Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Telekom blockt SMTP an Anschluss wegen SPAM. PC verseucht trotz MAB, Immunet und McAfee (https://www.trojaner-board.de/190599-telekom-blockt-smtp-anschluss-wegen-spam-pc-verseucht-trotz-mab-immunet-mcafee.html)

Skummy 24.05.2018 10:32
Telekom blockt SMTP an Anschluss wegen SPAM. PC verseucht trotz MAB, Immunet und McAfee
 
Hi,

der Anschluss meiner Mutter nun wurde auf Mailversand von der Telekom geblockt wegen angeblichen SPAM-Versandes von dem Anschluss.
Es gibt nur diesen einen PC im Netz, dazu einen Netzwerk-Drucker und den DSL-Router.
Es lief bisher McAfee Total Protection und Malwarebytes(Testversion)
Mcafee lief gestern(als Mutti anrief wegen keine Mails mehr versenden können) noch, aber das Dashboard lies sich nicht mehr öffnen, die Shortcuts waren alle "tot". Im Progamme-McAfee-Ordner fehlte ein Unterordner - strange...
Mcafee mit hauseigenen Removal Tool komplett deinstalliert, Immunet installiert, Malwarebytes-Lizens gekauft und Premium aktiviert, Windows Defender aktiviert. Windows Firewall resettet.
Scans bis auf Adwcleaner(siehe unten) ohne Befund.
FRST.txt folg, Addition in 2.Post.

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
durchgeführt von Barbara (Administrator) auf HOME (24-05-2018 11:29:03)
Gestartet von C:\Users\Barbara\Desktop
Geladene Profile: Barbara (Verfügbare Profile: Barbara)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Cisco Systems, Inc.) C:\Program Files\Immunet\6.0.8\sfc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Malwarebytes) C:\Users\Barbara\Downloads\adwcleaner_7.1.1.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Immunet) C:\Program Files\Immunet\6.0.8\iptray.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MpCmdRun.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [415128 2015-09-30] ()
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [Immunet Protect] => C:\Program Files\Immunet\6.0.8\iptray.exe [3844288 2018-05-23] (Immunet)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1226240 2018-04-10] (Cisco Systems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\...\MountPoints2: {42f2c8f0-f8f0-11e3-8252-806e6f6e6963} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL D:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-03-27]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-12-23]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{98b2f5e8-60ac-4a5d-b91a-326b0cacb3f7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{be31dfb1-1ca3-4aeb-bd69-02a8030e55cd}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2302281030-2091732372-4235389516-1001 -> DefaultScope {E7370DAD-914A-489F-A169-017CF7BA907F} URL =
SearchScopes: HKU\S-1-5-21-2302281030-2091732372-4235389516-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1003&geo=DE&ver=22.11.0.41&locale=de_DE&guid=9D95E465-E790-44DA-9D72-C14904ADB92E&doi=2016-09-01&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2302281030-2091732372-4235389516-1001 -> {E7370DAD-914A-489F-A169-017CF7BA907F} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-05-20] (Microsoft Corporation)
BHO: Kein Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Keine Datei
BHO-x32: Kein Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Keine Datei
DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} hxxps://col430-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=892368240
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Keine Datei

FireFox:
========
FF DefaultProfile: wlr7z05b.default
FF ProfilePath: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\wlr7z05b.default [2018-05-24]
FF Extension: (AdBlock) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\wlr7z05b.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-05-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <kein Path/update_url>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8566448 2018-05-12] (Microsoft Corporation)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1284360 2018-04-30] ()
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 ImmunetProtect_6.0.8; C:\Program Files\Immunet\6.0.8\sfc.exe [1250880 2018-05-23] (Cisco Systems, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-27] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-27] (Microsoft Corporation)
S2 0197601526312585mcinstcleanup; C:\WINDOWS\TEMP\019760~1.EXE -cleanup -nolog [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [97184 2017-01-25] (Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [76200 2018-01-18] ()
R2 ImmunetNetworkMonitorDriver; C:\WINDOWS\System32\Drivers\ImmunetNetworkMonitor.sys [119608 2018-05-23] (Cisco Systems, Inc.)
R1 ImmunetProtectDriver; C:\WINDOWS\System32\Drivers\immunetprotect.sys [113976 2018-05-23] (Cisco Systems, Inc.)
R1 ImmunetSelfProtectDriver; C:\WINDOWS\System32\Drivers\immunetselfprotect.sys [77624 2018-05-23] (Cisco Systems, Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193248 2018-05-23] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [109800 2018-05-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45960 2018-05-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [101600 2018-05-24] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2017-12-24] (Acronis International GmbH)
R0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [198432 2017-12-24] (Acronis International GmbH)
S3 Trufos; C:\WINDOWS\System32\Drivers\trufos.sys [442848 2018-05-23] (BitDefender S.R.L.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74120 2018-04-10] (Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-04-27] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313888 2018-04-27] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-27] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-05-24 11:29 - 2018-05-24 11:29 - 000017220 _____ C:\Users\Barbara\Desktop\FRST.txt
2018-05-24 11:17 - 2018-05-24 11:18 - 000057750 _____ C:\Users\Barbara\Downloads\Addition.txt
2018-05-24 11:16 - 2018-05-24 11:19 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-24 11:14 - 2018-05-24 11:29 - 000000000 ____D C:\FRST
2018-05-24 11:14 - 2018-05-24 11:18 - 000071480 _____ C:\Users\Barbara\Downloads\FRST.txt
2018-05-24 10:41 - 2018-05-24 10:41 - 002413056 _____ (Farbar) C:\Users\Barbara\Desktop\FRST64.exe
2018-05-24 10:40 - 2018-05-24 10:40 - 007271632 _____ (Malwarebytes) C:\Users\Barbara\Downloads\adwcleaner_7.1.1.exe
2018-05-24 10:26 - 2018-05-24 10:46 - 000045960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-05-24 10:24 - 2018-05-24 10:24 - 000000000 ____D C:\ProgramData\McAfee
2018-05-24 07:12 - 2018-05-24 07:12 - 000000000 ____D C:\Users\Barbara\.cisco
2018-05-24 07:09 - 2018-05-24 07:09 - 000000000 ____D C:\Users\Barbara\AppData\Local\Cisco
2018-05-24 07:09 - 2018-05-24 07:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2018-05-24 07:09 - 2018-05-24 07:09 - 000000000 ____D C:\ProgramData\Cisco
2018-05-24 07:09 - 2018-05-24 07:09 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-05-24 07:09 - 2018-04-10 06:20 - 000258464 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2018-05-24 07:07 - 2018-05-24 07:08 - 005620144 _____ (Cisco Systems, Inc.) C:\Users\Barbara\Downloads\anyconnect-win-4.5.05030-core-vpn-webdeploy-k9.exe
2018-05-23 21:32 - 2018-05-23 21:32 - 000000000 ___HD C:\OneDriveTemp
2018-05-23 20:43 - 2018-05-23 20:48 - 010597312 _____ (McAfee, Inc.) C:\Users\Barbara\Downloads\MCPR.exe
2018-05-23 20:10 - 2018-05-24 10:53 - 000101600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-05-23 20:10 - 2018-05-24 10:45 - 000109800 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-05-23 20:10 - 2018-05-23 20:10 - 000193248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-05-23 19:26 - 2018-05-23 19:26 - 000000958 _____ C:\Users\Public\Desktop\Immunet.lnk
2018-05-23 19:25 - 2018-05-24 11:29 - 000000000 ____D C:\Program Files\Immunet
2018-05-23 19:25 - 2018-05-23 19:25 - 000442848 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2018-05-23 19:25 - 2018-05-23 19:25 - 000119608 _____ (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\ImmunetNetworkMonitor.sys
2018-05-23 19:25 - 2018-05-23 19:25 - 000113976 _____ (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\immunetprotect.sys
2018-05-23 19:25 - 2018-05-23 19:25 - 000077624 _____ (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\immunetselfprotect.sys
2018-05-23 19:25 - 2018-05-23 19:25 - 000071088 _____ (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\ImmunetUtilDriver.sys
2018-05-23 19:25 - 2018-05-23 19:25 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf
2018-05-23 19:25 - 2018-05-23 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immunet
2018-05-23 19:23 - 2018-05-23 19:26 - 000000000 ____D C:\ProgramData\Immunet
2018-05-23 19:23 - 2018-05-23 19:23 - 001123608 _____ (Cisco Systems, Inc.) C:\Users\Barbara\Downloads\ImmunetSetup.exe
2018-05-20 09:04 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-14 17:38 - 2018-05-01 23:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-14 17:38 - 2018-05-01 23:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-14 08:20 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-14 08:20 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-14 08:20 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-14 08:20 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-14 08:20 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-14 08:20 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-14 08:20 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-14 08:20 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-14 08:20 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-14 08:20 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-14 08:20 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-14 08:20 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-14 08:20 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-14 08:20 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-14 08:20 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-14 08:20 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-14 08:20 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-14 08:20 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-14 08:20 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-14 08:20 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-14 08:20 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-14 08:20 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-14 08:20 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-14 08:20 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-14 08:20 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-14 08:20 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-14 08:20 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-14 08:20 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-14 08:20 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-14 08:20 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-14 08:20 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-14 08:20 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-14 08:20 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-14 08:20 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-14 08:20 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-14 08:20 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-14 08:20 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-14 08:20 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-14 08:20 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-14 08:20 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-14 08:20 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-14 08:20 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-14 08:20 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-14 08:20 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-14 08:20 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-14 08:20 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-14 08:20 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-14 08:20 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-14 08:20 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-14 08:20 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-14 08:20 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-14 08:20 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-14 08:20 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-14 08:20 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-14 08:20 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-14 08:20 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-14 08:20 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-14 08:20 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-14 08:20 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-14 08:20 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-14 08:20 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-14 08:20 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-14 08:20 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-14 08:20 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-14 08:20 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-14 08:20 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-14 08:20 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-14 08:20 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-14 08:20 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-14 08:20 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-14 08:20 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-14 08:20 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-14 08:20 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-14 08:20 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-14 08:20 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-14 08:20 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-14 08:20 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-14 08:20 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-14 08:20 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-14 08:20 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-14 08:20 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-14 08:20 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-14 08:20 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-14 08:20 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-14 08:20 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-14 08:20 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-14 08:20 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-14 08:20 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-14 08:20 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-14 08:20 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-14 08:20 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-14 08:20 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-14 08:20 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-14 08:20 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-14 08:20 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-14 08:20 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-14 08:20 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-14 08:20 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-14 08:20 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-14 08:20 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-14 08:20 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-14 08:20 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-14 08:20 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-14 08:20 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-14 08:20 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-14 08:20 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-14 08:20 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-14 08:20 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-14 08:20 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-14 08:20 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-14 08:20 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-14 08:20 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-14 08:20 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-14 08:20 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-14 08:20 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-14 08:20 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-14 08:20 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-14 08:20 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-14 08:20 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-14 08:20 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-14 08:20 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-14 08:20 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-14 08:20 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-14 08:20 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-14 08:20 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-14 08:20 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-14 08:20 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-14 08:20 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-14 08:20 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-14 08:20 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-14 08:20 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-14 08:20 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-14 08:20 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-14 08:20 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-14 08:20 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-14 08:20 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-14 08:20 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-14 08:20 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-14 08:20 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-14 08:20 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-14 08:20 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-14 08:20 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-14 08:20 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-14 08:20 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-14 08:20 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-14 08:20 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-14 08:20 - 2018-04-15 22:00 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-05-14 08:19 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-14 08:19 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-14 08:19 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-14 08:19 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-14 08:19 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-14 08:19 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-14 08:19 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-14 08:19 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-14 08:19 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-14 08:19 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-14 08:19 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-14 08:19 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-14 08:19 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-14 08:19 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-14 08:19 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-14 08:19 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-14 08:19 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-14 08:19 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-14 08:19 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-14 08:19 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-14 08:19 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-14 08:19 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-14 08:19 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-14 08:19 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-14 08:19 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-14 08:19 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-14 08:19 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-14 08:19 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-14 08:19 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-14 08:19 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-14 08:19 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-14 08:19 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-14 08:19 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-14 08:19 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-14 08:19 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-14 08:19 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-14 08:19 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-14 08:19 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-14 08:19 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-14 08:19 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-14 08:19 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-14 08:19 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-14 08:19 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-14 08:19 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-14 08:19 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-14 08:19 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-14 08:19 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-14 08:19 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-14 08:19 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-14 08:19 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-14 08:19 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-14 08:19 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-14 08:19 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-14 08:19 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-14 08:19 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-14 08:19 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-14 08:19 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-14 08:19 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-14 08:19 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-14 08:19 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-14 08:19 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-14 08:19 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-14 08:19 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-14 08:19 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-14 08:19 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-14 08:19 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-14 08:19 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-14 08:19 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-14 08:19 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-14 08:19 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-14 08:19 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-14 08:19 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-14 08:19 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-14 08:19 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-14 08:19 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-14 08:19 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-14 08:19 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-14 08:19 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-14 08:19 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-14 08:19 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-14 08:19 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-14 08:19 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-14 08:19 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-14 08:19 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-14 08:19 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-14 08:19 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-14 08:19 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-14 08:19 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-14 08:19 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-14 08:19 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-14 08:19 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-14 08:19 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-14 08:19 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-14 08:19 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-14 08:19 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-14 08:19 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-14 08:19 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-14 08:19 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-14 08:19 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-14 08:19 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-14 08:19 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-14 08:19 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-14 08:19 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-14 08:19 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-14 08:19 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-14 08:19 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-14 08:19 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-14 08:19 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-14 08:19 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-14 08:19 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-14 08:19 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-14 08:19 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-14 08:19 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-14 08:19 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-14 08:19 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-14 08:19 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-14 08:19 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-04-27 20:01 - 2018-04-27 20:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-10-21 15:36 - 2014-06-21 05:39 - 000000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2014-06-21 05:39 - 000000712 _____ C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2018-05-24 11:23 - 2017-12-24 09:06 - 000004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A3E53079-A74C-4DD8-9142-0B039034BB94}
2018-05-24 11:21 - 2017-12-23 22:08 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-24 11:20 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-24 11:17 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-24 11:04 - 2016-06-01 16:46 - 000000000 ____D C:\AdwCleaner
2018-05-24 11:02 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-24 10:48 - 2016-11-19 14:07 - 000000000 ____D C:\Users\Barbara\AppData\LocalLow\Mozilla
2018-05-24 10:48 - 2014-12-23 21:36 - 000000000 __RDL C:\Users\Barbara\SkyDrive
2018-05-24 10:47 - 2016-03-01 06:02 - 000000000 __SHD C:\Users\Barbara\IntelGraphicsProfiles
2018-05-24 10:46 - 2016-03-01 04:43 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-05-24 10:45 - 2018-03-11 12:37 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-24 10:45 - 2017-12-24 09:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-24 10:45 - 2015-04-02 09:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-05-24 10:44 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-24 10:06 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Registration
2018-05-24 10:03 - 2017-12-24 00:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-24 08:37 - 2017-12-24 09:05 - 000009528 _____ C:\WINDOWS\diagwrn.xml
2018-05-24 08:37 - 2017-12-24 09:05 - 000009528 _____ C:\WINDOWS\diagerr.xml
2018-05-24 07:12 - 2017-12-24 00:35 - 000000000 ____D C:\Users\Barbara
2018-05-23 21:28 - 2013-10-31 08:40 - 000000000 ____D C:\Program Files\Common Files\mcafee
2018-05-23 21:19 - 2017-12-24 09:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-05-23 21:12 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-05-23 21:12 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-23 20:06 - 2017-07-03 19:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-23 20:06 - 2014-12-23 21:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-23 19:31 - 2016-05-01 09:55 - 000000000 ____D C:\ProgramData\tmp
2018-05-23 18:45 - 2017-03-05 18:56 - 000000000 ____D C:\Users\Barbara\Documents\Bestellung Schultheiss
2018-05-23 18:44 - 2010-07-17 17:06 - 000000000 ___RD C:\Users\Barbara\Documents\Scanned Documents
2018-05-23 18:39 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-22 21:41 - 2014-12-23 21:30 - 000000000 ____D C:\Users\Barbara\AppData\Local\Packages
2018-05-22 20:34 - 2014-12-23 21:42 - 000001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-22 20:25 - 2010-05-26 21:47 - 000000000 ____D C:\Users\Barbara\Documents\Musikverein
2018-05-22 20:02 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-20 09:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-20 09:10 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-20 09:09 - 2014-12-23 22:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-05-20 08:49 - 2017-09-30 16:35 - 001022426 _____ C:\WINDOWS\system32\perfh007.dat
2018-05-20 08:49 - 2017-09-30 16:35 - 000223640 _____ C:\WINDOWS\system32\perfc007.dat
2018-05-20 08:49 - 2016-03-01 05:04 - 002253348 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-14 17:39 - 2017-12-24 09:51 - 000000000 ___RD C:\Users\Barbara\3D Objects
2018-05-14 17:39 - 2014-12-24 03:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-14 17:38 - 2017-12-24 00:27 - 000397792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-14 17:34 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-14 17:34 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-14 08:33 - 2014-12-28 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-14 08:30 - 2017-10-22 16:51 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-14 08:30 - 2014-12-28 12:34 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-14 08:24 - 2017-12-14 03:32 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-14 08:23 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-14 08:23 - 2017-09-29 15:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-14 08:23 - 2017-09-29 15:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-14 08:23 - 2017-09-29 15:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-14 07:01 - 2018-03-14 19:13 - 000004624 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-14 07:01 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-14 07:01 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-04-30 19:01 - 2016-02-06 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2018-04-30 18:41 - 2017-04-08 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2018-04-30 18:41 - 2014-12-27 16:42 - 000000000 ____D C:\ProgramData\elsterformular
2018-04-27 19:55 - 2017-12-24 09:06 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2302281030-2091732372-4235389516-1001
2018-04-27 19:55 - 2016-03-01 06:07 - 000002431 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-05-24 09:43

==================== Ende von FRST.txt ============================



Adwcleaner "Befund", wegen Textgröße nur relevantes:
Code:
***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{65416821-217D-44BD-9C61-F53398FB1B46}

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########
Vielen Dank für jegliche Hilfe!!

Skummy 24.05.2018 10:33
Addition.txt:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
durchgeführt von Barbara (24-05-2018 11:30:10)
Gestartet von C:\Users\Barbara\Desktop
Windows 10 Home Version 1709 16299.431 (X64) (2017-12-24 07:08:57)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2302281030-2091732372-4235389516-500 - Administrator - Disabled)
Barbara (S-1-5-21-2302281030-2091732372-4235389516-1001 - Administrator - Enabled) => C:\Users\Barbara
DefaultAccount (S-1-5-21-2302281030-2091732372-4235389516-503 - Limited - Disabled)
Gast (S-1-5-21-2302281030-2091732372-4235389516-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2302281030-2091732372-4235389516-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2302281030-2091732372-4235389516-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Immunet (Enabled - Up to date) {05A27767-0425-EB45-C06B-DA28DB7FCD38}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Immunet (Enabled - Up to date) {BEC39683-221F-E4CB-FADB-E15AA0F88785}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}) (Version: 17.0.6673 - Acronis) Hidden
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4380 (HKLM-x32\...\{06856518-366B-4393-8013-E0B0C56C2E8E}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
C4380_Help (HKLM-x32\...\{a1f89c34-f061-447d-ac10-b5f1896a5923}) (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.5.05030 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{34F34D13-763B-48C8-94E0-D6CD3FF84268}) (Version: 4.5.05030 - Cisco Systems, Inc.) Hidden
ClamAV (HKLM\...\{8AFA9F0E-C72B-43D0-BB9A-671584E73D81}) (Version: 0.100.0 - Cisco Systems, Inc)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 19.3 - Thüringer Landesfinanzdirektion)
Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Immunet (HKLM-x32\...\Immunet Protect) (Version: 6.0.8.10638 - Cisco Systems, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Kernel for Outlook PST Repair Evaluation ver 15.0 (HKLM-x32\...\Kernel for Outlook PST Repair - Evaluation Version_is1) (Version:  - Lepide Software Pvt.Ltd.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Malwarebytes Version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.9226.2156 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 de) (HKLM\...\Mozilla Firefox 60.0.1 (x64 de)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.1.6710 - Mozilla)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OEM Application Profile (HKLM-x32\...\{E3AE2D4D-5274-CE6B-5434-64DA3131A301}) (Version: 1.00.0000 - Ihr Firmenname)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
PS_AIO_02_ProductContext (HKLM-x32\...\{720C16FC-5423-47B3-A249-5C05FB376E9A}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (HKLM-x32\...\{97AD3490-480B-42B2-8001-326621AF34AC}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (HKLM-x32\...\{7AB63BFD-91C6-4C21-B2C6-D33A1FC8DE8F}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
PX Profile Update (HKLM-x32\...\{035D9783-ED95-4C3C-D8E6-3E367D9EE05D}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-30] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {042EAE02-865B-494D-B070-2A8799DBFDCA} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {2255F498-B83A-42F4-89E2-AACF5DFAC969} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {24E3419A-65AE-477D-AAED-FC14FAE434B1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {27E9B94F-E8A7-4A86-BF0B-CFBFF4A0C7A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-20] (Microsoft Corporation)
Task: {29E3EB78-E417-4DE8-A576-C3ED4CC0D112} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {302BA8D5-E7D3-4E1D-B68B-2D540132B7D5} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe [2018-05-04] (Microsoft Corporation)
Task: {30F3E322-6EBD-428B-9210-E939959140E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {380D999D-3812-4FA3-9385-1A07BA2F67DF} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {44D0E1DF-C787-4245-8565-290F354138F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {4649215A-8EF1-420D-BB43-E00FD6830F1D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {49E9D015-73BE-4C63-B4E1-07CF8097E2AF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-14] (Adobe Systems Incorporated)
Task: {5A2B4E3E-AD27-4571-97F7-2F49671696E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5A70C275-3055-48F0-BCE8-3A005A56D34B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {63328370-2545-4A30-9E67-2B508E5288D1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-14] (Adobe Systems Incorporated)
Task: {63B4BD16-284A-4DEE-A307-3C339686C2F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {65437E1C-CE60-49D2-8BED-890DED1AEC03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-27] (Microsoft Corporation)
Task: {6637008B-8F2D-47D3-BD26-80D8ACAAF2FD} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe
Task: {74317D40-57B0-4509-8E4C-1E3ED12EDAD2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {779AB6FF-CC2A-4063-BAA2-91B02B7317A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-20] (Microsoft Corporation)
Task: {7AD43DE8-9442-4FA7-B2ED-58CAAA03DBCC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {8102A2DB-C0ED-49E3-AADE-D86A4FE86100} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {8AFCAF5B-3B12-424D-8EC7-472FD3A1767C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-05-20] (Microsoft Corporation)
Task: {8F55C114-CD99-409D-A55D-9771494135DB} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe
Task: {9AA3736F-FD14-4A52-9C57-F8149210BAC9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {A04371DB-829A-44BA-B38D-4CD9AB7D5581} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.160\DADUpdater.exe
Task: {A2D158F6-7CBA-43E6-816D-F04650CA029E} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe
Task: {AF8E0CE3-A8F6-46DE-91B9-53255B1E5C2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-27] (Microsoft Corporation)
Task: {B8B80938-5E43-4BB5-8845-8EE5BA72546B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {BE841F3A-EECD-498B-AD6C-559CFF0804C5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {CC454244-10A1-4E30-AB83-8D83B82BCFEC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {DB6652D3-9A62-497F-A299-2DF53BE83C73} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
Task: {E0E68366-6FF9-44A1-AD37-BAB1D7FAE7F4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EE13C707-C097-4A49-982F-624B74F776D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-27] (Microsoft Corporation)
Task: {F8992525-97D2-4EA5-8C10-BD09CF63EE3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-27] (Microsoft Corporation)
Task: {FA626C60-ECF6-4104-A85F-032226CD7029} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2018-05-14] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-05-23 19:25 - 2018-05-23 19:25 - 000724480 _____ () C:\Program Files\Immunet\6.0.8\dbh.dll
2018-05-23 19:25 - 2018-05-23 19:25 - 000102800 _____ () C:\Program Files\Immunet\clamav\0.99.3-beta1.49\mspack.dll
2018-03-11 12:35 - 2018-02-05 15:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-11 12:35 - 2018-03-01 11:31 - 002488608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2013-10-01 11:32 - 2013-10-01 11:32 - 002818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-06-21 06:04 - 2013-07-30 18:11 - 000110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-09-13 03:01 - 2016-09-13 03:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 03:01 - 2016-09-13 03:01 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 03:01 - 2016-09-13 03:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 03:01 - 2016-09-13 03:01 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 03:01 - 2016-09-13 03:01 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 03:01 - 2016-09-13 03:01 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 03:01 - 2016-09-13 03:01 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-09-30 21:39 - 2015-09-30 21:39 - 000415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-03-14 21:13 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 21:13 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-14 07:01 - 2018-05-14 07:01 - 027837952 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll
2018-04-10 07:17 - 2018-04-10 07:17 - 000033792 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_system-vc140-mt-1_59.dll
2018-04-10 07:16 - 2018-04-10 07:16 - 000062976 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_date_time-vc140-mt-1_59.dll
2018-04-10 07:17 - 2018-04-10 07:17 - 000106496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_thread-vc140-mt-1_59.dll
2018-04-10 07:17 - 2018-04-10 07:17 - 000042496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_chrono-vc140-mt-1_59.dll
2018-04-10 07:18 - 2018-04-10 07:18 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-06-21 05:30 - 2013-09-04 01:53 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-02-04 19:25 - 2014-02-04 19:25 - 000036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2014-02-04 19:25 - 2014-02-04 19:25 - 000028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-10-10 13:02 - 2013-10-10 13:02 - 000013120 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2014-02-04 19:28 - 2014-02-04 19:28 - 000420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2018-05-24 10:07 - 000000830 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

14-05-2018 08:18:38 Windows Update
22-05-2018 20:01:20 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Photosmart C4380
Description: HP Photosmart C4380
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/24/2018 10:29:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.16299.15, Zeitstempel: 0x290d9f78
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.16299.19, Zeitstempel: 0x63553d36
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000094ef5
ID des fehlerhaften Prozesses: 0x1d30
Startzeit der fehlerhaften Anwendung: 0x01d3f338f4716b24
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\backgroundTaskHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\twinapi.appcore.dll
Berichtskennung: d685a2af-7466-4581-a02c-c6770f820be3
Vollständiger Name des fehlerhaften Pakets: Microsoft.People_10.3.3472.1000_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 02:58:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: HOME)
Description: Das Paket „Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe+App“ wurde beendet, da das Anhalten zu lange dauerte.


Systemfehler:
=============
Error: (05/24/2018 11:07:14 AM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 11:07:14 AM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 11:07:14 AM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 11:02:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070422 fehlgeschlagen: 9WZDNCRD1HKW-Microsoft.XboxIdentityProvider

Error: (05/24/2018 11:01:46 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 10:55:25 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 10:50:22 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{B91D5831-B1BD-4608-8198-D72E155020F7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/24/2018 10:49:44 AM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
 und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


Windows Defender:
===================================
Date: 2018-05-15 21:40:54.901
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {158585AE-1375-4239-A0C5-D8E823083A16}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2018-05-22 20:00:54.031
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.267.1677.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14800.3
Fehlercode: 0x80240016
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

CodeIntegrity:
===================================

Date: 2018-05-24 06:59:56.111
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:54:04.922
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:51:36.872
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:51:36.184
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:51:02.887
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:50:57.007
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:50:47.643
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:50:46.160
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8072.27 MB
Verfügbarer physikalischer RAM: 4071.84 MB
Summe virtueller Speicher: 9352.27 MB
Verfügbarer virtueller Speicher: 4845.14 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:912.78 GB) (Free:825.62 GB) NTFS

\\?\Volume{cd2b97e5-ad7e-455f-907c-cbe4cd0fec81}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.31 GB) NTFS
\\?\Volume{25f915f1-41e0-4f0d-9078-196486a0c318}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32
\\?\Volume{bd632f21-2cd5-450a-9033-cb73a31edfd0}\ () (Fixed) (Total:0.92 GB) (Free:0.44 GB) NTFS
\\?\Volume{1122fbdf-90e9-440f-b451-2fbdb19e3085}\ (Push Button Reset) (Fixed) (Total:16.81 GB) (Free:1.38 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8D2D76D1)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus 24.05.2018 13:45
Zitat:
AV: Immunet (Enabled - Up to date) {05A27767-0425-EB45-C06B-DA28DB7FCD38}
Bitte deinstallieren, während der Analyse möchste ich hier so wenig Störquellen wie nur möglich haben.

Skummy 24.05.2018 14:25
Immunet Deinstalliert.

neue FRST.txt:


FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
durchgeführt von Barbara (Administrator) auf HOME (24-05-2018 15:18:03)
Gestartet von C:\Users\Barbara\Desktop
Geladene Profile: Barbara (Verfügbare Profile: Barbara)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21705.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [415128 2015-09-30] ()
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1226240 2018-04-10] (Cisco Systems, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\...\MountPoints2: {42f2c8f0-f8f0-11e3-8252-806e6f6e6963} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL D:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-03-27]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-12-23]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{98b2f5e8-60ac-4a5d-b91a-326b0cacb3f7}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{be31dfb1-1ca3-4aeb-bd69-02a8030e55cd}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-2302281030-2091732372-4235389516-1001 -> DefaultScope {E7370DAD-914A-489F-A169-017CF7BA907F} URL =
SearchScopes: HKU\S-1-5-21-2302281030-2091732372-4235389516-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1003&geo=DE&ver=22.11.0.41&locale=de_DE&guid=9D95E465-E790-44DA-9D72-C14904ADB92E&doi=2016-09-01&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2302281030-2091732372-4235389516-1001 -> {E7370DAD-914A-489F-A169-017CF7BA907F} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-05-20] (Microsoft Corporation)
BHO: Kein Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Keine Datei
BHO-x32: Kein Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Keine Datei
DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} hxxps://col430-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=892368240
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-30] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Keine Datei

FireFox:
========
FF DefaultProfile: wlr7z05b.default
FF ProfilePath: C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\wlr7z05b.default [2018-05-24]
FF Extension: (AdBlock) - C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\wlr7z05b.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-05-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <kein Path/update_url>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8566448 2018-05-12] (Microsoft Corporation)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1284360 2018-04-30] ()
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-27] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-27] (Microsoft Corporation)
S2 0197601526312585mcinstcleanup; C:\WINDOWS\TEMP\019760~1.EXE -cleanup -nolog [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [97184 2017-01-25] (Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [76200 2018-01-18] ()
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193248 2018-05-23] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [109800 2018-05-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45960 2018-05-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [101600 2018-05-24] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2017-12-24] (Acronis International GmbH)
R0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [198432 2017-12-24] (Acronis International GmbH)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74120 2018-04-10] (Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-04-27] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313888 2018-04-27] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-27] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-05-24 15:17 - 2018-05-24 15:17 - 000000000 ___HD C:\OneDriveTemp
2018-05-24 15:16 - 2018-05-24 15:16 - 000045960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-05-24 11:30 - 2018-05-24 11:30 - 000057748 _____ C:\Users\Barbara\Desktop\Addition.txt
2018-05-24 11:29 - 2018-05-24 15:18 - 000016041 _____ C:\Users\Barbara\Desktop\FRST.txt
2018-05-24 11:17 - 2018-05-24 11:18 - 000057750 _____ C:\Users\Barbara\Downloads\Addition.txt
2018-05-24 11:14 - 2018-05-24 15:18 - 000000000 ____D C:\FRST
2018-05-24 11:14 - 2018-05-24 11:18 - 000071480 _____ C:\Users\Barbara\Downloads\FRST.txt
2018-05-24 10:41 - 2018-05-24 10:41 - 002413056 _____ (Farbar) C:\Users\Barbara\Desktop\FRST64.exe
2018-05-24 10:40 - 2018-05-24 10:40 - 007271632 _____ (Malwarebytes) C:\Users\Barbara\Downloads\adwcleaner_7.1.1.exe
2018-05-24 10:24 - 2018-05-24 10:24 - 000000000 ____D C:\ProgramData\McAfee
2018-05-24 07:12 - 2018-05-24 07:12 - 000000000 ____D C:\Users\Barbara\.cisco
2018-05-24 07:09 - 2018-05-24 07:09 - 000000000 ____D C:\Users\Barbara\AppData\Local\Cisco
2018-05-24 07:09 - 2018-05-24 07:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2018-05-24 07:09 - 2018-05-24 07:09 - 000000000 ____D C:\ProgramData\Cisco
2018-05-24 07:09 - 2018-05-24 07:09 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-05-24 07:09 - 2018-04-10 06:20 - 000258464 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2018-05-24 07:07 - 2018-05-24 07:08 - 005620144 _____ (Cisco Systems, Inc.) C:\Users\Barbara\Downloads\anyconnect-win-4.5.05030-core-vpn-webdeploy-k9.exe
2018-05-23 20:43 - 2018-05-23 20:48 - 010597312 _____ (McAfee, Inc.) C:\Users\Barbara\Downloads\MCPR.exe
2018-05-23 20:10 - 2018-05-24 15:15 - 000109800 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-05-23 20:10 - 2018-05-24 15:15 - 000101600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-05-23 20:10 - 2018-05-23 20:10 - 000193248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-05-23 19:25 - 2018-05-23 19:25 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ImmunetNetworkMonitor_01009.Wdf
2018-05-23 19:23 - 2018-05-24 15:13 - 000000000 ____D C:\ProgramData\Immunet
2018-05-23 19:23 - 2018-05-23 19:23 - 001123608 _____ (Cisco Systems, Inc.) C:\Users\Barbara\Downloads\ImmunetSetup.exe
2018-05-20 09:04 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-14 17:38 - 2018-05-01 23:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-14 17:38 - 2018-05-01 23:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-14 08:20 - 2018-05-03 09:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-14 08:20 - 2018-05-03 09:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-14 08:20 - 2018-05-03 09:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-14 08:20 - 2018-05-03 09:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-14 08:20 - 2018-05-03 09:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-14 08:20 - 2018-05-03 09:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-14 08:20 - 2018-05-03 09:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-14 08:20 - 2018-05-03 09:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-14 08:20 - 2018-05-03 09:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-14 08:20 - 2018-05-03 09:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-14 08:20 - 2018-05-03 09:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-14 08:20 - 2018-05-03 09:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-14 08:20 - 2018-05-03 09:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-14 08:20 - 2018-05-03 09:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-14 08:20 - 2018-05-03 09:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-14 08:20 - 2018-05-03 09:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-14 08:20 - 2018-05-03 09:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-14 08:20 - 2018-05-03 09:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-14 08:20 - 2018-05-03 08:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-14 08:20 - 2018-05-03 08:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-14 08:20 - 2018-05-03 08:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-14 08:20 - 2018-05-03 08:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-14 08:20 - 2018-05-03 08:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-14 08:20 - 2018-05-03 08:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-14 08:20 - 2018-05-03 08:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-14 08:20 - 2018-05-03 08:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-14 08:20 - 2018-05-03 08:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-14 08:20 - 2018-05-03 08:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-14 08:20 - 2018-05-03 08:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-14 08:20 - 2018-05-03 08:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-14 08:20 - 2018-05-03 08:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-14 08:20 - 2018-05-03 08:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-14 08:20 - 2018-05-03 08:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-14 08:20 - 2018-05-03 08:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-14 08:20 - 2018-05-03 08:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-14 08:20 - 2018-05-03 08:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-14 08:20 - 2018-05-03 08:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-14 08:20 - 2018-05-03 08:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-14 08:20 - 2018-05-03 08:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-14 08:20 - 2018-05-03 08:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-14 08:20 - 2018-05-03 08:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-14 08:20 - 2018-05-03 08:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-14 08:20 - 2018-05-03 08:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-14 08:20 - 2018-05-03 08:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-14 08:20 - 2018-05-03 08:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-14 08:20 - 2018-05-03 08:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-14 08:20 - 2018-05-03 08:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-14 08:20 - 2018-05-03 08:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-14 08:20 - 2018-05-03 08:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-14 08:20 - 2018-05-03 08:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-14 08:20 - 2018-05-03 08:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-14 08:20 - 2018-05-03 08:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-14 08:20 - 2018-05-03 08:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-14 08:20 - 2018-05-03 08:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-14 08:20 - 2018-05-03 08:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-14 08:20 - 2018-05-03 07:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-14 08:20 - 2018-05-03 07:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-14 08:20 - 2018-05-03 07:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-14 08:20 - 2018-05-03 07:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-14 08:20 - 2018-05-03 07:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-14 08:20 - 2018-05-03 07:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-14 08:20 - 2018-05-03 07:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-14 08:20 - 2018-05-03 07:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-14 08:20 - 2018-05-03 07:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-14 08:20 - 2018-05-03 07:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-14 08:20 - 2018-05-03 07:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-14 08:20 - 2018-05-03 07:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-14 08:20 - 2018-05-03 07:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-14 08:20 - 2018-05-03 07:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-14 08:20 - 2018-05-03 07:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-14 08:20 - 2018-05-03 07:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-14 08:20 - 2018-05-03 07:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-14 08:20 - 2018-05-03 07:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-14 08:20 - 2018-05-03 07:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-14 08:20 - 2018-05-03 07:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-14 08:20 - 2018-05-03 07:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-14 08:20 - 2018-04-16 00:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-14 08:20 - 2018-04-16 00:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-14 08:20 - 2018-04-16 00:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-14 08:20 - 2018-04-15 23:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-14 08:20 - 2018-04-15 23:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-14 08:20 - 2018-04-15 23:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-14 08:20 - 2018-04-15 23:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-14 08:20 - 2018-04-15 23:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-14 08:20 - 2018-04-15 23:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-14 08:20 - 2018-04-15 23:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-14 08:20 - 2018-04-15 23:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-14 08:20 - 2018-04-15 23:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-14 08:20 - 2018-04-15 23:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-14 08:20 - 2018-04-15 23:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-14 08:20 - 2018-04-15 23:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-14 08:20 - 2018-04-15 23:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-14 08:20 - 2018-04-15 23:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-14 08:20 - 2018-04-15 23:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-14 08:20 - 2018-04-15 23:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-14 08:20 - 2018-04-15 22:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-14 08:20 - 2018-04-15 22:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-14 08:20 - 2018-04-15 22:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-14 08:20 - 2018-04-15 22:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-14 08:20 - 2018-04-15 22:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-14 08:20 - 2018-04-15 22:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-14 08:20 - 2018-04-15 22:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-14 08:20 - 2018-04-15 22:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-14 08:20 - 2018-04-15 22:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-14 08:20 - 2018-04-15 22:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-14 08:20 - 2018-04-15 22:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-14 08:20 - 2018-04-15 22:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-14 08:20 - 2018-04-15 22:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-14 08:20 - 2018-04-15 22:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-14 08:20 - 2018-04-15 22:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-14 08:20 - 2018-04-15 22:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-14 08:20 - 2018-04-15 22:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-14 08:20 - 2018-04-15 22:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-14 08:20 - 2018-04-15 22:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-14 08:20 - 2018-04-15 22:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-14 08:20 - 2018-04-15 22:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-14 08:20 - 2018-04-15 22:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-14 08:20 - 2018-04-15 22:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-14 08:20 - 2018-04-15 22:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-14 08:20 - 2018-04-15 22:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-14 08:20 - 2018-04-15 22:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-14 08:20 - 2018-04-15 22:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-14 08:20 - 2018-04-15 22:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-14 08:20 - 2018-04-15 22:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-14 08:20 - 2018-04-15 22:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-14 08:20 - 2018-04-15 22:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-14 08:20 - 2018-04-15 22:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-14 08:20 - 2018-04-15 22:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-14 08:20 - 2018-04-15 22:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-14 08:20 - 2018-04-15 22:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-14 08:20 - 2018-04-15 22:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-14 08:20 - 2018-04-15 22:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-14 08:20 - 2018-04-15 22:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-14 08:20 - 2018-04-15 22:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-14 08:20 - 2018-04-15 22:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-14 08:20 - 2018-04-15 22:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-14 08:20 - 2018-04-15 22:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-14 08:20 - 2018-04-15 22:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-14 08:20 - 2018-04-15 22:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-14 08:20 - 2018-04-15 22:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-14 08:20 - 2018-04-15 22:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-14 08:20 - 2018-04-15 22:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-14 08:20 - 2018-04-15 22:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-14 08:20 - 2018-04-15 22:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-14 08:20 - 2018-04-15 22:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-14 08:20 - 2018-04-15 22:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-14 08:20 - 2018-04-15 22:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-14 08:20 - 2018-04-15 22:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-14 08:20 - 2018-04-15 22:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-14 08:20 - 2018-04-15 22:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-14 08:20 - 2018-04-15 22:00 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-05-14 08:19 - 2018-05-03 09:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-14 08:19 - 2018-05-03 09:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-14 08:19 - 2018-05-03 09:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-14 08:19 - 2018-05-03 09:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-14 08:19 - 2018-05-03 09:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-14 08:19 - 2018-05-03 09:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-14 08:19 - 2018-05-03 09:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-14 08:19 - 2018-05-03 09:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-14 08:19 - 2018-05-03 09:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-14 08:19 - 2018-05-03 09:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-14 08:19 - 2018-05-03 09:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-14 08:19 - 2018-05-03 09:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-14 08:19 - 2018-05-03 09:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-14 08:19 - 2018-05-03 09:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-14 08:19 - 2018-05-03 09:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-14 08:19 - 2018-05-03 09:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-14 08:19 - 2018-05-03 09:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-14 08:19 - 2018-05-03 09:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-14 08:19 - 2018-05-03 09:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-14 08:19 - 2018-05-03 09:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-14 08:19 - 2018-05-03 09:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-14 08:19 - 2018-05-03 08:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-14 08:19 - 2018-05-03 08:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-14 08:19 - 2018-05-03 08:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-14 08:19 - 2018-05-03 08:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-14 08:19 - 2018-05-03 08:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-14 08:19 - 2018-05-03 08:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-14 08:19 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-14 08:19 - 2018-05-03 08:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-14 08:19 - 2018-05-03 08:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-14 08:19 - 2018-05-03 08:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-14 08:19 - 2018-05-03 08:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-14 08:19 - 2018-05-03 08:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-14 08:19 - 2018-05-03 08:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-14 08:19 - 2018-05-03 08:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-14 08:19 - 2018-05-03 08:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-14 08:19 - 2018-05-03 08:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-14 08:19 - 2018-05-03 08:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-14 08:19 - 2018-05-03 08:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-14 08:19 - 2018-05-03 08:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-14 08:19 - 2018-05-03 08:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-14 08:19 - 2018-05-03 08:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-14 08:19 - 2018-05-03 08:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-14 08:19 - 2018-05-03 08:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-14 08:19 - 2018-05-03 08:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-14 08:19 - 2018-05-03 07:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-14 08:19 - 2018-05-03 07:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-14 08:19 - 2018-05-03 07:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-14 08:19 - 2018-05-03 07:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-14 08:19 - 2018-05-03 07:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-14 08:19 - 2018-05-03 07:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-14 08:19 - 2018-05-03 07:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-14 08:19 - 2018-05-03 07:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-14 08:19 - 2018-05-03 07:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-14 08:19 - 2018-05-03 07:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-14 08:19 - 2018-04-15 23:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-14 08:19 - 2018-04-15 23:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-14 08:19 - 2018-04-15 23:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-14 08:19 - 2018-04-15 23:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-14 08:19 - 2018-04-15 23:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-14 08:19 - 2018-04-15 23:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-14 08:19 - 2018-04-15 23:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-14 08:19 - 2018-04-15 23:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-14 08:19 - 2018-04-15 23:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-14 08:19 - 2018-04-15 23:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-14 08:19 - 2018-04-15 23:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-14 08:19 - 2018-04-15 23:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-14 08:19 - 2018-04-15 23:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-14 08:19 - 2018-04-15 23:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-14 08:19 - 2018-04-15 22:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-14 08:19 - 2018-04-15 22:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-14 08:19 - 2018-04-15 22:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-14 08:19 - 2018-04-15 22:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-14 08:19 - 2018-04-15 22:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-14 08:19 - 2018-04-15 22:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-14 08:19 - 2018-04-15 22:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-14 08:19 - 2018-04-15 22:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-14 08:19 - 2018-04-15 22:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-14 08:19 - 2018-04-15 22:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-14 08:19 - 2018-04-15 22:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-14 08:19 - 2018-04-15 22:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-14 08:19 - 2018-04-15 22:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-14 08:19 - 2018-04-15 22:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-14 08:19 - 2018-04-15 22:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-14 08:19 - 2018-04-15 22:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-14 08:19 - 2018-04-15 22:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-14 08:19 - 2018-04-15 22:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-14 08:19 - 2018-04-15 22:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-14 08:19 - 2018-04-15 22:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-14 08:19 - 2018-04-15 22:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-14 08:19 - 2018-04-15 22:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-14 08:19 - 2018-04-15 22:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-14 08:19 - 2018-04-15 22:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-14 08:19 - 2018-04-15 22:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-14 08:19 - 2018-04-15 22:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-14 08:19 - 2018-04-15 22:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-14 08:19 - 2018-04-15 22:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-14 08:19 - 2018-04-15 22:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-14 08:19 - 2018-04-15 22:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-14 08:19 - 2018-04-15 22:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-14 08:19 - 2018-04-15 22:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-14 08:19 - 2018-04-15 22:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-14 08:19 - 2018-04-15 22:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-14 08:19 - 2018-04-15 22:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-14 08:19 - 2018-04-15 22:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-14 08:19 - 2018-04-15 22:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-14 08:19 - 2018-04-15 22:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-14 08:19 - 2018-04-15 22:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-14 08:19 - 2018-04-15 22:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-14 08:19 - 2018-04-15 22:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-14 08:19 - 2018-04-15 22:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-14 08:19 - 2018-04-15 22:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-14 08:19 - 2018-04-15 22:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-14 08:19 - 2018-04-15 22:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-14 08:19 - 2018-04-15 22:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-14 08:19 - 2018-04-15 22:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-14 08:19 - 2018-04-15 22:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-14 08:19 - 2018-04-15 22:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-14 08:19 - 2018-04-15 22:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-14 08:19 - 2018-04-15 22:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-14 08:19 - 2018-04-15 21:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-14 08:19 - 2018-04-15 21:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-14 08:19 - 2018-04-15 21:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-14 08:19 - 2018-04-15 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-04-27 20:01 - 2018-04-27 20:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2021-10-21 15:36 - 2014-06-21 05:39 - 000000852 _____ C:\WINDOWS\system32\Drivers\RTKHDRC.dat
2021-10-04 09:34 - 2014-06-21 05:39 - 000000712 _____ C:\WINDOWS\system32\Drivers\RTMICEQ0.dat
2018-05-24 15:19 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-24 15:17 - 2016-03-01 06:02 - 000000000 __SHD C:\Users\Barbara\IntelGraphicsProfiles
2018-05-24 15:17 - 2016-03-01 04:43 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-05-24 15:17 - 2014-12-23 21:36 - 000000000 __RDL C:\Users\Barbara\SkyDrive
2018-05-24 15:15 - 2018-03-11 12:37 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-24 15:15 - 2017-12-24 09:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-24 15:15 - 2015-04-02 09:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-05-24 15:14 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-24 15:10 - 2018-04-12 19:19 - 000000000 ___HD C:\$WINDOWS.~BT
2018-05-24 15:09 - 2017-12-24 00:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-24 15:08 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-24 15:02 - 2017-12-23 22:08 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-24 15:01 - 2017-12-24 09:06 - 000004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A3E53079-A74C-4DD8-9142-0B039034BB94}
2018-05-24 11:17 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-24 11:04 - 2016-06-01 16:46 - 000000000 ____D C:\AdwCleaner
2018-05-24 11:02 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-24 10:48 - 2016-11-19 14:07 - 000000000 ____D C:\Users\Barbara\AppData\LocalLow\Mozilla
2018-05-24 10:06 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Registration
2018-05-24 08:37 - 2017-12-24 09:05 - 000009528 _____ C:\WINDOWS\diagwrn.xml
2018-05-24 08:37 - 2017-12-24 09:05 - 000009528 _____ C:\WINDOWS\diagerr.xml
2018-05-24 07:12 - 2017-12-24 00:35 - 000000000 ____D C:\Users\Barbara
2018-05-23 21:28 - 2013-10-31 08:40 - 000000000 ____D C:\Program Files\Common Files\mcafee
2018-05-23 21:19 - 2017-12-24 09:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-05-23 21:12 - 2017-09-29 15:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-05-23 20:06 - 2017-07-03 19:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-23 20:06 - 2014-12-23 21:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-23 19:31 - 2016-05-01 09:55 - 000000000 ____D C:\ProgramData\tmp
2018-05-23 18:45 - 2017-03-05 18:56 - 000000000 ____D C:\Users\Barbara\Documents\Bestellung Schultheiss
2018-05-23 18:44 - 2010-07-17 17:06 - 000000000 ___RD C:\Users\Barbara\Documents\Scanned Documents
2018-05-23 18:39 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-22 21:41 - 2014-12-23 21:30 - 000000000 ____D C:\Users\Barbara\AppData\Local\Packages
2018-05-22 20:34 - 2014-12-23 21:42 - 000001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-22 20:25 - 2010-05-26 21:47 - 000000000 ____D C:\Users\Barbara\Documents\Musikverein
2018-05-22 20:02 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-20 09:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-20 09:10 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-20 09:09 - 2014-12-23 22:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-05-20 08:49 - 2017-09-30 16:35 - 001022426 _____ C:\WINDOWS\system32\perfh007.dat
2018-05-20 08:49 - 2017-09-30 16:35 - 000223640 _____ C:\WINDOWS\system32\perfc007.dat
2018-05-20 08:49 - 2016-03-01 05:04 - 002253348 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-14 17:39 - 2017-12-24 09:51 - 000000000 ___RD C:\Users\Barbara\3D Objects
2018-05-14 17:39 - 2014-12-24 03:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-14 17:38 - 2017-12-24 00:27 - 000397792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-14 17:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-14 17:34 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-14 17:34 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-14 08:33 - 2014-12-28 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-14 08:30 - 2017-10-22 16:51 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-14 08:30 - 2014-12-28 12:34 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-14 08:24 - 2017-12-14 03:32 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-14 08:23 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-14 08:23 - 2017-09-29 15:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-14 08:23 - 2017-09-29 15:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-14 08:23 - 2017-09-29 15:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-14 07:01 - 2018-03-14 19:13 - 000004624 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-14 07:01 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-14 07:01 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-04-30 19:01 - 2016-02-06 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2018-04-30 18:41 - 2017-04-08 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2018-04-30 18:41 - 2014-12-27 16:42 - 000000000 ____D C:\ProgramData\elsterformular
2018-04-27 19:55 - 2017-12-24 09:06 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2302281030-2091732372-4235389516-1001
2018-04-27 19:55 - 2016-03-01 06:07 - 000002431 _____ C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-05-24 09:43

==================== Ende von FRST.txt ============================
--- --- ---

Skummy 24.05.2018 14:25
neue Addition.txt:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
durchgeführt von Barbara (24-05-2018 15:20:16)
Gestartet von C:\Users\Barbara\Desktop
Windows 10 Home Version 1709 16299.431 (X64) (2017-12-24 07:08:57)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2302281030-2091732372-4235389516-500 - Administrator - Disabled)
Barbara (S-1-5-21-2302281030-2091732372-4235389516-1001 - Administrator - Enabled) => C:\Users\Barbara
DefaultAccount (S-1-5-21-2302281030-2091732372-4235389516-503 - Limited - Disabled)
Gast (S-1-5-21-2302281030-2091732372-4235389516-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2302281030-2091732372-4235389516-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2302281030-2091732372-4235389516-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}) (Version: 17.0.6673 - Acronis) Hidden
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{67AA948F-8D83-4566-B84A-7CAABCF64E3F}) (Version: 16.0.2.8 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.2.1.2 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4380 (HKLM-x32\...\{06856518-366B-4393-8013-E0B0C56C2E8E}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
C4380_Help (HKLM-x32\...\{a1f89c34-f061-447d-ac10-b5f1896a5923}) (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.5.05030 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{34F34D13-763B-48C8-94E0-D6CD3FF84268}) (Version: 4.5.05030 - Cisco Systems, Inc.) Hidden
ClamAV (HKLM\...\{8AFA9F0E-C72B-43D0-BB9A-671584E73D81}) (Version: 0.100.0 - Cisco Systems, Inc)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 19.3 - Thüringer Landesfinanzdirektion)
Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Malwarebytes Version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.9226.2156 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 de) (HKLM\...\Mozilla Firefox 60.0.1 (x64 de)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.1.6710 - Mozilla)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OEM Application Profile (HKLM-x32\...\{E3AE2D4D-5274-CE6B-5434-64DA3131A301}) (Version: 1.00.0000 - Ihr Firmenname)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9226.2156 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
PS_AIO_02_ProductContext (HKLM-x32\...\{720C16FC-5423-47B3-A249-5C05FB376E9A}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (HKLM-x32\...\{97AD3490-480B-42B2-8001-326621AF34AC}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (HKLM-x32\...\{7AB63BFD-91C6-4C21-B2C6-D33A1FC8DE8F}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
PX Profile Update (HKLM-x32\...\{035D9783-ED95-4C3C-D8E6-3E367D9EE05D}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-30] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {042EAE02-865B-494D-B070-2A8799DBFDCA} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {2255F498-B83A-42F4-89E2-AACF5DFAC969} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {24E3419A-65AE-477D-AAED-FC14FAE434B1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {27E9B94F-E8A7-4A86-BF0B-CFBFF4A0C7A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-20] (Microsoft Corporation)
Task: {29E3EB78-E417-4DE8-A576-C3ED4CC0D112} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {302BA8D5-E7D3-4E1D-B68B-2D540132B7D5} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe [2018-05-04] (Microsoft Corporation)
Task: {30F3E322-6EBD-428B-9210-E939959140E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {380D999D-3812-4FA3-9385-1A07BA2F67DF} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {44D0E1DF-C787-4245-8565-290F354138F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {4649215A-8EF1-420D-BB43-E00FD6830F1D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {49E9D015-73BE-4C63-B4E1-07CF8097E2AF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-14] (Adobe Systems Incorporated)
Task: {5A2B4E3E-AD27-4571-97F7-2F49671696E4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5A70C275-3055-48F0-BCE8-3A005A56D34B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {63328370-2545-4A30-9E67-2B508E5288D1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-14] (Adobe Systems Incorporated)
Task: {63B4BD16-284A-4DEE-A307-3C339686C2F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {65437E1C-CE60-49D2-8BED-890DED1AEC03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-27] (Microsoft Corporation)
Task: {6637008B-8F2D-47D3-BD26-80D8ACAAF2FD} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe
Task: {74317D40-57B0-4509-8E4C-1E3ED12EDAD2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {779AB6FF-CC2A-4063-BAA2-91B02B7317A1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-20] (Microsoft Corporation)
Task: {7AD43DE8-9442-4FA7-B2ED-58CAAA03DBCC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {8102A2DB-C0ED-49E3-AADE-D86A4FE86100} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {8AFCAF5B-3B12-424D-8EC7-472FD3A1767C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-05-20] (Microsoft Corporation)
Task: {8F55C114-CD99-409D-A55D-9771494135DB} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe
Task: {9AA3736F-FD14-4A52-9C57-F8149210BAC9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-12] (Microsoft Corporation)
Task: {A04371DB-829A-44BA-B38D-4CD9AB7D5581} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.160\DADUpdater.exe
Task: {A2D158F6-7CBA-43E6-816D-F04650CA029E} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe
Task: {AF8E0CE3-A8F6-46DE-91B9-53255B1E5C2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-27] (Microsoft Corporation)
Task: {B8B80938-5E43-4BB5-8845-8EE5BA72546B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {BE841F3A-EECD-498B-AD6C-559CFF0804C5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {CC454244-10A1-4E30-AB83-8D83B82BCFEC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {DB6652D3-9A62-497F-A299-2DF53BE83C73} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
Task: {E0E68366-6FF9-44A1-AD37-BAB1D7FAE7F4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EE13C707-C097-4A49-982F-624B74F776D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-27] (Microsoft Corporation)
Task: {F8992525-97D2-4EA5-8C10-BD09CF63EE3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-27] (Microsoft Corporation)
Task: {FA626C60-ECF6-4104-A85F-032226CD7029} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2018-05-14] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-03-11 12:35 - 2018-03-01 11:31 - 002488608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-03-11 12:35 - 2018-02-05 15:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2014-06-21 06:04 - 2013-07-30 18:11 - 000110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-10-01 11:32 - 2013-10-01 11:32 - 002818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2015-09-30 21:39 - 2015-09-30 21:39 - 000415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-03-14 21:13 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 21:13 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-24 11:28 - 2017-12-24 11:29 - 002945024 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.3.3472.1000_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2017-12-24 11:28 - 2017-12-24 11:29 - 000130560 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.3.3472.1000_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll
2017-12-24 11:28 - 2017-12-24 11:29 - 007848448 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.3.3472.1000_x64__8wekyb3d8bbwe\Microsoft.People.NativeComponents.dll
2018-04-05 19:11 - 2018-04-05 19:12 - 004734464 _____ () C:\Program Files\WindowsApps\Microsoft.Wallet_2.2.18065.0_x64__8wekyb3d8bbwe\Microsoft.Wallet.dll
2017-12-14 03:32 - 2017-12-14 03:32 - 003657624 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2017-12-14 03:32 - 2017-12-14 03:32 - 002470296 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2018-05-20 08:54 - 2018-05-20 08:57 - 000062464 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-05-20 08:54 - 2018-05-20 08:57 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-02-21 23:12 - 2018-02-21 23:14 - 027139072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
2018-02-21 23:12 - 2018-02-21 23:14 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-21 23:12 - 2018-02-21 23:14 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntCommon.dll
2017-12-24 10:30 - 2017-12-24 10:32 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-21 23:12 - 2018-02-21 23:14 - 009283072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\EntPlat.dll
2018-04-10 07:17 - 2018-04-10 07:17 - 000033792 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_system-vc140-mt-1_59.dll
2018-04-10 07:16 - 2018-04-10 07:16 - 000062976 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_date_time-vc140-mt-1_59.dll
2018-04-10 07:17 - 2018-04-10 07:17 - 000106496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_thread-vc140-mt-1_59.dll
2018-04-10 07:17 - 2018-04-10 07:17 - 000042496 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_chrono-vc140-mt-1_59.dll
2018-04-10 07:18 - 2018-04-10 07:18 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-06-21 05:30 - 2013-09-04 01:53 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-02-04 19:25 - 2014-02-04 19:25 - 000036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2014-02-04 19:25 - 2014-02-04 19:25 - 000028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-10-10 13:02 - 2013-10-10 13:02 - 000013120 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2014-02-04 19:28 - 2014-02-04 19:28 - 000420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2018-05-24 10:07 - 000000830 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-2302281030-2091732372-4235389516-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

14-05-2018 08:18:38 Windows Update
22-05-2018 20:01:20 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Broadcom NetLink (TM) Gigabit Ethernet #2
Description: Broadcom NetLink (TM)-Gigabit-Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom Corporation
Service: k57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Photosmart C4380
Description: HP Photosmart C4380
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Hewlett-Packard
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/24/2018 03:19:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.16299.15, Zeitstempel: 0x290d9f78
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.16299.19, Zeitstempel: 0x63553d36
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000094ef5
ID des fehlerhaften Prozesses: 0x1e60
Startzeit der fehlerhaften Anwendung: 0x01d3f3618d659358
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\backgroundTaskHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\twinapi.appcore.dll
Berichtskennung: 4628cdf2-5c33-4d96-a4f3-81747a5cdc7f
Vollständiger Name des fehlerhaften Pakets: Microsoft.People_10.3.3472.1000_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x

Error: (05/24/2018 10:29:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.16299.15, Zeitstempel: 0x290d9f78
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.16299.19, Zeitstempel: 0x63553d36
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000094ef5
ID des fehlerhaften Prozesses: 0x1d30
Startzeit der fehlerhaften Anwendung: 0x01d3f338f4716b24
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\backgroundTaskHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\twinapi.appcore.dll
Berichtskennung: d685a2af-7466-4581-a02c-c6770f820be3
Vollständiger Name des fehlerhaften Pakets: Microsoft.People_10.3.3472.1000_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2

Error: (05/24/2018 07:09:36 AM) (Source: acvpninstall) (EventID: 2) (User: )
Description: Event-ID 2


Systemfehler:
=============
Error: (05/24/2018 03:17:28 PM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 03:17:28 PM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 03:17:28 PM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 03:17:28 PM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 03:17:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (05/24/2018 03:17:03 PM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 03:17:03 PM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/24/2018 03:17:03 PM) (Source: DCOM) (EventID: 10016) (User: HOME)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Home\Barbara" (SID: S-1-5-21-2302281030-2091732372-4235389516-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


Windows Defender:
===================================
Date: 2018-05-15 21:40:54.901
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {158585AE-1375-4239-A0C5-D8E823083A16}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2018-05-24 15:19:16.463
Description:
Fehler des Windows Defender Antivirus-Echtzeitschutz-Features.
Feature: Verhaltensüberwachung
Fehlercode: 0x80508023
Fehlerbeschreibung: Auf dem Gerät wurde keine Schadsoftware oder andere potenziell unerwünschte Software gefunden.
Ursache: Die Antischadsoftware wurde aus unbekanntem Grund beendet. Möglicherweise kann das Problem durch einen Neustart des Diensts behoben werden.

Date: 2018-05-22 20:00:54.031
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.267.1677.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.14800.3
Fehlercode: 0x80240016
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".

CodeIntegrity:
===================================

Date: 2018-05-24 06:59:56.111
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:54:04.922
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:51:36.872
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:51:36.184
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:51:02.887
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:50:57.007
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:50:47.643
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-05-24 06:50:46.160
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8072.27 MB
Verfügbarer physikalischer RAM: 5617.37 MB
Summe virtueller Speicher: 9352.27 MB
Verfügbarer virtueller Speicher: 6976.39 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:912.78 GB) (Free:825.63 GB) NTFS

\\?\Volume{cd2b97e5-ad7e-455f-907c-cbe4cd0fec81}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.31 GB) NTFS
\\?\Volume{25f915f1-41e0-4f0d-9078-196486a0c318}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32
\\?\Volume{bd632f21-2cd5-450a-9033-cb73a31edfd0}\ () (Fixed) (Total:0.92 GB) (Free:0.44 GB) NTFS
\\?\Volume{1122fbdf-90e9-440f-b451-2fbdb19e3085}\ (Push Button Reset) (Fixed) (Total:16.81 GB) (Free:1.38 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8D2D76D1)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus 24.05.2018 19:24
Schädlinge suchen mit Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Skummy 25.05.2018 09:40
Danke für deine Unterstützung soweit.

TDSSKiller hat nichts gefunden:
Zitat:
10:24:07.0797 0x2888 TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
10:24:07.0797 0x2888 UEFI system
10:24:17.0664 0x2888 ============================================================
10:24:17.0665 0x2888 Current date / time: 2018/05/25 10:24:17.0664
10:24:17.0665 0x2888 SystemInfo:
10:24:17.0665 0x2888
10:24:17.0665 0x2888 OS Version: 10.0.16299 ServicePack: 0.0
10:24:17.0665 0x2888 Product type: Workstation
10:24:17.0665 0x2888 ComputerName: HOME
10:24:17.0665 0x2888 UserName: Barbara
10:24:17.0665 0x2888 Windows directory: C:\WINDOWS
10:24:17.0665 0x2888 System windows directory: C:\WINDOWS
10:24:17.0665 0x2888 Running under WOW64
10:24:17.0665 0x2888 Processor architecture: Intel x64
10:24:17.0665 0x2888 Number of processors: 4
10:24:17.0665 0x2888 Page size: 0x1000
10:24:17.0665 0x2888 Boot type: Normal boot
10:24:17.0665 0x2888 CodeIntegrityOptions = 0x00000001
10:24:17.0665 0x2888 ============================================================
10:24:19.0120 0x2888 KLMD registered as C:\WINDOWS\system32\drivers\65602563.sys
10:24:19.0120 0x2888 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 16299.431, osProperties = 0x19
10:24:19.0498 0x2888 System UUID: {6B120C44-26F4-FE21-30D7-4858BBD2A8EE}
10:24:20.0268 0x2888 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:24:20.0315 0x2888 ============================================================
10:24:20.0315 0x2888 \Device\Harddisk0\DR0:
10:24:20.0346 0x2888 GPT partitions:
10:24:20.0376 0x2888 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CD2B97E5-AD7E-455F-907C-CBE4CD0FEC81}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
10:24:20.0376 0x2888 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {25F915F1-41E0-4F0D-9078-196486A0C318}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
10:24:20.0377 0x2888 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FF2BAA0E-D83B-40BD-BD2E-7267EE159ECE}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
10:24:20.0377 0x2888 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3B765700-8A08-4A9C-B6A6-FC33653E7D42}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x72190864
10:24:20.0377 0x2888 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BD632F21-2CD5-450A-9033-CB73A31EDFD0}, Name: , StartLBA 0x72393800, BlocksNum 0x1D6000
10:24:20.0377 0x2888 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1122FBDF-90E9-440F-B451-2FBDB19E3085}, Name: Basic data partition, StartLBA 0x72569800, BlocksNum 0x219D000
10:24:20.0377 0x2888 MBR partitions:
10:24:20.0377 0x2888 ============================================================
10:24:20.0439 0x2888 C: <-> \Device\Harddisk0\DR0\Partition4
10:24:20.0439 0x2888 ============================================================
10:24:20.0439 0x2888 Initialize success
10:24:20.0439 0x2888 ============================================================
10:24:55.0309 0x2788 ============================================================
10:24:55.0309 0x2788 Scan started
10:24:55.0309 0x2788 Mode: Manual; SigCheck; TDLFS;
10:24:55.0309 0x2788 ============================================================
10:24:55.0309 0x2788 KSN ping started
10:24:55.0664 0x2788 KSN ping finished: true
10:25:02.0822 0x2788 ================ Scan system memory ========================
10:25:02.0822 0x2788 System memory - ok
10:25:02.0824 0x2788 ================ Scan services =============================
10:25:03.0174 0x2788 0197601526312585mcinstcleanup - ok
10:25:04.0519 0x2788 [ 08312DEEF0D3F8647AA53AD90A69094E, E32620323E7EDD3CAB5B04B9E37DDE7CA87B45C2CB17520D69D03C17E1D5F65A ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
10:25:04.0623 0x2788 1394ohci - ok
10:25:04.0640 0x2788 [ 645009E711BBF117CCEE917A03FB0CDD, B531951443D961C08428CB0F77F57D9F33C37C0637F919A9DA9DB5DA18479F70 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
10:25:04.0656 0x2788 3ware - ok
10:25:04.0759 0x2788 [ 334BAC25FE297342B119730E699B826C, 7ADC9240BFC835C48609BFCED422C4653BC2CA23F4474CD57A25D15EE44736B0 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
10:25:04.0793 0x2788 ACPI - ok
10:25:04.0826 0x2788 [ 44EA35A4B397898A83BF1B9B4B8DAE35, 023E3BC5CE47518269A812F156EFF1BD4CB14F1F5DD3FCC317DE046A519E20CE ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
10:25:04.0903 0x2788 AcpiDev - ok
10:25:04.0931 0x2788 [ 91D113A1532B8AB1E25B7DE5AB3C2F83, 43134DB92D522FCF537FFA8E829021F43BDD90006D7F096BA483DA1DAD3D1CC3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
10:25:04.0948 0x2788 acpiex - ok
10:25:04.0984 0x2788 [ 620BB2682BA625DF037072D89F44F6EE, A1A72F663C75DC65B1BA278CD7F43FAE6D1BDAE2F3F1D8269F508DECB555FFF9 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
10:25:05.0084 0x2788 acpipagr - ok
10:25:05.0112 0x2788 [ B9805A3C479390CEAEA5AEF5E4A90A2E, D9256734BC46EA43133873BDDE56B9A3597F74CFE82500FFB374A8EE6293ADD3 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
10:25:05.0143 0x2788 AcpiPmi - ok
10:25:05.0162 0x2788 [ ABD4EB55C661143B015BD0B9B47B235C, 5F109BA04010E634D547E86AF67659EA06BD05FCF78A493DB190790C4D7E13EA ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
10:25:05.0203 0x2788 acpitime - ok
10:25:05.0570 0x2788 [ CD41DFA7A778555B2055E2D388F5CB33, AE149AB7823AE3A97E2826C06968F32A7E50331484203E4581C83E441A1680F9 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
10:25:05.0606 0x2788 AcrSch2Svc - ok
10:25:05.0712 0x2788 [ 56FCC24867F2C87BF96EE9D17A4CC20E, 6DDEF1234D207C6CDE0298DD1DAC988AC6CD7716E4FDA01813D175AE50F6A022 ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
10:25:05.0790 0x2788 acsock - ok
10:25:06.0837 0x2788 [ E53B27BE2E80B2B64311036CDBB632F6, C1BEF41A1198587FB65FF88383DB4E7629C33060DB18AEB1FC74ED616934AA41 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:25:06.0857 0x2788 AdobeFlashPlayerUpdateSvc - ok
10:25:07.0175 0x2788 [ 8C58BD711FAD5F11E8CFDBC5CED973A5, 340FCD2C492009D5D7732FBF94198C4767125A77E0C71BB20E5CB2BDA5AB57CF ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
10:25:07.0245 0x2788 ADP80XX - ok
10:25:07.0315 0x2788 [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys
10:25:07.0331 0x2788 afcdp - ok
10:25:07.0819 0x2788 [ 3B1C11CB7006495F799F8A2AB8B2D530, B7B0C4922A1843BBF8104CDC705C4FEA1F1A760C1CC2BD6BC5E4213A0E4ED9FD ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
10:25:07.0913 0x2788 afcdpsrv - ok
10:25:08.0019 0x2788 [ 9619C0D7DB55CC3A636A24A7D82B0C8E, 12FA6F3CCABDC707F1ED1D48F9C53B84773D8E68719256192C64DE40D5DB909E ] AFD C:\WINDOWS\system32\drivers\afd.sys
10:25:08.0071 0x2788 AFD - ok
10:25:08.0156 0x2788 [ DCE606F0E15E0FB75ECC02EBB3DEFA9C, CC851775136EC09CD41BF7EE1582BC6BE41086A807F5EBF3F97C60B57D5ADBC5 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
10:25:08.0319 0x2788 ahcache - ok
10:25:08.0367 0x2788 [ 84FFB4AC2BA923364DF13F73751E05D1, EBD054282D93F290408A2343C0CBF98CEF7619A8252DC04E15322E51505D45AF ] AJRouter C:\WINDOWS\System32\AJRouter.dll
10:25:08.0437 0x2788 AJRouter - ok
10:25:08.0470 0x2788 [ 084101AB03969D8ED00D5FFBE5F4C3DF, 6425FA16F0CBF5F3008780095364830EBF1F073BD5109764FE9E88245AFB9367 ] ALG C:\WINDOWS\System32\alg.exe
10:25:08.0667 0x2788 ALG - ok
10:25:08.0803 0x2788 [ 4F71E68642D55BF30EB8B1382BEC5F02, 6B925F1047E3AA68FA87F5551C35B860360D5636F77AE8B06155450EB113E063 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
10:25:08.0838 0x2788 AMD External Events Utility - ok
10:25:08.0914 0x2788 [ 654824DF0CE32C9D274C1943DEB19AEA, 298D21026D503CBCE7A5385E8466905C62EDC89EE7AAD824127A213A9662ED73 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
10:25:09.0046 0x2788 AmdK8 - ok
10:25:09.0545 0x2788 amdkmdag - ok
10:25:09.0658 0x2788 [ D888CD6CF06C0E577371ED737D67E6AE, 1161D4D493861F0CEE8EAAB2A4DB8B3E134C3479022AFCC8C2802CF0F3EE08D3 ] amdkmdap C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys
10:25:09.0682 0x2788 amdkmdap - ok
10:25:09.0734 0x2788 [ BE4C3F1464293547CDCC82472F558263, 56D7A939C0EFB05E58F22D37C4F1C2A69FD982373E2FDD1A543B56AAE834B505 ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
10:25:09.0747 0x2788 amdkmpfd - ok
10:25:09.0806 0x2788 [ 12C4246CE1B769B720BE0848F75AB4C1, EDB6C085FB1291FE5436360FFE227E9885C5698B2076C6C326316A4E672AE8AE ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
10:25:09.0856 0x2788 AmdPPM - ok
10:25:09.0885 0x2788 [ F1C16AABA27E9E153AEC7BD2AB853F30, 7CFDBD218E6C161747A21BBACC78BF1061F2427ED1247F1AE0879BE155C504E7 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
10:25:09.0900 0x2788 amdsata - ok
10:25:09.0955 0x2788 [ C834D0F1ECB8473E9E6D18EE1BCEECB2, C9B7B9279F96DE4DA1EE096B6463591B3A718F87CD75E544C5A07C3639D1F188 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
10:25:09.0975 0x2788 amdsbs - ok
10:25:10.0008 0x2788 [ 49203D2FFE30CBB36BE66A0E70F3D954, E5B5A3B3B4A8FF03B5C902642C776CECD554CA1DB25419111EDA83602986CCCE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
10:25:10.0020 0x2788 amdxata - ok
10:25:10.0099 0x2788 [ 38DC4D8B1BD5DA43179EEA726BD05249, 4BCACD6A6EDCBC76F3132142E70E9BE828BAA2C2D91F634A322FADD330C7ACC0 ] AppID C:\WINDOWS\system32\drivers\appid.sys
10:25:10.0128 0x2788 AppID - ok
10:25:10.0224 0x2788 [ BBB70415033710D6D7D58DDF2B0A06FA, 4CBB449D6A7970CF6BBFFAA96C3101EECD063A37DEBCB8D3C694BA1F4CCB8901 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
10:25:10.0275 0x2788 AppIDSvc - ok
10:25:10.0313 0x2788 [ 9D01D0608E39FCDE57969B0AA0191A56, E9D7F44A87D87F56CD3AA9D22C5466C04F2B9515124872BFA7FDE3FD81659DD4 ] Appinfo C:\WINDOWS\System32\appinfo.dll
10:25:10.0378 0x2788 Appinfo - ok
10:25:10.0476 0x2788 [ 1E085E2302D568F0CE041732B3E887B0, 0D2A3675FDD04C800B302C84A43F233F0217EB4B1AD44B11AADDB0D5D8FA0DB2 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
10:25:10.0544 0x2788 applockerfltr - ok
10:25:10.0663 0x2788 [ 1D123729F547EEDFBE3F510346848C38, B170860348FBAC054203A7B858866A12944D7046C01BA3A14AC0860D8C288770 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
10:25:10.0820 0x2788 AppReadiness - ok
10:25:11.0258 0x2788 [ E4A09D9DF9E4376A3DCF39C15FC95DA9, C205B1397C2FBEEDCB979AED9169BA971D5BD07CE7C1CCBF87E83B489FCDC2A7 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
10:25:11.0490 0x2788 AppXSvc - ok
10:25:11.0574 0x2788 [ B42C83DE28776B80DBA1310C56DD4F74, 8E017B73D5AD644EC1D46BC1DC2CAF465A6793E2AD6DC35A2E3AB907E7719C40 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
10:25:11.0590 0x2788 arcsas - ok
10:25:11.0614 0x2788 [ C2151380227CD1F7DDA2401C1F151367, 0E76DCD69CAB960DC65942269081436A9DDA255E908E71A29E72DFCFC5CDCC7C ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
10:25:11.0754 0x2788 AsyncMac - ok
10:25:11.0835 0x2788 [ 6191B9B2EE0E8CB957C683B9B341CC86, E60ACC6E9C6E90F2E1DA0DE220C890B50887FD97E7884F8F4301FF2C9A2F408A ] atapi C:\WINDOWS\system32\drivers\atapi.sys
10:25:11.0848 0x2788 atapi - ok
10:25:12.0390 0x2788 [ 835E2C1A3D32492E2B90BD4FE5527CB6, DE129E570C85EE8AAE8084B40F4E32766B4B789A2EED81E46311712B0826053D ] athr C:\WINDOWS\System32\drivers\athw8x.sys
10:25:12.0689 0x2788 athr - ok
10:25:12.0826 0x2788 [ 0A414BE36FFA16E9F20F94008E366AD6, FE254DDDEB22FFFBBFCC87FE035AE5C6F44F08C6FF0EDFBC0C584C0C47E6FF55 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
10:25:12.0936 0x2788 AudioEndpointBuilder - ok
10:25:13.0082 0x2788 [ 57D7504862058467BA8FB8D988E6D372, B0993D1040C91FFB9B5EDBFCBF9885887C90A01E9A7DD4218FA0D09A05C42097 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
10:25:13.0154 0x2788 Audiosrv - ok
10:25:13.0192 0x2788 [ 947FF5992E26AFD4CAA34506678B70BC, 0B125EDBD6E740375E45AAA465DC83740F5CD43A55CDA404F7A81F37EE3BC57C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
10:25:13.0252 0x2788 AxInstSV - ok
10:25:13.0381 0x2788 [ A921805C1ED3253DF48FCA4D724173EB, 7DB6A13228812550F066C76273ECA6B3FC12E7CC98C245D16B5A13FBCF6A509D ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
10:25:13.0408 0x2788 b06bdrv - ok
10:25:13.0455 0x2788 [ 3CC12A09AE7293F4CD1688117B46B9BB, 377B7FB7704BEA894801956756EF0EF2E8C938ABAA047F4729CDE91B44357CFB ] bam C:\WINDOWS\system32\drivers\bam.sys
10:25:13.0469 0x2788 bam - ok
10:25:13.0502 0x2788 [ 2A7267AA15E508F6D05A5B562F1FD1CE, 7070123619A3F08864844FF89C9DEA1D4ED48D05D2B93E305774BE715583DD51 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
10:25:13.0543 0x2788 BasicDisplay - ok
10:25:13.0599 0x2788 [ FAFAEDFC7CAFD8B8FADA6A81BAF92E3A, 11EA3C361DFE5CC177E7D8FD002DC6542E05D1C74977A4716BC1B3DA5CAE963F ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
10:25:13.0681 0x2788 BasicRender - ok
10:25:13.0699 0x2788 [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
10:25:13.0730 0x2788 bcmfn2 - ok
10:25:13.0789 0x2788 [ 72963E0676003016B431306A6F4951BF, 3442A7C1AC1EE8E68F15C78CEBAC237D7535F834AA13F8BB602645DD183A73D3 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
10:25:13.0837 0x2788 BDESVC - ok
10:25:13.0871 0x2788 [ 355D162E52819C19396FB01A8E005A1F, F7911703B51832806F9A88ECD7912A66A02A7798931F27757046D62895FCA0BD ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:25:13.0930 0x2788 Beep - ok
10:25:14.0053 0x2788 [ F6262869E673CC957C5D820C67F34D2F, F4E94E60DA70CC0C2474D2BD8BA6D8F77A38FFCCDD841B8C1D29A12FC057194C ] BFE C:\WINDOWS\System32\bfe.dll
10:25:14.0121 0x2788 BFE - ok
10:25:14.0223 0x2788 [ A0D1BF71E828CEFD7F9DC726AEAD80CE, 742F245105412476A8713ADFBBA5E6498B3B1A03DCF3EE58C15F5AC06C686B44 ] BITS C:\WINDOWS\System32\qmgr.dll
10:25:14.0314 0x2788 BITS - ok
10:25:14.0357 0x2788 [ 8843185CC8F60801C06812799584F6EB, 35D893B9C53215548C95143377F8DDC98A45F2269839BA498F2FA22B409F13C0 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
10:25:14.0452 0x2788 bowser - ok
10:25:14.0582 0x2788 [ FA2702519B710C40E6E55F85F7F87BBC, 95EE006E89FDC78F17BD68DE9977030A0FD47343FDF8308A68742F9E3D13CDF2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
10:25:14.0643 0x2788 BrokerInfrastructure - ok
10:25:14.0699 0x2788 [ 2BA1BED8E8168C301522AC7CFBFA2141, 07000BEF5ABCF7795B474B69B1113F7EE5C22CF0F8CAF4A3D5D872B0D452CDD0 ] Browser C:\WINDOWS\System32\browser.dll
10:25:14.0738 0x2788 Browser - ok
10:25:14.0771 0x2788 [ 53EA7FADB45D4A212CE6E22E053111AB, F8EF4C90261E67433BC3E3330CF1745D2E13C667E5F71C48C785E673E8031DED ] bScsiSDa C:\WINDOWS\System32\drivers\bScsiSDa.sys
10:25:14.0784 0x2788 bScsiSDa - ok
10:25:14.0815 0x2788 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\WINDOWS\System32\drivers\btath_bus.sys
10:25:14.0826 0x2788 BTATH_BUS - ok
10:25:14.0943 0x2788 [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
10:25:14.0973 0x2788 BtFilter - ok
10:25:15.0012 0x2788 [ A4863B7B1F0DB513D6E34547BACC211A, 41E74A60721CCBE0A4D487B3EE01BAC3108D9BA819BF58A64E963478C43828E9 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
10:25:15.0052 0x2788 BthAvrcpTg - ok
10:25:15.0102 0x2788 [ 9C9EE272C11252C651C5DE6A1AC1EDAA, DED378E894FA07B75F2E93490075879A50879CACACCF09F3F9EF37EDFA159233 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
10:25:15.0134 0x2788 BthHFEnum - ok
10:25:15.0166 0x2788 [ 69734E386826ED857C889330F35B4D9C, F0804D41D4BA6C9022B70D5092C4F14128D33F66C5D85DE10115A37C36927B70 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
10:25:15.0207 0x2788 bthhfhid - ok
10:25:15.0296 0x2788 [ BC58294295CBAD6637A526470305B5EA, FAA1A1C85D418B063D8A6E93558BA74D766081268354D63E28D372BD55D523DD ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
10:25:15.0355 0x2788 BthHFSrv - ok
10:25:15.0382 0x2788 [ A94AFAEA86F5F792BB4ECA095B231464, 588256D53CD50B8299FCABF624E8EF29761B16DE1999896DC647FBF8E2BAEA68 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
10:25:15.0417 0x2788 BTHMODEM - ok
10:25:15.0657 0x2788 [ CC98DC94BB904EEADD22242535DF83DB, 8F638CF720C9EEAE57DE10277C26D343D9EE08B61A3F4871822537ED089008EC ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
10:25:15.0780 0x2788 BTHPORT - ok
10:25:15.0844 0x2788 [ 572BCA61B7E026E057AF7DF456AC7E0B, CA35DCC02BFE2D34C40449E47F0C8BA4AD709F01A952B9354332560CE72A1E4F ] bthserv C:\WINDOWS\system32\bthserv.dll
10:25:15.0888 0x2788 bthserv - ok
10:25:16.0039 0x2788 [ 55C836530A9602255BFB4F5D9DA2B737, DB82CB1FB657955AE80A144CC30D5112CF90FBEFCE9E89CF7CEF2929EBE56B28 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
10:25:16.0115 0x2788 BTHUSB - ok
10:25:16.0152 0x2788 [ 39E7437FC59CDD7A303ABD514E462E8B, 9DCACFC12090BA03E3DD8E0EFE02382E3D42B528BDF6DD77318CAFACBA9EBA09 ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys
10:25:16.0166 0x2788 bttflt - ok
10:25:16.0183 0x2788 [ 522888590B0C19BC8128119060AE7901, 9C979FD442E7B189FD156BD5E5E4A3D10FDABB3C38094B9C67A702103D39B00F ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
10:25:16.0216 0x2788 buttonconverter - ok
10:25:16.0274 0x2788 [ 2AB01CE5E233A6FBA3E91BD57772AA4B, DC241810B774BCE651B525885480F05D15AE0E623D53E4CB02562A8424C067E2 ] CAD C:\WINDOWS\System32\drivers\CAD.sys
10:25:16.0289 0x2788 CAD - ok
10:25:16.0335 0x2788 [ E2C8EE32C053892E685A989071AAE333, 842228C315BBD5FA802A81833BB0158774969FED4C5A706F9B904F7C70DB80A3 ] camsvc C:\WINDOWS\system32\CapabilityAccessManager.dll
10:25:16.0383 0x2788 camsvc - ok
10:25:16.0410 0x2788 [ F6F97879F53AD57194C6BC8272FD73EA, C11CB040CC64ABC0A6EAD6D6985659896FBB5911D2E10B6584E0F90FE6813C57 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
10:25:16.0457 0x2788 CapImg - ok
10:25:16.0494 0x2788 [ 9E82A95D77AC78C84BA75FF896B060BF, 87905E55724ADE5149D3BBC2DB76A7275580DE204BB561B8E1FCD631DEF3D9F9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:25:16.0684 0x2788 cdfs - ok
10:25:16.0826 0x2788 [ 147CEBE0C5F7A80135C54715521AD9E1, 99ACF25165C0C17822B0FC06F662848CA0DFAD51B3E3B440005C2E033BFE4840 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
10:25:16.0896 0x2788 CDPSvc - ok
10:25:17.0020 0x2788 [ 6F9F9FA8976D9A45D3C75E7A49AC9995, 7350C4A0A1FEF73203F4AFF2689D59A34728F4F71849110235B1CA5FE0F5AF3D ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
10:25:17.0074 0x2788 CDPUserSvc - ok
10:25:17.0250 0x2788 [ 6D83565C1652E80447EDEA6947FA89D7, A84A3EA45304A9E3F53DA9F4CB9F2D9FF8A2AD69A36AEA366D35A2F5C9FDF851 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
10:25:17.0306 0x2788 cdrom - ok
10:25:17.0424 0x2788 [ 6286CBE87B64AB7D1F59E3375A2FF3F4, 92C276A18F99D2A423BC3A99EBDA1239F3B335C1EB6EBAF2F2800A23188B26F2 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
10:25:17.0473 0x2788 CertPropSvc - ok
10:25:17.0552 0x2788 [ D81954CE5E016FD716EDDB2B2FD9BA58, C47FF6D6527605238EF46E9BDF4544E2B2F4F9C5BCE13881F569F996541D7FF7 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
10:25:17.0575 0x2788 cht4iscsi - ok
10:25:17.0892 0x2788 [ F9A8570805807FFD66488F0A858E1308, 5D8363C5EEB7B92CFA219C466D04D8C625CACAFBDEA5857C5C9FA0C391AC2FEB ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
10:25:17.0954 0x2788 cht4vbd - ok
10:25:17.0975 0x2788 [ 9798D58461706930190F1F2F6BF21D80, BD7552297A636E19F5D544BDBF3490DA544E76002F62B227FA5BDA7A11760040 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
10:25:18.0004 0x2788 circlass - ok
10:25:18.0099 0x2788 [ 6AF3865AEF65623814209794409AA15F, F95A18B08329A5A794AE7B59AE9193B479E9AF6904E2656701AFFE32C6658840 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
10:25:18.0176 0x2788 CldFlt - ok
10:25:18.0250 0x2788 [ DCCB20720E8652F02C8B9C3D9A8A8193, 74243C3C948447F7E29FF2E0B3B49D183DED6D7FA4EE8D8FAACC72432CD647F2 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
10:25:18.0272 0x2788 CLFS - ok
10:25:19.0850 0x2788 [ 50CAD51422A81EB1701D9CAAAC7CDFCD, 8A5551AA3D9C80888C2A463DC6FD15D0C7C5CE7FB2D7D71FBE503FE919CBA9FB ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
10:25:20.0049 0x2788 ClickToRunSvc - ok
10:25:20.0240 0x2788 [ 0EFD85AB09099246CDF8DB63978CC00A, 1E402747B03E0B17D7AE76D52B9E1BE8DA7D29A92B8301DC9FC7A02C0E78757C ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
10:25:20.0278 0x2788 ClipSVC - ok
10:25:20.0336 0x2788 [ 2BA3BA38B5A6A667B0EAEC477276707B, 80AD05C5C7E0398EB7320A82878700C6588B7411F3DEA02E5784CA599CB548C2 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
10:25:20.0352 0x2788 CmBatt - ok
10:25:20.0455 0x2788 [ 5FD7E04967054728203265A310ED8D4A, 676C1A8D9DF8BBDC8BBEA3DD921736AF80FA7D5EFF5C0E6F2DE1C0010162800B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
10:25:20.0486 0x2788 CNG - ok
10:25:20.0515 0x2788 [ C65AF00EF12A1755E7CA370B0C71935D, C03315A5B999EB9AA5B5F1F000BD8A1C68DFC151B23AA2F29F69F7129407AA11 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
10:25:20.0529 0x2788 cnghwassist - ok
10:25:20.0571 0x2788 [ A50300498D56B2448F3593D25478D508, 841D66D4AB9749EE64802611157A9AAED1117B6B2C411B3DA272CE439E69AE45 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys
10:25:20.0616 0x2788 CompositeBus - ok
10:25:20.0621 0x2788 COMSysApp - ok
10:25:20.0642 0x2788 [ 65602B0DB49199647FECB2D1212147BE, DC25D2DED7C31B4691B61FC69BB12E50CA5EDA9705339CCC82BE145EFD6D47C5 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
10:25:20.0657 0x2788 condrv - ok
10:25:20.0737 0x2788 [ AB638EA8ECDBDC692C64F4FF4F940D1D, FE873A86E951C8886CF546E193814807DD356C20308655D4128B3DFCE16BF0BC ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
10:25:20.0777 0x2788 CoreMessagingRegistrar - ok
10:25:21.0498 0x2788 [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
10:25:21.0671 0x2788 cphs - ok
10:25:21.0721 0x2788 [ D64EF74FC6DA47EC2E460076F299E77D, 1F77E9F777FA6996222DE45B3AB2C01CD94C80A4A7F5CA092DDF1F18D74F93AA ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
10:25:21.0757 0x2788 CryptSvc - ok
10:25:21.0780 0x2788 [ 72BE43ABD786E86AAE7EA2193201E100, A013CF10AA4158082B5D0D7F885969C5C92710A6084E57E9DDBDA84420D97367 ] dam C:\WINDOWS\system32\drivers\dam.sys
10:25:21.0795 0x2788 dam - ok
10:25:21.0958 0x2788 [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:25:22.0019 0x2788 DcomLaunch - ok
10:25:22.0140 0x2788 [ F7FB921F438C3566CEC55657EA4E7D9C, 17FA956E3B89F9B6C154975E7E1AAFB204F5EDEACC14A8424827DE13440A9299 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
10:25:22.0489 0x2788 defragsvc - ok
10:25:22.0605 0x2788 [ B5F9123D6537856EA698386ABA27A232, C60DD499254B4A3741ECE71AF1685763BD6A6F828F879D54E175A6198C89ABF0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
10:25:22.0645 0x2788 DeviceAssociationService - ok
10:25:22.0679 0x2788 [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
10:25:22.0760 0x2788 DeviceInstall - ok
10:25:22.0897 0x2788 [ A19F51A044B62C994144ED87A7A5A887, 91ECE0E067E138817CD46A876B2D28CB47A2CCBE9C924EA91A1966FDF69AF7DF ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
10:25:22.0997 0x2788 DevicesFlowUserSvc - ok
10:25:23.0113 0x2788 [ 0D2A4CA81D1F7B5E5FBFE1E4F60246B8, EF425C2FB1191720F9B53EB26EC904F53851D296B222E20B0733615575D4B7E5 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
10:25:23.0154 0x2788 DevQueryBroker - ok
10:25:23.0219 0x2788 [ FAEC08F583CAD06D4F057DBB733A03A1, 3FB5FDB9B7B4B55916F102E6AA2FE387F2D552229FB1E6852E5DAC9A49B214A3 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
10:25:23.0281 0x2788 Dfsc - ok
10:25:23.0337 0x2788 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
10:25:23.0374 0x2788 dg_ssudbus - ok
10:25:23.0452 0x2788 [ FDB38FF469568190277A694D1BF599F5, 5512DB70C942FBFD78DBAE3DF379A2DDB9249B45BF5CE2CB305605C14CD1F25F ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
10:25:23.0500 0x2788 Dhcp - ok
10:25:23.0597 0x2788 [ 291147C456844E438FE2DB43D86B0D7E, 8E2AFDEA856811EB3800DC2C977A1059B73176ED644966BEC25A42095A8F745A ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
10:25:23.0638 0x2788 diagnosticshub.standardcollector.service - ok
10:25:23.0713 0x2788 [ E2BF09B816393AF73EDCB8ECF9BBDB2D, DBDFFC2450E4EC684DD59383799ACF1D207B0882C301B8D562FB76307AFCC553 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
10:25:23.0859 0x2788 diagsvc - ok
10:25:24.0362 0x2788 [ 053832140D35F4AD8981CF36C892123C, 75CC7CCF271A015FB1F774A8ECA769E765C145070D0192AAAA455134A8EF6F0A ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
10:25:24.0521 0x2788 DiagTrack - ok
10:25:24.0578 0x2788 [ 8C7FF86607E367E6319F7F637115D665, D49EAA69A880A566558ED58F60B378AB9E2F950DC951741908DD0914121D6099 ] Disk C:\WINDOWS\system32\drivers\disk.sys
10:25:24.0593 0x2788 Disk - ok
10:25:24.0759 0x2788 [ 5BC34122A1974DD18880C3EBE955BC20, B3950F17E76312E7BEDE7678507B432B99E568BA3651C0E59960D4F1B2627B77 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
10:25:24.0854 0x2788 DmEnrollmentSvc - ok
10:25:24.0960 0x2788 [ 64009621AAF4BC6626BC1A623A26FAD1, C94E63FB12AC58022C0C7F7721C7A38E9411DE94BFB12416091DC1A1F8C90414 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
10:25:25.0022 0x2788 dmvsc - ok
10:25:25.0072 0x2788 [ 10E72E3315305461D3F0C7560AE98CA5, 702B5C056DB6B4E337231BBEA48E106FA95F26B48CDE91857305E4C6E4EE6A12 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
10:25:25.0116 0x2788 dmwappushservice - ok
10:25:25.0199 0x2788 [ B307EE2CEF643264DF3DAAF5DD2D08E2, 4A362C947852C076B53AD4655DD4EDE7D6106AABAFAD6ED1D874DA4F33EC0F8B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:25:25.0228 0x2788 Dnscache - ok
10:25:25.0300 0x2788 [ E1C233826ECA1E52672052C49BD42485, 20B573BD6C5C760C21863F7E8B5AA544661C38E240C41ABA1C69B61C68A8FDD0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
10:25:25.0405 0x2788 dot3svc - ok
10:25:25.0464 0x2788 [ 6D8971C942FEE43A0AB6B3192534AFB4, 44D437DD32E1FDD7922B352CA6C19C83C1ADD825FB704B8E07BEF01E866E2B99 ] DPS C:\WINDOWS\system32\dps.dll
10:25:25.0503 0x2788 DPS - ok
10:25:25.0538 0x2788 [ F4800922F4ABA619585CE320A72E6389, CA83BCAA8B37F303E89598F8C93B201A3F000A09F4A9963E370D7E59BD79D448 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
10:25:25.0552 0x2788 drmkaud - ok
10:25:25.0617 0x2788 [ BB73FD1329739982C2915AB827A01362, 70E69942AE14D5012D9A8B1C799B5B4B4FCC2E456D8940CB4C104D6AB7C4997B ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
10:25:25.0644 0x2788 DsmSvc - ok
10:25:25.0722 0x2788 [ 280297274D162AD79ED767D8CB22DE9C, E344797EDD9EC2ED3D1D07FF1B94DFB8BA318DDE8CD6CECA937A27B4B2E22A0E ] DsSvc C:\WINDOWS\System32\DsSvc.dll
10:25:25.0750 0x2788 DsSvc - ok
10:25:25.0827 0x2788 [ A05724426389EBC1351E3D6F95CF3EAC, E638F97043274515F9A8A46B55C9478E886683580F33A0E90A3BDFBA6A4F6C26 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
10:25:25.0875 0x2788 DusmSvc - ok
10:25:26.0397 0x2788 [ B6B0F214C2D04B73449433E99D080422, D328B679CB21AABE733F87CD51EF3EA3C76178D3E1E2996BEF73AF4FE39DF80C ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:25:26.0512 0x2788 DXGKrnl - ok
10:25:26.0563 0x2788 [ FA94398748930D840FE35A44F1D225A7, E2D48460413904AAFB50E18A24471157D2A235F5CCDF89EE49BB139D1CA3B9F6 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
10:25:26.0600 0x2788 Eaphost - ok
10:25:27.0167 0x2788 [ C99D40C97841E0A7F0F90B8629593A97, 2DE7FB6E3CD7B06079C2B05D8C10AD0EDF187684ED1DE5BEE98FAB9A4B331824 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
10:25:27.0328 0x2788 ebdrv - ok
10:25:27.0452 0x2788 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] EFS C:\WINDOWS\System32\lsass.exe
10:25:27.0467 0x2788 EFS - ok
10:25:27.0518 0x2788 [ 260BBD6B1ED06298E509B452354EDB91, CF794D5AC62C6DBF356BC717910FD2B106A8BD90C3C03BA43859FD876F8820BC ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
10:25:27.0533 0x2788 EhStorClass - ok
10:25:27.0570 0x2788 [ F3BEBDC1B9DBA32F183079EAE6244837, 5DE0DA8D2A13BFA852355619C6DE5AC2FDFAB314A619A4F209842581E4D82DE1 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
10:25:27.0585 0x2788 EhStorTcgDrv - ok
10:25:27.0997 0x2788 [ 623FB075689986670D16795787632B1F, 93DF0E91B29458B4CA23420715A3BF5784CFDEF9F79F20B30C500861227FF828 ] ElfoService C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe
10:25:28.0143 0x2788 ElfoService - ok
10:25:28.0194 0x2788 [ A75880A9192B9DA69F46867B06276746, 53856262A5BD4BE93CB45D1F43B87F45CB01C02B7D94231CF05346B9BDF1F18D ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
10:25:28.0231 0x2788 embeddedmode - ok
10:25:28.0290 0x2788 [ 3BC17ABD52295C64A8BEE3CF4B244B12, 9153DF82C10B314983DB78AB88B468C39E213AE3C504AD865C54213F76F120D6 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
10:25:28.0316 0x2788 EntAppSvc - ok
10:25:28.0615 0x2788 [ B5B5FC68BFB3F01267E54B236660E610, 103F90343B207AFB9151CDA71E70884FEB56E8596754D2AB8B3F46C045642F10 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
10:25:28.0639 0x2788 ePowerSvc - ok
10:25:28.0673 0x2788 [ 1B63CA857FD03FD0A5A1379F2996784F, 9EE5205DCFADAFC62D36528087FA4E023F7E48FF0D2A8333D8A6111AE09D21B8 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
10:25:28.0716 0x2788 ErrDev - ok
10:25:28.0777 0x2788 [ 717C872515922B245A40E0A2F2ED33CE, B0C96E28862FB98D8D75EA3F134F5377799E7DDA6F907D0CEB730C6932180CFD ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
10:25:28.0816 0x2788 ESProtectionDriver - ok
10:25:28.0952 0x2788 [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
10:25:28.0975 0x2788 ETD - ok
10:25:29.0064 0x2788 [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService C:\Program Files\Elantech\ETDService.exe
10:25:29.0076 0x2788 ETDService - ok
10:25:29.0182 0x2788 [ 6A5FA501A2D96001391FF3CBA32935AB, 018DB01ADE957A1A1FF5B168A2EC0EFEF8BFBE036079791FDF0C6AA6C12295BA ] EventSystem C:\WINDOWS\system32\es.dll
10:25:29.0232 0x2788 EventSystem - ok
10:25:29.0366 0x2788 [ F1ACA42D448E3986565EA54275EEEA65, C85101D6E7A2204FD73AAACD972F610B6A4BCF7EB7512412FD34660DCB5E8C5C ] exfat C:\WINDOWS\system32\drivers\exfat.sys
10:25:29.0407 0x2788 exfat - ok
10:25:29.0478 0x2788 [ 0AF4B36754A6EAE794EE4398E219A9E1, A818763D7AE6E7F4BC57294BB4D80FE9E04387BB3EBE8A6088D2AF746FF548A6 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
10:25:29.0501 0x2788 fastfat - ok
10:25:29.0605 0x2788 [ B1A38C0D977D8738779CA3EFEBDFCA8C, EDD852EF89AFBDDBBBE002E6675EAFCC46742B6136EB22428C84D737C6229FEA ] Fax C:\WINDOWS\system32\fxssvc.exe
10:25:29.0667 0x2788 Fax - ok
10:25:29.0690 0x2788 [ 7CD8426A33F06EB72BFEC51F7C264AF8, 4FDD5F6A8BDF25D965CE52132DD0EA77D335C1C5F77A7758F3F6E22DFC12BDF5 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
10:25:29.0775 0x2788 fdc - ok
10:25:29.0820 0x2788 [ 21EB16C5DDFBC19DEBE9EEC10EA423FB, 514327DA987793AFE1DFB4F2C0F033C349432E6F1F6AACBAE23E24E63EFA51B9 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
10:25:29.0845 0x2788 fdPHost - ok
10:25:29.0888 0x2788 [ 57F98EFE6CB82AE5400BA99C705AF45C, 7AB83C7AF4CA49BFC2976FB707B251C181279B7E16EBDD43AD0E1A4AB8C4DFC9 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
10:25:29.0930 0x2788 FDResPub - ok
10:25:29.0957 0x2788 [ 02F93E4B9EC2821B6670208044FF5332, 2D947C8AE51E749029B3180751E4486E27A19471A7A98087076103D307B5CE64 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
10:25:29.0993 0x2788 fhsvc - ok
10:25:30.0022 0x2788 [ DE51BBBCF358188F9736F031546F9908, E2B80DF63C039663085FA9D63F3F30736EC20C49BC678CBD7D7C7231107C3635 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
10:25:30.0089 0x2788 FileCrypt - ok
10:25:30.0143 0x2788 [ 822F664952B0F8D11BB6BD2F11779602, B7E9908A305942194E64E834819186CBBF9DD4469B300DCC8D31E1E5674D6600 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
10:25:30.0157 0x2788 FileInfo - ok
10:25:30.0191 0x2788 [ 5A4935682A0D47A4EAC4BE3C2ACF74D6, 0DCF2E7928D11F49EBF906233894E81CFFE938ADFCA802CE0207CA58B4A02AAD ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
10:25:30.0240 0x2788 Filetrace - ok
10:25:30.0255 0x2788 [ 60641F22D1D38EAD197C25F0339C9712, 110ACEADAE92C384C80356C9DE88E3A94141881E8544DB65736875FFA2716F68 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
10:25:30.0289 0x2788 flpydisk - ok
10:25:30.0367 0x2788 [ ECD2030E78AF8D696A2E59796CA0B798, 370D7829E9077109525E375A3860D96372936C60A1FD7D02D1C7AD381F6E0275 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:25:30.0390 0x2788 FltMgr - ok
10:25:30.0428 0x2788 [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys
10:25:30.0466 0x2788 fltsrv - ok
10:25:30.0829 0x2788 [ D9E18DDDC08B77E634F2AFEF0CC551FF, 701BFDFAD6E86C48E02612E54F3F8819632FC13526893AD2BBAA51348F5E24FF ] FontCache C:\WINDOWS\system32\FntCache.dll
10:25:30.0947 0x2788 FontCache - ok
10:25:31.0085 0x2788 [ A7C6894FFF261C0FEFDCB41BE83CF430, C3DB55140E4848873BC0004030933402CD396112C14F432258D875DB1608700E ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:25:31.0098 0x2788 FontCache3.0.0.0 - ok
10:25:31.0239 0x2788 [ 95F8BF9B335A0BE8920BE160F95B2503, 596B02CFF111C2610E73FA2EBDBB7E6C5C190A9DD9E2FE4CAC6ED475691B7A43 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
10:25:31.0305 0x2788 FrameServer - ok
10:25:31.0353 0x2788 [ 0425D9D2A679060CC9755449779FBA54, F0BFEE92081BDF82AAD58AD1B21659F465DCE6F9F9F16ABBE9A84C17978AA3A0 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
10:25:31.0367 0x2788 FsDepends - ok
10:25:31.0410 0x2788 [ B962036CAADC05E466FEB165E0974587, EAA88EBBAAFF31A5E35B3B23B12E94EE3C659399CDDAADBF4B6146AE091CA5AA ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:25:31.0423 0x2788 Fs_Rec - ok
10:25:31.0591 0x2788 [ 2C8891C306C8F43A273BDB7C490E1C92, DD8D905956652D276796F5638980E3219EF2D8C2B65A8DE537D549BF5C306BE4 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:25:31.0623 0x2788 fvevol - ok
10:25:31.0664 0x2788 [ DFAB4D8FE39C64EAD3A4DCBA25AAFEE0, BABCAE227CD2E87E37C708539C2232251B37F35EFFE2B927914D72517F161E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
10:25:31.0713 0x2788 gencounter - ok
10:25:31.0764 0x2788 [ 8B34E3F794F652082D7E8AF112F71681, C6CFA239BDF46827BFC89DC9A9BF45B0EBCE3EF1BB7DCA33980A632E549B37F5 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
10:25:31.0807 0x2788 genericusbfn - ok
10:25:31.0860 0x2788 [ 127C23F4720C8902A3AB0FEE12205317, E3BF55D81B04572D11B41CDA2DB4509FD252561EB29ED22CC6F616E856E3D86E ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
10:25:31.0878 0x2788 GPIOClx0101 - ok
10:25:32.0149 0x2788 [ 846347C05DBC7C49143D9723EC3714E9, DCC888F1262CA50DA3109D132A9C04F83A961720647E9882D3EFCBF8E3D703B5 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
10:25:32.0231 0x2788 gpsvc - ok
10:25:32.0279 0x2788 [ 582578F031109BE65C15E1D8A45BA547, 4BB1E20A2BDF8F504FF787EF338B6180DD537F53A0DC843B96AEFD8BBE970653 ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
10:25:32.0332 0x2788 GpuEnergyDrv - ok
10:25:32.0372 0x2788 [ 141904F0581468B39B579EA33CA57549, 1D947A6079CED7840B0FF4720C36D873F5A69EA6C94E4C15ADF1A7C0CD0CD0EA ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
10:25:32.0408 0x2788 GraphicsPerfSvc - ok
10:25:32.0458 0x2788 [ 99A34FD1F6431A10D8C3BB50E170D0F2, 14BFF99BBF9ED53D3A157B096CDE0394824260021BA96E1F2C7B1CFB598DD850 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
10:25:32.0483 0x2788 HDAudBus - ok
10:25:32.0504 0x2788 [ 2443FC6EEB9CF092B62127D867901B02, ABD5E907FF066B95C5697C4E470B4EA19976DEC90C8159B963A82EDA218AB114 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
10:25:32.0518 0x2788 HidBatt - ok
10:25:32.0562 0x2788 [ 205043CDC16ADE85E252DD54AE925161, F377F046EFEE53C7786AF15C0BB5BADE36511427575A712B0098A883F3715DB3 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
10:25:32.0595 0x2788 HidBth - ok
10:25:32.0617 0x2788 [ B521DDDC9038C066B1B957BF063A531A, C5FE68FB22C28C4D06A0792FD5AC9A1F0EC01EF26E1D37B9DF05F22D8B7DFF8C ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
10:25:32.0650 0x2788 hidi2c - ok
10:25:32.0681 0x2788 [ 5AC0EBFA76E93273A806176D3178E986, 679BFEFF9F4172EBB14A6C2E8381F54FBDC9E8705E8B0F306723DDF48B6E5143 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
10:25:32.0695 0x2788 hidinterrupt - ok
10:25:32.0724 0x2788 [ 366AC0E05EBF5D5C375F65CD8BC7F0DF, A6B751864E33EBB5DE2E09403A8C26E72DD5510F3A380FA502393FC11A14A433 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
10:25:32.0756 0x2788 HidIr - ok
10:25:32.0801 0x2788 [ 75F4CCB7FF03603E91DD0C7FF83DAABF, 10508A6C36163C9D40C16A47AB4CA8C03C89BB7795690818E5C562E3FF828D5B ] hidserv C:\WINDOWS\system32\hidserv.dll
10:25:32.0822 0x2788 hidserv - ok
10:25:32.0941 0x2788 [ 7CB54D02746024648FCE184FC3F941FF, 6C7B8E6AD3C05D66868D0268C9C8183021AB241E576184FAD0BD50ED4E18E9ED ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
10:25:33.0027 0x2788 HidUsb - ok
10:25:33.0090 0x2788 [ 459EC4290CF0D8269DB28FBFD6284C58, F1C34F11E18F6D48C8378F77DE167AD208E9E7C3022DCA714FF0403AEFF80857 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:25:33.0130 0x2788 HomeGroupListener - ok
10:25:33.0268 0x2788 [ 24C900B7296AA9867FB761A5801AFBD1, 4A765E905D0F7C4B450A28FB85F413F4EAD2B53240E804FA531626ABB0518381 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:25:33.0320 0x2788 HomeGroupProvider - ok
10:25:33.0542 0x2788 [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:25:33.0556 0x2788 hpqcxs08 - ok
10:25:33.0590 0x2788 [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:25:33.0601 0x2788 hpqddsvc - ok
10:25:33.0642 0x2788 [ 835FB95D85D362057A72D21A48C2C7F8, 06A57F9E459E52DAA7B27F232DBC1E0ED0E04759D34AF3E15A645D11DFDD6A58 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
10:25:33.0657 0x2788 HpSAMD - ok
10:25:33.0817 0x2788 [ C995EA1C6915D897E06D41AF95B9312C, 65DE6599F1C735BBDCCE4728F7F98167BCA0BF1B8D4218BBF7546B025C9A38BD ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:25:33.0874 0x2788 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
10:25:33.0973 0x2788 Detect skipped due to KSN trusted
10:25:33.0973 0x2788 HPSLPSVC - ok
10:25:34.0171 0x2788 [ CA46DB64D8FE96C8F935E6F798741398, 83622DF6F51FE3D1B0F90964110A9F8BD6DBC64552E65995364A6DB76E993E8A ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
10:25:34.0214 0x2788 HTTP - ok
10:25:34.0253 0x2788 [ 8B8395999252DE3BA4EBC1A5F28827F3, 95B9B330C43438C6203FD08A441C3CC269CFBA812FC804805786F0243BA1949C ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
10:25:34.0268 0x2788 HvHost - ok
10:25:34.0321 0x2788 [ 9F2CFC90306532866C62BDCDFD2532AA, F27B1087B1E3E06FB49092BBF2DD8CF5B6ADD4CE061FE10C3ED44C58B92BE007 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
10:25:34.0334 0x2788 hvservice - ok
10:25:34.0380 0x2788 [ 3737FE486929AFC48F1D10677B698E52, 9E8792F3A494AE3E7CDA65E93B561B6FFFB9C781606F5863D524DDD24CFEB9C3 ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
10:25:34.0427 0x2788 HwNClx0101 - ok
10:25:34.0478 0x2788 [ 3C65EBF7F1BFD98426C355D66876ECEE, CA1DC462C4D96176C81EF3448238B76B4CDA3C521533973B281359D7F436B8A5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
10:25:34.0490 0x2788 hwpolicy - ok
10:25:34.0533 0x2788 [ E3BDE6C567ED5CD7B15B2E522C120D02, 954EC837636D0F08A3596E4270F37E03C99F8D1A7E80D0D323E0CB793324D776 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
10:25:34.0580 0x2788 hyperkbd - ok
10:25:34.0633 0x2788 [ 1D7BBC4C6F33A4A6189AEA1509615DF9, 66D6E64353CE80949082E594061BCA077849840B175F18F0743285B389F57250 ] HyperVideo C:\WINDOWS\System32\drivers\HyperVideo.sys
10:25:34.0658 0x2788 HyperVideo - ok
10:25:34.0689 0x2788 [ 56FF074E50F9042FD2856AB3418F4B18, 239C9BF23DE2E36FD7112C425CDF18F29B751D75EF3551AEFB048FAD2B0A55E2 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
10:25:34.0712 0x2788 i8042prt - ok
10:25:34.0797 0x2788 [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
10:25:34.0834 0x2788 iagpio - ok
10:25:34.0865 0x2788 [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
10:25:34.0888 0x2788 iai2c - ok
10:25:34.0928 0x2788 [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
10:25:34.0975 0x2788 iaLPSS2i_GPIO2 - ok
10:25:35.0021 0x2788 [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
10:25:35.0051 0x2788 iaLPSS2i_GPIO2_BXT_P - ok
10:25:35.0093 0x2788 [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
10:25:35.0121 0x2788 iaLPSS2i_I2C - ok
10:25:35.0162 0x2788 [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
10:25:35.0183 0x2788 iaLPSS2i_I2C_BXT_P - ok
10:25:35.0216 0x2788 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
10:25:35.0227 0x2788 iaLPSSi_GPIO - ok
10:25:35.0252 0x2788 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
10:25:35.0324 0x2788 iaLPSSi_I2C - ok
10:25:35.0431 0x2788 [ 435883A27A376B125BD4DF888417C85F, 091F9285FCF1D5605D03CB68C062A2DE6FF2D705FF43E983A8A7B5DFA0872A96 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
10:25:35.0464 0x2788 iaStorAV - ok
10:25:35.0525 0x2788 [ 7118E4390C4ACDE61E280CE52BCAF44E, 11123C1555344A191283187BF1F4A8D731E29EE27C7A7A7916873E8D2E95D978 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
10:25:35.0548 0x2788 iaStorV - ok
10:25:35.0638 0x2788 [ 9DBE8C359ABACE1BE1BBAB687D114506, D2E5CB2BFC42627C1BB38A68F925DD534AEFFF9354AFD184005EC338E8E6B232 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
10:25:35.0665 0x2788 ibbus - ok
10:25:35.0747 0x2788 [ 0CF99D60588AF7F198C135BABCA287F2, C72235865426659957909E8465B7D208EB5CAA21B529F07BB055D33028326D9C ] icssvc C:\WINDOWS\System32\tetheringservice.dll
10:25:35.0796 0x2788 icssvc - ok
10:25:36.0992 0x2788 [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
10:25:37.0206 0x2788 igfx - ok
10:25:37.0310 0x2788 [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
10:25:37.0329 0x2788 igfxCUIService2.0.0.0 - ok
10:25:37.0545 0x2788 [ 4D8123F7262C87B3CAE5A62AF74F7939, 8F003562F50218307ECC48A7BF43BE1DA88352D2749902A029081804B71C85DB ] IKEEXT C:\WINDOWS\System32\ikeext.dll
10:25:37.0618 0x2788 IKEEXT - ok
10:25:37.0651 0x2788 [ 42CAF6216A6E516DC56BA319ACC7EEC5, DF60FF41F06D1101E4A81F7416DB5A34D7BA885CBA874BC15AD43FB4080F2958 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
10:25:37.0685 0x2788 IndirectKmd - ok
10:25:37.0938 0x2788 [ 02D6C68057FDED7E08FD3CAEE564B6C8, 8DF7C7D6C5970DE16ABE32FAFEDEB467A243283C227FAFF25D7258875A2F459C ] InstallService C:\WINDOWS\system32\InstallService.dll
10:25:38.0025 0x2788 InstallService - ok
10:25:38.0066 0x2788 [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
10:25:38.0117 0x2788 intaud_WaveExtensible - ok
10:25:38.0806 0x2788 [ 8EB4D1D7806D05E5AB39D96464D801CA, 73853F56CD05243B1CABED2CA2420DFC8BA53F951030EECCD0D2A0E26D8A0D1B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
10:25:38.0927 0x2788 IntcAzAudAddService - ok
10:25:39.0041 0x2788 [ B375D8686E1BD2B79C0F00E3868A8C3B, A15D99F04B69FB37ED3AC0C3BBA464BF6D6EB1873D4AE1062983120E3BD1C4DB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
10:25:39.0108 0x2788 IntcDAud - ok
10:25:39.0326 0x2788 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:25:39.0739 0x2788 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
10:25:39.0841 0x2788 Detect skipped due to KSN trusted
10:25:39.0841 0x2788 Intel(R) Capability Licensing Service Interface - ok
10:25:40.0006 0x2788 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
10:25:40.0036 0x2788 Intel(R) Capability Licensing Service TCP IP Interface - ok
10:25:40.0099 0x2788 [ 40943C1CD031ACE06A8374AD56B9E5EA, 05E5AD4330F272C421A8726E9E6555115D8717DC5AFDE3CC1DB53A3D7518BF62 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
10:25:40.0112 0x2788 intelide - ok
10:25:40.0138 0x2788 [ 327D9CCF5492543AEF3979F9EEAD02BE, 1C6CD9ECB785D022A38DF683FACCA737469BF72E42365CD6DB8C2675F2ED1F1C ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
10:25:40.0158 0x2788 intelpep - ok
10:25:40.0227 0x2788 [ 7344528DFD4484CF86F36E24E7CB59B1, 821947C152E7A2B4782199E033EAEE8D3F43A5EC4CC369334A6C0793C62DA069 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
10:25:40.0277 0x2788 intelppm - ok
10:25:40.0321 0x2788 [ 8387E90B551B9B7F32EDC69909591E9E, 7086B6F2B728D7C46F0A1E7E4F81B3D33C25BD5F8A2A4ECEBA55F8C68F164500 ] invdimm C:\WINDOWS\System32\drivers\invdimm.sys
10:25:40.0351 0x2788 invdimm - ok
10:25:40.0396 0x2788 [ E207078E0E1BB3524277DB9077E4148E, 309320950095AF83DCBE08BFDD4BFE4EBADBF48CA255871A6B37BAAA7B4A5B38 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
10:25:40.0411 0x2788 iorate - ok
10:25:40.0431 0x2788 [ FD8F64B7B345E539F2EA7F72846F83B4, 95F232BC2454D68F1A154C9BD8FCCF60D36F5424B798661D6F1DD8E052ED0D04 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:25:40.0474 0x2788 IpFilterDriver - ok
10:25:40.0666 0x2788 [ 1C5867DC4091C2E23329AB984BF95604, 56FA9888A7A969539833644AD50730BBA5E770AC6097AFB490E34196596C55E0 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
10:25:40.0734 0x2788 iphlpsvc - ok
10:25:40.0746 0x2788 [ 8AAB863E72A4F9C578FED2EE3541545B, B3278B790DF9F77F8FDDBECAD22E0D2E080D74B8E61EFF112055478B3B0B2329 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
10:25:40.0762 0x2788 IPMIDRV - ok
10:25:40.0828 0x2788 [ 7BEC2AF23F586EFF0DB4DBF4331B0C70, D02506CAB19AD1D3ABBB35FCC569ED613EB9D6828E9BC0389EC8A8DFC548334B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
10:25:40.0854 0x2788 IPNAT - ok
10:25:40.0876 0x2788 [ 35A54F19E703D4FE5919F812F6CC5D0A, B0AC1C97D115F57390BD2B4F9114429CF1729EB8D658B3EAEC8ECF28A24369F7 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
10:25:40.0910 0x2788 IPT - ok
10:25:40.0953 0x2788 [ F6C47021C41F721B628161B64D7DECB9, 625227F18518098C00AF2C6F4EE5D96711D26080459AD2C9F7CF2A5778DEF191 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
10:25:41.0097 0x2788 IpxlatCfgSvc - ok
10:25:41.0117 0x2788 [ BF933330256DEDAFA939BEBC46D060C7, F9B47A83945DF2A043384626A2EB47AE9F915048636334D9768A0B4901C84E08 ] irda C:\WINDOWS\system32\drivers\irda.sys
10:25:41.0186 0x2788 irda - ok
10:25:41.0231 0x2788 [ F88664A2A82DDA456180FFF95A771765, 004BBC715FE6EC0D4D2CAE978EA64C6CEA130EE10C356B7FACF0C98B51E8AECB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
10:25:41.0261 0x2788 IRENUM - ok
10:25:41.0344 0x2788 [ 4F500A0171606B0E37964694140FCA16, 6E29A7348395EE3EB85E2BA97E581FBF605CE1BA4651F5848976AD293CC797E3 ] irmon C:\WINDOWS\System32\irmon.dll
10:25:41.0378 0x2788 irmon - ok
10:25:41.0417 0x2788 [ A3B7A93F32E110949CA01DDE7C6B991B, 5F38B882DBAB4BDFCAB289721D6D5A0D85675BA580AC96FB74ED826A4800C998 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
10:25:41.0432 0x2788 isapnp - ok
10:25:41.0528 0x2788 [ 13BAA9B1970343AE7B7028B611E52133, 3B8A5993CCF3CBF38AAE6F8813283DFA3DF2DC4B2DDA7C3421263D0D891946DC ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
10:25:41.0548 0x2788 iScsiPrt - ok
10:25:41.0692 0x2788 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:25:41.0705 0x2788 jhi_service - ok
10:25:41.0840 0x2788 [ 8438B8A45E16258064C19FBEC4EE069F, 9128F825403B26A39BC769A53555DF1FD2B82882AF1384135D0329FCF2BBAC6D ] k57nd60a C:\WINDOWS\System32\drivers\k57nd60a.sys
10:25:41.0870 0x2788 k57nd60a - ok
10:25:41.0904 0x2788 [ E320F986BBE0CD9324EA0A193EBF29B1, 9B4C7F1493377CE532361F88A0C88798F24E7EFB093DA2F0A6CB1575B9E3535C ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
10:25:41.0923 0x2788 kbdclass - ok
10:25:41.0961 0x2788 [ AFF5DDCC1A79217C9526FF5E01A69E89, 2BCD49DD8DD977B97521465B981332CA8FA8D16AB45B45993C87647FA3E9DAF0 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
10:25:41.0981 0x2788 kbdhid - ok
10:25:42.0016 0x2788 [ 916E62AF3386F7A74603E5C545F6FF2D, C5CA784F60B8CA3DE0672A816DCE14F1AD6B6783A5E6B556ED7C91337F65144F ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
10:25:42.0049 0x2788 kdnic - ok
10:25:42.0076 0x2788 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] KeyIso C:\WINDOWS\system32\lsass.exe
10:25:42.0093 0x2788 KeyIso - ok
10:25:42.0159 0x2788 [ BE46CEF0F176D215B3FDF1C664B3D6A7, 4989CE6CC5803A1E26AC197CDA234B91BC3A33E5C456E2FCE6E7744000BF0987 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
10:25:42.0186 0x2788 KSecDD - ok
10:25:42.0230 0x2788 [ 5F0A90AC0AA8C772B20AD71B87422838, 176F7C6E322098DF5033CFF0BAA267BA9D7AF7E635F3D28BC0E5F11DFECD8015 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:25:42.0247 0x2788 KSecPkg - ok
10:25:42.0286 0x2788 [ DD8C4726127CFE313233372D70787C37, 2420616FEEFC08A3F47420193A3A592D4AC5D2C817D27E5B7E4FD64153751AFB ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
10:25:42.0332 0x2788 ksthunk - ok
10:25:42.0399 0x2788 [ 6EAF246BC12DB548AC65A4CEFB14B547, F1487051FE459DB5A751DA2A6FF1E552F92226933AF8C037FA7D660B049896A3 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
10:25:42.0460 0x2788 KtmRm - ok
10:25:42.0560 0x2788 [ 2EC02DFC530560D0C01C7428E4CC9D27, 74EABA6EEEE771F19D75D9B64972B94C5308EEA5D51C0C2DB360570F1CB36F69 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
10:25:42.0615 0x2788 LanmanServer - ok
10:25:42.0720 0x2788 [ F8097F90811E9BB10F5B96262399F3C7, 1BDFB850ACE73E8882BBC3B18A5A7BCEE68696917D8462A159CE2763133DC516 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:25:42.0769 0x2788 LanmanWorkstation - ok
10:25:42.0822 0x2788 [ D81931EF9914A135F9ECF409DC826266, 8BA15C12B374DE555CB7D3CDFDDC42FE583625A9C29BCCDDEB432223E4DEEB2D ] lfsvc C:\WINDOWS\System32\lfsvc.dll
10:25:42.0872 0x2788 lfsvc - ok
10:25:42.0901 0x2788 [ 6A361ED0DE59D58CC633F7BB40AB950D, AF5315AFAAE41AAB55BB7243FD9EA2949C7F114C0ED24073751733B5A11142BA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
10:25:42.0937 0x2788 LicenseManager - ok
10:25:42.0982 0x2788 [ 56B6326B15A14043C82ED9EA3B817E2C, F3F99397B12529FAF4B77E11A3279B882F9BF986D0DDB3F1847B8EE96C6E40FF ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
10:25:43.0050 0x2788 lltdio - ok
10:25:43.0150 0x2788 [ 48199253D7F6119F88294F8845F0808D, 85C014250C14425BEFF2D8B2CCF6A29D9A5DA329ECD00F1E6D4F8DB809194FAC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
10:25:43.0200 0x2788 lltdsvc - ok
10:25:43.0229 0x2788 [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver C:\WINDOWS\System32\drivers\LMDriver.sys
10:25:43.0240 0x2788 LMDriver - ok
10:25:43.0357 0x2788 [ DCF6F1AA7A51CC08FED089363F83316E, C80FB26A6172510F3AD5E4D636AA49AD5D931FB47BECD9E8507F781D88917710 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
10:25:43.0399 0x2788 lmhosts - ok
10:25:43.0528 0x2788 [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:25:43.0548 0x2788 LMS - ok
10:25:43.0705 0x2788 [ FFDF8F07A900659CF927A273942926F8, BE27505B77404F18A0C1E57645211CC2D6CC83DEA60352A68B837E0E2D1847B5 ] LMSvc C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
10:25:43.0723 0x2788 LMSvc - ok
10:25:43.0773 0x2788 [ 20048BEE892138A745B1C23EBB0E069F, B526035CE839BADA6ABC0A0CBFFDFA5267F4EB668AE201871E61E0011518843E ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
10:25:43.0789 0x2788 LSI_SAS - ok
10:25:43.0807 0x2788 [ 9EAB16572B576979D585DDEDB12417CD, 97C37DFEA309E27E4AC50D1F4C7C3D1FB9661E0DEBB442D620D8E460F9FC9966 ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
10:25:43.0823 0x2788 LSI_SAS2i - ok
10:25:43.0851 0x2788 [ 3B7B359C0870317106DF3438D4FF491D, 5EDF767D79EF49210DD3BCC00D7629600DD522B29A2B9A9D7805076ECDCBFD1D ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
10:25:43.0866 0x2788 LSI_SAS3i - ok
10:25:43.0884 0x2788 [ 2DE03BA338A4B0ACDB416A30F1C7D56F, CF2218EA8C67CC13893B286B0904F28FBFE5AA818CC3AD1C77120B7B6E80031F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
10:25:43.0899 0x2788 LSI_SSS - ok
10:25:44.0063 0x2788 [ A4ADC59A58724CDA67A7AB93457EEE43, C5CEFD57A31A7C377ACF3F5A071646DA358079F9BEB602B96C14392FC2D57539 ] LSM C:\WINDOWS\System32\lsm.dll
10:25:44.0107 0x2788 LSM - ok
10:25:44.0152 0x2788 [ 9A497169E145FCE2D8AA7DBC67377F64, 3FA4CE7455ACBB32DECA8BC7EAD0EC1A0E123CBCBF8781FBB16453455AB9F0FE ] luafv C:\WINDOWS\system32\drivers\luafv.sys
10:25:44.0297 0x2788 luafv - ok
10:25:44.0381 0x2788 [ 3520DE00ABC5EFF0DBAFD41129AD970F, 821F9D9AAA6D8B08BEBFB76DAE5A8CCFB598789510A93D3DD4F149A39EE5D6B5 ] MapsBroker C:\WINDOWS\System32\moshost.dll
10:25:44.0415 0x2788 MapsBroker - ok
10:25:44.0535 0x2788 [ BF56CB9D02DEE8CA9CBA50220BE16F15, C6380ED59AD7B9CC9451A24808E193454CF15D90A2C1DAF22FBD3380B150F96F ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
10:25:44.0562 0x2788 mausbhost - ok
10:25:44.0583 0x2788 [ 01BDEE1FFF6D2216797DFEE4ABD937D9, ED247E6F87ECA39A7D479CA7E386D85CE8B2978164E4E9876196176F393E1235 ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
10:25:44.0597 0x2788 mausbip - ok
10:25:44.0664 0x2788 [ 0FB88EE543AEA761734B244609417E61, 0AB11FB4E61303DA7048AE6022982F1509824FB53C99761CF9A2D2E7A75F9949 ] MBAMChameleon C:\WINDOWS\system32\Drivers\MbamChameleon.sys
10:25:44.0712 0x2788 MBAMChameleon - ok
10:25:44.0760 0x2788 [ 9B77E5124A6D7F89EB9A1B7616EA1553, F31E3353B096CA01E3B9159A6F1B7AFA14C77B7FDE7F95CA3C20843E26B385A4 ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
10:25:44.0802 0x2788 MBAMFarflt - ok
10:25:45.0035 0x2788 [ 7A7F39E150E13BD8D26554E0DD652AE9, 50C42F37EF4D800C47D9FD4389C99AC400868E1BA6B89D7D5DFA3FEAA31FB2DB ] MBAMProtection C:\WINDOWS\system32\DRIVERS\mbam.sys
10:25:45.0070 0x2788 MBAMProtection - ok
10:25:46.0266 0x2788 [ A44B6F7B5F5BF9A73BF84D78876671EE, B380E63EA6F9A48758A378CA18A4D5424062D2048BFC9E342555606C4A9D7F4D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
10:25:46.0419 0x2788 MBAMService - ok
10:25:46.0518 0x2788 [ 4FA981BBE3DF0D3D91213793303F9C37, 90F762D938F56F155EA3BEF6BC74C034725BFAA38DD7954F00B0C56E386089E9 ] MBAMSwissArmy C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
10:25:46.0560 0x2788 MBAMSwissArmy - ok
10:25:46.0695 0x2788 [ DC884BB3A92A737E247C1D56C86711EB, F0355708CD33CE479C550B1ED05BE75710F56FC9199E79B55EC3FE33631F3E3A ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
10:25:46.0707 0x2788 MBAMWebProtection - ok
10:25:46.0756 0x2788 [ C7B8B5053D646CBD30BE1BA6B487D396, E3864D4CE619D67E284C64A4EAA8843FB49BC2B8CC8659F4C4B89DB6701468CB ] megasas C:\WINDOWS\system32\drivers\megasas.sys
10:25:46.0770 0x2788 megasas - ok
10:25:46.0795 0x2788 [ EB8ED3204499DDB2D3BA094A4563EE3E, A5D0095D575B241CA66CAD86280170803E7042F51D3654FCB03D7EA2347E261B ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
10:25:46.0809 0x2788 megasas2i - ok
10:25:46.0963 0x2788 [ F1C1D4E752DE1D58295040E5BE8813AF, 4DE17C5FCE63AFD545B16FA16A38F7395F29155FE165E7B21BC028CCD2A4B18E ] megasr C:\WINDOWS\system32\drivers\megasr.sys
10:25:46.0991 0x2788 megasr - ok
10:25:47.0027 0x2788 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
10:25:47.0039 0x2788 MEIx64 - ok
10:25:47.0094 0x2788 [ 4965456A1B4B3039E4B9AB233F5E9B1E, 3C303FE2BF9B38D73D005EA673C9500731125D793F4C77130F9BA8D745579591 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
10:25:47.0113 0x2788 MessagingService - ok
10:25:47.0390 0x2788 [ 16B078D1089FEA98710C9D07C152DCEE, A42C28E12F1BB21E907C1308447AD63DDF8FA5B2734A199A6EBE3824F3D1235C ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
10:25:47.0426 0x2788 mlx4_bus - ok
10:25:47.0451 0x2788 [ 20C57CE47B1A877C48A4B68E9A4E21FA, 35F98286F0665C5E06914F04F174476FBB41823564EDC55E351FCE211E2C765F ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
10:25:47.0482 0x2788 MMCSS - ok
10:25:47.0526 0x2788 [ A4467A5C080318F0CCCF5ED463821F8B, C8ECD63245B19807BAA92C3F3F87643A2F6B178395ABB15BD54D9DE68CC1A09B ] Modem C:\WINDOWS\system32\drivers\modem.sys
10:25:47.0551 0x2788 Modem - ok
10:25:47.0613 0x2788 [ 78BE85C1F1C7F3AF6C87BCE127007D5A, 5D5229FBCDC855BFF9BA3247BF4EF8E22764CFC1EC974FD5AB2D9E6293EF15A1 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
10:25:47.0644 0x2788 monitor - ok
10:25:47.0687 0x2788 [ 95314C3A08589471983C2C8173F23CDA, 05D30728D7204ABA2437259ECF929A94E6573F7621BAF35D76EBA26F5489A6CF ] MonitorFunction C:\WINDOWS\System32\drivers\TVMonitor.sys
10:25:47.0696 0x2788 MonitorFunction - ok
10:25:47.0720 0x2788 [ 8E262B34A8BD184B4B3025AA8C396B00, B48AB637A92894318DC0A33CE55519D8FBD7B31177FA3C4CA33D8609D4FC0058 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
10:25:47.0734 0x2788 mouclass - ok
10:25:47.0789 0x2788 [ C094A555F148495EA130D3BBC5232D5E, 32E823C20FED94DB23F72F67DF1A2C043CA6179A543F3BD24FCB5500BA00A37C ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
10:25:47.0810 0x2788 mouhid - ok
10:25:47.0858 0x2788 [ 8209AC7D3F8AF41E3A14D022CD1F2040, D5B325AB8E7B354BCA3550ACD03FF5AC27B5C04A1D10C9FA4686EEA34D7293FE ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
10:25:47.0873 0x2788 mountmgr - ok
10:25:47.0993 0x2788 [ 1D8121F646343BD58B25ACBD0E5E9A8A, 5189E054F64159931B11699AAB3B0F9C21170253BED8B9271B74FDB452FBD263 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:25:48.0008 0x2788 MozillaMaintenance - ok
10:25:48.0029 0x2788 [ F36E4074C66DD31855A8D79EF0AE8066, 01C01B3EAEFADBCDACA5BE7CB2AA199667786C1AD637CF6792BF715242BEFEAD ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
10:25:48.0062 0x2788 mpsdrv - ok
10:25:48.0253 0x2788 [ 4ABF7D7C44354807174EC36965B49C76, 3F57C8794F2CBFFE098B614418BBA8FC051E8DD798313228B4E03E101FCD9791 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
10:25:48.0334 0x2788 MpsSvc - ok
10:25:48.0475 0x2788 [ 215D672CB71987CD98EB2298EFB84DDC, 7E23C36DBB7C80556560E1DECE5E8F5D3D422F3D1FFE9CEA511A0BCD9D69D304 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
10:25:48.0531 0x2788 MRxDAV - ok
10:25:48.0667 0x2788 [ 71729B1EE949E1B092CB5CB75CC63715, BEA57BD3C2BEF261021DE706E67FF2836F52A7B21B2B3B2F0F5D76D20685614F ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:25:48.0707 0x2788 mrxsmb - ok
10:25:48.0780 0x2788 [ 6537678DEEA2A5B079052D75E21E46DA, A509481D509597A8A58C536C689A23086ECB2C15B4BE1AA80DBBF82B73673A2A ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:25:48.0880 0x2788 mrxsmb10 - ok
10:25:48.0957 0x2788 [ EC70CED325D4DF908F265A9526016254, 257F73C62460B7CED87E8090977B77986FF55FC6E6EFBACCD7D0A33E366767D6 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:25:48.0990 0x2788 mrxsmb20 - ok
10:25:49.0030 0x2788 [ 167408B38458ECAE545C57527BC99024, CB699B6C6F5B6DCDE85F8F0E40DD31B8066600A0833E5CD99ADE31DEC516B34F ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
10:25:49.0075 0x2788 MsBridge - ok
10:25:49.0144 0x2788 [ D5778559A0F34EE0BF0457293C6B5F4F, 73C0829F641F62CBFC0523ED54D94121E3A694ECCF148DBF4A5743631BADB714 ] MSDTC C:\WINDOWS\System32\msdtc.exe
10:25:49.0185 0x2788 MSDTC - ok
10:25:49.0248 0x2788 [ DC23D3D24C64BF3A314E34887AD86732, 5CF60E096CF13976759CBBBAEA1DBBE189A77843C6B32828C77F7BFB6506CCAD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:25:49.0372 0x2788 Msfs - ok
10:25:49.0406 0x2788 [ 6DDDFCAB646BBBCFC583135C4430E10F, 5EFD3F4F84EBEEC58914D5CC89622D69F2DBDFB7EB9AD8D9A0868127187FD673 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
10:25:49.0427 0x2788 msgpiowin32 - ok
10:25:49.0478 0x2788 [ 01C6A86BEA8279E557A5056148F068BF, 42983A61654F51515AC6DD64A68D319883FD02B3EC575F7EA7A907576866F0AF ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:25:49.0543 0x2788 mshidkmdf - ok
10:25:49.0574 0x2788 [ F65ABC7DE945047147F17330F79732CB, 050C64D7284D767C951E94EFBA579D0E066C36CA1899A2C64CEA41A34B8E9EF2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
10:25:49.0625 0x2788 mshidumdf - ok
10:25:49.0721 0x2788 [ 05B23012427801E710BDD12720B9020B, 48FB22CFDF61AAE4221B3B23E539C08083289FB0CB5ABF249700DDF968C7250A ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
10:25:49.0737 0x2788 msisadrv - ok
10:25:49.0787 0x2788 [ 21B88DF67507BD4DFF8A5487074BB31F, 5F2E1FB6227873DCA97D1BE6271E900AFA6BCE54D765C9BDBA07B74FC87B147B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
10:25:49.0818 0x2788 MSiSCSI - ok
10:25:49.0822 0x2788 msiserver - ok
10:25:49.0860 0x2788 [ 021C34C1968B78ACFBF30553EE78A1D3, 035C8D6F06A3697F0A902FB14F10091D026DB0A7492FAECD12D5A7F683C48A20 ] MSKSSRV C:\WINDOWS\System32\drivers\MSKSSRV.sys
10:25:49.0919 0x2788 MSKSSRV - ok
10:25:49.0967 0x2788 [ C3F5EA6B9041A30B4F11BE2E7863E487, 07324A9D81D30A173D3F369AA1A304AD7713C7CCF9909C6427718F0F90CE49C9 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
10:25:50.0003 0x2788 MsLldp - ok
10:25:50.0043 0x2788 [ 601D666820F0408B896791D19BE6D258, DD6BA3962A6D387D9F06B6D7006DBB2BF46D84A8FA91C628DA9D96117F14F4F0 ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys
10:25:50.0060 0x2788 MSPCLOCK - ok
10:25:50.0084 0x2788 [ 46E61FBA0097E48E5628C74A3F72233A, 21BD64041781085A7873ADA34C3648FBBBED386A071C69F21D98F2A0C3120DC6 ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys
10:25:50.0130 0x2788 MSPQM - ok
10:25:50.0242 0x2788 [ 3B6127DB162A2B1B0DA2F35BA77F12F1, 76465FB9A18538FBF8A62D317ACEE93AA5DF2B4D84E74A2AB3FFEE5C94F7992B ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
10:25:50.0264 0x2788 MsRPC - ok
10:25:50.0312 0x2788 [ CBD56E0B55FB3672BA80382EC2F8835C, 1956E9B20A363B715C2111138D2085AA28FEDA7A82228CB4D8CE7ACC578E4DDB ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
10:25:50.0325 0x2788 mssmbios - ok
10:25:50.0351 0x2788 [ 5734B2A36D3BB13A638E5305EEEC582D, 613D559ED892EC4ABDF80F2435892895677F97902E699BE30283C150ABA49877 ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys
10:25:50.0404 0x2788 MSTEE - ok
10:25:50.0437 0x2788 [ 85270E0DC6907C6B99F72A36F17AED34, 58C0BBF9CC9E42266C8AF9AB9FEC77442F96C7C6D0DFCFAAB763DAD30B1B7939 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
10:25:50.0453 0x2788 MTConfig - ok
10:25:50.0510 0x2788 [ DD673D9422457EFCCDEE45C73C0DF241, 7FDE57422416F4339344F765A1A4A9D1D59D66D74121F6082ECA562F91E71445 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
10:25:50.0525 0x2788 Mup - ok
10:25:50.0576 0x2788 [ 3C57FF3BCF496D24C39C2198158864BB, 8671DF39AE5DD83033EC70BF8A502ED027B33B90FFC28AC2C79EC8F2F9128C14 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
10:25:50.0592 0x2788 mvumis - ok
10:25:50.0738 0x2788 [ FD916B66910494DFF70C944FC38A2623, 134E9309DA253E5512F8EFE525ECB701E82CB64003DD8DC20E8395A29BDC9324 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:25:50.0797 0x2788 NativeWifiP - ok
10:25:50.0990 0x2788 [ 870B3D0E1A8F6F01356BD75F2E47E0C1, 88EC0AA1144F1523B7DDD6BCAF8771CB246153B14E950AA6F4859FB8287D6634 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
10:25:51.0061 0x2788 NaturalAuthentication - ok
10:25:51.0124 0x2788 [ FBA9F5B9F59A665F248F70B905EDCE14, D2C1795192809F6413E080A9ADC949A4D99D0FC6BE668870127161474FF40596 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
10:25:51.0364 0x2788 NcaSvc - ok
10:25:51.0514 0x2788 [ 2A265F3FE5F77F22CEA9D2785E0399C1, 24FF1D06A2A05DC7A2D7552E0B45CF6F689A4FC9A135474B587FA7649BCFED3D ] NcbService C:\WINDOWS\System32\ncbservice.dll
10:25:51.0575 0x2788 NcbService - ok
10:25:51.0603 0x2788 [ 3C7E074AE41D8DFB41A9E65904D8BF43, 34890591FDCEC035D3BB021DB035A4728C415A70F55D88F21E39073040C912AB ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
10:25:51.0638 0x2788 NcdAutoSetup - ok
10:25:51.0684 0x2788 [ 77B047B109CE758A017F58FAE5038D0D, 8E9E4ED5128C506B696FD5F0E8AD0D11FF53B5DD2F88860FF8F60307A7E08DEA ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
10:25:51.0700 0x2788 ndfltr - ok
10:25:51.0829 0x2788 [ 25D126EFFEC0B117DA4C81F7AE6C99FC, 86B7472B4C4B7564FD921FD48125D3692249B269BEE0DEF55097123309EF2306 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
10:25:51.0877 0x2788 NDIS - ok
10:25:51.0918 0x2788 [ 067AE5BA349CC35AF8975D22DC483DDF, FEC185ECDA27041506DF74528AA65B32FEBB06E32A55C8F7BA161A755C6659CF ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
10:25:51.0950 0x2788 NdisCap - ok
10:25:52.0088 0x2788 [ 6FC4D7EB5D38CFB7966405036116F065, B3E9083ABE7AD797FA54FB1308AA57D49C9B7BA662B09607666B23777F6167C8 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
10:25:52.0407 0x2788 NdisImPlatform - ok
10:25:52.0507 0x2788 [ ED7CC4E16B76B2603C9F827188EA63B4, A6E739D219F50866051A08867844BDA878D6FEA33E91DEAC1948A55CDC5BEB9F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:25:52.0603 0x2788 NdisTapi - ok
10:25:52.0651 0x2788 [ E9676E94DEA144259344A15D68785B17, 8FFF34D44E4E7E2EBE9C9337BA8E713ACD6344551C709A5537900290C51B66B3 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
10:25:52.0718 0x2788 Ndisuio - ok
10:25:52.0748 0x2788 [ DC1D26D62F40B7552BCF49D92774F0C5, 3DD7CE2AD578101EFF8C1448800A1317F01893AF6E559C4DCCD9F6ACE4B027E4 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
10:25:52.0777 0x2788 NdisVirtualBus - ok
10:25:52.0842 0x2788 [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
10:25:52.0882 0x2788 NdisWan - ok
10:25:52.0922 0x2788 [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:25:52.0948 0x2788 ndiswanlegacy - ok
10:25:53.0014 0x2788 [ 8ABF5B8D5839F8DAE2E0D3165AE732F6, CD382FFF8A71FD85B92EEE76647481AC45BD2A5815C012520A89A18EEE6E01AC ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
10:25:53.0100 0x2788 ndproxy - ok
10:25:53.0165 0x2788 [ A791792DC412CCD83DA0AF6871682552, FE1A30A6D1501463CF8AAC3AD8CE114ACFEDD38CF9BD6B2247B84E41D74A9E6B ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
10:25:53.0223 0x2788 Ndu - ok
10:25:53.0255 0x2788 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
10:25:53.0296 0x2788 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:25:53.0524 0x2788 Detect skipped due to KSN trusted
10:25:53.0524 0x2788 Net Driver HPZ12 - ok
10:25:53.0565 0x2788 [ BE79982A50AC88BC0765F3AFECFCB596, 1E7CACB1095C3F1D10766E15B31DEE195C1E6954D4E7ADA141CA4C15EE3DA445 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
10:25:53.0593 0x2788 NetAdapterCx - ok
10:25:53.0643 0x2788 [ 80475A12D4AA90937CE69265BAFA993F, 8100BF2A621D43C5E79C58183F9F7E882076BEA2D524D3AED87C8D0790F0F154 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
10:25:53.0664 0x2788 NetBIOS - ok
10:25:53.0739 0x2788 [ 2A56FA2634A9650EF4ED5DFE976397BA, 428957C3F2ECF3C0C7E098E4E5CA6AACF07104D1E42CBBBBBC172FA1C24A7293 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:25:53.0820 0x2788 NetBT - ok
10:25:53.0855 0x2788 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] Netlogon C:\WINDOWS\system32\lsass.exe
10:25:53.0870 0x2788 Netlogon - ok
10:25:53.0952 0x2788 [ 94BC40F88309B0B7DFE68B2C2BB15EB6, 7E485F6A3F0B1C34C59D1F36EDE05ED9724E23FF63EA273910A02D8177905D9B ] Netman C:\WINDOWS\System32\netman.dll
10:25:54.0000 0x2788 Netman - ok
10:25:54.0116 0x2788 [ 79ED54CA41486399361778D533E55A99, 17467C0C0D4D099DC7BF2BDE46086AF4AFC28895C62A35AA6A3906C19418AA32 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
10:25:54.0339 0x2788 netprofm - ok
10:25:54.0447 0x2788 [ B368E739AF3F577EA8D1B256F91036AD, 48BF739A0448F57B2BB0DA891D478D284A5C7F44C61D6E4F8131EED4DF7CFFDA ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
10:25:54.0556 0x2788 NetSetupSvc - ok
10:25:54.0820 0x2788 [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:25:54.0977 0x2788 NetTcpPortSharing - ok
10:25:55.0048 0x2788 [ 8AED8AF4CBF661E82CF74CBF198B0C56, 7208216C9E6A938E2CCB2F510D4A6F00F35E1AAF3FE0E6D7272F5543B843EBFC ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
10:25:55.0094 0x2788 netvsc - ok
10:25:55.0187 0x2788 [ E27ACE78CA1BDF4FBBF3323D6E9AFCDB, 7930C172AD493E39712A0F4B1AF4ADFB4ABD499B00FEEA2E1D5C9E5A26105EFC ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
10:25:55.0227 0x2788 NgcCtnrSvc - ok
10:25:55.0413 0x2788 [ A557C92583E81CA97D2C0F2467E7C2F9, F78B07DB33253142C6CB2DE1BFA1C54EB7CB5D64C94C9B73182C7D49314061EF ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
10:25:55.0579 0x2788 NgcSvc - ok
10:25:55.0700 0x2788 [ 7F609310AC1EC8D66D912438AC792392, C61FAD8431F3E627E9D81DFF95A37C057ED4EB3F3F78A598D5BD236D194EB612 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
10:25:55.0754 0x2788 NlaSvc - ok
10:25:55.0810 0x2788 [ EFF488F6DA45224965B30CE1AB464C08, AC1D0C3175958CD3F9E311C545044B9A847D6F8C89907CAB2CD3C73EC6E1836B ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:25:55.0855 0x2788 Npfs - ok
10:25:55.0903 0x2788 [ 5CB8082E51DE7D19042F0FF8C517CB0D, C0C5389E097D520018C346ECBF8AF9928FB44D9AD7B0EFD2D44E910214580A1A ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
10:25:55.0946 0x2788 npsvctrig - ok
10:25:55.0975 0x2788 [ 54407F4E774AE8AD37885BBCC0FFDB3E, 7A22A15A5EC874682FF04B35A69867A476FE88A97E27AA3A9C3F32E4B31D160F ] nsi C:\WINDOWS\system32\nsisvc.dll
10:25:56.0036 0x2788 nsi - ok
10:25:56.0075 0x2788 [ 201F3764A379001168DFB2B90F7C1E57, BC5662D43B073B41E3810938FAE511E82AD3F69DDE8B73C23D7EDBB3E6364B5B ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
10:25:56.0146 0x2788 nsiproxy - ok
10:25:56.0431 0x2788 [ BEE4FDB8DE2C90728D93393E4A3B88C2, 6E453C760965599FDC670FD8162B3A0FB127AC87D59CD6547E058F588904F307 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
10:25:56.0574 0x2788 NTFS - ok
10:25:56.0612 0x2788 [ 6D8A287B88F76EB47ACC6BF8E318E1FD, 73A8A8AD677D9BC432159B0099C2BF3928C14D2E5C88E5BCC8B96FCDFA3ED691 ] Null C:\WINDOWS\system32\drivers\Null.sys
10:25:56.0656 0x2788 Null - ok
10:25:56.0691 0x2788 [ 532F27A2B62D70C327E763F035AED6C1, 9FB6C8040D48384BC72A2021EAD7D48B5E876731849FBA68338EC3562E7CB659 ] nvdimmn C:\WINDOWS\System32\drivers\nvdimmn.sys
10:25:56.0723 0x2788 nvdimmn - ok
10:25:56.0768 0x2788 [ 7E04652EB1A476BC0A72ECDC613AF0C5, F356C5F7B1C30253F4F8A3E45AAA8C82940DBE1F208D81043D7D89EE54355890 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
10:25:56.0785 0x2788 nvraid - ok
10:25:56.0820 0x2788 [ 880B3E874914DAEF97119876543AE117, E41A633F5C2519438FCA0A85F134061224C39AB82EE61F3B80043E21985A80D7 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
10:25:56.0837 0x2788 nvstor - ok
10:25:56.0943 0x2788 [ 54EFF5C0838ABFCBBF1F47B5B9B5031F, 0895649806196B2C75013585F9C93397AB3F64817CDC4CCD17ACDE6B01F3DC38 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
10:25:57.0024 0x2788 OneSyncSvc - ok
10:25:57.0218 0x2788 [ 49064824071FF03FEA2BB202AB76BE7C, C21C41BF8E0BDB5BEEBDEC271CA767ABA31077E557C7BF4D958ED037B9ACBD51 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:25:57.0254 0x2788 ose - ok
10:25:57.0369 0x2788 [ 3C899D21CE920195CA987756769B1820, B2FACDF82CF8E2EA263CB6B2FDB3CF66B41D01D014F2BE1A683513971D050C3C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
10:25:57.0418 0x2788 p2pimsvc - ok
10:25:57.0536 0x2788 [ 35E6495236E917BDFD9659F62EFE2E33, 4B4AE686C7D2A9B7D496E62162E984CCCE79D6E42223F5B3D2EBBC7E526EA85C ] p2psvc C:\WINDOWS\system32\p2psvc.dll
10:25:57.0626 0x2788 p2psvc - ok
10:25:57.0660 0x2788 [ 2E07EC2C1622F5E7B535D62DCD61F3AB, 5FECA3CD9AF531E59B1A0FE04AE8BA22F3C929EB6AA5B2171C88A788AFAA8115 ] Parport C:\WINDOWS\System32\drivers\parport.sys
10:25:57.0702 0x2788 Parport - ok
10:25:57.0755 0x2788 [ 681E8A68C13253D23B93953FDE569120, 77B06B881999600DA85C6EB28BAE707D06B1D2BA0CFF2957689FDEBFD4BEEE10 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
10:25:57.0781 0x2788 partmgr - ok
10:25:57.0915 0x2788 [ F2A91EABFAFA3EE63A14F123528A3438, B9C64290ECF3B17F671F2AF724B81036A45D9A68E91C01ECAAEE42CC186A925D ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
10:25:58.0176 0x2788 PcaSvc - ok
10:25:58.0298 0x2788 [ DACBF8582A66CE0C4A8EE52F03F4256B, 2E4EF5E6CEE32874DD097AC6676D1BFB6F8E18B3845B976EB402181700383AFC ] pci C:\WINDOWS\system32\drivers\pci.sys
10:25:58.0320 0x2788 pci - ok
10:25:58.0400 0x2788 [ E5AF806815ED797086629741F29E4156, 1AD39A8DD564807EE11775C1C69129184A28B7AC4ED66E47CBE657C9215986C4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
10:25:58.0413 0x2788 pciide - ok
10:25:58.0470 0x2788 [ 2A631D447B988AFBE847CBAA8E5CC298, 65D52E0E7F16EFFF8926E4FF97B42ABB2C5F1125FB13F521143712E3F9028FE7 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
10:25:58.0486 0x2788 pcmcia - ok
10:25:58.0526 0x2788 [ 6F55F5AD830F8EA1D37ED23A0CBD7112, 40E7BE7CA194F5742BE24E1E391A5B833B0E7243DDDF05B332C5D26FB3086D13 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
10:25:58.0541 0x2788 pcw - ok
10:25:58.0566 0x2788 [ 1796112EB89559910BC18865A29C8894, 3EDACF3FDFB4164C1F07BAE7ABCA4E8DC5DBADE11C73F18546E5FE2A10CCDEA8 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
10:25:58.0581 0x2788 pdc - ok
es geht weiter...

Skummy 25.05.2018 09:41
Zitat:
10:25:58.0748 0x2788 [ 7D9F4EB1450CFB32D708BF943C170475, D94EA6B775414031273D0C55BBAAEC07D780B7226859F22A26772B104BA302BD ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
10:25:58.0838 0x2788 PEAUTH - ok
10:25:58.0868 0x2788 [ 35FD028E4323018202C0B7D115FD3AEF, CA0CA9EF7A6496EBD35C775D0BD9CC814B07391B69C83938C90926D316A336FD ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
10:25:58.0883 0x2788 percsas2i - ok
10:25:58.0905 0x2788 [ F9F3D8BE9BC9241CC726197261362AC4, 0AF0EBD551B3C079C7A5EA568A171B43F822C4AD0177A8135FBF315813108535 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
10:25:58.0922 0x2788 percsas3i - ok
10:25:59.0774 0x2788 [ 8C0C30BDD3CE3FC34A59B4B101162ED3, 9A89007DBBD936F985D562B3C686ADE49ED947289500A2D776BFCF9B4DF478BF ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
10:25:59.0943 0x2788 PerfHost - ok
10:26:00.0130 0x2788 [ C811E13F01FB77570B727337BBCF64B8, B37FA2DF1607F1B4443BDB94C5AC95A66A498A0FF51C2C9C2F4E1D5C7400B949 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
10:26:00.0210 0x2788 PhoneSvc - ok
10:26:00.0311 0x2788 [ D59CD92CE3784678C09B8DF518A8E1A6, 7D5B05D50EA66BAB6B8436A5989F5CA17DC35DB02E445CDEFDADEE0BEB3DE2C8 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
10:26:00.0345 0x2788 PimIndexMaintenanceSvc - ok
10:26:00.0613 0x2788 [ 73B5A132EBF3A8075A7C68DFBB4DE719, 847FC2A2B4C1C65BFEFBBF90C2EB99378E2FDE469425F141BC75D1874F94658C ] pla C:\WINDOWS\system32\pla.dll
10:26:00.0698 0x2788 pla - ok
10:26:00.0750 0x2788 [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
10:26:00.0772 0x2788 PlugPlay - ok
10:26:00.0825 0x2788 [ 36D43EA5517F3F4AAAC8EE061C957EF1, 970CBE8F689C26C384B8F4E6D0C68BB07434C4776B497E310A603A896AED05E0 ] pmem C:\WINDOWS\System32\drivers\pmem.sys
10:26:00.0858 0x2788 pmem - ok
10:26:00.0889 0x2788 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
10:26:00.0910 0x2788 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:26:01.0007 0x2788 Detect skipped due to KSN trusted
10:26:01.0007 0x2788 Pml Driver HPZ12 - ok
10:26:01.0064 0x2788 [ 59048555B59FD69287CFAB6022B5CC86, 733D3F1DBF75D6A5A015E6F849216E1954813F86E5D3B05B4AF0E9FD523FC646 ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
10:26:01.0079 0x2788 PNPMEM - ok
10:26:01.0114 0x2788 [ 7815D5EEE3624640150B1365EB2E98C5, 2E45B211F40510554E5BDA876E53497FA4A8465A152F77CF38CAD38CC6F47C8A ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
10:26:01.0144 0x2788 PNRPAutoReg - ok
10:26:01.0219 0x2788 [ 3C899D21CE920195CA987756769B1820, B2FACDF82CF8E2EA263CB6B2FDB3CF66B41D01D014F2BE1A683513971D050C3C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
10:26:01.0247 0x2788 PNRPsvc - ok
10:26:01.0346 0x2788 [ E1BCA08929D806A087D90BC11C6020E8, F9FE2E761F0F00C4A0C221D25069348185C75CA350DDD1407A6401220227A9F6 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
10:26:01.0378 0x2788 PolicyAgent - ok
10:26:01.0451 0x2788 [ A3CCFB8A5BD48F56EF2ACB4A427A1AC7, 03A6F53C44A90D2FAE1F0C212606C484AE0DFBFDF6675497FF0FBAB46D17B268 ] Power C:\WINDOWS\system32\umpo.dll
10:26:01.0476 0x2788 Power - ok
10:26:01.0508 0x2788 [ AACA74DEF7BE3DED322411787494878B, 86BAF7E855077A03F4B8C0778304CFDB9D0CF245F82B87CD60CAB666D1D17D9D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
10:26:01.0557 0x2788 PptpMiniport - ok
10:26:02.0121 0x2788 [ FAA5FBD37C00DE72573F9BF6B6E64BAD, AEF599C9D47ED197FAC54326E99114AD7EAA107A0248C77997D353A7B5C06FBB ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
10:26:02.0294 0x2788 PrintNotify - ok
10:26:02.0340 0x2788 [ 8803D4F36F1CB2E2203F5EB59571E89C, 0C83A8706CDB7400CCAB145211793B8C6153D30CA50843A5E3980536F2A38C11 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
10:26:02.0397 0x2788 PrintWorkflowUserSvc - ok
10:26:02.0547 0x2788 [ C009BE61D95CAD5F999D0F4785AEFB7B, E834AEB963E4FA8DBE9A9E69BD2212C001EF9F5461719EFB80C55C87450AFD73 ] Processor C:\WINDOWS\System32\drivers\processr.sys
10:26:02.0640 0x2788 Processor - ok
10:26:02.0754 0x2788 [ 5660B827F4D484E3329E3714CAED957D, 2A7A810429463BB204C92DBCDD5445FF11174FD45C30C617B9F939AD6DBDFFB5 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
10:26:02.0824 0x2788 ProfSvc - ok
10:26:02.0865 0x2788 [ 5818FE76C3C6AE0CA723EBE483BF447F, 613E1FE02FA52A6EF4B1E5C56F0108D493B1E97F799CF409A6697A5D5112C8B3 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
10:26:02.0902 0x2788 Psched - ok
10:26:02.0970 0x2788 [ FC1CEF0CC00E2C405ABFEF07B8CD1375, 259E366C87DC8BB4AA3562CF3E731EC5938D3936CA12D4120A9E85183BDF990C ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
10:26:03.0063 0x2788 PushToInstall - ok
10:26:03.0125 0x2788 [ 034BA34ADFA10F9D7E4989273DDABA33, 8763D28817A64F0D82B61EBA1FA54D7E0C97E66FA3F359C1A681740E1AF680C2 ] QWAVE C:\WINDOWS\system32\qwave.dll
10:26:03.0179 0x2788 QWAVE - ok
10:26:03.0235 0x2788 [ 16F9A6B593B52EB18F7ECB9D251BDF7A, 5DD26B91DF51A07097A893F3537F94FE2CD1F9D132B0994451E922CE1359516B ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
10:26:03.0267 0x2788 QWAVEdrv - ok
10:26:03.0329 0x2788 [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim C:\WINDOWS\System32\drivers\RadioShim.sys
10:26:03.0359 0x2788 RadioShim - ok
10:26:03.0392 0x2788 [ 13600C467512147E99052806F2C1307A, 705257F42FA3502113958A295E0E0FED9C6A35DB6214099360606E792F69B1C6 ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys
10:26:03.0421 0x2788 Ramdisk - ok
10:26:03.0491 0x2788 [ BD6EF1748DC3DBACEC97B87B6252AAC7, D5D8FF60403BC0B1B315B3413D15E47FE64C63D8F1AC28225DDC21E41BD8A7E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:26:03.0587 0x2788 RasAcd - ok
10:26:03.0644 0x2788 [ ED0EE10911C16AD8B21B9003C90E968F, CFB280D14F629E87BBBDA83841E4B3DD8866FB8382FF17D3E807BBFBBC3BAC1A ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
10:26:03.0689 0x2788 RasAgileVpn - ok
10:26:03.0734 0x2788 [ 54D8A771A5C32C293288E64ABE07FE50, 073F65F1F910C4887C7F60992F5C50629EEA5F4AA8182206D73F2FECE56AB6BC ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:26:03.0763 0x2788 RasAuto - ok
10:26:03.0802 0x2788 [ E0220BB6580D34001D4D1D133052DAA4, F350A34E7592673B7B77F907E7D7ACFC50C6099A4874C1D870BD0E089D8EF668 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
10:26:03.0862 0x2788 Rasl2tp - ok
10:26:04.0050 0x2788 [ DDC95170F61986C1226FC575D404298B, 326DB48EAB266BAF18D69AC49504985D495121FE5090D5A11EB55CFC3D85AFA6 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:26:04.0138 0x2788 RasMan - ok
10:26:04.0185 0x2788 [ 12EE1D92F4E5FAE4B6F65195A2016CE5, C62E9EBD4FE642248C36BB2C9BD7B1C1C09E8A33D4B4AA39DD32F9FD1FE86081 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:26:04.0219 0x2788 RasPppoe - ok
10:26:04.0272 0x2788 [ 91CE469015979E5B3C3DBC2C41A476E8, 45D7EA66311126E370B4E082F7E8507399AC594AB6F7CD5A45C9F09658FD7E19 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
10:26:04.0313 0x2788 RasSstp - ok
10:26:04.0407 0x2788 [ BC808F726164F2EBF18E79B9AC7B70AF, B551D5DE08DC91675D2B92CBB3F2FBC16D1C5260B240B36532EAEA011F296B17 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:26:04.0432 0x2788 rdbss - ok
10:26:04.0488 0x2788 [ 9D7E65A15478944836C353B556F9CB87, F2D2D73EBF3A866B0511135D60C5C6CE397F41366A2D33D0B045A4A08066CF72 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
10:26:04.0591 0x2788 rdpbus - ok
10:26:04.0646 0x2788 [ 39886C19FB466BBF8AEC31E3E77C034C, 58817B7941377DD5C972131EAF8FD472992F912ED48E6CB770410D359675D3B9 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
10:26:04.0720 0x2788 RDPDR - ok
10:26:04.0832 0x2788 [ 4D1A63ACEC42A88E52AFC4E84A8CE9EE, 37789428D78273EB09F3613BC72DF5D5E9210D4650CC4D9F9DD413DB4A20B6F2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:26:04.0851 0x2788 RdpVideoMiniport - ok
10:26:04.0935 0x2788 [ A4C3DC6530752AF3C78DAAC8B2B23EA7, 8CE953800256FD75FA608530B9570E42A838DCE7E82DE5F396432BC320590C00 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
10:26:04.0955 0x2788 rdyboost - ok
10:26:05.0308 0x2788 [ FB0577F6BC9E07549CEACF5224327499, 7AD01A641C3A8735C05C7EFDF3730D7A385A241306E3AD01B088D7329FF319E0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
10:26:05.0372 0x2788 ReFS - ok
10:26:05.0558 0x2788 [ 4136BCA61BCDCC79DCE145F9CB639CD6, 58D49C41532A31F6F2112317BB60D80D34A4D29CAABBF11BAD9C45FD8B812F93 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
10:26:05.0598 0x2788 ReFSv1 - ok
10:26:05.0689 0x2788 [ 16884710EB4898CB49B18609EEE34C6C, CEC4850825D81969BE269A4DC23DF54F6E2346AADE40D95E91B512412D4BD358 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:26:05.0760 0x2788 RemoteAccess - ok
10:26:05.0811 0x2788 [ 9D82CD53B622A85A10B4DA8F4724A8E4, 0D4DDDF7C8D90CB19A86EA531205BAF19BA2335DBD10CD9F006C969CE9735223 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:26:05.0843 0x2788 RemoteRegistry - ok
10:26:05.0995 0x2788 [ 24C716C6A5AA3BEC3180BB15050C75C5, 15BC70E932C4AB0609231098F8C3EC56840BB20099C74C008EF23DBFC556A43E ] RetailDemo C:\WINDOWS\system32\RDXService.dll
10:26:06.0056 0x2788 RetailDemo - ok
10:26:06.0108 0x2788 [ BBC228CA2F96B784B01FE7F1C5E3CFBB, AF24D0B4093F9CCE88C5BCB94944BCD6D36B890AD8544AF0CD7814B8D4F73A7A ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
10:26:06.0153 0x2788 rhproxy - ok
10:26:06.0219 0x2788 [ 665A51DE515A2E8B0BDB3D6917D47DD9, F5BF28900F55CB17016E64775B9A5B64D16E2A5898F4D5A7ABE26639932B2C63 ] RmSvc C:\WINDOWS\System32\RMapi.dll
10:26:06.0254 0x2788 RmSvc - ok
10:26:06.0309 0x2788 [ D0F6698E56F0157EA72F2D754C6FD555, A93DEECB1D84E5AC2C1E2D3D54BA118774E6F77996BEC7BCB6C758B6D04D1920 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
10:26:06.0350 0x2788 RpcEptMapper - ok
10:26:06.0385 0x2788 [ EB65907BD63871669C54D5E5BAE4DD34, 9A429C4B416913D65728A40890FC3C69465C4C77C2D313007BDF24EA5F4E1400 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:26:06.0417 0x2788 RpcLocator - ok
10:26:06.0649 0x2788 [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:26:06.0707 0x2788 RpcSs - ok
10:26:06.0825 0x2788 [ 27B80E5766B114621980F82FB78E912A, D7986FB32AFA2F376FBAA5EFAC18F5E699BAF97AD0C92A0B787E1CAF77465CFD ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
10:26:06.0881 0x2788 rspndr - ok
10:26:06.0925 0x2788 [ 96C14A080CE15E4D8A9C7AE526F7B804, F8753CB05393EDDAC5FF99C5DAAFCF955C4CE8D14E065E9A7B4ED156BF9503D3 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
10:26:06.0968 0x2788 s3cap - ok
10:26:07.0095 0x2788 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] SamSs C:\WINDOWS\system32\lsass.exe
10:26:07.0109 0x2788 SamSs - ok
10:26:07.0166 0x2788 [ 324FA3C337EB54B43448F7B08444DC8D, 6AC6E84EBE169400D5CE140C7DC7F527D1A8F5B642593870AD7D1B193C21C7A3 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
10:26:07.0181 0x2788 sbp2port - ok
10:26:07.0269 0x2788 [ 93B12AC7CEAF6BA742DC13AEA349217A, BFDFF3779827B1FF39C5834D9248FFF162B9362F2F7FD8EF8750FD83F35E23D3 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
10:26:07.0316 0x2788 SCardSvr - ok
10:26:07.0388 0x2788 [ 3396A6A892987E8B81289583FC416360, E002C70A34C01B0F5EEA3D53A150DFB3693D1ABA63D61E7EEF3C5B6D5AC86215 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
10:26:07.0417 0x2788 ScDeviceEnum - ok
10:26:07.0472 0x2788 [ 62A33CE69DB508BCEC63F4D3BFF400CE, 914FF18959025C71923558898F95B8113EE49930144A0B19FC06C5C043A171B4 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:26:07.0524 0x2788 scfilter - ok
10:26:07.0747 0x2788 [ B6F0D0C90C052BDB4E3EA7DAC982D72F, B34DFEC3565B8F33D919A6A6BBEC9315466E525E1B2F069968CBC9969EB9E05B ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:26:07.0851 0x2788 Schedule - ok
10:26:07.0900 0x2788 [ 7B057373146CC4E5A1F1DA665EA55DC7, 48F1C276F99D4E135A261DDEFE2D813430DEFF6BA30FCBFFB102EA40EAD9434A ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
10:26:07.0920 0x2788 scmbus - ok
10:26:07.0982 0x2788 [ 6286CBE87B64AB7D1F59E3375A2FF3F4, 92C276A18F99D2A423BC3A99EBDA1239F3B335C1EB6EBAF2F2800A23188B26F2 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
10:26:08.0023 0x2788 SCPolicySvc - ok
10:26:08.0128 0x2788 [ 1F58E6D5C1F211DE8BF5131BF12077D1, 76816B302DB4D0B91FC8DEE6643C9839A48812DF1EE7D34100134550184AA2CB ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
10:26:08.0148 0x2788 sdbus - ok
10:26:08.0202 0x2788 [ 6D3853838864886B4F10B074282772E0, 50855299C5D7FBE0E45EE6288EA1B824215D3E3693F24F1AD2BB2F2E27F6150D ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
10:26:08.0215 0x2788 SDFRd - ok
10:26:08.0282 0x2788 [ 368180051766E4289E3D47AF21F2668C, AD1E675A990684F131F09E61988525102CDEDA0817A20F188FE9D2A428216BC2 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
10:26:08.0310 0x2788 SDRSVC - ok
10:26:08.0369 0x2788 [ 80E9563F0B75E98482ECB7D5CBA56BBA, D1121951117253CBA45DF3D4A9A50374F2FCF750CA6661299B8EBF78904245EA ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
10:26:08.0384 0x2788 sdstor - ok
10:26:08.0425 0x2788 [ 0356C85312D78F4C7F33C74B6000BB93, 378018A0ABDF65506B471F091DEF6A8E1D2E719BEBA843595C550E3151C9E6D6 ] seclogon C:\WINDOWS\system32\seclogon.dll
10:26:08.0445 0x2788 seclogon - ok
10:26:08.0626 0x2788 [ 2BBC2F0C8DF38DD72AF7EC97298101C0, 58A5226321CCB28FBC259C1D0DA1D3469DDA2C81BBE516F3ECC6C10BA2DD166B ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
10:26:08.0654 0x2788 SecurityHealthService - ok
10:26:08.0924 0x2788 [ A8A23102301BCB047B269C59167D4B8F, 9851F4E693FE6BAC39ABF14A1469300D718019ABCAC39049A07E7809F7C253C0 ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
10:26:09.0129 0x2788 SEMgrSvc - ok
10:26:09.0177 0x2788 [ 62EDAD383010E037C4D3846C7C021A00, CF2C5D97B4B8C472242A1DCC1CB97A081BFDA41F5708CA78DC9B5041C9B747D9 ] SENS C:\WINDOWS\System32\sens.dll
10:26:09.0225 0x2788 SENS - ok
10:26:09.0448 0x2788 [ DDBBE9A08C79D3BB50D6053507F7777D, CA67D6FFCF63F38AAA320276F0AB96F87F6431907D2BC138E7EEE4530BE88AF1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
10:26:09.0519 0x2788 SensorDataService - ok
10:26:09.0611 0x2788 [ 109A90EF5B1E771DA47C371BA9485960, 37BAECE685E79F37889CD0603F086341A5CA349E943D26CB991A7EFBD2998FAF ] SensorService C:\WINDOWS\system32\SensorService.dll
10:26:09.0662 0x2788 SensorService - ok
10:26:09.0720 0x2788 [ 3C7280B0BB401D6645128A9D5B076D35, 75EEAA870D027FAB9406AACE969D386DAA1C3A8933895424AB70350BD5F30227 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
10:26:09.0762 0x2788 SensrSvc - ok
10:26:09.0811 0x2788 [ 75A27472AFD009255DBDE52038E3BDB5, 95C31B86D77D73B340901D3BD9798A9E3171D4D3F3D4632FBE3F6AE2B49A17C7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
10:26:09.0825 0x2788 SerCx - ok
10:26:09.0863 0x2788 [ 84005F54308109A022413D628E966412, 6828A10DF28053C159E93BDD7A62A5517E7037DC302D0EEED55BF07B48E0A202 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
10:26:09.0881 0x2788 SerCx2 - ok
10:26:09.0903 0x2788 [ 40384793F74CFFA45BCC38DF65E978EC, FA68F18573CA92703A3442BB4BC5135C42520BA7D2C3E4B872115C02EE0A719E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
10:26:09.0919 0x2788 Serenum - ok
10:26:09.0946 0x2788 [ 699470AD24D67908991A777716A352FD, 6155D9785DF9A9346B715798A2C4A0F9B90D2AF725E710F127E06155272B406E ] Serial C:\WINDOWS\System32\drivers\serial.sys
10:26:09.0964 0x2788 Serial - ok
10:26:10.0004 0x2788 [ 92453F065F52A8EF0328A926B2C9502F, 11CF98993B00B4850C30528F0922BF392B8DE085AD84D17721964D543A41D64D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
10:26:10.0026 0x2788 sermouse - ok
10:26:10.0162 0x2788 [ 846F99625DB02B06E0581715D0C4D0C9, EC72C2C860921A4234079D29C29D6F80F73B1D87610C6A4F0B1ABC948E532756 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
10:26:10.0191 0x2788 SessionEnv - ok
10:26:10.0202 0x2788 [ 1D8920C40F19B5FBA5F4897779840AD1, 9B1DAFD92963118ACEA411224AA65C841D57D29F6F1EB69A58AB32BC5FEB1592 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
10:26:10.0218 0x2788 sfloppy - ok
10:26:10.0369 0x2788 [ F74C32575862D3F32B21A1A52E7763CA, A60DA54A99D489804575E271B57388F61A3C03A2B4F1798699E5385C12A85575 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:26:10.0408 0x2788 SharedAccess - ok
10:26:10.0692 0x2788 [ 63377493508564288721EF5421A216F5, 8D8F2CAD3608AE47AFEAA60C51E288EA622EC85B1CAA330CD226CA7A49F0F8E3 ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
10:26:10.0753 0x2788 SharedRealitySvc - ok
10:26:10.0909 0x2788 [ 887458A234108B5B69038299BE7FAD88, B25780E36FCA373141EC129EC878AC0C2D560DFF62FEE3DFE332256C1FCDF579 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:26:10.0983 0x2788 ShellHWDetection - ok
10:26:11.0184 0x2788 [ 5ED18BE9FE76540A0596BB41C91719C6, 54B52E6EC059F48D2A4FEDC9D2B7B391A605F63CFC29C46A9FC5BA936EF3A72D ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
10:26:11.0234 0x2788 shpamsvc - ok
10:26:11.0302 0x2788 [ A871F9CC9CF388DC7193D22EF8D8C8DF, D9E915F85E4FD993B04162B7D30BE6F230DD5464BBD75AE173255E59BA777067 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:26:11.0319 0x2788 SiSRaid2 - ok
10:26:11.0358 0x2788 [ D30FC341550CC364880950152AE8B1C5, BCCEB920C8DBCE061A62B0B7C91DA2981312DE9A8EC2D7398AE6009148603C77 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
10:26:11.0376 0x2788 SiSRaid4 - ok
10:26:11.0416 0x2788 [ 9CA6E573757C76A515EFD6DD795A3A1E, E7F87EF70545ABA33171A5783439E6E7874A2CAEE0C7ECF384023FBDCD967743 ] smphost C:\WINDOWS\System32\smphost.dll
10:26:11.0507 0x2788 smphost - ok
10:26:11.0644 0x2788 [ F4B4E405BCDE95D748F8429FCC30E668, 72E675166B3E90D3FC23FD1AF1A3B201416294C962E0800707DCBA71DB9D7736 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
10:26:11.0756 0x2788 SmsRouter - ok
10:26:11.0818 0x2788 [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
10:26:11.0874 0x2788 snapman - ok
10:26:11.0921 0x2788 [ FDADDEC855034107E5FAD708B4E2424D, 1E3A07E0F67E23F32E046F516608D78299BA66BC647F6A6A240C77245FE3A7FF ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
10:26:11.0961 0x2788 SNMPTRAP - ok
10:26:12.0037 0x2788 [ DA0AECA8222682F90C325E483E8115D4, 20CB647C132F20A3466C7C429057F01C4AC7A3D0E49B6C40206E61231EA05A54 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
10:26:12.0067 0x2788 spaceport - ok
10:26:12.0116 0x2788 [ CCECE7E96B4F7B0E9F0FC82F6DADA917, 4C20D74971C7A822C51429BE960F85016B03166E05D43B29F5D290F413006C18 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
10:26:12.0130 0x2788 SpatialGraphFilter - ok
10:26:12.0185 0x2788 [ 545507AF670BC88B89200A118513ED9A, 1450D29E678F26B317D55BBF41E603296C5FBA54F956801D3E796808FFDCC0AD ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
10:26:12.0201 0x2788 SpbCx - ok
10:26:12.0354 0x2788 [ FAEF35589C86C448F732926716956087, 6D370EA797617A3138FB15F285F08373299BE77B5C8CCD28BF559F17437E8A48 ] spectrum C:\WINDOWS\system32\spectrum.exe
10:26:12.0433 0x2788 spectrum - ok
10:26:12.0555 0x2788 [ 153F12DE99760ACC89F53848DED45679, 6C55023782082B4E5CB5E653C530A6CF0AF86D5D38566AA4C3A332534BE0EA7B ] Spooler C:\WINDOWS\System32\spoolsv.exe
10:26:12.0628 0x2788 Spooler - ok
10:26:13.0543 0x2788 [ CED434DA6E043B450141932D974FF8C1, 48704C2461D1019522F2F0F931B663EEE2E5E200949F63DA41ADA965B3612669 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
10:26:13.0737 0x2788 sppsvc - ok
10:26:13.0919 0x2788 [ 22EB59B1EB50C3E82F450F4974D62663, 19087E62B4295A58C7D67F900543DF20D0FF3A018FD06EF99DA38392906E3295 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:26:14.0141 0x2788 srv - ok
10:26:14.0389 0x2788 [ 09FADE98D187D1886950109E8AF083DA, 3CF285BEA351AC8E13708B2BE96F57B0D72CF92D667ED69138E2D5CC8FDC2B11 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
10:26:14.0579 0x2788 srv2 - ok
10:26:14.0699 0x2788 [ 43480B3EE4D23F5AA8EE7C6D83B09487, BDBF48060ECAE1CD5AB40DFF41C8E2499185BA690A19BCB87AE1D2A0613E33FD ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:26:14.0806 0x2788 srvnet - ok
10:26:14.0925 0x2788 [ 7B5E955BB63726AB625F79AA7AF7FA11, A5ED49F465BCB26C61F390018520BE97392BA9D85CC6A7C040BAA2D0EFF983FF ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:26:14.0963 0x2788 SSDPSRV - ok
10:26:15.0047 0x2788 [ 3BEF5FAC7F3DA3E25B80CC41B5060616, CAAB3CAF150F564964471F494F583014E5EF842BC4761A64B708842C4425753B ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
10:26:15.0125 0x2788 SstpSvc - ok
10:26:15.0239 0x2788 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
10:26:15.0289 0x2788 ssudmdm - ok
10:26:16.0028 0x2788 [ 0A86D5AF20A4EF70F7DE0FC9B6DE4D0E, 143CF06504FCD04D74D36642F9071D3EAE7B5B65CEB82C328F9EBBB898D90C49 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
10:26:16.0242 0x2788 StateRepository - ok
10:26:16.0284 0x2788 [ 162A805E13B3C0DD06AE8B6FC1900156, 43782D9136596365B87E7DF2046CC28C2AF9EC014308E1458E0315F7F6463B44 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
10:26:16.0298 0x2788 stexstor - ok
10:26:16.0361 0x2788 [ 0690CE515A295BD101415C7E411C43F3, 42E382EAFD2E5733805E26147BE74DF437E6E654ACDDE1DB42DB0D114B02ADE3 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
10:26:16.0477 0x2788 StillCam - ok
10:26:16.0527 0x2788 [ 3B3F5D6BB8A6A6F3630194A471989069, 0A5D586A1866113B94F5F11571506E133F64640DB38BEEDBE5489ED10314FA31 ] stisvc C:\WINDOWS\System32\wiaservc.dll
10:26:16.0568 0x2788 stisvc - ok
10:26:16.0649 0x2788 [ D218EA2F4126629BEAC03555216CB506, B2CDE7FAFD74E1EDFE213BCA84F84F081FF3718D70E3E614A8304A92FDEDEAEF ] storahci C:\WINDOWS\system32\drivers\storahci.sys
10:26:16.0665 0x2788 storahci - ok
10:26:16.0704 0x2788 [ 03B1F66AB47618A6123EB0631B57A31B, C06BD9D1648E56703067D5724B8AF898048A5D604B2560A69CF6B5CCF3651A66 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
10:26:16.0718 0x2788 storflt - ok
10:26:16.0754 0x2788 [ 15EA6F1F6BA9A0E2C8D32A6EB77129F8, 05E414CDCA79D97DA03F61BB268CC599DBD16F35FDA6D6628EB9FBD0170FF176 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
10:26:16.0770 0x2788 stornvme - ok
10:26:16.0827 0x2788 [ 15599E47C28DC511F0CA3B664A257728, 2ED213F392D4C2B848187F0583C7AEE2A41A2AA1E4DE8AC85D45EFEB0A430593 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
10:26:16.0860 0x2788 storqosflt - ok
10:26:17.0089 0x2788 [ BA9471C7B5B02F2EDF5055CC1A1476F3, D9BF3D2C5127E469BB037308114287686A9C3927396D64013007927C9A9716AB ] StorSvc C:\WINDOWS\system32\storsvc.dll
10:26:17.0186 0x2788 StorSvc - ok
10:26:17.0240 0x2788 [ 4D6FF8DDBF9CC61EC95A4BF4096D52FF, B78EDD3FB711412140C541EDF9468AB6DC1A82AEE207F22976E9C6B9722F7891 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
10:26:17.0254 0x2788 storufs - ok
10:26:17.0295 0x2788 [ 6FD2D01E4AD9494874A3A8BA74A8FA64, AFEDB991465631F68F035B968345C4B700360F2F66543A48C75458D952E50B08 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
10:26:17.0333 0x2788 storvsc - ok
10:26:17.0373 0x2788 [ 587854AF01CABE83A62D81FFEEBCD6AA, 99103FCCFE18DA0EA0121A10BCB7DEB833DE2A5C4CB8BD70E4983C2274D469E6 ] svsvc C:\WINDOWS\system32\svsvc.dll
10:26:17.0402 0x2788 svsvc - ok
10:26:17.0444 0x2788 [ 027B27E4B9DB3931D64159B81BD915A0, B30BD828748205642529B6E528D12B16F86CA4F06F60C2C2E89AD7A97EB06B49 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
10:26:17.0457 0x2788 swenum - ok
10:26:17.0532 0x2788 [ E0915F9B3C154FEF700C34A8E613B945, 172205D9DF0ABCC1F2B9484BA75A637BC0899CB42BFA5F0352B9C8E0CD6DDDA3 ] swprv C:\WINDOWS\System32\swprv.dll
10:26:17.0581 0x2788 swprv - ok
10:26:18.0646 0x2788 [ 0FE29D81F372CA2DCE9E49736A3BD3E6, 10ED93BEE7ECBD2AF5E7AB0197CC82A5424FD63A2ED90F0417B266AD06E5F32C ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
10:26:18.0806 0x2788 syncagentsrv - ok
10:26:18.0871 0x2788 [ 3D63A58A9DD3F984A7E3C2F2CB357E06, F520333AFF9F8D37707A6B50A33B712B5AF114D12C8092D2DFB04F05F241B03E ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
10:26:18.0923 0x2788 Synth3dVsc - ok
10:26:19.0144 0x2788 [ EE6CEBDB3C9AAD1C80AE32878FCD17C4, F172BE926BBDD8B11F641687FC5F9C062F322C43D08A5E1F189BCCB44CE3C4E4 ] SysMain C:\WINDOWS\system32\sysmain.dll
10:26:19.0215 0x2788 SysMain - ok
10:26:19.0313 0x2788 [ 74FFACDE32B58CCB74B9EF990C7757C0, 69AF6FF98C5793441CC46136AD99B05392974E2C0189C76066EA0DDEE8B5CF31 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
10:26:19.0343 0x2788 SystemEventsBroker - ok
10:26:19.0435 0x2788 [ 73F6476EE9F5448838B2883E0B710CD7, 0C2362C92A5CF8EBE428FC7C0399A8B6812CA42DD11D8669CB23FB10AC7B52AA ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:26:19.0461 0x2788 TabletInputService - ok
10:26:19.0537 0x2788 [ AC1AA61B04116E540C5AFD18F11F2697, D5ACC296853911E2C9A5E7B0B6F36AC4FA6B49417CB456D153427BCFD944C195 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:26:19.0597 0x2788 TapiSrv - ok
10:26:19.0978 0x2788 [ AE5CA8D3D81DCC76C5FFF1CD60E48606, 6FF9E019DF170CC44217BBB168E291C6F1EF4B73B154A125A89A0E2DD1721C3D ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
10:26:20.0090 0x2788 Tcpip - ok
10:26:20.0480 0x2788 [ AE5CA8D3D81DCC76C5FFF1CD60E48606, 6FF9E019DF170CC44217BBB168E291C6F1EF4B73B154A125A89A0E2DD1721C3D ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
10:26:20.0603 0x2788 Tcpip6 - ok
10:26:20.0689 0x2788 [ 74A1BF4093FA7B7D6C9366A39911A78E, E60694303A608EBFEAA5C581B312A212BC7081A4D67234F003917FA6E6A05F84 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
10:26:20.0739 0x2788 tcpipreg - ok
10:26:21.0101 0x2788 [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys
10:26:21.0426 0x2788 tdrpman - ok
10:26:21.0462 0x2788 [ 09125A12CAB5F8D5EAE9C83C25792FDD, D3116D8F3CD5897F90126BF3847A2B301367D4698CA8AD30A313B39F804D3D4E ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
10:26:21.0480 0x2788 tdx - ok
10:26:22.0878 0x2788 [ 0000341F01739F6877363D0064BF2376, 95F2274E26AA16D5B6233879882FCD6DF0A9E11F11EB033ACCC7B88D9E95B4DD ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
10:26:24.0819 0x2788 TeamViewer - ok
10:26:24.0876 0x2788 [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn C:\WINDOWS\System32\drivers\teamviewervpn.sys
10:26:24.0891 0x2788 teamviewervpn - ok
10:26:24.0953 0x2788 [ B4B68E1DB59456419D9E49645729502A, A741EDEBCF5E8141BCC8867D5A62024425656432B6E6B0A0131B1B4AB878744E ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
10:26:24.0967 0x2788 terminpt - ok
10:26:25.0069 0x2788 [ 96037700AEE1B4D5A6FFC62861E4FF8C, E2E4D23525389C13126401215541F5625258DA18372CB5C98D0B95123A86ACFB ] TermService C:\WINDOWS\System32\termsrv.dll
10:26:25.0141 0x2788 TermService - ok
10:26:25.0203 0x2788 [ E0F78207F33D6C10CBFB23E873837C87, 55D4411A4070AFE81E576989D67DC411BAE39D9B90697E7646F07716EABE8EC1 ] Themes C:\WINDOWS\system32\themeservice.dll
10:26:25.0244 0x2788 Themes - ok
10:26:25.0508 0x2788 [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib C:\WINDOWS\system32\DRIVERS\tib.sys
10:26:25.0586 0x2788 tib - ok
10:26:25.0673 0x2788 [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
10:26:25.0840 0x2788 tib_mounter - ok
10:26:25.0916 0x2788 [ B52BA61AB8E4BAA83EA86BAB312EE6ED, D9A9D17FD222A67CA1906A422055718269929F0B33C7417F7D1F9447FD424683 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
10:26:25.0977 0x2788 TieringEngineService - ok
10:26:26.0126 0x2788 [ BC834B233125DBB321B809972F2E270E, 7085FAF5BC5E37E81E30345E984887E2D3F7657F87A23C0C1C0A4DFCD558BA55 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
10:26:26.0183 0x2788 tiledatamodelsvc - ok
10:26:26.0279 0x2788 [ EA80B2C811A7F6B1C9EED312F06F26FB, 7DC0A5C2F56C0FD0C4BE84EA09900DF20275A2FD63ADB9D8EE4CBF39E1E2A4F4 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
10:26:26.0322 0x2788 TimeBrokerSvc - ok
10:26:26.0565 0x2788 [ CB1F7C21C4A32594AFD217074B3E4650, 0EF0E5076F9C9B8111E1474CDE2A3BC1138546B842E68F89483E36DDA1C64354 ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
10:26:26.0656 0x2788 TokenBroker - ok
10:26:26.0726 0x2788 [ F54728E32D67537C5A13454E23449C7A, F2FF6A36693EFE86B441134DF43327D2768D00A867059646F6CA93E10A682019 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
10:26:26.0745 0x2788 TPM - ok
10:26:26.0787 0x2788 [ 39187852984778424A0EFD6B01FAB272, 2E7F7AEE8BAB1C6D8B880C28222EFFB721CFDA3B39215BB065088E396581ADA9 ] TrkWks C:\WINDOWS\System32\trkwks.dll
10:26:26.0822 0x2788 TrkWks - ok
10:26:26.0907 0x2788 [ 51480571DF1B3AAC2B7F6F2DFFBBF15E, 11D39AF99D37D23AD87151998A46A4F0A8C95834A0D51BBD8EF8B11EAA02CF85 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:26:26.0931 0x2788 TrustedInstaller - ok
10:26:26.0971 0x2788 [ 8D811209E34358EAD3FD8E40F657E59C, 1A40ED03C03C4FD87EBD166C0D87356F5036F04FBC1F9A600E92E2125B117DFE ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
10:26:27.0004 0x2788 tsusbflt - ok
10:26:27.0036 0x2788 [ 68DE1735FB020AE8948BD7B60F2EBD3B, 198EFA09C3FB57CD7C11F1AB91491E8FB8093F12DACE1B1AF1BDE50EBCD8EB43 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
10:26:27.0064 0x2788 TsUsbGD - ok
10:26:27.0094 0x2788 [ ACD39B0E5CFDA7B1AB7DF33FC5CC0E46, 89FE50DE5037770D568BA025A7EB06B5FAEA39A1EB97910319B942B02EFD14E5 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
10:26:27.0119 0x2788 tunnel - ok
10:26:27.0144 0x2788 [ D5E68FCEDE15214BDB5D986D5B50E0BF, D2FA040B4BF4424928ABFB0B8CCA768C8DC9BE3DA86A3C61B1CEE1A2C543FADC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
10:26:27.0195 0x2788 tzautoupdate - ok
10:26:27.0276 0x2788 [ 04FC2C7F73AE58BF0DD674164E28A6DF, 513E98D6838008B6F97E895BCD639679276AD6A7F7E789A6F3D4E9F9781CA78A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
10:26:27.0291 0x2788 UASPStor - ok
10:26:27.0322 0x2788 [ E437FC4B1833F6B745184F78C4921FB8, 171605C7BF95FE1F342B314A969ECBE0B0D04E67D1306F470B3424AB6DE1478D ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
10:26:27.0355 0x2788 UcmCx0101 - ok
10:26:27.0382 0x2788 [ 950A3E42167904CAB9AA64863C31CEB5, FC31C3177EDA9FFD2CE51EB2B1E696E50FFB378973C3C001EE29265FED249353 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
10:26:27.0427 0x2788 UcmTcpciCx0101 - ok
10:26:27.0461 0x2788 [ F520EF2D24C1B43A2151DCA271865271, 5F9F4D82C5E6DBA8E0232DA05B30AE69BB43B66AA870584D2F9D740D61118A02 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
10:26:27.0491 0x2788 UcmUcsi - ok
10:26:27.0519 0x2788 [ E6E91B3980A495D2A9D28A09580EA993, B4987D875A8AA176818C115844388EE64054411689B014ADEAC18164D02F6AE8 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
10:26:27.0540 0x2788 Ucx01000 - ok
10:26:27.0579 0x2788 [ DACA289DFFA7658C04FEF6DCFA2AA9CE, 7BD32B5F395A8675D4B2BDCA75530F2FFA64ED87B2B67FDA08EF709A4EA15553 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
10:26:27.0613 0x2788 UdeCx - ok
10:26:27.0661 0x2788 [ 12383D410AEF99AD6979A8EFD3D61888, 376929794A2A8B05DDB2EE93E58A3C3DA19855F5CBC8B29E208E28BF95970355 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
10:26:27.0690 0x2788 udfs - ok
10:26:27.0746 0x2788 [ AB7FE51D818B6059C2F56FA62268CCAC, D8412F13BFE0B96E0A9CCB5E25A567A66AE24983564D76954AA76DAF0A52726E ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
10:26:27.0761 0x2788 UEFI - ok
10:26:27.0821 0x2788 [ 58447F28E697A93521DD20530A8D50ED, BC166B829BA28DAEB8B113D5575D6A11BF81716B38797396496F4D2C2E537F23 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
10:26:27.0842 0x2788 Ufx01000 - ok
10:26:27.0882 0x2788 [ 69ED2D00A7787D9D84E6C90CE0B02B2D, 55B137766D72BF5FFF645E8E76248FD15367DFDF7FFDABB9A9ECC27FD7555DD3 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
10:26:27.0899 0x2788 UfxChipidea - ok
10:26:27.0942 0x2788 [ F061EC57330FBC597A4E7298BE667780, 0C32162782BAE9912373CA40A67567BAEF185173E033579C4833A91C11D83E2E ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
10:26:27.0958 0x2788 ufxsynopsys - ok
10:26:28.0013 0x2788 [ B26729B378282F72241859C13326E3E8, 859398D02E301B8C79078DB43E3BF9691EBA52DD0717868E27D2D6EF918098DD ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
10:26:28.0052 0x2788 UI0Detect - ok
10:26:28.0099 0x2788 [ D40BCED160D332005AF612E1228825E6, 72B7B89A3ED1D6846D004D9BDCAAF8F1D488C21A93A926FE158217B529B55157 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
10:26:28.0136 0x2788 umbus - ok
10:26:28.0212 0x2788 [ 64CF24D7B1FA4975C52A31BF4C82EB73, 2F803884A417F2DD39A155D20EAA4D61D494E41B0F98760810EC5193B84DD425 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
10:26:28.0250 0x2788 UmPass - ok
10:26:28.0300 0x2788 [ E6B6BDA0412D3C56275E662A5A1937FD, CB971073A34CF3FA184B8E41308A14CFD5E22F48B01109E7531DF013EB5E05E7 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
10:26:28.0349 0x2788 UmRdpService - ok
10:26:28.0721 0x2788 [ F0A388AA51F0DE22AA38A4BA9B04AD9E, 1B325D1BF2B041C33BF0336D9651A744AC0A9529085F898A3D90158784F26DC2 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
10:26:28.0793 0x2788 UnistoreSvc - ok
10:26:28.0888 0x2788 [ D2931E3F67A990328DE5CE7E43F4467C, 06BA872FB07CFDD14813963A06E01F225EFDF58A63D6B0A5AEF7872C7126DF54 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:26:28.0944 0x2788 upnphost - ok
10:26:28.0960 0x2788 [ ACE4C3B4C7D17B154FFC5BBE5F7A9835, C330123EE9BF90518CCB7DA923ED32C0CFA9319C886D9ECA65E3B84E743CB145 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
10:26:28.0976 0x2788 UrsChipidea - ok
10:26:29.0013 0x2788 [ ECE40EB976A5ACB366808AECF6B235BA, FA00D0A8EF1BCA0349DCA961F4093DF790E5031F91586050372029AA9A7726C5 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
10:26:29.0030 0x2788 UrsCx01000 - ok
10:26:29.0075 0x2788 [ EB738F830D3E7EA62A218F101EF91FD4, 35B05845497448C0721377F0EDD7624A4043D0C6E91C5C1CB96853F2D3B16457 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
10:26:29.0089 0x2788 UrsSynopsys - ok
10:26:29.0156 0x2788 [ B43E28E5CF868517EEC0923AB2BC366B, 01817474AFBC2199387F30F708DDD9458FB156EA4AECC8C3E2EBBCBF7A2BA857 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
10:26:29.0175 0x2788 usbccgp - ok
10:26:29.0207 0x2788 [ 1080D80B5F6D249F23BAE1C0C36233A4, 8EB810282DACCE101D4B5F70FEB450204359537098215DED1DBFF9E14B6F86D0 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
10:26:29.0229 0x2788 usbcir - ok
10:26:29.0247 0x2788 [ EE162DA2C92026A5B96ED89737975AA8, A26E58C7BEE9B6F0F692A2649F258384E55523A64889E3B7D8EFD6D77753E243 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
10:26:29.0262 0x2788 usbehci - ok
10:26:29.0302 0x2788 [ C27FEE9758E3BEDE4D48B5EDBE1122CF, 64F7215ADCA3DC1E2D8EF3E6C3579529605DF8F7A2161FB04B19182C828E54D6 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
10:26:29.0331 0x2788 usbhub - ok
10:26:29.0400 0x2788 [ DAB1695B400DE19A9DEA686022FD1544, 0D95745883C5D5828294D67297C4B7F5AA7DCF6D3DE412506EB6C0957F605F75 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
10:26:29.0430 0x2788 USBHUB3 - ok
10:26:29.0473 0x2788 [ 44B954306BB2B311E070EDA276FECAB1, 8F3C1FC07E2B8059E41AF3BD1CC03C67770B4FB403D79171CA075874721BBCAB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
10:26:29.0511 0x2788 usbohci - ok
10:26:29.0537 0x2788 [ EEF26F9034F0608B93D4D239534BB0BA, 6B047603D4F86C12CF0B22F4260E8BC6A6FF0BEEC50C74E31CA3A4E86567F90D ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
10:26:29.0574 0x2788 usbprint - ok
10:26:29.0600 0x2788 [ 446F2908C891A583BEA930226E37036E, 830A0E9170B1BD58447EB12AAF7FA8B97B15F3D35DE53553CFC4A67620DA4619 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
10:26:29.0639 0x2788 usbser - ok
10:26:29.0702 0x2788 [ 441CAE778B6A1FF6E618E37814A7A52A, 61DF48D662421F2149FA63187B2C8556A991BDA47EA75798BA86C572C432C1EB ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
10:26:29.0766 0x2788 USBSTOR - ok
10:26:29.0791 0x2788 [ 2D6BB2157B37B2D9DABF8C218F2A805B, 5FCA03DCAE81F6B7A6EB63F13A361ED915D82635697DAA085A31D447C21C1B65 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
10:26:29.0842 0x2788 usbuhci - ok
10:26:29.0917 0x2788 [ 68788AE61B2E6A7D97CAD73B632F5BF5, 23F69D7398B1948492C88C610EAA76A72BA4CD93C795E575DDB1886321B30244 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
10:26:29.0985 0x2788 usbvideo - ok
10:26:30.0080 0x2788 [ F12FD012F562BF51B9720936918F926E, 5C0F781EAFFF2B2B3D5E693489C7E1B39AD293B49969E0AB0E5337FCABC4F96C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
10:26:30.0109 0x2788 USBXHCI - ok
10:26:30.0426 0x2788 [ DBB8DA23D912E799683A34BFBAE3EF70, FE7EAB44503C72EC3CD722617D04C0BF01EDFD2F5834C3D501538800E43C6B74 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
10:26:30.0514 0x2788 UserDataSvc - ok
10:26:30.0648 0x2788 [ 29D52BDF7605DBD39C2D6D089E72C6F4, 500CBB6AD5B097525CD5DD70F127ED66BDE8E5608DAAC5067FA0F04DC1F00D06 ] UserManager C:\WINDOWS\System32\usermgr.dll
10:26:30.0703 0x2788 UserManager - ok
10:26:30.0905 0x2788 [ 6B4D6107EF3B2DDAB334896AE80C1CD6, 9DDA0DA34F29A63C5D040DE985769283D2B71031DF9A7FBFDFE9C14ED2AF0BF6 ] UsoSvc C:\WINDOWS\system32\usocore.dll
10:26:30.0994 0x2788 UsoSvc - ok
10:26:31.0017 0x2788 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] VaultSvc C:\WINDOWS\system32\lsass.exe
10:26:31.0032 0x2788 VaultSvc - ok
10:26:31.0053 0x2788 [ BF13071600C1A0B090BEEC159A75B133, 78B239E5189B090D11A6C2CE19D8428CCCB03740CA22D00561E1BC9B5D609046 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
10:26:31.0070 0x2788 vdrvroot - ok
10:26:31.0175 0x2788 [ 07C192BEEA76B1BD9D0310ED20551D54, 0E8A90B2A228CEE94DBD193E7C6775A64C8BBEF70E318F2ECE935B6ED5B26638 ] vds C:\WINDOWS\System32\vds.exe
10:26:31.0228 0x2788 vds - ok
10:26:31.0280 0x2788 [ 9D4EEE333603F3675685F644053499D5, 545A21F86C8CD64B556DE688B31DDB157863766D53E52DE443B881D267223578 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
10:26:31.0299 0x2788 VerifierExt - ok
10:26:31.0428 0x2788 [ 274D49BBF0F3C7F193BFC13434F2F08C, B8F56DDBE61D1A6EC0967C5543A1772BEA6E7E9D4923F6DE5A09CD43AC7CDBE3 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
10:26:31.0460 0x2788 vhdmp - ok
10:26:31.0508 0x2788 [ E10FEBB566E1F0A3936AB304F338637E, 01B344061F2A8802EE88F584CF583DCECA478823A0D37C41D90340E4E2FBC43F ] vhf C:\WINDOWS\System32\drivers\vhf.sys
10:26:31.0542 0x2788 vhf - ok
10:26:31.0577 0x2788 [ 3093314480D83FB733A6069AB12D3DA1, 9056C57A56D151E3AF456FDD843F9BD7727E12B59EB09C423196F23609EA7F42 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
10:26:31.0593 0x2788 vmbus - ok
10:26:31.0637 0x2788 [ 12723C0F54432B4A98702110B344B030, DFAA6FC88F6EC7A540B5AAE930A591DD59E844630A6B03DEEA31126EAAEA256E ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
10:26:31.0678 0x2788 VMBusHID - ok
10:26:31.0714 0x2788 [ BCD144BFA4E13E0F74D852ADF283626E, 7423E69CECC2791DF814ECA6464C522BB914F7F6B0178C1A9881CBF56A1F8E1C ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
10:26:31.0747 0x2788 vmgid - ok
10:26:31.0794 0x2788 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
10:26:31.0825 0x2788 vmicguestinterface - ok
10:26:31.0839 0x2788 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
10:26:31.0869 0x2788 vmicheartbeat - ok
10:26:31.0885 0x2788 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
10:26:31.0914 0x2788 vmickvpexchange - ok
10:26:31.0965 0x2788 [ F03A5454EAE669167639CA3F2EDF73B1, 03D9A033B694BF95AC04355EB54B72030372880E0EF63C4A6D6A2A10F571AFEA ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
10:26:31.0996 0x2788 vmicrdv - ok
10:26:32.0025 0x2788 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
10:26:32.0052 0x2788 vmicshutdown - ok
10:26:32.0069 0x2788 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmictimesync C:\WINDOWS\System32\icsvc.dll
10:26:32.0095 0x2788 vmictimesync - ok
10:26:32.0116 0x2788 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
10:26:32.0144 0x2788 vmicvmsession - ok
10:26:32.0187 0x2788 [ F03A5454EAE669167639CA3F2EDF73B1, 03D9A033B694BF95AC04355EB54B72030372880E0EF63C4A6D6A2A10F571AFEA ] vmicvss C:\WINDOWS\System32\icsvcext.dll
10:26:32.0213 0x2788 vmicvss - ok
10:26:32.0261 0x2788 [ D81F6B790519A60F3D1788B45D04B749, 7607DBA77412127C4968D3B6C4FD25F8C286A22DDDD9C78BDC54DF3A4C98AA8E ] vnvdimm C:\WINDOWS\System32\drivers\vnvdimm.sys
10:26:32.0293 0x2788 vnvdimm - ok
10:26:32.0344 0x2788 [ 4F91CD6C36DF2FDB91390082A116E602, 47AD91A097B1A6769A3EBB53EF1DE861420BC3E208F148CDAA04E3B4276F0C92 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
10:26:32.0359 0x2788 volmgr - ok
10:26:32.0407 0x2788 [ 6D6CACED512C1EF1FEAC215E37E3A9BC, 11B26DA5AB0C3736E2B8ADF3E06BFF3FD7853F9D6A948EA15ADC8B7D230062D4 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
10:26:32.0433 0x2788 volmgrx - ok
10:26:32.0549 0x2788 [ 5B27846CF4B1C21AFB3A35A8336BA02F, 0481F605776B638CCE855525DF605288AB4ECA87FCB4B6E668B60E3DFD120EF2 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
10:26:32.0573 0x2788 volsnap - ok
10:26:32.0597 0x2788 [ 72A95A844D6BAF2924A4C15BEDFD6BCA, AB9F8C77A077C9E95061D562F516793E547BC276926E1895A186A39317F21BA1 ] volume C:\WINDOWS\system32\drivers\volume.sys
10:26:32.0613 0x2788 volume - ok
10:26:32.0666 0x2788 [ 9198C53EE69D942217E2ACC29A01D605, 4F4742EC69DEF6485FECD60F0EB3C7DBBCB78E706C85319CAC8FFC40D3C27780 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
10:26:32.0681 0x2788 vpci - ok
10:26:32.0990 0x2788 [ 98889F5964B1C4A2BF7364763003BA95, 3F47E57B93D16C381692D24E218CC68C378856736BC73AD33290CB6C32B32238 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
10:26:33.0016 0x2788 vpnagent - ok
10:26:33.0047 0x2788 [ 1BD8D125A46369CE6C5BDC678074D18A, 8F2472508C3A658FA6BD870D9B4076283C8C02CE9B9C293194ED9592BE4CF6D9 ] vpnva C:\WINDOWS\System32\drivers\vpnva64-6.sys
10:26:33.0099 0x2788 vpnva - ok
10:26:33.0145 0x2788 [ 075CE3C9E77D2666AFA888951E5F07A9, 264EDD6301851A41FB2233DC9BFC357EE5B60BEC1A04578FD7A576BA145E2A31 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
10:26:33.0164 0x2788 vsmraid - ok
10:26:33.0516 0x2788 [ 53B56525785DDBBF34956948A08F6491, 799759ACDF514F195A6C9DACBA966866E9012AA862B45D2E27D345D5901B7924 ] VSS C:\WINDOWS\system32\vssvc.exe
10:26:33.0602 0x2788 VSS - ok
10:26:33.0719 0x2788 [ 26D00E85BE4726B114335250FCDEDA89, BA1E3EC92786A17B99BF6544FD76F0458DAC2810D2A3B0785AC2B066079D5B09 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
10:26:33.0740 0x2788 VSTXRAID - ok
10:26:33.0785 0x2788 [ 3DFDB573E4D49EA8F416B573525B7A86, 9951D34FF0B98CA562EC0D81E23DA81BF5E5E6B4F5C274BC8E258BAE5E69DF8D ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
10:26:33.0817 0x2788 vwifibus - ok
10:26:33.0845 0x2788 [ A40FA64655AB5B8773A96A821616C5FC, 221063771A70CD6238D5DD816EC99BFFE31418EDA08E2270D864554234271087 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
10:26:33.0879 0x2788 vwififlt - ok
10:26:33.0903 0x2788 [ 0D34F98DBDF09D239533AC345C360F03, 503F6826443560C65FC281E41E91C5EBBEFFC937C975FA4CBBF5F5FC34EC3E4B ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
10:26:33.0922 0x2788 vwifimp - ok
10:26:34.0046 0x2788 [ A17A4F2823C5424C9B8B990644817DC0, D8CE6FC8B6B5BB89968D83AC3DC054C35BD16880D0B321B64799DA1830C2B626 ] W32Time C:\WINDOWS\system32\w32time.dll
10:26:34.0115 0x2788 W32Time - ok
10:26:34.0137 0x2788 [ 5B5430522E0BDF2A753D758710BE7C5E, 1476C664EFCE7A2FEE738BB767D3E2EABBEF19F1037D383140BC01F92E154039 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
10:26:34.0157 0x2788 WacomPen - ok
10:26:34.0227 0x2788 [ 451D40C28E7D1CF51A980B83FDEFF498, E6CEEB222A1C0D97E53DCFC2E22084FD4547A8CE3C16A54DD49622F524BF48CE ] WalletService C:\WINDOWS\system32\WalletService.dll
10:26:34.0294 0x2788 WalletService - ok
10:26:34.0332 0x2788 [ E77B19FF6C2FFA5B19CDF62DA4953BC9, 2D93403BCB2A44F9CF110C1EF99C1C79D2BBB8068CCCA7C30B6606C1190F6C98 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:26:34.0376 0x2788 wanarp - ok
10:26:34.0384 0x2788 [ E77B19FF6C2FFA5B19CDF62DA4953BC9, 2D93403BCB2A44F9CF110C1EF99C1C79D2BBB8068CCCA7C30B6606C1190F6C98 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:26:34.0405 0x2788 wanarpv6 - ok
10:26:34.0444 0x2788 [ E3B4C37F1F3D8078AA2AFBEE7F5468CF, E620DC9F5AAAE9652E3B742BBF4D671F04D623F657959C98F2230CEF26086CDE ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
10:26:34.0475 0x2788 WarpJITSvc - ok
10:26:34.0621 0x2788 [ 1C1EB9C4DAF428B3BFDD58572768182C, 99F429EB8C2DEC185124B8811AF96D30E963E2F71CC7184AF8650805818B52E4 ] wbengine C:\WINDOWS\system32\wbengine.exe
10:26:34.0710 0x2788 wbengine - ok
10:26:34.0938 0x2788 [ A0B4836C489C2535795C4E71E378AD07, 39A511EE1FFFD956496768A1D1453E503C911DE512EBCAECFCDFC0B8E3A8544D ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
10:26:34.0993 0x2788 WbioSrvc - ok
10:26:35.0052 0x2788 [ 0610F02EC87DBF6BA319CB1D6B8771AE, CCD9E8A028F091907BC30619ACA126F9FBA448A69124E53EF905978E3B5734F8 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
10:26:35.0069 0x2788 wcifs - ok
10:26:35.0272 0x2788 [ A616F82723F181A850C9E22E5D1AF2EB, 5A439FCADBB277EF497F6B590192C6AAB361D1D013D4C461D3A5620FCD263174 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
10:26:35.0328 0x2788 Wcmsvc - ok
10:26:35.0400 0x2788 [ 505E50A4819CF28DCE8176DB15952D49, 6003C93FB0997A9FFD5CBE9BD18C86B08594AD56D70AD93F72FB67C5F6D7666A ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
10:26:35.0440 0x2788 wcncsvc - ok
10:26:35.0506 0x2788 [ 87F462C7D37F380187BE12F079F73216, 4025B95FAF4751633E9DD9BA9312274E99778EEBADC8EA37D5E179A41C1EE344 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
10:26:35.0550 0x2788 wcnfs - ok
10:26:35.0612 0x2788 [ 45545A0E3ECDC23C4E2C104674885F51, DC6042F4A10AA564461623440A6F5A63931D28643131047CF23E4CE1A9461893 ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
10:26:35.0636 0x2788 WdBoot - ok
10:26:35.0783 0x2788 [ FCC960498E3CD899F0A429F7CF9E77AD, 91FB3B6AF1522754E6ECF5D0CD146B1D06F657D06E6D9D917F55A3789A92D8EB ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
10:26:35.0840 0x2788 Wdf01000 - ok
10:26:35.0915 0x2788 [ 9A3299DA5B85B13C38C3DAB8F80B608D, E39361AEB53A5E6C5C21A3E708088870B7080EA0CC822E8518DCB579A729FDAA ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
10:26:35.0967 0x2788 WdFilter - ok
10:26:36.0018 0x2788 [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
10:26:36.0061 0x2788 WdiServiceHost - ok
10:26:36.0066 0x2788 [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
10:26:36.0090 0x2788 WdiSystemHost - ok
10:26:36.0233 0x2788 [ 394CCCA2A8C04BA14327636F20AB9DAD, E14C82C255517CCA4DECEF1A1DA3B1115D5E7AA98838D2B9848E150ADCDCEC34 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
10:26:36.0289 0x2788 wdiwifi - ok
10:26:36.0306 0x2788 [ BB1DD5254A7BBFE88F85B7EDCA3BE92A, 7B5721AAF9B8D96A2E73C50F873ACD95C0ED8F6915A16D258BDE199CC6FC9851 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
10:26:36.0321 0x2788 WdNisDrv - ok
10:26:37.0076 0x2788 [ 3769FB7454F9BFD2860D6E1CA0D3DD24, 2E0E9650F1BE1F20D106EC38ACA36B35658F161E1901E412E5AE535F72F5B5DB ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe
10:26:37.0190 0x2788 WdNisSvc - ok
10:26:37.0230 0x2788 [ DF58AA71FBA55E15F572C93447696DEC, F20C93140A44C1E61B5544FC8B3A1145E9ED57B2F09881719F4B2853B4900891 ] wdnsfltr C:\WINDOWS\system32\drivers\wdnsfltr.sys
10:26:37.0280 0x2788 wdnsfltr - ok
10:26:37.0334 0x2788 [ 36947722152A5C5CE9CAA33AD84ACCB5, 8B6E7D7BC091DDCA6AF90ED100AAEDACCE9110179BAD5E444D6788E52C68F461 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:26:37.0359 0x2788 WebClient - ok
10:26:37.0406 0x2788 [ 7997BC2386A9976C0645A28FA8A6E7EA, ABE47A6132B7651EA2055F97E7BD9D596906086BCD726147449D4378C7E4F9B9 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
10:26:37.0434 0x2788 Wecsvc - ok
10:26:37.0455 0x2788 [ CEA146E0D096A491B265CD2340C2E31D, 285BA0D58E6E93FEB0D8F33738C6A223D7269378B3E77A7760D7131E43DEBE7C ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
10:26:37.0495 0x2788 WEPHOSTSVC - ok
10:26:37.0517 0x2788 [ 40610BA98D5830FB14C3695B3BCA647A, 6E047D04DDD9DCB142572CEAB5E73585062205BABE510C5B0D63800B2A9D251A ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
10:26:37.0543 0x2788 wercplsupport - ok
10:26:37.0585 0x2788 [ AA2B3154D12ABE34640C866AC3472E33, 32EBA0B999FDA77E6828274FE49A7619B97471BF828B18BF55BDAE19FB10DC6A ] WerSvc C:\WINDOWS\System32\WerSvc.dll
10:26:37.0625 0x2788 WerSvc - ok
10:26:37.0762 0x2788 [ 86B816E9D24625287BDE9784953A5E86, BCA73B320100D7C1052751D7FA42990579B6BA5908E31B2212BFE75681B32D3F ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
10:26:37.0837 0x2788 WFDSConMgrSvc - ok
10:26:37.0907 0x2788 [ C82198D3B33854D9578F9B09025E4293, E4CEEC078B2EE56186D75AE762D6511F3AF88C41C52039710D06CB2945C1B397 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
10:26:37.0924 0x2788 WFPLWFS - ok
10:26:37.0969 0x2788 [ F78A2731EC972312C4C998174A9BB325, 72CCA57EB6383F65683C276337F53AB38BC398CEA69E53D6E2867D5EE8B4B007 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
10:26:37.0990 0x2788 WiaRpc - ok
10:26:38.0024 0x2788 [ C8D3FC38426E990E2787771678B19C6D, FB6CA9A5BF3935793CD8B2F288FAC0C675B333D4F7393FA02244E3BCC2E25625 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
10:26:38.0040 0x2788 WIMMount - ok
10:26:38.0086 0x2788 [ B9AD53D60DA72C194F0AA2C89136FA35, DE0DC4F2E623A2F3AB5F57010765954A77E52D995AF74F6D8A52841C941C041B ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe
10:26:38.0101 0x2788 WinDefend - ok
10:26:38.0152 0x2788 [ 4499AB24236526E5CFCE817CD02EC034, 5D8666B2EEBAD0CDD70E43F83540C738333CFC5124C74432E7AB677504A48688 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
10:26:38.0180 0x2788 WindowsTrustedRT - ok
10:26:38.0206 0x2788 [ 813EE0F4D4B8D599DB1968682D080732, A3EF1BBB866F5A7C1B5303BBF6E805B35739602CA7F244C076A8BF90F1CB2952 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
10:26:38.0222 0x2788 WindowsTrustedRTProxy - ok
10:26:38.0319 0x2788 [ A6779AAAFCCF789782A78622B1076DD2, DF8EE65AA04DB4CC500945B7C26BA8C2F063B4E3B46F8F5FA207C72D0C0EB505 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
10:26:38.0359 0x2788 WinHttpAutoProxySvc - ok
10:26:38.0401 0x2788 [ E23475E9150E6A50B12DB176EA5CDD56, 25699796948D4679D0C1633C726C3CDF052F877AAA18CD7D069F95A88701CB73 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
10:26:38.0422 0x2788 WinMad - ok
10:26:38.0489 0x2788 [ 0FBD5D358094E254A1508832D4042FF7, 4EC4DB3B03BE1518BB38D4F3BF79A77D1BCA5A2DE9BA5F9C9312606E4E2A14E9 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:26:38.0518 0x2788 Winmgmt - ok
10:26:38.0571 0x2788 [ 90DBE4DB3A8266C6E078EF6682E26B91, 432AAEDE3628EAD3F844D3CBBA0AAA6AFDD04CAB04EA7871689D7FD394F25EC1 ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
10:26:38.0637 0x2788 WinNat - ok
10:26:39.0031 0x2788 [ C2A88E382CD48E4772A5570D66BF1A90, F1BFB1873FB1E37DAADE923FC30265C72018CF2003B0A5E0E5896167D1680D01 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
10:26:39.0207 0x2788 WinRM - ok
10:26:39.0257 0x2788 [ E92F3539C4758F6A9F4B80CBAC75B3E6, 9CF9069B9A738E86181FB02904720B2A88353574F35BDC298A2EB697D22B7723 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
10:26:39.0289 0x2788 WINUSB - ok
10:26:39.0326 0x2788 [ 59126AFCC64270747B5CC9B44A4A48F4, C0C1E6B248E725FE02B58151838AAC8841FB70B673A2B6EFB49EEA96E7F1C1DA ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
10:26:39.0343 0x2788 WinVerbs - ok
10:26:39.0443 0x2788 [ 0A3ADAA0EFAFA26CA8570E24A13CE484, 2B7FA1ADD904962F296111F555F4BB45A3BA77B6961DABC502B6DDC4E9324CEB ] wisvc C:\WINDOWS\system32\flightsettings.dll
10:26:39.0560 0x2788 wisvc - ok
10:26:39.0704 0x2788 [ AA11D9AEF05DE5BF7371005E6C03798C, 32003C63D3EB60D9B3F2F249873047C6C510E9195FAFE145B1CDB5C9F0358026 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
10:26:39.0840 0x2788 WlanSvc - ok
10:26:40.0135 0x2788 [ 717FE96AE0988B1F443EED06E6A703D4, 970B840576ACE0B34F5AF0B6E01F200A2DA51C250823676E1685B75610CB0508 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
10:26:40.0251 0x2788 wlidsvc - ok
10:26:40.0426 0x2788 [ 56E1A46DD1C5D28B10F02E21D077EBF6, CC9AADBBBA03E162948EE39CCAAFD0A43253C86F5B875765748B73A084DC4B25 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
10:26:40.0516 0x2788 wlpasvc - ok
10:26:40.0534 0x2788 [ E8C793ED028E132771988760819E3754, 7BC02774EEDF4B884181854BEADF2DCAC615BA3ED7F1551C0863B79E009E3043 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
10:26:40.0553 0x2788 WmiAcpi - ok
10:26:40.0608 0x2788 [ 4D69FE18CD4BE7DCE3BDE57B86426EA3, C1580315758FEC14D209F7C232E6D70BCCD375D68CB5967DA055ACC5A52A20F0 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:26:40.0657 0x2788 wmiApSrv - ok
10:26:40.0699 0x2788 WMPNetworkSvc - ok
10:26:40.0760 0x2788 [ 8D6E6F6C233AF450C50FA615530B44D2, 1BF6CD93B97920500F5FD0E9D8395ACCAAA2D126FD9C256148797B292D5F9A6C ] Wof C:\WINDOWS\system32\drivers\Wof.sys
10:26:40.0779 0x2788 Wof - ok
10:26:41.0016 0x2788 [ 1431D184691F7FA9AAC2064EB0EC6C96, 6185E5AB281327563DC4E87526B37792A9B4B86C65D5BADDBB1DBA6A50FC9134 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
10:26:41.0135 0x2788 workfolderssvc - ok
10:26:41.0187 0x2788 [ AE9793230B219113DE1163138645E5AE, 9CBC10269D847E4EFCF8B412D34B9551594396390BF5BFDEED03DBFB84D7174F ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
10:26:41.0223 0x2788 WPDBusEnum - ok
10:26:41.0259 0x2788 [ 9EAE1EF282864674355B4B81DF6AE935, 781CED5AE95D365BB59769517FA9462EFC6472ED4EB08C98EC66CE3E17C66D69 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
10:26:41.0275 0x2788 WpdUpFltr - ok
10:26:41.0464 0x2788 [ C75B59E441206A572CC64BBB60EE54B3, C43A3109EAB89B6A23E033C127F1B5586651A1A3A1C4D45ECFBF0ABE472FEBA1 ] WpnService C:\WINDOWS\system32\WpnService.dll
10:26:41.0494 0x2788 WpnService - ok
10:26:41.0525 0x2788 [ 07F4AF1730D55567EACE7ADDEA28FE48, 256671C52C350E42662DC590AE36BAFD06E9507551C39575BCD894D8FD040129 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
10:26:41.0550 0x2788 WpnUserService - ok
10:26:41.0689 0x2788 [ 367B3ED0C688AFE28C376B0230814567, 1E7419254852A70AEAA30DF0F85C4E489591E5A0E90256C40676F712D45960CA ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:26:41.0719 0x2788 ws2ifsl - ok
10:26:41.0794 0x2788 [ 95E6DA58562C14947935B1C5D393A7F0, B9F0F8B2F50B48125B89BF61B3229317E918619B6A9D47FF0B368A87EE0CE734 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
10:26:41.0822 0x2788 wscsvc - ok
10:26:41.0858 0x2788 [ 7B44553610A89F2011CF69BEA9AFD4CB, A7DE907114570F8CC248F4996045D33C0FB0159B8E6F0A4127F1C205183DDF35 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
10:26:41.0886 0x2788 WSDPrintDevice - ok
10:26:41.0914 0x2788 [ 8068DC839C3729FFC70821FBEF05D5ED, FAD4FDC8DD9CD119B93C8B8889796E9766952C032D70ACD8FA97D29A4BDFE29F ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
10:26:41.0931 0x2788 WSDScan - ok
10:26:41.0936 0x2788 WSearch - ok
10:26:42.0302 0x2788 [ 7A9DB470C8810BF01344160EBA405632, 6BC37F537C28DC7F5B283741309C4EC0EE16B16B262D6A686EA6348ED7174C08 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
10:26:42.0467 0x2788 wuauserv - ok
10:26:42.0511 0x2788 [ BD5E68B369DF3453A0A87663C6C5476D, 17B766ADB299D247EF9D4554F86015B38A89AE5C0310A36E1FCB0AC28462CE96 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
10:26:42.0557 0x2788 WudfPf - ok
10:26:42.0601 0x2788 [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
10:26:42.0639 0x2788 WUDFRd - ok
10:26:42.0660 0x2788 [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:26:42.0690 0x2788 WUDFWpdFs - ok
10:26:42.0703 0x2788 [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:26:42.0731 0x2788 WUDFWpdMtp - ok
10:26:42.0939 0x2788 [ 02DCDAE63AB343418D7420D481FE839C, DBFD3C9EF34645EB3A11107760C8298590368A2E815695B857CCF653910265A7 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
10:26:43.0044 0x2788 WwanSvc - ok
10:26:43.0094 0x2788 [ 42C738ED1552FE168F6EE1BAE8ACFCAC, 01E9CD1FA7935DD442A2EBFC93E4BDDF204F995379FCAFFEADAF0BF6638AB925 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe
10:26:43.0111 0x2788 xbgm - ok
10:26:43.0357 0x2788 [ A03C4D4D71304087820A0EF18FCF7582, F92737321A5082A72F20491810A09D249F0676F0F12478A2C81ADF9B2F79BAB0 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
10:26:43.0441 0x2788 XblAuthManager - ok
10:26:43.0561 0x2788 [ 77ADC2F5DBE303EF8B8D2D08AEE3F3DB, 65128FB8561EF1BE4E3CAA3B0D873FEA3A218E3CF90527068C43F6E549ECB188 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
10:26:43.0654 0x2788 XblGameSave - ok
10:26:43.0707 0x2788 [ 2244A4CEFE8F9C74091369ACE2E9EBC6, 48F59F36EBA0434BED00B53321107C0BDFF20131683D5E6BC7A9F5DA0B8B6929 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
10:26:43.0759 0x2788 xboxgip - ok
10:26:43.0806 0x2788 [ 1A9550D746B8604D37A90436EF686777, 3DBF305C228D28A3C4FC48F65CC38BDBFEE6B7995CEE8319E680E073978CA58B ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
10:26:43.0831 0x2788 XboxGipSvc - ok
10:26:43.0996 0x2788 [ 4951DD543AA2710760D90A58261ED665, 37D08FA58147A6606E69DB39405898D82BC40420F8FFB0BD097694A53E60AD1D ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
10:26:44.0053 0x2788 XboxNetApiSvc - ok
10:26:44.0071 0x2788 [ 4A91B49C6B1E41151D47CB919ADF013A, 4DA1E3F50B2D63AFD2F7A014E3C0420C1E7DEDE96A48EEC33C53023D88F9AAFF ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
10:26:44.0102 0x2788 xinputhid - ok
10:26:44.0106 0x2788 ================ Scan global ===============================
10:26:44.0221 0x2788 [ EB45383BE9D7ECB36D55B262E0D8EB46, DC975066C426B5FBBFA3A4254D1D97DBF889B6BFD062D9FF1892F66C0CFF2DE3 ] C:\WINDOWS\system32\basesrv.dll
10:26:44.0344 0x2788 [ B7147831151D5519E5A80CC71CA1F73D, 2862ACE7D2672399B4E0CD0D0275301BD63BFE16E4680A09F5DFDFCFBB7187BF ] C:\WINDOWS\system32\winsrv.dll
10:26:44.0379 0x2788 [ 9451BA31B1DC19CED2608D82863C6486, 888F8676086DD8338445C35A64106E01122881FD08858D3996470EBF0DF30648 ] C:\WINDOWS\system32\sxssrv.dll
10:26:44.0519 0x2788 [ AB75687641C9ADBE22336EC3C496909C, 5ACB7665BFF5024E3B244EC733F612FA257B886BC84ADD6F61246B5F6BC37B9E ] C:\WINDOWS\system32\services.exe
10:26:44.0534 0x2788 [ Global ] - ok
10:26:44.0535 0x2788 ================ Scan MBR ==================================
10:26:44.0557 0x2788 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
10:26:44.0962 0x2788 \Device\Harddisk0\DR0 - ok
10:26:44.0962 0x2788 ================ Scan VBR ==================================
10:26:45.0007 0x2788 [ 3FEDD27AFBC135E4330FC4A26CBA2162 ] \Device\Harddisk0\DR0\Partition1
10:26:45.0010 0x2788 \Device\Harddisk0\DR0\Partition1 - ok
10:26:45.0042 0x2788 [ 10C461E9C70BAF16CE41B877533B7C34 ] \Device\Harddisk0\DR0\Partition2
10:26:45.0059 0x2788 \Device\Harddisk0\DR0\Partition2 - ok
10:26:45.0087 0x2788 [ 2C5697C4EC8ADCB197D6B80654B68FCC ] \Device\Harddisk0\DR0\Partition3
10:26:45.0099 0x2788 \Device\Harddisk0\DR0\Partition3 - ok
10:26:45.0122 0x2788 [ 14DAFB6A0FACFE27E2E0FE51547DB580 ] \Device\Harddisk0\DR0\Partition4
10:26:45.0127 0x2788 \Device\Harddisk0\DR0\Partition4 - ok
10:26:45.0155 0x2788 [ DAF373418BDD6488DA379ECF04EEC644 ] \Device\Harddisk0\DR0\Partition5
10:26:45.0187 0x2788 \Device\Harddisk0\DR0\Partition5 - ok
10:26:45.0223 0x2788 [ 95F6AADE837223EEDC9C6AC2C4C577EC ] \Device\Harddisk0\DR0\Partition6
10:26:45.0256 0x2788 \Device\Harddisk0\DR0\Partition6 - ok
10:26:45.0256 0x2788 ================ Scan generic autorun ======================
10:26:45.0317 0x2788 SecurityHealth - ok
10:26:45.0318 0x2788 ETDCtrl - ok
10:26:46.0637 0x2788 [ 0011163AC036C71E03883DD10C626F81, CD1F55C6BC20817F69E76A2B2AB4BA30D175821A3A4EA5A34E285182584518B7 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:26:46.0991 0x2788 RTHDVCPL - ok
10:26:47.0032 0x2788 [ B99D68C404A4E69FBB95E3A282091CFA, 5EAB9CF42DCB58C5067C857E79F068611AE7C4A52F06B8C5C2DD0821B6B7D318 ] C:\Windows\system32\igfxtray.exe
10:26:47.0057 0x2788 IgfxTray - ok
10:26:47.0092 0x2788 [ A0B996A6D4F7502EC6A9AADFB87FDA25, 2A79F03DECCC5C11E5B14109F5FBD790A4E005A45C71766E3C85BF14699F034C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
10:26:47.0121 0x2788 Acronis Scheduler2 Service - ok
10:26:47.0485 0x2788 [ B8434467D90B65E5A2D697C7FF511802, A0F5D234A1CA1384160FB63AF40B169B4649DF7D77534DE1B16E1063EC922A87 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
10:26:47.0771 0x2788 TrueImageMonitor.exe - ok
10:26:47.0917 0x2788 [ 5FF9A79628D4A0BA3DCD6CF5EC8FD3BF, 9818AAF8F1F1C0CBD8B89352DBAF1ADBEA1F19928543517EB6473C112E95A38D ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
10:26:47.0967 0x2788 AcronisTibMounterMonitor - ok
10:26:48.0293 0x2788 [ 3E419F9FC08728E739DC7F9DDDD13CC3, FB6C5E9D021C29A8F1E0CB69F075784E13C0408E26F51967D760B2C0D9CB210E ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
10:26:48.0327 0x2788 Cisco AnyConnect Secure Mobility Agent for Windows - ok
10:26:52.0496 0x2788 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:26:53.0404 0x2788 OneDriveSetup - ok
10:26:56.0506 0x2788 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:26:57.0015 0x2788 OneDriveSetup - ok
10:26:57.0755 0x2788 [ A9620DF3B8AE68B0DD2881BF1805B86B, 1895C0A5B049CC2C9C9AC92AF103E1703379AD84766352E83F98A088B5A6612E ] C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\OneDrive.exe
10:26:57.0804 0x2788 OneDrive - ok
10:26:57.0807 0x2788 Waiting for KSN requests completion. In queue: 1
10:26:58.0833 0x2788 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x61100 ( enabled : updated )
10:26:58.0840 0x2788 Win FW state via NFP2: enabled ( trusted )
10:26:58.0989 0x2788 ============================================================
10:26:58.0989 0x2788 Scan finished
10:26:58.0989 0x2788 ============================================================
10:26:59.0000 0x1774 Detected object count: 0
10:26:59.0000 0x1774 Actual detected object count: 0
Ende von TDSSKiller

cosinus 25.05.2018 15:05
Du sollst für Logfiles CODE-Tags und keine QUOTE-Tags verwenden...QUOTE nimmt man für Zitate; issen das so undeutlich beschrieben im Lesestoff?

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Skummy 26.05.2018 16:18
Oh. Code mit Quote verwechselt.

Hier der Suchlauf ohne Befund:
Code:
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2018.05.25.04
  rootkit: v2018.05.25.04

Windows 10 x64 NTFS
Internet Explorer 11.431.16299.0
Barbara :: HOME [administrator]

25.05.2018 16:48:48
mbar-log-2018-05-25 (16-48-48).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 216152
Time elapsed: 21 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
LG

cosinus 26.05.2018 16:51
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!



adwCleaner v7.1

Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Einstellungen, scrolle nach unten und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Tracing Schlüssel löschen
    • Prefetch-Dateien löschen
    • Proxy wiederherstellen
    • IE-Policies wiederherstellen
    • Chrome-Policies wiederherstellen
    • Winsock wiederherstellen
  • Klicke nun auf Dashboard, dann auf Jetzt scannen und warte bis der Suchlauf abgeschlossen ist.
  • Klicke nun auf Bereinigen & Reparieren und bestätige mit Jetzt bereinigen.
  • WICHTIG:
    Sollte AdwCleaner nichts finden, klicke auf Grundlegende Reparatur ausführen und anschließend auf Jetzt bereinigen.
  • Nach dem Neustart öffnet sich AdwCleaner automatisch. Klicke auf Log-Datei ansehen.
  • Poste mir deren Inhalt der Log-Datei mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt. (xx = fortlaufende Nummer).


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:37 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131