc  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:52:20.0102 0x19dc  DeviceAssociationService - ok
16:52:20.0133 0x19dc  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
16:52:20.0180 0x19dc  DeviceInstall - ok
16:52:20.0211 0x19dc  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
16:52:20.0289 0x19dc  DevQueryBroker - ok
16:52:20.0336 0x19dc  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
16:52:20.0430 0x19dc  Dfsc - ok
16:52:20.0461 0x19dc  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
16:52:20.0461 0x19dc  dg_ssudbus - ok
16:52:20.0508 0x19dc  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
16:52:20.0586 0x19dc  Dhcp - ok
16:52:20.0633 0x19dc  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
16:52:20.0695 0x19dc  diagnosticshub.standardcollector.service - ok
16:52:20.0773 0x19dc  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack      C:\WINDOWS\system32\diagtrack.dll
16:52:20.0930 0x19dc  DiagTrack - ok
16:52:20.0961 0x19dc  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
16:52:20.0977 0x19dc  disk - ok
16:52:21.0023 0x19dc  [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
16:52:21.0102 0x19dc  DmEnrollmentSvc - ok
16:52:21.0148 0x19dc  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
16:52:21.0211 0x19dc  dmvsc - ok
16:52:21.0258 0x19dc  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
16:52:21.0336 0x19dc  dmwappushservice - ok
16:52:21.0367 0x19dc  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:52:21.0445 0x19dc  Dnscache - ok
16:52:21.0492 0x19dc  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
16:52:21.0570 0x19dc  dot3svc - ok
16:52:21.0586 0x19dc  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS            C:\WINDOWS\system32\dps.dll
16:52:21.0664 0x19dc  DPS - ok
16:52:21.0695 0x19dc  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud        C:\WINDOWS\system32\DRIVERS\drmkaud.sys
16:52:21.0711 0x19dc  drmkaud - ok
16:52:21.0758 0x19dc  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
16:52:21.0820 0x19dc  DsmSvc - ok
16:52:21.0852 0x19dc  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc          C:\WINDOWS\System32\DsSvc.dll
16:52:21.0898 0x19dc  DsSvc - ok
16:52:21.0992 0x19dc  [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:52:22.0070 0x19dc  DXGKrnl - ok
16:52:22.0102 0x19dc  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost        C:\WINDOWS\System32\eapsvc.dll
16:52:22.0148 0x19dc  EapHost - ok
16:52:22.0289 0x19dc  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
16:52:22.0414 0x19dc  ebdrv - ok
16:52:22.0445 0x19dc  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS            C:\WINDOWS\System32\lsass.exe
16:52:22.0461 0x19dc  EFS - ok
16:52:22.0508 0x19dc  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
16:52:22.0523 0x19dc  EhStorClass - ok
16:52:22.0539 0x19dc  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:52:22.0555 0x19dc  EhStorTcgDrv - ok
16:52:22.0586 0x19dc  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
16:52:22.0633 0x19dc  embeddedmode - ok
16:52:22.0695 0x19dc  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc      C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
16:52:22.0742 0x19dc  EntAppSvc - ok
16:52:22.0773 0x19dc  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
16:52:22.0820 0x19dc  ErrDev - ok
16:52:22.0898 0x19dc  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem    C:\WINDOWS\system32\es.dll
16:52:22.0992 0x19dc  EventSystem - ok
16:52:23.0039 0x19dc  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
16:52:23.0086 0x19dc  exfat - ok
16:52:23.0133 0x19dc  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
16:52:23.0148 0x19dc  fastfat - ok
16:52:23.0258 0x19dc  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax            C:\WINDOWS\system32\fxssvc.exe
16:52:23.0398 0x19dc  Fax - ok
16:52:23.0445 0x19dc  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
16:52:23.0492 0x19dc  fdc - ok
16:52:23.0539 0x19dc  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
16:52:23.0914 0x19dc  fdPHost - ok
16:52:23.0977 0x19dc  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
16:52:24.0039 0x19dc  FDResPub - ok
16:52:24.0086 0x19dc  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
16:52:24.0242 0x19dc  fhsvc - ok
16:52:24.0320 0x19dc  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt      C:\WINDOWS\system32\drivers\filecrypt.sys
16:52:24.0461 0x19dc  FileCrypt - ok
16:52:24.0523 0x19dc  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
16:52:24.0586 0x19dc  FileInfo - ok
16:52:24.0602 0x19dc  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
16:52:24.0664 0x19dc  Filetrace - ok
16:52:24.0695 0x19dc  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
16:52:24.0742 0x19dc  flpydisk - ok
16:52:24.0867 0x19dc  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:52:24.0914 0x19dc  FltMgr - ok
16:52:25.0180 0x19dc  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache      C:\WINDOWS\system32\FntCache.dll
16:52:25.0398 0x19dc  FontCache - ok
16:52:25.0539 0x19dc  [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer    C:\WINDOWS\system32\FrameServer.dll
16:52:25.0648 0x19dc  FrameServer - ok
16:52:25.0711 0x19dc  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
16:52:25.0742 0x19dc  FsDepends - ok
16:52:25.0773 0x19dc  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:52:25.0805 0x19dc  Fs_Rec - ok
16:52:25.0961 0x19dc  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:52:25.0992 0x19dc  fvevol - ok
16:52:26.0070 0x19dc  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
16:52:26.0148 0x19dc  gencounter - ok
16:52:26.0211 0x19dc  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
16:52:26.0305 0x19dc  genericusbfn - ok
16:52:26.0352 0x19dc  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:52:26.0414 0x19dc  GPIOClx0101 - ok
16:52:26.0555 0x19dc  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
16:52:26.0711 0x19dc  gpsvc - ok
16:52:26.0742 0x19dc  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
16:52:26.0773 0x19dc  GpuEnergyDrv - ok
16:52:26.0898 0x19dc  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:52:26.0930 0x19dc  gupdate - ok
16:52:26.0945 0x19dc  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:52:26.0945 0x19dc  gupdatem - ok
16:52:26.0977 0x19dc  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
16:52:27.0070 0x19dc  HDAudBus - ok
16:52:27.0102 0x19dc  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
16:52:27.0117 0x19dc  HidBatt - ok
16:52:27.0133 0x19dc  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
16:52:27.0180 0x19dc  HidBth - ok
16:52:27.0211 0x19dc  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
16:52:27.0273 0x19dc  hidi2c - ok
16:52:27.0320 0x19dc  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
16:52:27.0336 0x19dc  hidinterrupt - ok
16:52:27.0398 0x19dc  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
16:52:27.0445 0x19dc  HidIr - ok
16:52:27.0461 0x19dc  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv        C:\WINDOWS\system32\hidserv.dll
16:52:27.0539 0x19dc  hidserv - ok
16:52:27.0555 0x19dc  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
16:52:27.0602 0x19dc  HidUsb - ok
16:52:27.0648 0x19dc  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:52:27.0758 0x19dc  HomeGroupListener - ok
16:52:27.0820 0x19dc  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:52:27.0945 0x19dc  HomeGroupProvider - ok
16:52:27.0992 0x19dc  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
16:52:28.0008 0x19dc  HpSAMD - ok
16:52:28.0086 0x19dc  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
16:52:28.0133 0x19dc  HTTP - ok
16:52:28.0180 0x19dc  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
16:52:28.0305 0x19dc  HvHost - ok
16:52:28.0336 0x19dc  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice      C:\WINDOWS\system32\drivers\hvservice.sys
16:52:28.0352 0x19dc  hvservice - ok
16:52:28.0430 0x19dc  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
16:52:28.0445 0x19dc  HWiNFO32 - ok
16:52:28.0508 0x19dc  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
16:52:28.0539 0x19dc  hwpolicy - ok
16:52:28.0586 0x19dc  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
16:52:28.0617 0x19dc  hyperkbd - ok
16:52:28.0633 0x19dc  [ 6A0B9F5662598D229F62CD317292E8F3, AF33D3FFACF72A15EEE37A4998DF0C1F9595B949D1AB4FAFA8AF278DB41E0455 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
16:52:28.0711 0x19dc  HyperVideo - ok
16:52:28.0742 0x19dc  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
16:52:28.0836 0x19dc  i8042prt - ok
16:52:28.0867 0x19dc  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
16:52:28.0930 0x19dc  iagpio - ok
16:52:28.0945 0x19dc  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c          C:\WINDOWS\System32\drivers\iai2c.sys
16:52:28.0977 0x19dc  iai2c - ok
16:52:29.0008 0x19dc  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
16:52:29.0070 0x19dc  iaLPSS2i_GPIO2 - ok
16:52:29.0102 0x19dc  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
16:52:29.0133 0x19dc  iaLPSS2i_I2C - ok
16:52:29.0148 0x19dc  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:52:29.0148 0x19dc  iaLPSSi_GPIO - ok
16:52:29.0180 0x19dc  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:52:29.0195 0x19dc  iaLPSSi_I2C - ok
16:52:29.0242 0x19dc  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
16:52:29.0273 0x19dc  iaStorAV - ok
16:52:29.0305 0x19dc  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
16:52:29.0320 0x19dc  iaStorV - ok
16:52:29.0352 0x19dc  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus          C:\WINDOWS\System32\drivers\ibbus.sys
16:52:29.0367 0x19dc  ibbus - ok
16:52:29.0430 0x19dc  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
16:52:29.0523 0x19dc  icssvc - ok
16:52:29.0586 0x19dc  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
16:52:29.0633 0x19dc  IKEEXT - ok
16:52:29.0758 0x19dc  IMFFilter - ok
16:52:29.0758 0x19dc  IMFservice - ok
16:52:29.0789 0x19dc  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd    C:\WINDOWS\System32\drivers\IndirectKmd.sys
16:52:29.0852 0x19dc  IndirectKmd - ok
16:52:29.0898 0x19dc  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
16:52:29.0914 0x19dc  intelide - ok
16:52:29.0930 0x19dc  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
16:52:29.0945 0x19dc  intelpep - ok
16:52:29.0977 0x19dc  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
16:52:30.0008 0x19dc  intelppm - ok
16:52:30.0039 0x19dc  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
16:52:30.0055 0x19dc  iorate - ok
16:52:30.0102 0x19dc  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:52:30.0180 0x19dc  IpFilterDriver - ok
16:52:30.0273 0x19dc  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
16:52:30.0398 0x19dc  iphlpsvc - ok
16:52:30.0430 0x19dc  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:52:30.0445 0x19dc  IPMIDRV - ok
16:52:30.0461 0x19dc  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
16:52:30.0492 0x19dc  IPNAT - ok
16:52:30.0523 0x19dc  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
16:52:30.0586 0x19dc  irda - ok
16:52:30.0617 0x19dc  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
16:52:30.0648 0x19dc  IRENUM - ok
16:52:30.0680 0x19dc  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon          C:\WINDOWS\System32\irmon.dll
16:52:30.0711 0x19dc  irmon - ok
16:52:30.0758 0x19dc  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
16:52:30.0773 0x19dc  isapnp - ok
16:52:30.0789 0x19dc  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
16:52:30.0805 0x19dc  iScsiPrt - ok
16:52:30.0820 0x19dc  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
16:52:30.0836 0x19dc  kbdclass - ok
16:52:30.0836 0x19dc  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
16:52:30.0883 0x19dc  kbdhid - ok
16:52:30.0898 0x19dc  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic          C:\WINDOWS\System32\drivers\kdnic.sys
16:52:30.0930 0x19dc  kdnic - ok
16:52:30.0977 0x19dc  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
16:52:30.0977 0x19dc  KeyIso - ok
16:52:31.0023 0x19dc  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
16:52:31.0039 0x19dc  KSecDD - ok
16:52:31.0070 0x19dc  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:52:31.0086 0x19dc  KSecPkg - ok
16:52:31.0102 0x19dc  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
16:52:31.0133 0x19dc  ksthunk - ok
16:52:31.0195 0x19dc  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
16:52:31.0273 0x19dc  KtmRm - ok
16:52:31.0305 0x19dc  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
16:52:31.0352 0x19dc  LanmanServer - ok
16:52:31.0398 0x19dc  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:52:31.0461 0x19dc  LanmanWorkstation - ok
16:52:31.0508 0x19dc  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc          C:\WINDOWS\System32\lfsvc.dll
16:52:31.0570 0x19dc  lfsvc - ok
16:52:31.0586 0x19dc  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
16:52:31.0664 0x19dc  LicenseManager - ok
16:52:31.0664 0x19dc  LiveUpdateSvc - ok
16:52:31.0711 0x19dc  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
16:52:31.0742 0x19dc  lltdio - ok
16:52:31.0789 0x19dc  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
16:52:31.0836 0x19dc  lltdsvc - ok
16:52:31.0883 0x19dc  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
16:52:31.0914 0x19dc  lmhosts - ok
16:52:31.0977 0x19dc  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
16:52:31.0992 0x19dc  LSI_SAS - ok
16:52:32.0023 0x19dc  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i      C:\WINDOWS\system32\drivers\lsi_sas2i.sys
16:52:32.0039 0x19dc  LSI_SAS2i - ok
16:52:32.0070 0x19dc  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i      C:\WINDOWS\system32\drivers\lsi_sas3i.sys
16:52:32.0086 0x19dc  LSI_SAS3i - ok
16:52:32.0102 0x19dc  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
16:52:32.0117 0x19dc  LSI_SSS - ok
16:52:32.0180 0x19dc  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM            C:\WINDOWS\System32\lsm.dll
16:52:32.0242 0x19dc  LSM - ok
16:52:32.0289 0x19dc  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
16:52:32.0352 0x19dc  luafv - ok
16:52:32.0383 0x19dc  [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker      C:\WINDOWS\System32\moshost.dll
16:52:32.0430 0x19dc  MapsBroker - ok
16:52:32.0461 0x19dc  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
16:52:32.0477 0x19dc  megasas - ok
16:52:32.0492 0x19dc  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i      C:\WINDOWS\system32\drivers\MegaSas2i.sys
16:52:32.0508 0x19dc  megasas2i - ok
16:52:32.0539 0x19dc  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
16:52:32.0570 0x19dc  megasr - ok
16:52:32.0617 0x19dc  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
16:52:32.0648 0x19dc  MessagingService - ok
16:52:32.0742 0x19dc  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
16:52:32.0789 0x19dc  mlx4_bus - ok
16:52:32.0836 0x19dc  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS          C:\WINDOWS\system32\drivers\mmcss.sys
16:52:32.0930 0x19dc  MMCSS - ok
16:52:32.0977 0x19dc  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem          C:\WINDOWS\system32\drivers\modem.sys
16:52:33.0070 0x19dc  Modem - ok
16:52:33.0117 0x19dc  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
16:52:33.0164 0x19dc  monitor - ok
16:52:33.0195 0x19dc  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
16:52:33.0227 0x19dc  mouclass - ok
16:52:33.0227 0x19dc  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
16:52:33.0289 0x19dc  mouhid - ok
16:52:33.0320 0x19dc  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
16:52:33.0336 0x19dc  mountmgr - ok
16:52:33.0367 0x19dc  [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:52:33.0383 0x19dc  MozillaMaintenance - ok
16:52:33.0430 0x19dc  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
16:52:33.0508 0x19dc  mpsdrv - ok
16:52:33.0570 0x19dc  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
16:52:33.0617 0x19dc  MpsSvc - ok
16:52:33.0664 0x19dc  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
16:52:33.0773 0x19dc  MRxDAV - ok
16:52:33.0805 0x19dc  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:52:33.0820 0x19dc  mrxsmb - ok
16:52:33.0883 0x19dc  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:52:33.0961 0x19dc  mrxsmb10 - ok
16:52:33.0992 0x19dc  [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:52:34.0008 0x19dc  mrxsmb20 - ok
16:52:34.0070 0x19dc  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
16:52:34.0102 0x19dc  MsBridge - ok
16:52:34.0148 0x19dc  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC          C:\WINDOWS\System32\msdtc.exe
16:52:34.0195 0x19dc  MSDTC - ok
16:52:34.0227 0x19dc  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:52:34.0320 0x19dc  Msfs - ok
16:52:34.0352 0x19dc  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:52:34.0383 0x19dc  msgpiowin32 - ok
16:52:34.0383 0x19dc  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:52:34.0445 0x19dc  mshidkmdf - ok
16:52:34.0461 0x19dc  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
16:52:34.0523 0x19dc  mshidumdf - ok
16:52:34.0539 0x19dc  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys

Troja90 12.02.2017 16:58
Code:
16:52:34.0555 0x19dc  msisadrv - ok
16:52:34.0617 0x19dc  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
16:52:34.0727 0x19dc  MSiSCSI - ok
16:52:34.0742 0x19dc  msiserver - ok
16:52:34.0773 0x19dc  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV        C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
16:52:34.0805 0x19dc  MSKSSRV - ok
16:52:34.0836 0x19dc  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
16:52:34.0930 0x19dc  MsLldp - ok
16:52:34.0945 0x19dc  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
16:52:34.0992 0x19dc  MSPCLOCK - ok
16:52:35.0023 0x19dc  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM          C:\WINDOWS\system32\DRIVERS\MSPQM.sys
16:52:35.0086 0x19dc  MSPQM - ok
16:52:35.0133 0x19dc  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
16:52:35.0148 0x19dc  MsRPC - ok
16:52:35.0180 0x19dc  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
16:52:35.0195 0x19dc  MsSecFlt - ok
16:52:35.0211 0x19dc  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
16:52:35.0227 0x19dc  mssmbios - ok
16:52:35.0227 0x19dc  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE          C:\WINDOWS\system32\DRIVERS\MSTEE.sys
16:52:35.0273 0x19dc  MSTEE - ok
16:52:35.0305 0x19dc  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
16:52:35.0352 0x19dc  MTConfig - ok
16:52:35.0383 0x19dc  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
16:52:35.0383 0x19dc  Mup - ok
16:52:35.0398 0x19dc  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
16:52:35.0414 0x19dc  mvumis - ok
16:52:35.0508 0x19dc  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:52:35.0586 0x19dc  NativeWifiP - ok
16:52:35.0633 0x19dc  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
16:52:35.0695 0x19dc  NcaSvc - ok
16:52:35.0727 0x19dc  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
16:52:35.0773 0x19dc  NcbService - ok
16:52:35.0836 0x19dc  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
16:52:35.0961 0x19dc  NcdAutoSetup - ok
16:52:36.0023 0x19dc  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
16:52:36.0055 0x19dc  ndfltr - ok
16:52:36.0102 0x19dc  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
16:52:36.0148 0x19dc  NDIS - ok
16:52:36.0195 0x19dc  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap        C:\WINDOWS\system32\drivers\ndiscap.sys
16:52:36.0289 0x19dc  NdisCap - ok
16:52:36.0320 0x19dc  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
16:52:36.0430 0x19dc  NdisImPlatform - ok
16:52:36.0461 0x19dc  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:52:36.0492 0x19dc  NdisTapi - ok
16:52:36.0539 0x19dc  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio        C:\WINDOWS\system32\drivers\ndisuio.sys
16:52:36.0586 0x19dc  Ndisuio - ok
16:52:36.0602 0x19dc  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:52:36.0648 0x19dc  NdisVirtualBus - ok
16:52:36.0680 0x19dc  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan        C:\WINDOWS\System32\drivers\ndiswan.sys
16:52:36.0711 0x19dc  NdisWan - ok
16:52:36.0727 0x19dc  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:52:36.0742 0x19dc  ndiswanlegacy - ok
16:52:36.0758 0x19dc  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy        C:\WINDOWS\system32\DRIVERS\NDProxy.sys
16:52:36.0789 0x19dc  ndproxy - ok
16:52:36.0789 0x19dc  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
16:52:36.0836 0x19dc  Ndu - ok
16:52:36.0867 0x19dc  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
16:52:36.0945 0x19dc  NetAdapterCx - ok
16:52:36.0977 0x19dc  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS        C:\WINDOWS\system32\drivers\netbios.sys
16:52:36.0992 0x19dc  NetBIOS - ok
16:52:37.0055 0x19dc  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
16:52:37.0148 0x19dc  NetBT - ok
16:52:37.0164 0x19dc  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:52:37.0195 0x19dc  Netlogon - ok
16:52:37.0227 0x19dc  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
16:52:37.0258 0x19dc  Netman - ok
16:52:37.0305 0x19dc  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
16:52:37.0414 0x19dc  netprofm - ok
16:52:37.0461 0x19dc  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc    C:\WINDOWS\System32\NetSetupSvc.dll
16:52:37.0539 0x19dc  NetSetupSvc - ok
16:52:37.0664 0x19dc  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:52:37.0680 0x19dc  NetTcpPortSharing - ok
16:52:37.0727 0x19dc  [ 6138F9D9B03DCC28E93220809B28F964, E22517EE0EF41DA05DA5962F137AE1CDC266F4E0F243DE598CBB91F507E17195 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
16:52:37.0867 0x19dc  netvsc - ok
16:52:37.0930 0x19dc  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
16:52:38.0039 0x19dc  NgcCtnrSvc - ok
16:52:38.0148 0x19dc  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
16:52:38.0289 0x19dc  NgcSvc - ok
16:52:38.0320 0x19dc  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
16:52:38.0445 0x19dc  NlaSvc - ok
16:52:38.0492 0x19dc  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:52:38.0555 0x19dc  Npfs - ok
16:52:38.0602 0x19dc  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
16:52:38.0633 0x19dc  npsvctrig - ok
16:52:38.0664 0x19dc  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi            C:\WINDOWS\system32\nsisvc.dll
16:52:38.0742 0x19dc  nsi - ok
16:52:38.0773 0x19dc  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
16:52:38.0836 0x19dc  nsiproxy - ok
16:52:38.0930 0x19dc  [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
16:52:39.0008 0x19dc  NTFS - ok
16:52:39.0023 0x19dc  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:52:39.0055 0x19dc  Null - ok
16:52:39.0102 0x19dc  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\WINDOWS\system32\drivers\nusb3hub.sys
16:52:39.0195 0x19dc  nusb3hub - detected UnsignedFile.Multi.Generic ( 1 )
16:52:39.0242 0x19dc  Detect skipped due to KSN trusted
16:52:39.0242 0x19dc  nusb3hub - ok
16:52:39.0258 0x19dc  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\WINDOWS\system32\drivers\nusb3xhc.sys
16:52:39.0336 0x19dc  nusb3xhc - detected UnsignedFile.Multi.Generic ( 1 )
16:52:39.0383 0x19dc  Detect skipped due to KSN trusted
16:52:39.0383 0x19dc  nusb3xhc - ok
16:52:39.0414 0x19dc  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
16:52:39.0430 0x19dc  nvraid - ok
16:52:39.0445 0x19dc  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
16:52:39.0461 0x19dc  nvstor - ok
16:52:39.0508 0x19dc  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
16:52:39.0570 0x19dc  OneSyncSvc - ok
16:52:39.0633 0x19dc  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:52:39.0680 0x19dc  ose - ok
16:52:39.0898 0x19dc  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:52:40.0055 0x19dc  osppsvc - ok
16:52:40.0102 0x19dc  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
16:52:40.0148 0x19dc  p2pimsvc - ok
16:52:40.0195 0x19dc  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
16:52:40.0227 0x19dc  p2psvc - ok
16:52:40.0258 0x19dc  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport        C:\WINDOWS\System32\drivers\parport.sys
16:52:40.0336 0x19dc  Parport - ok
16:52:40.0398 0x19dc  [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys
16:52:40.0430 0x19dc  partmgr - ok
16:52:40.0492 0x19dc  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
16:52:40.0523 0x19dc  PcaSvc - ok
16:52:40.0555 0x19dc  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci            C:\WINDOWS\system32\drivers\pci.sys
16:52:40.0570 0x19dc  pci - ok
16:52:40.0617 0x19dc  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
16:52:40.0648 0x19dc  pciide - ok
16:52:40.0664 0x19dc  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
16:52:40.0695 0x19dc  pcmcia - ok
16:52:40.0695 0x19dc  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
16:52:40.0711 0x19dc  pcw - ok
16:52:40.0727 0x19dc  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
16:52:40.0742 0x19dc  pdc - ok
16:52:40.0820 0x19dc  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
16:52:40.0883 0x19dc  PEAUTH - ok
16:52:40.0977 0x19dc  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc    C:\WINDOWS\system32\peerdistsvc.dll
16:52:41.0148 0x19dc  PeerDistSvc - ok
16:52:41.0195 0x19dc  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i      C:\WINDOWS\system32\drivers\percsas2i.sys
16:52:41.0211 0x19dc  percsas2i - ok
16:52:41.0227 0x19dc  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i      C:\WINDOWS\system32\drivers\percsas3i.sys
16:52:41.0242 0x19dc  percsas3i - ok
16:52:41.0336 0x19dc  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
16:52:41.0414 0x19dc  PerfHost - ok
16:52:41.0492 0x19dc  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
16:52:41.0602 0x19dc  PhoneSvc - ok
16:52:41.0648 0x19dc  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
16:52:41.0727 0x19dc  PimIndexMaintenanceSvc - ok
16:52:41.0789 0x19dc  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla            C:\WINDOWS\system32\pla.dll
16:52:41.0930 0x19dc  pla - ok
16:52:41.0961 0x19dc  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
16:52:41.0977 0x19dc  PlugPlay - ok
16:52:42.0023 0x19dc  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
16:52:42.0055 0x19dc  PNRPAutoReg - ok
16:52:42.0086 0x19dc  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
16:52:42.0117 0x19dc  PNRPsvc - ok
16:52:42.0133 0x19dc  [ 4C2985DAAF5859A670AE2AF478AF58C6, 3B62D04255FC9C9D46B76B740D9DEFB6F382ADB1C5D27948FABDE71E9F7CA768 ] Point64        C:\WINDOWS\System32\drivers\point64.sys
16:52:42.0148 0x19dc  Point64 - ok
16:52:42.0180 0x19dc  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
16:52:42.0227 0x19dc  PolicyAgent - ok
16:52:42.0258 0x19dc  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power          C:\WINDOWS\system32\umpo.dll
16:52:42.0305 0x19dc  Power - ok
16:52:42.0352 0x19dc  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
16:52:42.0383 0x19dc  PptpMiniport - ok
16:52:42.0555 0x19dc  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify    C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:52:42.0742 0x19dc  PrintNotify - ok
16:52:42.0805 0x19dc  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor      C:\WINDOWS\System32\drivers\processr.sys
16:52:42.0836 0x19dc  Processor - ok
16:52:42.0883 0x19dc  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
16:52:42.0961 0x19dc  ProfSvc - ok
16:52:42.0992 0x19dc  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
16:52:43.0008 0x19dc  Psched - ok
16:52:43.0039 0x19dc  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI            C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys
16:52:43.0055 0x19dc  PSI - ok
16:52:43.0102 0x19dc  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE          C:\WINDOWS\system32\qwave.dll
16:52:43.0164 0x19dc  QWAVE - ok
16:52:43.0211 0x19dc  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
16:52:43.0258 0x19dc  QWAVEdrv - ok
16:52:43.0289 0x19dc  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:52:43.0336 0x19dc  RasAcd - ok
16:52:43.0367 0x19dc  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn    C:\WINDOWS\System32\drivers\AgileVpn.sys
16:52:43.0414 0x19dc  RasAgileVpn - ok
16:52:43.0445 0x19dc  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
16:52:43.0492 0x19dc  RasAuto - ok
16:52:43.0523 0x19dc  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp        C:\WINDOWS\System32\drivers\rasl2tp.sys
16:52:43.0539 0x19dc  Rasl2tp - ok
16:52:43.0586 0x19dc  [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:52:43.0680 0x19dc  RasMan - ok
16:52:43.0695 0x19dc  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
16:52:43.0711 0x19dc  RasPppoe - ok
16:52:43.0727 0x19dc  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp        C:\WINDOWS\System32\drivers\rassstp.sys
16:52:43.0758 0x19dc  RasSstp - ok
16:52:43.0805 0x19dc  [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:52:43.0836 0x19dc  rdbss - ok
16:52:43.0883 0x19dc  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
16:52:43.0930 0x19dc  rdpbus - ok
16:52:43.0961 0x19dc  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
16:52:44.0008 0x19dc  RDPDR - ok
16:52:44.0055 0x19dc  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:52:44.0070 0x19dc  RdpVideoMiniport - ok
16:52:44.0117 0x19dc  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
16:52:44.0133 0x19dc  rdyboost - ok
16:52:44.0211 0x19dc  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
16:52:44.0242 0x19dc  ReFSv1 - ok
16:52:44.0383 0x19dc  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter      C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
16:52:44.0383 0x19dc  RegFilter - ok
16:52:44.0445 0x19dc  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:52:44.0539 0x19dc  RemoteAccess - ok
16:52:44.0586 0x19dc  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:52:44.0602 0x19dc  RemoteRegistry - ok
16:52:44.0664 0x19dc  [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
16:52:44.0742 0x19dc  RetailDemo - ok
16:52:44.0773 0x19dc  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc          C:\WINDOWS\System32\RMapi.dll
16:52:44.0805 0x19dc  RmSvc - ok
16:52:44.0820 0x19dc  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
16:52:44.0852 0x19dc  RpcEptMapper - ok
16:52:44.0898 0x19dc  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:52:44.0914 0x19dc  RpcLocator - ok
16:52:44.0961 0x19dc  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
16:52:45.0008 0x19dc  RpcSs - ok
16:52:45.0039 0x19dc  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
16:52:45.0086 0x19dc  rspndr - ok
16:52:45.0148 0x19dc  [ 39FC08BE0FBCBF40A67C22FFB671A96F, B9B942A0AEF03E4E9D4A61C9F042CDC97BAD98912369CD0E0D8B0FFC08D124A3 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
16:52:45.0180 0x19dc  rt640x64 - ok
16:52:45.0195 0x19dc  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
16:52:45.0211 0x19dc  s3cap - ok
16:52:45.0242 0x19dc  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs          C:\WINDOWS\system32\lsass.exe
16:52:45.0242 0x19dc  SamSs - ok
16:52:45.0289 0x19dc  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
16:52:45.0305 0x19dc  sbp2port - ok
16:52:45.0352 0x19dc  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
16:52:45.0398 0x19dc  SCardSvr - ok
16:52:45.0461 0x19dc  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
16:52:45.0508 0x19dc  ScDeviceEnum - ok
16:52:45.0555 0x19dc  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:52:45.0586 0x19dc  scfilter - ok
16:52:45.0680 0x19dc  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:52:45.0742 0x19dc  Schedule - ok
16:52:45.0789 0x19dc  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
16:52:45.0820 0x19dc  scmbus - ok
16:52:45.0836 0x19dc  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101    C:\WINDOWS\System32\drivers\scmdisk0101.sys
16:52:45.0852 0x19dc  scmdisk0101 - ok
16:52:45.0914 0x19dc  [ C1B5EE58E759C53F9939581709DC70BB, 85095ABC9459A766832373BC3839E573E9A73C967F8427D6B7CAB972551C3191 ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
16:52:45.0930 0x19dc  SCPolicySvc - ok
16:52:45.0961 0x19dc  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
16:52:45.0977 0x19dc  sdbus - ok
16:52:46.0039 0x19dc  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
16:52:46.0148 0x19dc  SDRSVC - ok
16:52:46.0195 0x19dc  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
16:52:46.0242 0x19dc  sdstor - ok
16:52:46.0289 0x19dc  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
16:52:46.0320 0x19dc  seclogon - ok
16:52:46.0414 0x19dc  [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
16:52:46.0461 0x19dc  Secunia PSI Agent - ok
16:52:46.0524 0x19dc  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
16:52:46.0617 0x19dc  SENS - ok
16:52:46.0617 0x19dc  Sense - ok
16:52:46.0695 0x19dc  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
16:52:46.0773 0x19dc  SensorDataService - ok
16:52:46.0836 0x19dc  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService  C:\WINDOWS\system32\SensorService.dll
16:52:46.0898 0x19dc  SensorService - ok
16:52:46.0930 0x19dc  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
16:52:46.0977 0x19dc  SensrSvc - ok
16:52:46.0992 0x19dc  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
16:52:47.0008 0x19dc  SerCx - ok
16:52:47.0055 0x19dc  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
16:52:47.0070 0x19dc  SerCx2 - ok
16:52:47.0070 0x19dc  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
16:52:47.0117 0x19dc  Serenum - ok
16:52:47.0133 0x19dc  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
16:52:47.0164 0x19dc  Serial - ok
16:52:47.0164 0x19dc  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
16:52:47.0195 0x19dc  sermouse - ok
16:52:47.0258 0x19dc  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
16:52:47.0320 0x19dc  SessionEnv - ok
16:52:47.0383 0x19dc  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
16:52:47.0398 0x19dc  sfloppy - ok
16:52:47.0398 0x19dc  sgbupt - ok
16:52:47.0461 0x19dc  [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:52:47.0539 0x19dc  SharedAccess - ok
16:52:47.0617 0x19dc  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:52:47.0664 0x19dc  ShellHWDetection - ok
16:52:47.0711 0x19dc  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
16:52:47.0773 0x19dc  shpamsvc - ok
16:52:47.0789 0x19dc  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:52:47.0805 0x19dc  SiSRaid2 - ok
16:52:47.0820 0x19dc  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
16:52:47.0836 0x19dc  SiSRaid4 - ok
16:52:47.0883 0x19dc  [ 306EE29C824E85BB28D4579B23EFA55A, 0F60C3625482410EE0F5C7FE08E116B97BDE2ACB4C594A57276F4DB2A628A7EB ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
16:52:47.0914 0x19dc  SmartDefragDriver - ok
16:52:47.0945 0x19dc  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost        C:\WINDOWS\System32\smphost.dll
16:52:47.0992 0x19dc  smphost - ok
16:52:48.0055 0x19dc  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter      C:\WINDOWS\system32\SmsRouterSvc.dll
16:52:48.0117 0x19dc  SmsRouter - ok
16:52:48.0164 0x19dc  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
16:52:48.0195 0x19dc  SNMPTRAP - ok
16:52:48.0242 0x19dc  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
16:52:48.0273 0x19dc  spaceport - ok
16:52:48.0289 0x19dc  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
16:52:48.0305 0x19dc  SpbCx - ok
16:52:48.0367 0x19dc  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler        C:\WINDOWS\System32\spoolsv.exe
16:52:48.0445 0x19dc  Spooler - ok
16:52:48.0602 0x19dc  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
16:52:48.0789 0x19dc  sppsvc - ok
16:52:48.0820 0x19dc  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
16:52:48.0898 0x19dc  srv - ok
16:52:48.0961 0x19dc  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
16:52:49.0039 0x19dc  srv2 - ok
16:52:49.0086 0x19dc  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:52:49.0117 0x19dc  srvnet - ok
16:52:49.0195 0x19dc  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
16:52:49.0274 0x19dc  SSDPSRV - ok
16:52:49.0305 0x19dc  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
16:52:49.0352 0x19dc  SstpSvc - ok
16:52:49.0399 0x19dc  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
16:52:49.0414 0x19dc  ssudmdm - ok
16:52:49.0555 0x19dc  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
16:52:49.0774 0x19dc  StateRepository - ok
16:52:49.0805 0x19dc  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
16:52:49.0820 0x19dc  stexstor - ok
16:52:49.0883 0x19dc  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
16:52:49.0961 0x19dc  stisvc - ok
16:52:49.0977 0x19dc  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
16:52:50.0008 0x19dc  storahci - ok
16:52:50.0039 0x19dc  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt        C:\WINDOWS\system32\drivers\vmstorfl.sys
16:52:50.0055 0x19dc  storflt - ok
16:52:50.0070 0x19dc  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
16:52:50.0086 0x19dc  stornvme - ok
16:52:50.0102 0x19dc  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
16:52:50.0180 0x19dc  storqosflt - ok
16:52:50.0227 0x19dc  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc        C:\WINDOWS\system32\storsvc.dll
16:52:50.0289 0x19dc  StorSvc - ok
16:52:50.0336 0x19dc  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs        C:\WINDOWS\system32\drivers\storufs.sys
16:52:50.0352 0x19dc  storufs - ok
16:52:50.0367 0x19dc  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
16:52:50.0367 0x19dc  storvsc - ok
16:52:50.0399 0x19dc  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc          C:\WINDOWS\system32\svsvc.dll
16:52:50.0414 0x19dc  svsvc - ok
16:52:50.0430 0x19dc  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
16:52:50.0445 0x19dc  swenum - ok
16:52:50.0461 0x19dc  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv          C:\WINDOWS\System32\swprv.dll
16:52:50.0508 0x19dc  swprv - ok
16:52:50.0555 0x19dc  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
16:52:50.0617 0x19dc  Synth3dVsc - ok
16:52:50.0695 0x19dc  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain        C:\WINDOWS\system32\sysmain.dll
16:52:50.0774 0x19dc  SysMain - ok
16:52:50.0805 0x19dc  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:52:50.0836 0x19dc  SystemEventsBroker - ok
16:52:50.0867 0x19dc  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:52:50.0914 0x19dc  TabletInputService - ok
16:52:50.0945 0x19dc  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
16:52:50.0992 0x19dc  TapiSrv - ok
16:52:51.0102 0x19dc  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
16:52:51.0180 0x19dc  Tcpip - ok
16:52:51.0242 0x19dc  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
16:52:51.0320 0x19dc  Tcpip6 - ok
16:52:51.0383 0x19dc  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
16:52:51.0430 0x19dc  tcpipreg - ok
16:52:51.0461 0x19dc  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
16:52:51.0477 0x19dc  tdx - ok
16:52:51.0492 0x19dc  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
16:52:51.0508 0x19dc  terminpt - ok
16:52:51.0570 0x19dc  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService    C:\WINDOWS\System32\termsrv.dll
16:52:51.0680 0x19dc  TermService - ok
16:52:51.0711 0x19dc  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
16:52:51.0742 0x19dc  Themes - ok
16:52:51.0789 0x19dc  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
16:52:51.0852 0x19dc  TieringEngineService - ok
16:52:51.0899 0x19dc  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
16:52:51.0992 0x19dc  tiledatamodelsvc - ok
16:52:52.0024 0x19dc  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc  C:\WINDOWS\System32\TimeBrokerServer.dll
16:52:52.0039 0x19dc  TimeBrokerSvc - ok
16:52:52.0133 0x19dc  [ 506B0B498216371D64ABB69145B70E4C, 94FE0E8A61C506FBA45D14571A14DC259E1D52778CEF8366CE8CBDCD871E28DB ] tor            C:\Program Files (x86)\Tor\tor.exe
16:52:52.0289 0x19dc  tor - detected UnsignedFile.Multi.Generic ( 1 )
16:52:52.0352 0x19dc  Detect skipped due to KSN trusted
16:52:52.0352 0x19dc  tor - ok
16:52:52.0383 0x19dc  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM            C:\WINDOWS\System32\drivers\tpm.sys
16:52:52.0399 0x19dc  TPM - ok
16:52:52.0445 0x19dc  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
16:52:52.0477 0x19dc  TrkWks - ok
16:52:52.0555 0x19dc  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:52:52.0602 0x19dc  TrustedInstaller - ok
16:52:52.0633 0x19dc  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
16:52:52.0680 0x19dc  tsusbflt - ok
16:52:52.0727 0x19dc  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:52:52.0758 0x19dc  TsUsbGD - ok
16:52:52.0774 0x19dc  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\System32\drivers\tsusbhub.sys
16:52:52.0836 0x19dc  tsusbhub - ok
16:52:52.0867 0x19dc  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
16:52:52.0930 0x19dc  tunnel - ok
16:52:52.0961 0x19dc  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
16:52:53.0039 0x19dc  tzautoupdate - ok
16:52:53.0086 0x19dc  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
16:52:53.0102 0x19dc  UASPStor - ok
16:52:53.0149 0x19dc  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101      C:\WINDOWS\system32\Drivers\UcmCx.sys
16:52:53.0211 0x19dc  UcmCx0101 - ok
16:52:53.0242 0x19dc  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
16:52:53.0274 0x19dc  UcmTcpciCx0101 - ok
16:52:53.0305 0x19dc  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi        C:\WINDOWS\System32\drivers\UcmUcsi.sys
16:52:53.0320 0x19dc  UcmUcsi - ok
16:52:53.0352 0x19dc  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
16:52:53.0367 0x19dc  Ucx01000 - ok
16:52:53.0383 0x19dc  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx          C:\WINDOWS\system32\drivers\udecx.sys
16:52:53.0430 0x19dc  UdeCx - ok
16:52:53.0461 0x19dc  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
16:52:53.0492 0x19dc  udfs - ok
16:52:53.0508 0x19dc  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
16:52:53.0524 0x19dc  UEFI - ok
16:52:53.0539 0x19dc  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
16:52:53.0555 0x19dc  UevAgentDriver - ok
16:52:53.0617 0x19dc  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
16:52:53.0727 0x19dc  UevAgentService - ok
16:52:53.0774 0x19dc  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
16:52:53.0789 0x19dc  Ufx01000 - ok
16:52:53.0852 0x19dc  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea    C:\WINDOWS\System32\drivers\UfxChipidea.sys
16:52:53.0852 0x19dc  UfxChipidea - ok
16:52:53.0914 0x19dc  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys    C:\WINDOWS\System32\drivers\ufxsynopsys.sys
16:52:53.0930 0x19dc  ufxsynopsys - ok
16:52:53.0977 0x19dc  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
16:52:54.0008 0x19dc  UI0Detect - ok
16:52:54.0039 0x19dc  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
16:52:54.0055 0x19dc  umbus - ok
16:52:54.0070 0x19dc  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
16:52:54.0086 0x19dc  UmPass - ok
16:52:54.0133 0x19dc  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
16:52:54.0180 0x19dc  UmRdpService - ok
16:52:54.0242 0x19dc  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc    C:\WINDOWS\System32\unistore.dll
16:52:54.0352 0x19dc  UnistoreSvc - ok
16:52:54.0430 0x19dc  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:52:54.0461 0x19dc  upnphost - ok
16:52:54.0508 0x19dc  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea    C:\WINDOWS\System32\drivers\urschipidea.sys
16:52:54.0524 0x19dc  UrsChipidea - ok
16:52:54.0524 0x19dc  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
16:52:54.0539 0x19dc  UrsCx01000 - ok
16:52:54.0555 0x19dc  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys    C:\WINDOWS\System32\drivers\urssynopsys.sys
16:52:54.0570 0x19dc  UrsSynopsys - ok
16:52:54.0586 0x19dc  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64      C:\WINDOWS\system32\Drivers\usbaapl64.sys
16:52:54.0649 0x19dc  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
16:52:54.0695 0x19dc  Detect skipped due to KSN trusted
16:52:54.0695 0x19dc  USBAAPL64 - ok
16:52:54.0758 0x19dc  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys
16:52:54.0774 0x19dc  usbccgp - ok
16:52:54.0820 0x19dc  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
16:52:54.0836 0x19dc  usbcir - ok
16:52:54.0852 0x19dc  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
16:52:54.0867 0x19dc  usbehci - ok
16:52:54.0883 0x19dc  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
16:52:54.0914 0x19dc  usbhub - ok
16:52:54.0945 0x19dc  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
16:52:54.0977 0x19dc  USBHUB3 - ok
16:52:55.0024 0x19dc  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
16:52:55.0039 0x19dc  usbohci - ok
16:52:55.0055 0x19dc  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
16:52:55.0070 0x19dc  usbprint - ok
16:52:55.0086 0x19dc  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
16:52:55.0117 0x19dc  usbser - ok
16:52:55.0149 0x19dc  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:52:55.0164 0x19dc  USBSTOR - ok
16:52:55.0211 0x19dc  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
16:52:55.0242 0x19dc  usbuhci - ok
16:52:55.0274 0x19dc  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:52:55.0305 0x19dc  USBXHCI - ok
16:52:55.0383 0x19dc  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc    C:\WINDOWS\System32\userdataservice.dll
16:52:55.0445 0x19dc  UserDataSvc - ok
16:52:55.0508 0x19dc  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager    C:\WINDOWS\System32\usermgr.dll
16:52:55.0602 0x19dc  UserManager - ok
16:52:55.0664 0x19dc  [ EBF9E40845362DBE2AD0DB3077269488, A6363006350D097F95B03A2F44E1D3FBD3BC40048BE57C715CD7CBC22D1EE70B ] UsoSvc          C:\WINDOWS\system32\usocore.dll
16:52:55.0727 0x19dc  UsoSvc - ok
16:52:55.0758 0x19dc  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
16:52:55.0758 0x19dc  VaultSvc - ok
16:52:55.0774 0x19dc  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
16:52:55.0789 0x19dc  vdrvroot - ok
16:52:55.0836 0x19dc  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds            C:\WINDOWS\System32\vds.exe
16:52:55.0899 0x19dc  vds - ok
16:52:55.0930 0x19dc  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
16:52:55.0945 0x19dc  VerifierExt - ok
16:52:55.0992 0x19dc  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
16:52:56.0024 0x19dc  vhdmp - ok
16:52:56.0070 0x19dc  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf            C:\WINDOWS\System32\drivers\vhf.sys
16:52:56.0102 0x19dc  vhf - ok
16:52:56.0149 0x19dc  [ 1916D8565B95F93D696067C01280937E, 0DA15AE1729F2D0F37A00751871F68F07724B14B07AC3257B2636C7F171FF660 ] VIAHdAudAddService C:\WINDOWS\system32\drivers\viahduaa.sys
16:52:56.0180 0x19dc  VIAHdAudAddService - ok
16:52:56.0195 0x19dc  [ 26F9E6EC387A35B9C0543F10A0E8E798, 7A324A635C8B94D2463E140EF8FD4ECFB3ACAAC7EC5D1C9FCC49BB63F2F56ABD ] VIAKaraokeService C:\WINDOWS\system32\viakaraokesrv.exe
16:52:56.0211 0x19dc  VIAKaraokeService - ok
16:52:56.0258 0x19dc  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
16:52:56.0274 0x19dc  vmbus - ok
16:52:56.0289 0x19dc  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
16:52:56.0305 0x19dc  VMBusHID - ok
16:52:56.0336 0x19dc  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid          C:\WINDOWS\System32\drivers\vmgid.sys
16:52:56.0352 0x19dc  vmgid - ok
16:52:56.0414 0x19dc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
16:52:56.0492 0x19dc  vmicguestinterface - ok
16:52:56.0508 0x19dc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat  C:\WINDOWS\System32\icsvc.dll
16:52:56.0539 0x19dc  vmicheartbeat - ok
16:52:56.0555 0x19dc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
16:52:56.0570 0x19dc  vmickvpexchange - ok
16:52:56.0602 0x19dc  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv        C:\WINDOWS\System32\icsvcext.dll
16:52:56.0695 0x19dc  vmicrdv - ok
16:52:56.0727 0x19dc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
16:52:56.0742 0x19dc  vmicshutdown - ok
16:52:56.0758 0x19dc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
16:52:56.0789 0x19dc  vmictimesync - ok
16:52:56.0805 0x19dc  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession  C:\WINDOWS\System32\icsvc.dll
16:52:56.0820 0x19dc  vmicvmsession - ok
16:52:56.0836 0x19dc  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss        C:\WINDOWS\System32\icsvcext.dll
16:52:56.0867 0x19dc  vmicvss - ok
16:52:56.0914 0x19dc  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
16:52:56.0930 0x19dc  volmgr - ok
16:52:56.0945 0x19dc  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
16:52:56.0977 0x19dc  volmgrx - ok
16:52:56.0992 0x19dc  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
16:52:57.0024 0x19dc  volsnap - ok
16:52:57.0039 0x19dc  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
16:52:57.0039 0x19dc  volume - ok
16:52:57.0086 0x19dc  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
16:52:57.0102 0x19dc  vpci - ok
16:52:57.0149 0x19dc  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
16:52:57.0164 0x19dc  vsmraid - ok
16:52:57.0211 0x19dc  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS            C:\WINDOWS\system32\vssvc.exe
16:52:57.0320 0x19dc  VSS - ok
16:52:57.0352 0x19dc  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
16:52:57.0367 0x19dc  VSTXRAID - ok
16:52:57.0414 0x19dc  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
16:52:57.0477 0x19dc  vwifibus - ok
16:52:57.0492 0x19dc  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
16:52:57.0524 0x19dc  vwififlt - ok
16:52:57.0586 0x19dc  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time        C:\WINDOWS\system32\w32time.dll
16:52:57.0664 0x19dc  W32Time - ok
16:52:57.0680 0x19dc  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
16:52:57.0695 0x19dc  WacomPen - ok
16:52:57.0758 0x19dc  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService  C:\WINDOWS\system32\WalletService.dll
16:52:57.0836 0x19dc  WalletService - ok
16:52:57.0867 0x19dc  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:52:57.0914 0x19dc  wanarp - ok
16:52:57.0914 0x19dc  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:52:57.0945 0x19dc  wanarpv6 - ok
16:52:58.0024 0x19dc  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
16:52:58.0133 0x19dc  wbengine - ok
16:52:58.0195 0x19dc  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
16:52:58.0289 0x19dc  WbioSrvc - ok
16:52:58.0352 0x19dc  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs          C:\WINDOWS\system32\drivers\wcifs.sys
16:52:58.0367 0x19dc  wcifs - ok
16:52:58.0430 0x19dc  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
16:52:58.0477 0x19dc  Wcmsvc - ok
16:52:58.0508 0x19dc  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
16:52:58.0570 0x19dc  wcncsvc - ok
16:52:58.0586 0x19dc  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs          C:\WINDOWS\system32\drivers\wcnfs.sys
16:52:58.0633 0x19dc  wcnfs - ok
16:52:58.0664 0x19dc  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
16:52:58.0664 0x19dc  WdBoot - ok
16:52:58.0711 0x19dc  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
16:52:58.0742 0x19dc  Wdf01000 - ok
16:52:58.0789 0x19dc  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
16:52:58.0820 0x19dc  WdFilter - ok
16:52:58.0852 0x19dc  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
16:52:58.0899 0x19dc  WdiServiceHost - ok
16:52:58.0899 0x19dc  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
16:52:58.0930 0x19dc  WdiSystemHost - ok
16:52:58.0961 0x19dc  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi        C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
16:52:59.0008 0x19dc  wdiwifi - ok
16:52:59.0055 0x19dc  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:52:59.0070 0x19dc  WdNisDrv - ok
16:52:59.0086 0x19dc  WdNisSvc - ok
16:52:59.0149 0x19dc  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient      C:\WINDOWS\System32\webclnt.dll
16:52:59.0195 0x19dc  WebClient - ok
16:52:59.0242 0x19dc  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
16:52:59.0305 0x19dc  Wecsvc - ok
16:52:59.0320 0x19dc  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
16:52:59.0367 0x19dc  WEPHOSTSVC - ok
16:52:59.0414 0x19dc  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
16:52:59.0508 0x19dc  wercplsupport - ok
16:52:59.0524 0x19dc  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
16:52:59.0570 0x19dc  WerSvc - ok
16:52:59.0602 0x19dc  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS        C:\WINDOWS\system32\drivers\wfplwfs.sys
16:52:59.0617 0x19dc  WFPLWFS - ok
16:52:59.0649 0x19dc  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
16:52:59.0695 0x19dc  WiaRpc - ok
16:52:59.0727 0x19dc  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
16:52:59.0742 0x19dc  WIMMount - ok
16:52:59.0758 0x19dc  WinDefend - ok
16:52:59.0805 0x19dc  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
16:52:59.0820 0x19dc  WindowsTrustedRT - ok
16:52:59.0867 0x19dc  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
16:52:59.0883 0x19dc  WindowsTrustedRTProxy - ok
16:52:59.0930 0x19dc  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:53:00.0008 0x19dc  WinHttpAutoProxySvc - ok
16:53:00.0055 0x19dc  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
16:53:00.0070 0x19dc  WinMad - ok
16:53:00.0117 0x19dc  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
16:53:00.0211 0x19dc  Winmgmt - ok
16:53:00.0305 0x19dc  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
16:53:00.0477 0x19dc  WinRM - ok
16:53:00.0555 0x19dc  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
16:53:00.0570 0x19dc  WINUSB - ok
16:53:00.0602 0x19dc  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
16:53:00.0617 0x19dc  WinVerbs - ok
16:53:00.0649 0x19dc  [ 3A627A24EAC6CEC3BA59548AA70BAD6E, C4B908CEB2D6F7F14C635AE02E20B16DAF795073975AE3967627D27E8ABAB015 ] WirelessKeyboardFilter C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys
16:53:00.0664 0x19dc  WirelessKeyboardFilter - ok
16:53:00.0695 0x19dc  [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc          C:\WINDOWS\system32\flightsettings.dll
16:53:00.0774 0x19dc  wisvc - ok
16:53:00.0883 0x19dc  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
16:53:01.0008 0x19dc  WlanSvc - ok
16:53:01.0102 0x19dc  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
16:53:01.0211 0x19dc  wlidsvc - ok
16:53:01.0242 0x19dc  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
16:53:01.0258 0x19dc  WmiAcpi - ok
16:53:01.0289 0x19dc  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:53:01.0320 0x19dc  wmiApSrv - ok
16:53:01.0336 0x19dc  WMPNetworkSvc - ok
16:53:01.0367 0x19dc  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
16:53:01.0383 0x19dc  Wof - ok
16:53:01.0477 0x19dc  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
16:53:01.0617 0x19dc  workfolderssvc - ok
16:53:01.0664 0x19dc  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
16:53:01.0758 0x19dc  WPDBusEnum - ok
16:53:01.0789 0x19dc  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:53:01.0805 0x19dc  WpdUpFltr - ok
16:53:01.0852 0x19dc  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
16:53:01.0930 0x19dc  WpnService - ok
16:53:01.0961 0x19dc  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
16:53:02.0008 0x19dc  WpnUserService - ok
16:53:02.0055 0x19dc  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:53:02.0102 0x19dc  ws2ifsl - ok
16:53:02.0149 0x19dc  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
16:53:02.0242 0x19dc  wscsvc - ok
16:53:02.0258 0x19dc  WSearch - ok
16:53:02.0367 0x19dc  [ DDB7E452A99E0E5244105C6D2CF4BC9E, 1364B03AFFD20D339A2EBA303575BCCBC2D122D89810B1E3593CC55F93F9B79A ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
16:53:02.0492 0x19dc  wuauserv - ok
16:53:02.0508 0x19dc  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
16:53:02.0539 0x19dc  WudfPf - ok
16:53:02.0602 0x19dc  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
16:53:02.0633 0x19dc  WUDFRd - ok
16:53:02.0680 0x19dc  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
16:53:02.0742 0x19dc  wudfsvc - ok
16:53:02.0805 0x19dc  [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
16:53:02.0914 0x19dc  WwanSvc - ok
16:53:02.0961 0x19dc  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
16:53:03.0055 0x19dc  XblAuthManager - ok
16:53:03.0133 0x19dc  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave    C:\WINDOWS\System32\XblGameSave.dll
16:53:03.0211 0x19dc  XblGameSave - ok
16:53:03.0242 0x19dc  [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip        C:\WINDOWS\System32\drivers\xboxgip.sys
16:53:03.0320 0x19dc  xboxgip - ok
16:53:03.0383 0x19dc  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc  C:\WINDOWS\system32\XboxNetApiSvc.dll
16:53:03.0445 0x19dc  XboxNetApiSvc - ok
16:53:03.0492 0x19dc  [ 7439DCAF71314B1D85E452B3F2E1138A, DAAF67C90C35DC1839CEC6962AD001961EFDE00DDFCDC702882AFA234D71248B ] xhunter1        C:\WINDOWS\xhunter1.sys
16:53:03.0570 0x19dc  xhunter1 - ok
16:53:03.0586 0x19dc  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid      C:\WINDOWS\System32\drivers\xinputhid.sys
16:53:03.0649 0x19dc  xinputhid - ok
16:53:03.0649 0x19dc  ================ Scan global ===============================
16:53:03.0695 0x19dc  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
16:53:03.0742 0x19dc  [ 4C08BF958476A137C78B62B22B5F90A4, 11DDD033896C96F8F7F1A1EDD0F4E0F07AFBB3202DC8A2E5E3ADB51C4D0700D4 ] C:\WINDOWS\system32\winsrv.dll
16:53:03.0774 0x19dc  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
16:53:03.0820 0x19dc  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
16:53:03.0836 0x19dc  [ Global ] - ok
16:53:03.0836 0x19dc  ================ Scan MBR ==================================
16:53:03.0852 0x19dc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:53:04.0258 0x19dc  \Device\Harddisk0\DR0 - ok
16:53:04.0258 0x19dc  ================ Scan VBR ==================================
16:53:04.0274 0x19dc  [ 1093870764C806551B0BC89A8D226D43 ] \Device\Harddisk0\DR0\Partition1
16:53:04.0274 0x19dc  \Device\Harddisk0\DR0\Partition1 - ok
16:53:04.0305 0x19dc  [ ED8B84697D5104BA7FB09A4A12539F5B ] \Device\Harddisk0\DR0\Partition2
16:53:04.0305 0x19dc  \Device\Harddisk0\DR0\Partition2 - ok
16:53:04.0305 0x19dc  [ CFC2060111B251D866D8DA30D69EA353 ] \Device\Harddisk0\DR0\Partition3
16:53:04.0305 0x19dc  \Device\Harddisk0\DR0\Partition3 - ok
16:53:04.0320 0x19dc  ================ Scan generic autorun ======================
16:53:04.0320 0x19dc  WindowsDefender - ok
16:53:04.0633 0x19dc  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:53:04.0899 0x19dc  OneDriveSetup - ok
16:53:05.0149 0x19dc  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:53:05.0352 0x19dc  OneDriveSetup - ok
16:53:05.0492 0x19dc  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe
16:53:05.0508 0x19dc  Dropbox Update - ok
16:53:05.0649 0x19dc  [ 7F3D0BC2FE61C249302E0515989C59E2, 18613B1D861D7289EF050EE1C0384FCF70F40FDF7E3CB586D36B5D19A7591F8F ] C:\Users\pc\AppData\Local\Akamai\netsession_win.exe
16:53:05.0758 0x19dc  Akamai NetSession Interface - ok
16:53:05.0820 0x19dc  Advanced SystemCare 10 - ok
16:53:06.0055 0x19dc  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
16:53:06.0242 0x19dc  OneDriveSetup - ok
16:53:06.0320 0x19dc  [ 2781E6EF593909A8B73FE1AD397F778A, E892D6C57F8903E20129E75A9B877690229280FD8106B5C7F96173175EA1AC4E ] C:\Program Files (x86)\Windows Mail\wab.exe
16:53:06.0430 0x19dc  WAB Migrate - ok
16:53:06.0430 0x19dc  Waiting for KSN requests completion. In queue: 215
16:53:07.0586 0x19dc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
16:53:07.0586 0x19dc  Win FW state via NFP2: enabled ( trusted )
16:53:07.0711 0x19dc  ============================================================
16:53:07.0711 0x19dc  Scan finished
16:53:07.0711 0x19dc  ============================================================
16:53:07.0711 0x1aac  Detected object count: 0
16:53:07.0711 0x1aac  Actual detected object count: 0

cosinus 12.02.2017 22:46
keine Funde auch von MBAR nicht.

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Alle Zeitangaben in WEZ +1. Es ist jetzt 13:46 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131