Benutzerkonto erstellt sich immer wieder neu

deskaisers · 21.04.2016, 13:22

Hallo,

ich habe folgendes Problem. Ich habe auch schon unter "Alles rund um Windows" gepostet und da hieß es ich sollte es hier einstellen

Auf meinem Rechner erstellt sich immer wieder ein Benutzerkonto neu obwohl ich es gelöscht habe. Ansonsten merke ich allerdings keine Einschränkungen. Das Konto nennt sich "hielnfksedz"

Ich habe ein Windows 10 System auf einem Acer Notebook. Virenscanner ist von Eset.

Ich habe auch schon im Internet ein wenig recherchiert aber nicht so viel hilfreiche Informationen bzw. Unterstützung erhalten. Unterm Strich gab es immer "setze den Rechner neu auf". Das wäre sicher auch machbar, aber das würde ich gerne vermeiden. Irgendwie habe ich den Eindruck, dass es kein Schadprogramm ist.

Ich bedanke mich schon mal im Voraus.

M-K-D-B · 21.04.2016, 13:53

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Ich glaube auch nicht, dass es Malware ist, aber wenn du schon mal hier bist, können wir ja sicherheitshalber nachschauen.

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

deskaisers · 21.04.2016, 22:04

FRST Teil 1

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von Julius (Administrator) auf DEKANS09 (21-04-2016 22:34:49)
Gestartet von C:\Users\mail_000.DEKANPC09\Desktop
Geladene Profile: Julius & mail_000 (Verfügbare Profile: Julius & mail_000)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(F.J. Wechselberger) C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe
() C:\Users\mail_000.DEKANPC09\AppData\Roaming\OTi\AndroidShadow1422\ExImg\ImageRoot\ADLauncher.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(Dropbox, Inc.) C:\Users\mail_000.DEKANPC09\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Dropbox, Inc.) C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-15] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-05-27] (Dritek System Inc.)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2477056 2015-03-02] (MyHeritage)
HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [221216 2015-11-18] (Geek Software GmbH)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-1777572169-3104348564-1832743406-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKU\S-1-5-21-1777572169-3104348564-1832743406-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1958248 2015-11-20] (TomTom)
HKU\S-1-5-21-1777572169-3104348564-1832743406-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1777572169-3104348564-1832743406-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1777572169-3104348564-1832743406-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2732760 2016-01-19] (Acer)
HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\...\Run: [MyPhoneExplorer] => "C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe" autorun
HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\...\Run: [AndroidShadowCable] => C:\Users\mail_000.DEKANPC09\AppData\Roaming\OTi\AndroidShadow1422\ExImg\ImageRoot\ADLauncher.exe [447496 2014-03-24] ()
HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\...\Run: [Dropbox Update] => C:\Users\mail_000.DEKANPC09\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64\FileSyncShell64.dll [2016-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64\FileSyncShell64.dll [2016-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64\FileSyncShell64.dll [2016-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [""teamdrive_1_Sync] -> {E94EFFA4-DBD6-40EF-92FC-460FDEB3684A} => C:\Program Files (x86)\TeamDrive\TeamDriveShellExt64.dll [2015-06-03] (TeamDrive Systems GmbH)
ShellIconOverlayIdentifiers: [""teamdrive_2_Warning] -> {E94EFFA5-DBD6-40EF-92FC-460FDEB3684A} => C:\Program Files (x86)\TeamDrive\TeamDriveShellExt64.dll [2015-06-03] (TeamDrive Systems GmbH)
ShellIconOverlayIdentifiers: [""teamdrive_3_Folder] -> {E94EFFA6-DBD6-40EF-92FC-460FDEB3684A} => C:\Program Files (x86)\TeamDrive\TeamDriveShellExt64.dll [2015-06-03] (TeamDrive Systems GmbH)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileSyncShell.dll [2016-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileSyncShell.dll [2016-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileSyncShell.dll [2016-04-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [""teamdrive_1_Sync] -> {E94EFFA4-DBD6-40EF-92FC-460FDEB3684A} => C:\Program Files (x86)\TeamDrive\TeamDriveShellExt32.dll [2015-06-03] (TeamDrive Systems GmbH)
ShellIconOverlayIdentifiers-x32: [""teamdrive_2_Warning] -> {E94EFFA5-DBD6-40EF-92FC-460FDEB3684A} => C:\Program Files (x86)\TeamDrive\TeamDriveShellExt32.dll [2015-06-03] (TeamDrive Systems GmbH)
ShellIconOverlayIdentifiers-x32: [""teamdrive_3_Folder] -> {E94EFFA6-DBD6-40EF-92FC-460FDEB3684A} => C:\Program Files (x86)\TeamDrive\TeamDriveShellExt32.dll [2015-06-03] (TeamDrive Systems GmbH)
Startup: C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TeamDrive starten.lnk [2015-06-29]
ShortcutTarget: TeamDrive starten.lnk -> C:\Program Files (x86)\TeamDrive\TeamDrive.exe (TeamDrive Systems GmbH)
Startup: C:\Users\mail_000.DEKANPC09\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-03-18]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\mail_000.DEKANPC09\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Julius\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6e41cbc0-d302-4849-94c8-ee2363c0ea10}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f0420c1c-ff72-455c-a74b-024c891a464e}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1777572169-3104348564-1832743406-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-1777572169-3104348564-1832743406-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001 -> DefaultScope {E3EEB0CE-07D9-4F0A-B50E-8D680B78A733} URL = 
SearchScopes: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001 -> {E3EEB0CE-07D9-4F0A-B50E-8D680B78A733} URL = 
SearchScopes: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012 -> DefaultScope {E3EEB0CE-07D9-4F0A-B50E-8D680B78A733} URL = 
SearchScopes: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012 -> {E3EEB0CE-07D9-4F0A-B50E-8D680B78A733} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-04-20] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE64.ols [2014-04-11] (OpenLimit SignCubes AG)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-03] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE32.ols [2014-04-11] (OpenLimit SignCubes AG)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\vui7oj1e.default
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-11] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-01-11] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-03] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated)
R2 cjpcsc; C:\WINDOWS\SysWOW64\cjpcsc.exe [522288 2015-01-21] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2838768 2016-04-03] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-15] (ELAN Microelectronics Corp.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [245760 2014-05-28] (BUFFALO INC.) [Datei ist nicht signiert]
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-05-27] (Dritek System INC.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-01-26] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [35232 2012-08-29] (REINER SCT)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2016-04-20] (ESET)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-05-27] (Dritek System Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [73984 2014-06-16] (Identive)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FRST teil 2

Code:

ATTFilter

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-21 22:34 - 2016-04-21 22:35 - 00027784 _____ C:\Users\mail_000.DEKANPC09\Desktop\FRST.txt
2016-04-21 22:33 - 2016-04-21 22:34 - 00000000 ____D C:\FRST
2016-04-21 22:29 - 2016-04-21 22:30 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\mail_000.DEKANPC09\Desktop\tdsskiller.exe
2016-04-21 22:28 - 2016-04-21 22:33 - 02375680 _____ (Farbar) C:\Users\mail_000.DEKANPC09\Desktop\FRST64.exe
2016-04-21 22:22 - 2016-04-21 22:22 - 00000000 ___HD C:\OneDriveTemp
2016-04-20 14:11 - 2016-04-20 14:11 - 00181160 _____ (ESET) C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys
2016-04-18 12:18 - 2016-04-18 12:19 - 00000000 ____D C:\Users\mail_000.DEKANPC09\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-15 22:27 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-15 22:27 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-15 22:26 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-15 22:26 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-15 22:26 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-15 22:26 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-15 22:26 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-15 22:26 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-15 22:26 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-15 22:26 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-15 22:26 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-15 22:26 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-15 22:26 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-15 22:26 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-15 22:26 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-15 22:26 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-15 22:26 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-15 22:26 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-15 22:26 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-15 22:26 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-15 22:26 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-15 22:26 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-15 22:26 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-15 22:26 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-15 22:26 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-15 22:26 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-15 22:26 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-15 22:26 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-15 22:26 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-15 22:26 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-15 22:26 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-15 22:26 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-15 22:26 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-15 22:26 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-15 22:26 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-15 22:26 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-15 22:26 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-15 22:26 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-15 22:26 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-15 22:26 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-15 22:26 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-15 22:26 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-15 22:26 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-15 22:26 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-15 22:26 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-15 22:26 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-15 22:26 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-15 22:26 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-15 22:26 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-15 22:26 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-15 22:26 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-15 22:26 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-15 22:26 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-15 22:26 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-15 22:26 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-15 22:26 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-15 22:26 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-15 22:26 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-15 22:26 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-15 22:26 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-15 22:26 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-15 22:26 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-15 22:26 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-15 22:26 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-15 22:26 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-15 22:26 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-15 22:26 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-15 22:26 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-15 22:26 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-15 22:26 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-15 22:26 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-15 22:26 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-15 22:26 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-15 22:26 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-15 22:26 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-15 22:26 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-15 22:26 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-15 22:26 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-15 22:26 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-15 22:26 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-15 22:26 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-15 22:26 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-15 22:26 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-15 22:26 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-15 22:26 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-15 22:26 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-15 22:26 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-15 22:26 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-15 22:26 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-15 22:26 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-15 22:26 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-15 22:26 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-15 22:26 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-15 22:26 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-15 22:26 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-15 22:26 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-15 22:26 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-15 22:26 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-15 22:26 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-15 22:26 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-15 22:26 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-15 22:26 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-15 22:26 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-15 22:26 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-15 22:26 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-15 22:26 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-15 22:26 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-15 22:26 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-15 22:26 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-15 22:26 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-15 22:26 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-15 22:26 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-15 22:26 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-15 22:26 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-15 22:26 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-15 22:26 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-15 22:26 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-15 22:26 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-15 22:26 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-15 22:26 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-15 22:26 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-15 22:26 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-15 22:26 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-15 22:26 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-15 22:26 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-15 22:26 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-15 22:26 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-15 22:26 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-15 22:26 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-15 22:26 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-15 22:26 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-15 22:26 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-15 22:26 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-15 22:26 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-15 22:26 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-15 22:26 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-15 22:26 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-15 22:26 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-15 22:26 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-15 22:26 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-15 22:26 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-15 22:26 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-15 22:26 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-15 22:26 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-15 22:26 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-15 22:26 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-15 22:26 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-15 22:26 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-15 22:26 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-15 22:26 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-15 22:26 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-15 22:26 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-15 22:26 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-15 22:26 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-15 22:26 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-15 22:26 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-15 22:26 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-15 22:26 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-15 22:26 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-15 22:26 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-15 22:26 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-15 22:26 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-15 22:26 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-15 22:26 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-15 22:26 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-15 22:26 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-15 22:26 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-15 22:26 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-15 22:26 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-15 22:26 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-15 22:26 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-15 22:26 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-15 22:26 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-15 22:26 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-15 22:26 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-15 22:26 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-15 22:26 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-15 22:26 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-15 22:26 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-15 22:26 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-15 22:26 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-15 22:26 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-15 22:26 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-15 22:26 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-15 22:26 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-15 22:26 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-15 22:26 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-15 22:26 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-15 22:26 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-15 22:26 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-15 22:26 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-15 22:26 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-15 22:26 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-15 22:26 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-15 22:26 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-15 22:26 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-15 22:26 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-15 22:26 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-15 22:26 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-15 22:26 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-15 22:26 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-15 22:26 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-15 22:26 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-15 22:26 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-15 22:26 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-15 22:26 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-15 22:26 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-15 22:26 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-15 22:26 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-15 22:26 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-15 22:26 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-15 22:26 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-15 22:25 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-15 22:25 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-15 22:25 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-15 22:25 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-15 22:25 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-15 22:25 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-15 22:25 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-15 22:25 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-15 22:25 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-15 22:25 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-15 22:25 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-15 22:25 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-15 22:25 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-15 22:25 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-15 22:25 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-15 22:25 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-15 22:25 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-15 22:25 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-15 22:25 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-15 22:25 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-15 22:25 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-15 22:25 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-15 22:25 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-15 22:25 - 2016-03-29 09:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-15 22:25 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-15 22:25 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-15 22:25 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-15 22:25 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-15 22:25 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-15 22:25 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-15 22:25 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-15 22:25 - 2016-03-29 09:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-15 22:25 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-15 22:25 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-15 22:25 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-15 22:25 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-15 22:25 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-15 22:25 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-15 22:25 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-15 22:25 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-15 22:25 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-15 22:25 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-15 22:25 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-15 22:25 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-15 22:25 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-15 22:25 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-15 22:25 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-15 22:25 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-15 22:25 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-15 22:25 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-15 22:25 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-15 22:25 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-15 22:25 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-15 22:25 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-15 22:25 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-15 22:25 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-15 22:25 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-15 22:25 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-15 22:25 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-15 22:25 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-15 22:25 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-15 22:25 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-15 22:25 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-15 22:25 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-15 22:25 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-15 22:25 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-15 22:25 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-15 22:25 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-15 22:25 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-15 22:25 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-15 22:25 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-15 22:25 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-15 22:25 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-15 22:25 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-15 22:25 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-15 22:25 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-15 22:25 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-15 22:25 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-15 21:29 - 2016-04-15 22:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-15 20:51 - 2016-04-15 20:51 - 00000000 ____D C:\Users\Julius\AppData\Local\ActiveSync
2016-04-15 14:42 - 2016-04-15 14:42 - 00000020 ___SH C:\Users\Julius\ntuser.ini
2016-04-15 14:31 - 2016-04-15 14:31 - 00000000 ____D C:\Users\mail_000.DEKANPC09\AppData\Local\ActiveSync
2016-04-15 14:26 - 2016-04-15 14:26 - 00000020 ___SH C:\Users\mail_000.DEKANPC09\ntuser.ini
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-04-15 14:25 - 2016-04-15 14:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-04-15 14:21 - 2016-04-15 20:50 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-15 14:17 - 2016-04-15 14:17 - 00000000 ____D C:\Windows.old
2016-04-15 14:14 - 2016-04-15 14:14 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-04-15 14:14 - 2016-04-15 14:14 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-04-15 14:14 - 2016-04-15 14:14 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-04-15 14:14 - 2016-04-15 14:14 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-15 14:14 - 2016-04-15 14:14 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-04-15 14:14 - 2016-04-15 14:14 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-15 14:14 - 2016-04-15 14:14 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-04-15 14:14 - 2016-04-15 14:14 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-15 14:14 - 2016-04-15 14:14 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-04-15 14:14 - 2016-04-15 14:14 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-04-15 14:14 - 2016-04-15 14:14 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-04-15 14:14 - 2016-04-15 14:14 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-04-15 14:14 - 2016-04-15 14:14 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-04-15 14:14 - 2016-04-15 14:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-04-15 14:14 - 2016-04-15 14:14 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-04-15 14:14 - 2016-04-15 14:14 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-04-15 14:14 - 2016-04-15 14:14 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-15 14:14 - 2016-04-15 14:14 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-15 14:14 - 2016-04-15 14:14 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-15 14:14 - 2016-04-15 14:14 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-04-15 14:14 - 2016-04-15 14:14 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-04-15 14:14 - 2016-04-15 14:14 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-15 14:14 - 2016-04-15 14:14 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-04-15 14:14 - 2016-04-15 14:14 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-15 14:14 - 2016-04-15 14:14 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-04-15 14:14 - 2016-04-15 14:14 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-04-15 14:14 - 2016-04-15 14:14 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-04-15 14:14 - 2016-04-15 14:14 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-04-15 14:14 - 2016-04-15 14:14 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-15 14:14 - 2016-04-15 14:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-04-15 14:14 - 2016-04-15 14:14 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-04-15 14:13 - 2016-04-15 14:13 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-04-15 14:13 - 2016-04-15 14:13 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-15 14:13 - 2016-04-15 14:13 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

deskaisers · 21.04.2016, 22:04

FRST Teil 3

Code:

ATTFilter

2016-04-15 14:13 - 2016-04-15 14:13 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-04-15 14:13 - 2016-04-15 14:13 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-15 14:13 - 2016-04-15 14:13 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-04-15 14:13 - 2016-04-15 14:13 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-04-15 14:13 - 2016-04-15 14:13 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-04-15 14:13 - 2016-04-15 14:13 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-04-15 14:13 - 2016-04-15 14:13 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-04-15 14:08 - 2016-04-18 12:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-15 14:04 - 2016-04-15 14:04 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-15 14:00 - 2016-04-15 14:00 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-04-15 14:00 - 2016-04-15 14:00 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-04-15 14:00 - 2016-04-15 14:00 - 00000000 ____D C:\Program Files\MSBuild
2016-04-15 14:00 - 2016-04-15 14:00 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-04-15 14:00 - 2016-04-15 14:00 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-15 13:59 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-04-15 13:59 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-04-15 13:58 - 2016-04-15 13:58 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-04-15 13:58 - 2016-04-15 13:58 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-04-15 13:58 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-04-15 13:58 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-04-15 13:58 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-04-15 13:58 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-04-15 13:51 - 2016-04-15 13:51 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-15 13:51 - 2016-04-15 13:51 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2016-04-15 13:51 - 2016-04-15 13:51 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-04-15 13:51 - 2016-04-15 13:51 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2016-04-15 13:51 - 2016-04-15 13:51 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-04-15 13:38 - 2016-04-15 13:54 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-04-15 13:31 - 2016-04-18 12:51 - 00000000 ____D C:\Users\mail_000.DEKANPC09
2016-04-15 13:31 - 2016-04-15 21:05 - 00000000 ____D C:\Users\Julius
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\Vorlagen
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\Startmenü
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\Netzwerkumgebung
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\Lokale Einstellungen
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\Eigene Dateien
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\Druckumgebung
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\Documents\Eigene Videos
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\Documents\Eigene Musik
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\Documents\Eigene Bilder
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\AppData\Local\Verlauf
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\AppData\Local\Anwendungsdaten
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\mail_000.DEKANPC09\Anwendungsdaten
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\Vorlagen
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\Startmenü
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\Netzwerkumgebung
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\Lokale Einstellungen
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\Eigene Dateien
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\Druckumgebung
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\Documents\Eigene Videos
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\Documents\Eigene Musik
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\Documents\Eigene Bilder
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\AppData\Local\Verlauf
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\AppData\Local\Anwendungsdaten
2016-04-15 13:31 - 2016-04-15 13:31 - 00000000 _SHDL C:\Users\Julius\Anwendungsdaten
2016-04-15 13:27 - 2016-04-15 13:40 - 00000000 ____D C:\Program Files\Intel
2016-04-15 13:27 - 2016-04-15 13:27 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-04-15 13:27 - 2016-04-15 13:27 - 00000000 ____D C:\Program Files\Realtek
2016-04-15 13:27 - 2015-10-18 22:09 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-04-15 13:27 - 2015-10-18 22:09 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-04-15 13:26 - 2016-04-15 13:54 - 00000000 ____D C:\Program Files\Elantech
2016-04-15 13:26 - 2015-10-30 09:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-04-15 13:22 - 2016-04-18 12:05 - 00053284 _____ C:\WINDOWS\system32\wpbbin.exe
2016-04-15 13:22 - 2016-04-15 22:43 - 00480656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 12:47 - 2016-04-15 23:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-11 11:40 - 2016-04-11 11:40 - 05934784 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-04-03 02:23 - 2016-04-03 02:23 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-04-03 01:37 - 2016-04-03 02:21 - 00000000 ____D C:\EEK
2016-04-03 00:43 - 2016-04-03 01:36 - 224733960 _____ C:\Users\mail_000.DEKANPC09\Downloads\EmsisoftEmergencyKit.exe
2016-04-03 00:32 - 2016-04-03 00:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-03 00:31 - 2016-04-03 00:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-03 00:31 - 2016-04-03 00:31 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-03 00:31 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-03 00:31 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-03 00:31 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-03 00:30 - 2016-04-03 00:30 - 22851472 _____ (Malwarebytes ) C:\Users\mail_000.DEKANPC09\Downloads\mbam-setup-2.2.1.1043.exe
2016-03-29 13:18 - 2016-03-29 13:18 - 00016148 _____ C:\WINDOWS\system32\DEKANS09_Frau Bley_HistoryPrediction.bin

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-21 22:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-21 22:32 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-21 22:31 - 2016-03-04 22:18 - 00000000 ____D C:\Users\mail_000.DEKANPC09\Desktop\Alte Firefox-Daten
2016-04-21 22:22 - 2014-07-13 17:04 - 00000000 ___RD C:\Users\mail_000.DEKANPC09\Dropbox
2016-04-21 22:22 - 2013-12-22 20:06 - 00000000 __RDO C:\Users\mail_000.DEKANPC09\SkyDrive
2016-04-21 22:12 - 2015-06-17 12:02 - 00001276 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1777572169-3104348564-1832743406-1012UA.job
2016-04-21 02:08 - 2015-05-09 18:18 - 00000000 ____D C:\Program Files (x86)\StarMoney 10
2016-04-20 14:12 - 2015-06-17 12:02 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1777572169-3104348564-1832743406-1012Core.job
2016-04-20 13:40 - 2014-03-08 00:00 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-20 12:18 - 2013-12-22 17:49 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{65FC81B8-793F-450E-B89A-B4AFCD007BB8}
2016-04-20 12:11 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-20 12:08 - 2013-05-27 10:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-18 12:25 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-18 12:21 - 2014-07-13 16:59 - 00000000 ____D C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox
2016-04-18 12:19 - 2015-06-17 12:02 - 00000000 ____D C:\Users\mail_000.DEKANPC09\AppData\Local\Dropbox
2016-04-18 12:13 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-18 12:13 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-18 12:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-18 12:13 - 2015-09-11 00:54 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-18 12:05 - 2013-09-15 14:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-15 23:04 - 2015-10-30 08:28 - 08912896 ___SH C:\WINDOWS\system32\config\BBI
2016-04-15 22:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-15 22:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-15 22:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-15 22:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-15 22:36 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-15 21:04 - 2013-08-27 15:37 - 00000000 ____D C:\Users\Julius\AppData\Local\Packages
2016-04-15 21:02 - 2016-03-08 21:02 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Skype
2016-04-15 21:02 - 2015-10-18 22:43 - 00000000 ____D C:\Users\Julius\AppData\Roaming\TeamDrive3
2016-04-15 21:02 - 2015-06-29 14:19 - 00000000 ____D C:\Users\Julius\AppData\Roaming\teamdrive-Overlays
2016-04-15 21:01 - 2014-07-12 11:49 - 00000000 __SHD C:\Users\Julius\IntelGraphicsProfiles
2016-04-15 20:56 - 2015-10-18 22:56 - 00002432 _____ C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-15 20:56 - 2015-10-18 22:56 - 00000000 ___RD C:\Users\Julius\OneDrive
2016-04-15 20:54 - 2013-03-18 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-04-15 20:52 - 2013-03-18 12:21 - 00000000 ____D C:\Program Files (x86)\Acer
2016-04-15 20:51 - 2013-12-11 00:48 - 00000000 ____D C:\Users\Julius\AppData\Local\clear.fi
2016-04-15 20:48 - 2013-08-27 21:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-15 15:05 - 2013-12-18 12:51 - 00000000 ____D C:\Users\mail_000.DEKANPC09\AppData\Local\Packages
2016-04-15 14:58 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-04-15 14:38 - 2015-09-11 10:30 - 00002468 _____ C:\Users\mail_000.DEKANPC09\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-15 14:32 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-04-15 14:32 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-04-15 14:31 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-15 14:30 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-15 14:30 - 2013-12-18 13:03 - 00000000 ____D C:\Users\mail_000.DEKANPC09\AppData\Local\clear.fi
2016-04-15 14:28 - 2014-07-08 21:42 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-04-15 14:25 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-04-15 14:24 - 2013-12-22 16:07 - 00127638 _____ C:\WINDOWS\diagwrn.xml
2016-04-15 14:24 - 2013-12-22 16:07 - 00127638 _____ C:\WINDOWS\diagerr.xml
2016-04-15 14:21 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-15 14:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-15 14:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-04-15 14:16 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-15 14:16 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-04-15 14:16 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-04-15 14:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-15 14:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-04-15 14:16 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-15 14:16 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-15 14:16 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-15 14:16 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-15 14:16 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-15 14:16 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-15 14:09 - 2015-06-17 12:02 - 00003892 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1777572169-3104348564-1832743406-1012UA
2016-04-15 14:09 - 2015-02-23 22:14 - 00002692 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet Pro 8610
2016-04-15 14:09 - 2014-07-20 22:09 - 00002420 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2016-04-15 14:09 - 2014-07-20 22:09 - 00002394 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2016-04-15 14:09 - 2014-07-01 23:25 - 00002488 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 6700
2016-04-15 14:09 - 2014-03-11 22:52 - 00003312 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{949B96BE-C119-44D6-828F-46F56C788480}
2016-04-15 14:09 - 2014-03-08 00:00 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-15 14:09 - 2013-12-22 16:31 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-04-15 14:09 - 2013-09-03 16:29 - 00002880 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1777572169-3104348564-1832743406-1009
2016-04-15 14:09 - 2013-08-27 16:52 - 00002940 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1777572169-3104348564-1832743406-1005
2016-04-15 14:09 - 2013-03-18 12:21 - 00003752 _____ C:\WINDOWS\System32\Tasks\ALUAgent
2016-04-15 14:08 - 2016-03-20 15:38 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-04-15 14:08 - 2016-02-27 22:03 - 00002534 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-04-15 14:08 - 2015-10-18 22:48 - 00002564 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-04-15 14:08 - 2015-06-17 12:02 - 00003620 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1777572169-3104348564-1832743406-1012Core
2016-04-15 14:08 - 2014-07-20 22:09 - 00002392 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2016-04-15 14:08 - 2014-07-20 22:09 - 00002378 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2016-04-15 14:08 - 2014-07-20 22:09 - 00002376 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2016-04-15 14:08 - 2014-02-05 17:47 - 00003304 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0D661C0F-BAA3-4E0A-9D2F-FF82F2F2B801}
2016-04-15 14:08 - 2013-12-18 12:58 - 00002940 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1777572169-3104348564-1832743406-1012
2016-04-15 14:08 - 2013-12-18 12:06 - 00002940 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1777572169-3104348564-1832743406-1011
2016-04-15 14:08 - 2013-11-16 12:26 - 00002318 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2016-04-15 14:08 - 2013-09-15 13:17 - 00002940 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1777572169-3104348564-1832743406-1006
2016-04-15 14:08 - 2013-09-03 12:55 - 00002940 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1777572169-3104348564-1832743406-1004
2016-04-15 14:08 - 2013-08-27 15:45 - 00002940 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1777572169-3104348564-1832743406-1001
2016-04-15 14:08 - 2013-05-27 10:03 - 00002248 _____ C:\WINDOWS\System32\Tasks\Power Management
2016-04-15 14:08 - 2013-05-27 10:01 - 00002878 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1777572169-3104348564-1832743406-500
2016-04-15 14:08 - 2013-05-27 09:40 - 00001848 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2016-04-15 14:08 - 2013-05-27 09:31 - 00003042 _____ C:\WINDOWS\System32\Tasks\HIDMonitor
2016-04-15 14:08 - 2013-03-18 12:25 - 00002582 _____ C:\WINDOWS\System32\Tasks\iuEmailOutlookAgent
2016-04-15 14:08 - 2013-03-18 12:25 - 00002576 _____ C:\WINDOWS\System32\Tasks\iuBrowserIEAgent
2016-04-15 14:08 - 2013-03-18 12:25 - 00002392 _____ C:\WINDOWS\System32\Tasks\DeviceDetector
2016-04-15 14:08 - 2013-03-18 12:21 - 00002778 _____ C:\WINDOWS\System32\Tasks\ALU
2016-04-15 14:07 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-15 14:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-04-15 14:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-04-15 13:54 - 2016-03-20 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-15 13:54 - 2016-01-31 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2016-04-15 13:54 - 2015-11-20 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-04-15 13:54 - 2015-11-05 01:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-04-15 13:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-04-15 13:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-15 13:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help
2016-04-15 13:54 - 2015-10-30 08:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-15 13:54 - 2015-10-18 22:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-04-15 13:54 - 2015-10-18 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-04-15 13:54 - 2015-06-29 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamDrive
2016-04-15 13:54 - 2015-06-24 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-04-15 13:54 - 2015-06-02 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2016-04-15 13:54 - 2015-06-02 12:38 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2016-04-15 13:54 - 2015-05-09 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarMoney 10
2016-04-15 13:54 - 2015-03-11 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allway Sync
2016-04-15 13:54 - 2015-01-31 04:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chipcardmaster
2016-04-15 13:54 - 2015-01-31 04:18 - 00000000 ____D C:\Users\mail_000.DEKANPC09\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AusweisApp2
2016-04-15 13:54 - 2015-01-31 03:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REINER SCT cyberJack
2016-04-15 13:54 - 2015-01-29 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-04-15 13:54 - 2014-12-19 03:27 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-15 13:54 - 2014-12-19 03:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-15 13:54 - 2014-11-06 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Backup and Recovery™ 2014 Free
2016-04-15 13:54 - 2014-09-28 02:03 - 00000000 ____D C:\Users\mail_000.DEKANPC09\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AusweisApp
2016-04-15 13:54 - 2014-09-13 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.2
2016-04-15 13:54 - 2014-09-10 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-04-15 13:54 - 2014-08-17 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-04-15 13:54 - 2014-07-28 15:29 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2016-04-15 13:54 - 2014-07-25 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-04-15 13:54 - 2014-07-20 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2016-04-15 13:54 - 2014-07-19 13:15 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-04-15 13:54 - 2014-07-06 02:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-04-15 13:54 - 2014-07-06 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2016-04-15 13:54 - 2014-07-01 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X6 (64-Bit)
2016-04-15 13:54 - 2014-06-24 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarMoney 9.0
2016-04-15 13:54 - 2014-06-23 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-04-15 13:54 - 2014-04-12 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2016-04-15 13:54 - 2013-08-27 16:29 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
2016-04-15 13:54 - 2013-03-18 12:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2016-04-15 13:54 - 2013-03-18 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-04-15 13:51 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-04-15 13:44 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-04-15 13:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-04-15 13:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-04-15 13:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-04-15 13:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-04-15 13:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-15 13:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-04-15 13:44 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-04-15 13:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-04-15 13:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-04-15 13:44 - 2013-05-27 09:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-04-15 13:41 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-04-15 13:41 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-15 13:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-04-15 13:41 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-04-15 13:40 - 2016-03-04 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-15 13:40 - 2016-01-11 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-04-15 13:40 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-04-15 13:40 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-15 13:40 - 2014-08-16 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-04-15 13:40 - 2014-07-08 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IRIS
2016-04-15 13:40 - 2014-07-06 03:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2016-04-15 13:40 - 2013-05-27 09:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-04-15 13:38 - 2014-05-28 21:52 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BUFFALO
2016-04-15 13:30 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-15 13:23 - 2015-10-30 20:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-04-15 12:34 - 2015-10-30 21:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-13 12:44 - 2013-09-15 17:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 12:34 - 2013-09-15 17:33 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-03 02:31 - 2014-06-23 23:14 - 00000000 ____D C:\Users\mail_000.DEKANPC09\AppData\Local\CrashDumps
2016-04-03 01:24 - 2015-06-24 23:44 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-04-03 01:24 - 2015-06-24 23:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-04-01 14:20 - 2014-06-24 22:40 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-04 22:15 - 2014-07-04 22:18 - 0007512 _____ () C:\Users\Julius\AppData\Local\HWVendorDetection.log
2014-04-03 23:52 - 2014-04-03 23:52 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-05-27 09:40 - 2013-05-27 09:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-15 13:22

==================== Ende von FRST.txt ============================

deskaisers · 21.04.2016, 22:06

Das war komplizirt.
Nun kommt Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von Julius (2016-04-21 22:37:46)
Gestartet von C:\Users\mail_000.DEKANPC09\Desktop
Windows 10 Home Version 1511 (X64) (2016-04-15 12:26:06)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1777572169-3104348564-1832743406-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1777572169-3104348564-1832743406-503 - Limited - Disabled)
Gast (S-1-5-21-1777572169-3104348564-1832743406-501 - Limited - Disabled)
hielnfksedz (S-1-5-21-1777572169-3104348564-1832743406-1026 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1777572169-3104348564-1832743406-1017 - Limited - Enabled)
Julius (S-1-5-21-1777572169-3104348564-1832743406-1001 - Administrator - Enabled) => C:\Users\Julius
mail_000 (S-1-5-21-1777572169-3104348564-1832743406-1012 - Limited - Enabled) => C:\Users\mail_000.DEKANPC09

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.00.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Instant Update Service (HKLM\...\{D2CBB205-A363-449C-A855-D8F1791E86C1}) (Version: 1.00.3014 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Allway Sync version 15.1.0 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AusweisApp (HKLM-x32\...\{66CDAA58-667B-4130-B009-811FB78CFEDE}) (Version: 1.13.1 - OpenLimit SignCubes AG)
AusweisApp2 (HKLM-x32\...\{51F89243-B40E-470B-9B9D-ADD19B344E55}) (Version: 1.2.0 - Governikus GmbH & Co. KG)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Chipcardmaster 7.11 (HKLM-x32\...\Chipcardmaster_is1) (Version:  - Dr. Olaf Jacobsen)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{2CDF0D0A-C58C-4136-9978-F029B2723B0D}) (Version: 16.4.0.1280 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.4.1280 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.4.1280 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - BR (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Content (HKLM-x32\...\_{C221B72F-C0AC-4DD7-B27E-701B1E9DE23A}) (Version: 16.0 -  Corel Corporation)
CorelDRAW Graphics Suite X6 - Content (x32 Version: 16.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - ES (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FR (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM Content (x32 Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IT (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - NL (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.7 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.4.1.1281 - Corel Corporation)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.7 - Corel Corporation) Hidden
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.1.0 - REINER SCT)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
Dropbox (HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ESET Smart Security (HKLM\...\{B06E39BF-C72B-446B-9462-1EE31789B3A2}) (Version: 8.0.319.1 - ESET, spol s r. o.)
FileZilla Client 3.12.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Foxit Reader (HKLM-x32\...\{FE1EFF18-814A-42CE-8470-EC97EDDAF8FF}) (Version: 5.4.3.920 - Foxit Corporation)
FreeFileSync 6.14 (HKLM-x32\...\FreeFileSync) (Version: 6.14 - www.FreeFileSync.org)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
HID Monitor (HKLM-x32\...\{92030051-FC3E-404B-9C4B-BCFBDF6DEA66}) (Version: 1.1.5 - Acer Incorporated)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{C1586445-E3CA-45F0-A754-E6C2784CDDB7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.12 - Acer Inc.)
LibreOffice 4.2.5.2 (HKLM-x32\...\{93AD8CBD-C32E-4318-90BB-A294BE2D712C}) (Version: 4.2.5.2 - The Document Foundation)
Licensing Service (03000201) (x32 Version: 03.00.02.15 - Protexis Inc.) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3007 - Acer Incorporated)
MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.137 - MAGIX AG)
MAGIX Foto Manager 10 (x32 Version: 8.0.1.137 - MAGIX AG) Hidden
MAGIX Online Druck Service (HKLM-x32\...\{3E0E4F57-8FE0-4812-840B-56EB8CC3DB7B}) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\{31877B1E-6950-4E76-BBE7-ACD612586F8E}) (Version: 4.3.6.1987 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6769.2017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{92a68ee6-690a-4c60-b5ac-4292593cb68c}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7143 - MyHeritage.com)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF24 Creator 7.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Readiris Pro 14 (HKLM-x32\...\{64A9C130-E372-48E9-B31E-E04A42382751}) (Version: 14.00.7277 - I.R.I.S.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6833 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27028 - Realtek Semiconductor Corp.)
Samsung SideSync 3.0 (HKLM-x32\...\Samsung SideSync) (Version: 3.1.4.827 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15064.11 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15064.11 - Samsung Electronics Co., Ltd.) Hidden
StarMoney (x32 Version: 4.0.4.16 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney 10  (HKLM-x32\...\{8DBDA4EE-4EB7-48C5-BC2B-EDA0C3B1BA26}) (Version: 10 - Star Finanz GmbH)
StarMoney 9.0  (HKLM-x32\...\{0779D886-EF5B-4D73-8364-7F204BC5C7B3}) (Version: 9.0 - Star Finanz GmbH)
Studie zur Verbesserung von HP Officejet 6700 Produkten (HKLM\...\{4EE2A4CB-47B0-4412-808C-D556E3940598}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Studie zur Verbesserung von HP Officejet Pro 8610 (HKLM\...\{C597CC7C-D465-4761-8516-274F3713FE85}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
TeamDrive (HKLM-x32\...\TeamDrive) (Version: 4.0.9.1266 - TeamDrive Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.5100 - Broadcom Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1777572169-3104348564-1832743406-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\mail_000.DEKANPC09\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03398FA4-390D-488B-A6AA-AA63936AF91E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-09-28] (Hewlett-Packard Company)
Task: {09BF7CDC-6B1A-466B-B74B-6F2050F4569F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1777572169-3104348564-1832743406-1012Core => C:\Users\mail_000.DEKANPC09\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {0E56C185-F15A-49FE-B1A8-938679F39EE0} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-01-22] ()
Task: {0F91E425-E5B0-40B5-8672-B257FEC844A6} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2C16F48A-B117-476F-B5F5-D8DE9266F23D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {31B8BB0E-DDA6-40FA-8490-A70957AE801D} - System32\Tasks\HIDMonitor => C:\Program Files\Acer Incorporated\HID Monitor\HIDMonitor.exe
Task: {31DCDB14-DA7D-4880-B224-192AA12143D6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3C2D3B74-B6E6-4CF0-83E4-C0B46F476481} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19] (Acer)
Task: {3F90D7B0-F9AF-4442-A8BE-CAF855063881} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-04-03] (Microsoft Corporation)
Task: {4BBD7184-0DEC-485F-93A6-D9C78FE8908B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5B1C9C12-45A9-4660-949D-3E946FC8D675} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {5CD92C39-EC80-43BB-AA7A-707CD70D5F48} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {6370883B-A8AE-4D11-94D3-31CDB12B0B96} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {65D44F51-1586-4F4F-833E-12423B5A5E5D} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {68D05484-93CC-4258-96D3-ABB193054DC2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {731D1F6B-8439-4485-9BE8-930C3A9D2B7B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-03] (Microsoft Corporation)
Task: {76E96D76-0F59-4AF1-A6D4-A9AE8A2C927B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {794F0A3B-B68E-4F41-8ECA-C6DC9CF05593} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {7BD28EA2-110A-453D-920F-786F24BCC5C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {7DADD75E-3614-4BD4-8CF4-4F25211E3381} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {8507C600-3852-4583-9178-30CC073F67FE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-03] (Microsoft Corporation)
Task: {89544CD6-CE29-4E90-8F44-F1FF4166459D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {8C2F758C-FEE6-4248-AE6E-F5D3626B8FD3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8D967DD7-B307-42FD-A8FD-E0D9128D1EC8} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {8E031172-D9B3-40F7-B564-C4791DBCD67E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {906741D1-25B0-4BB9-A097-5FCE7FD070F3} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated)
Task: {91500DF7-3BEC-4444-B6FE-239BE0A98FF9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {93993F63-EC45-4AEF-AF3F-74DAFB3ACEAC} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {95672D94-AFC5-4E5D-8B11-5ADAC6F6D60A} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2013-01-08] ()
Task: {AA08A61B-701D-496A-BD62-6E349A07F189} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {B0F7A452-4EF0-4F00-B065-7508E3C19B45} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-11] (Adobe Systems Incorporated)
Task: {BE790EC7-E3D2-4DE0-BAAD-3A372408FA96} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {DCD87F5E-4D9D-42AA-85DA-C71404E057D3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E31E0FAC-5D5B-4F85-8414-6BD39CE8231E} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E342BB08-D5D1-4B7B-A30C-003127164C82} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1777572169-3104348564-1832743406-1012UA => C:\Users\mail_000.DEKANPC09\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {E36D7F6C-1482-4ACE-91E7-597ABE473E9F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E98514A1-8D1B-4472-A876-F925B103DE87} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {EA6B78FC-358D-476D-91B8-CE5F32C41C2D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {EBA25C3C-C08B-4D66-A71B-42AAA91999A2} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {F61E34DE-00A9-4C1D-AE4A-D3C40130E681} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2013-01-08] ()
Task: {FE3DB4F2-0028-4A21-946C-93069403E2BA} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1777572169-3104348564-1832743406-1012Core.job => C:\Users\mail_000.DEKANPC09\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1777572169-3104348564-1832743406-1012UA.job => C:\Users\mail_000.DEKANPC09\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-11-05 00:59 - 2016-04-03 04:34 - 00172224 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-15 22:26 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2012-08-23 14:02 - 2012-08-23 14:02 - 00030640 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
2016-04-15 22:26 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-15 22:26 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-05-27 10:09 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-07-09 19:32 - 2015-07-09 19:32 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2016-04-15 14:14 - 2016-04-15 14:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-15 22:25 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-15 22:26 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-15 22:26 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-15 22:26 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-02-11 11:03 - 2014-03-24 12:19 - 00447496 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\OTi\AndroidShadow1422\ExImg\ImageRoot\ADLauncher.exe
2013-01-08 01:34 - 2013-01-08 01:34 - 00044768 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2013-01-08 01:34 - 2013-01-08 01:34 - 00025824 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2016-04-21 22:28 - 2016-04-21 22:28 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2014-08-06 16:37 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2016-02-27 21:58 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 10\ouservice\PATCHW32.dll
2013-05-27 09:37 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-01-04 16:19 - 2013-01-04 16:19 - 00035336 _____ () C:\Program Files (x86)\Acer Incorporated\HID Monitor\ElanTPAPI.dll
2011-02-19 02:10 - 2011-02-19 02:10 - 01806336 _____ () C:\Program Files (x86)\MyPhoneExplorer\IconLib.dll
2015-02-11 11:03 - 2013-10-09 13:41 - 00039432 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\OTi\AndroidShadow1422\MainExe\OTiOSW08.dll
2016-04-18 12:18 - 2016-03-21 23:50 - 00034768 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-04-18 12:18 - 2016-03-21 23:51 - 00019408 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-04-18 12:18 - 2016-03-21 23:50 - 00116688 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-04-18 12:18 - 2016-03-21 23:50 - 00093640 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-03-20 00:16 - 2016-03-21 23:50 - 00018376 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\select.pyd
2016-03-20 00:16 - 2016-04-08 20:20 - 00019760 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-03-20 00:16 - 2016-03-21 23:52 - 00105928 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-04-18 12:18 - 2016-03-21 23:50 - 00392144 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-04-18 12:18 - 2016-04-08 20:20 - 00381752 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-03-20 00:16 - 2016-03-21 23:50 - 00692688 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-04-18 12:18 - 2016-04-08 20:19 - 00020816 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-04-18 12:18 - 2016-03-21 23:51 - 00112592 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-04-18 12:18 - 2016-04-08 20:19 - 01682760 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-04-18 12:18 - 2016-04-08 20:19 - 00020808 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00021840 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-18 12:18 - 2016-04-08 20:19 - 00038696 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00020936 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00024528 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00114640 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00124880 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00021832 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00175560 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00030160 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00043472 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00028616 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00048592 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-04-18 12:18 - 2016-04-08 20:19 - 00026456 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00057808 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-04-18 12:18 - 2016-04-08 20:19 - 00117056 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00023376 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-18 12:18 - 2016-03-21 23:50 - 00134608 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-04-18 12:18 - 2016-03-21 23:50 - 00134088 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-04-18 12:18 - 2016-03-21 23:51 - 00240584 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-04-18 12:18 - 2016-04-08 20:19 - 00024392 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00036296 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\librsync.dll
2016-04-18 12:18 - 2016-04-08 20:19 - 00031568 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2016-04-18 12:18 - 2016-03-12 02:46 - 00293392 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2016-04-18 12:18 - 2016-04-08 20:19 - 00052024 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00021824 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00019776 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-04-18 12:18 - 2016-04-08 20:19 - 00020280 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-04-18 12:18 - 2016-03-21 23:52 - 00350152 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00022352 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-04-18 12:18 - 2016-04-08 20:19 - 00084280 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-04-18 12:18 - 2016-04-08 20:20 - 01826096 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-03-20 00:16 - 2016-03-21 23:51 - 00083912 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\sip.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 03928880 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 01971504 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00531248 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00132912 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00223544 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00207672 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00158008 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00042808 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-04-18 12:18 - 2016-03-21 23:54 - 00017864 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-04-18 12:18 - 2016-03-21 23:54 - 01631184 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-04-18 12:18 - 2016-04-08 20:20 - 00025928 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00024904 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00546096 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-04-18 12:18 - 2016-04-08 20:20 - 00357680 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-03-20 00:16 - 2016-03-21 23:56 - 00697304 _____ () C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2014-07-30 19:15 - 2014-06-25 10:13 - 01457664 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-07-30 19:15 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-11-03 02:06 - 2015-11-18 14:04 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2014-11-03 02:06 - 2015-11-18 14:04 - 00052256 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2015-11-16 20:55 - 2015-11-16 20:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 20:56 - 2015-11-16 20:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-11-16 20:56 - 2015-11-16 20:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 20:56 - 2015-11-16 20:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-04-15 13:40 - 2016-04-15 13:40 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-01-14 18:12 - 2016-01-14 18:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-01-14 18:11 - 2016-01-14 18:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-04-21 22:28 - 2016-04-21 22:28 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-21 22:28 - 2016-04-21 22:28 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\...\127.0.0.1 -> hxxp://127.0.0.1

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1777572169-3104348564-1832743406-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\Control Panel\Desktop\\Wallpaper -> C:\Users\mail_000.DEKANPC09\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\rechnerhintergrund.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: PSI_SVC_2_x64 => 2
MSCONFIG\Services: StarMoney 9.0 OnlineUpdate => 2
HKU\S-1-5-21-1777572169-3104348564-1832743406-1012\...\StartupApproved\Run: => "AcerCloud"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{66AF240C-FE5D-4493-AB58-EBFCF70DF9C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8829A702-DB63-430F-9BFA-ECF8F8F7408D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C850B083-7159-4F84-ADFC-43B53C3BAAD0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{07DF19D2-AB05-4EAD-816B-6CBCFA6E9383}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{9C781ABD-0AB5-4F0D-980F-569200E3C788}] => (Allow) LPort=5357
FirewallRules: [{3AF30CF3-8DC9-40F4-81E4-7795B1198E4B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{F660C7E7-B63E-4127-B052-11EC0C3BCF64}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{99487E44-736F-4242-8153-22053922FF8E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{1D7D06E0-41D5-4EC5-B533-330FB1BB72F0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{4A55507F-CBDD-41A1-9180-561FDB84FA37}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{1B39124F-A3D4-48A9-B4A3-5DFA5B60AE89}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{20CB9416-1CD8-4AB9-B838-8526EDE766F2}] => (Allow) C:\Users\Julius\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{2AAF12C0-FE17-4E7E-A414-A5A565C618D3}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{6B14ABA5-5665-4FB8-8FB8-963D99B82FCC}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{ECC5D338-B50F-4EE7-9A96-FE7541D85E5D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{5E6B650E-D105-46CF-8827-AC2983F6BAAC}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{D77BF8AF-4CEB-4A7A-B93F-D0FEEB9E1466}] => (Allow) C:\Users\Julius\AppData\Local\Temp\7zS321C\HPDiagnosticCoreUI.exe
FirewallRules: [{9044908C-20AB-453B-913B-6EBC200D05D9}] => (Allow) C:\Users\Julius\AppData\Local\Temp\7zS321C\HPDiagnosticCoreUI.exe
FirewallRules: [{79BADCDF-43D5-47C4-B9E5-34C3B5F58260}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{716982AB-B75C-4AA1-8709-44504426FB1D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{5BA231D2-71B6-493B-B606-A57B6714D8D8}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{050605B1-EE85-4C9B-AD95-68B6DA361DF1}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{7F6CDC15-AADA-4A93-B78A-E03697D5A955}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{00E1E02F-8876-4FDA-B8A7-7E388A4E6DB4}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{FAB9A2F5-A8A7-4EDF-A816-21350B49ECF1}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{869C395F-2959-414A-849F-06C9554A0950}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{C1948CB4-58EC-42B0-B89F-B9F2DFDFF6A3}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{DB51B357-692E-4D01-81C2-DB645DC480B2}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{29E7D0D7-08F7-4C6B-98E3-7FF56B601009}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{2A9C1EDF-8278-45A8-8A6F-79AD2704FB0A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{148BB6B9-E1B9-4496-8CF5-8381E6CD7090}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{415E2AF9-0CE1-4C99-A42C-CD8E421B3567}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{5E2AC93B-85A0-41D2-AFD2-B282A0660EF5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{37222377-F596-4ECE-95B0-BCE691C80BE3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{A99848E7-2CB5-4F24-93CF-FFC4525942DB}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{46D93505-3C81-4531-8D3B-EA6A7BFA0906}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{77458A0F-00DC-4281-8C55-C8656BEEBE1C}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{66D16CAE-DCBA-4D17-8B29-9F7D5B889D17}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{D2518367-A9FB-4799-8FD3-E660BD76431F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{359FBF18-13DE-4AC4-A901-5EBC34383BD0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{50E9C028-32F9-4734-81D2-D47C99E814CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{F78F5B7A-F3A3-4273-955E-598825D5348D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{131FE58B-93A5-46C7-A748-7B5904494559}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{73BD0B23-ACDF-41A4-9CBC-B6D0C60824B0}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{EC4DF6F8-B22E-4ACE-B320-11745A56E9EE}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{60CAF8E6-3F55-42C1-8B51-10F429C721C7}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{44D02527-254D-45C9-8AC4-9B84EDAD1EFD}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{F371E2A8-B371-421C-B4C0-F9BAE2009265}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{6C99CDD5-E86C-4ADA-95FB-1460CB6AF7A1}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{2497C492-C545-4973-A220-F7A594EFF63E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{33946FB3-9131-4279-9A23-55B7829723A8}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [{387D049C-009D-4BB0-AC0E-20E6EED05910}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [{DA554844-1833-4A0A-8070-79375CA83FD8}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [{5D87B1F5-D42D-4B70-A31E-08CC0160A293}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{F1716445-046E-42D0-BCD0-E5B20FEE43DD}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{BE6F82DB-DCE6-49C0-BC21-04B11CA20BB7}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{CED92565-ACAC-4276-9185-831D4A7236E5}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{600BA027-21A0-4E7A-A1DF-2712C091EFAB}] => (Allow) C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{79C69157-1AE3-4743-8344-CA69B56E95FF}] => (Allow) C:\Users\mail_000.DEKANPC09\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D676D2A9-0B11-43E0-84E2-3D64D1AC2377}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{E678075E-7765-46C4-919F-F10210CAB6E1}] => (Allow) C:\Program Files (x86)\Samsung\SideSync3\SideSync3.exe
FirewallRules: [{607E8A0A-9458-423F-AC7E-80E1C96D21D9}] => (Allow) C:\Program Files (x86)\Samsung\SideSync3\SideSync3.exe
FirewallRules: [{3F135B74-680E-499C-8761-F7BB1024D7F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D52A9EDF-CE10-4640-977F-3F41AFDA3CC2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56363F93-401D-47B4-A757-76A270422ABB}] => (Allow) C:\Users\Julius\AppData\Local\Temp\7zS250A\HPDiagnosticCoreUI.exe
FirewallRules: [{4806A682-EF74-461C-B755-DA9CC2163FC9}] => (Allow) C:\Users\Julius\AppData\Local\Temp\7zS250A\HPDiagnosticCoreUI.exe
FirewallRules: [{C1F09789-CF7C-436F-961A-17D557FB3F4F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{3B4FCED4-E622-4423-9F38-C686B5976C4D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{818F0AF2-A393-4ED7-BDC8-7F423FB4225F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{4EC3E4AB-BBFF-42E9-B015-406F0B5C8824}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{5EFCD359-26BC-4519-822C-CBA7DAD26522}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{7E8AFA7A-3141-4B2B-A43A-DE8774C7E3BC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{8BCB63E1-7507-433C-8E1B-6C13814467E1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{D66DF680-DDF5-41CB-8706-48F76AEE7AAD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{40490FBE-A883-456B-ACBF-9DE495C18060}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{167D512C-2677-47CC-B1E2-6333C43354EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{69C19F9C-7B53-499D-8E35-69A74617EBE9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4C717068-DF98-40E5-AC15-137247840C83}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{87DFDC0F-54DC-48AE-8C5B-CA649D607AF4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{5C3B747B-DC53-44DC-B330-3D017F6D4556}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4EA01B60-041A-4B62-90E3-7E65E7097759}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{B3D9BB9F-A886-41CE-9D58-867F62539A4C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C19E41CA-9E85-40A3-ADBE-601555F8F7CA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0295E77D-05B6-4A9B-A361-C7AF7B03A7EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{9DD2C87A-46AA-4BEE-831E-D6E51EE0C7C6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E8197591-0F23-438B-95C2-73BCB9CA1C93}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4465D05F-670C-4096-A270-CA6631054229}] => (Allow) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{0A750724-4FBD-4904-B7C5-38B5B11DDAAD}] => (Allow) C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{186793EA-2B2C-45B9-AF28-C686BDDB4C02}] => (Allow) C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe
FirewallRules: [{A7C224DE-0EA4-4499-98A7-50E00613070A}] => (Allow) C:\Program Files (x86)\StarMoney 10\app\StarMoney.exe
FirewallRules: [{DC55E3AD-D268-4741-838D-0F3041709042}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{DC23A48D-0353-4317-B210-DA788423A44F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0432ACDA-8238-468B-8B4A-BF96D5310C11}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{2A27E211-A9AD-4D9E-BF67-59317A37308B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{09F3616F-789B-4A6D-9FBA-4F726295E38A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{0F1F751B-5135-4209-AB6A-2E1969FDB0AB}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe

==================== Wiederherstellungspunkte =========================

15-04-2016 22:27:40 Windows Update
15-04-2016 22:29:13 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/21/2016 10:12:21 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/20/2016 03:54:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DEKANS09)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/20/2016 01:09:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: egui.exe, Version: 8.0.319.0, Zeitstempel: 0x559d2313
Name des fehlerhaften Moduls: ToastNotify.dll, Version: 8.0.319.0, Zeitstempel: 0x559d2398
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000002f3e
ID des fehlerhaften Prozesses: 0xc9c
Startzeit der fehlerhaften Anwendung: 0xegui.exe0
Pfad der fehlerhaften Anwendung: egui.exe1
Pfad des fehlerhaften Moduls: egui.exe2
Berichtskennung: egui.exe3
Vollständiger Name des fehlerhaften Pakets: egui.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: egui.exe5

Error: (04/20/2016 12:08:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OfficeC2RClient.exe, Version: 16.0.6729.1014, Zeitstempel: 0x56ed75be
Name des fehlerhaften Moduls: mso40uiwin32client.dll, Version: 16.0.6729.1014, Zeitstempel: 0x56ffbae3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000120ccb
ID des fehlerhaften Prozesses: 0x4f8
Startzeit der fehlerhaften Anwendung: 0xOfficeC2RClient.exe0
Pfad der fehlerhaften Anwendung: OfficeC2RClient.exe1
Pfad des fehlerhaften Moduls: OfficeC2RClient.exe2
Berichtskennung: OfficeC2RClient.exe3
Vollständiger Name des fehlerhaften Pakets: OfficeC2RClient.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OfficeC2RClient.exe5

Error: (04/20/2016 12:07:28 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/18/2016 12:51:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: egui.exe, Version: 8.0.319.0, Zeitstempel: 0x559d2313
Name des fehlerhaften Moduls: ToastNotify.dll, Version: 8.0.319.0, Zeitstempel: 0x559d2398
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000002f3e
ID des fehlerhaften Prozesses: 0x1e58
Startzeit der fehlerhaften Anwendung: 0xegui.exe0
Pfad der fehlerhaften Anwendung: egui.exe1
Pfad des fehlerhaften Moduls: egui.exe2
Berichtskennung: egui.exe3
Vollständiger Name des fehlerhaften Pakets: egui.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: egui.exe5

Error: (04/18/2016 12:20:51 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (04/15/2016 10:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: egui.exe, Version: 8.0.319.0, Zeitstempel: 0x559d2313
Name des fehlerhaften Moduls: ToastNotify.dll, Version: 8.0.319.0, Zeitstempel: 0x559d2398
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000002f3e
ID des fehlerhaften Prozesses: 0x2444
Startzeit der fehlerhaften Anwendung: 0xegui.exe0
Pfad der fehlerhaften Anwendung: egui.exe1
Pfad des fehlerhaften Moduls: egui.exe2
Berichtskennung: egui.exe3
Vollständiger Name des fehlerhaften Pakets: egui.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: egui.exe5

Error: (04/15/2016 10:29:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/15/2016 10:27:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (04/21/2016 10:24:11 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (04/21/2016 10:14:33 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DEKANS10",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{6E41CBC0-D302-4849-94C8-EE2363C0EA10}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/21/2016 10:02:31 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.69
registriert werden. Der Computer mit IP-Adresse 192.168.178.20 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (04/20/2016 04:00:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_1409c81 erreicht.

Error: (04/20/2016 04:00:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _1409c81 erreicht.

Error: (04/20/2016 04:00:42 PM) (Source: DCOM) (EventID: 10010) (User: DEKANS09)
Description: {7006698D-2974-4091-A424-85DD0B909E23}

Error: (04/20/2016 04:00:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1409c81" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/20/2016 04:00:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1409c81" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/20/2016 04:00:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1409c81" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/20/2016 04:00:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1409c81" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-04-20 12:09:27.849
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 22:47:00.105
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 22:36:25.499
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 22:31:51.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 14:46:30.108
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 14:08:37.483
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 14:01:49.986
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 13:25:56.865
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 3891.6 MB
Verfügbarer physikalischer RAM: 1624.67 MB
Summe virtueller Speicher: 5299.6 MB
Verfügbarer virtueller Speicher: 2786.99 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:683.91 GB) (Free:531.91 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 4B52028B)

Partition: GPT.

==================== Ende von Addition.txt ============================

fahre jetzt mit schritt 2 fort

deskaisers · 21.04.2016, 22:16

Hier nun der Reportvon TDSSKiller Teil1

Code:

ATTFilter

23:09:20.0788 0x2764  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:09:20.0788 0x2764  UEFI system
23:09:34.0563 0x2764  ============================================================
23:09:34.0563 0x2764  Current date / time: 2016/04/21 23:09:34.0563
23:09:34.0563 0x2764  SystemInfo:
23:09:34.0563 0x2764  
23:09:34.0563 0x2764  OS Version: 10.0.10586 ServicePack: 0.0
23:09:34.0563 0x2764  Product type: Workstation
23:09:34.0563 0x2764  ComputerName: DEKANS09
23:09:34.0563 0x2764  UserName: Julius
23:09:34.0563 0x2764  Windows directory: C:\WINDOWS
23:09:34.0563 0x2764  System windows directory: C:\WINDOWS
23:09:34.0563 0x2764  Running under WOW64
23:09:34.0563 0x2764  Processor architecture: Intel x64
23:09:34.0563 0x2764  Number of processors: 4
23:09:34.0563 0x2764  Page size: 0x1000
23:09:34.0563 0x2764  Boot type: Normal boot
23:09:34.0563 0x2764  ============================================================
23:09:35.0245 0x2764  KLMD registered as C:\WINDOWS\system32\drivers\94544896.sys
23:09:36.0209 0x2764  System UUID: {89F3D2F3-B84C-F711-4B9C-CA0957A49EEB}
23:09:37.0520 0x2764  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:09:37.0551 0x2764  ============================================================
23:09:37.0551 0x2764  \Device\Harddisk0\DR0:
23:09:37.0551 0x2764  GPT partitions:
23:09:37.0551 0x2764  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E7D1E564-AACD-4DCB-B265-5F85854DD4D1}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
23:09:37.0551 0x2764  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3C058B4F-1D83-4DE9-BFB7-C825BA3F0085}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
23:09:37.0551 0x2764  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C50AB598-FD50-477A-85B1-211F398A2BEA}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
23:09:37.0551 0x2764  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {420BC27B-A435-45BA-8EBE-85ECAB2DFDE3}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x557D1800
23:09:37.0551 0x2764  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BDF6E391-56AE-4548-99EF-19095B760F7D}, Name: , StartLBA 0x55970000, BlocksNum 0xAF000
23:09:37.0551 0x2764  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4DDCF700-8F1D-4724-8A32-70E064D581A2}, Name: Basic data partition, StartLBA 0x55A1F000, BlocksNum 0x1B27000
23:09:37.0551 0x2764  MBR partitions:
23:09:37.0551 0x2764  ============================================================
23:09:37.0573 0x2764  C: <-> \Device\Harddisk0\DR0\Partition4
23:09:37.0573 0x2764  ============================================================
23:09:37.0573 0x2764  Initialize success
23:09:37.0573 0x2764  ============================================================
23:10:58.0092 0x2950  ============================================================
23:10:58.0092 0x2950  Scan started
23:10:58.0092 0x2950  Mode: Manual; SigCheck; TDLFS; 
23:10:58.0092 0x2950  ============================================================
23:10:58.0092 0x2950  KSN ping started
23:11:00.0495 0x2950  KSN ping finished: true
23:11:14.0805 0x2950  ================ Scan system memory ========================
23:11:14.0805 0x2950  System memory - ok
23:11:14.0805 0x2950  ================ Scan services =============================
23:11:15.0606 0x2950  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
23:11:15.0760 0x2950  1394ohci - ok
23:11:15.0845 0x2950  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
23:11:15.0892 0x2950  3ware - ok
23:11:15.0947 0x2950  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
23:11:16.0009 0x2950  ACPI - ok
23:11:16.0051 0x2950  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
23:11:16.0098 0x2950  acpiex - ok
23:11:16.0137 0x2950  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
23:11:16.0168 0x2950  acpipagr - ok
23:11:16.0200 0x2950  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
23:11:16.0253 0x2950  AcpiPmi - ok
23:11:16.0284 0x2950  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
23:11:16.0315 0x2950  acpitime - ok
23:11:16.0776 0x2950  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:11:16.0807 0x2950  AdobeFlashPlayerUpdateSvc - ok
23:11:16.0923 0x2950  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:11:16.0976 0x2950  ADP80XX - ok
23:11:17.0040 0x2950  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
23:11:17.0061 0x2950  AFD - ok
23:11:17.0077 0x2950  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
23:11:17.0092 0x2950  agp440 - ok
23:11:17.0123 0x2950  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:11:17.0177 0x2950  ahcache - ok
23:11:17.0224 0x2950  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
23:11:17.0261 0x2950  AJRouter - ok
23:11:17.0308 0x2950  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
23:11:17.0377 0x2950  ALG - ok
23:11:17.0408 0x2950  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
23:11:17.0446 0x2950  AmdK8 - ok
23:11:17.0509 0x2950  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
23:11:17.0546 0x2950  AmdPPM - ok
23:11:17.0578 0x2950  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
23:11:17.0625 0x2950  amdsata - ok
23:11:17.0666 0x2950  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
23:11:17.0697 0x2950  amdsbs - ok
23:11:17.0713 0x2950  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
23:11:17.0729 0x2950  amdxata - ok
23:11:17.0766 0x2950  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\WINDOWS\system32\drivers\appid.sys
23:11:17.0797 0x2950  AppID - ok
23:11:17.0853 0x2950  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
23:11:17.0931 0x2950  AppIDSvc - ok
23:11:17.0968 0x2950  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
23:11:18.0031 0x2950  Appinfo - ok
23:11:18.0068 0x2950  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
23:11:18.0115 0x2950  AppReadiness - ok
23:11:18.0253 0x2950  [ 0F3C165B71F8140F50A1DB5DE3E6D695, 7AD0F130088B3A964739C3194CF09E79B6B5D761B064071B9AC11D9B65F5D523 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
23:11:18.0353 0x2950  AppXSvc - ok
23:11:18.0384 0x2950  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
23:11:18.0416 0x2950  arcsas - ok
23:11:18.0450 0x2950  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
23:11:18.0484 0x2950  AsyncMac - ok
23:11:18.0516 0x2950  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
23:11:18.0553 0x2950  atapi - ok
23:11:18.0600 0x2950  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:11:18.0654 0x2950  AudioEndpointBuilder - ok
23:11:18.0753 0x2950  [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
23:11:18.0816 0x2950  Audiosrv - ok
23:11:18.0854 0x2950  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
23:11:18.0885 0x2950  AxInstSV - ok
23:11:18.0954 0x2950  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
23:11:19.0017 0x2950  b06bdrv - ok
23:11:19.0070 0x2950  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:11:19.0117 0x2950  BasicDisplay - ok
23:11:19.0132 0x2950  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
23:11:19.0154 0x2950  BasicRender - ok
23:11:19.0186 0x2950  [ 6FED40EC0DB11DF1B2AD08621FBDDED6, 06258C9C9B7C231A6900E1E237001A4E5513F74CEA7B4DFAB56490D455AB0549 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
23:11:19.0217 0x2950  bcbtums - ok
23:11:19.0529 0x2950  [ E6618C2CAEEE8A2644FD46B98304954A, 64CBE1AA061F0CC761A6D9E3C0E4C484EE09CACA932CB18D1947BC7D9F893BA3 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
23:11:19.0887 0x2950  BCM43XX - ok
23:11:20.0009 0x2950  [ 43907773F7563AF4DF0999D47522E802, 2563666842008E202B6A64435F06169A259D6DC56D16AF7359114C20A4FA4400 ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
23:11:20.0109 0x2950  BcmBtRSupport - ok
23:11:20.0156 0x2950  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
23:11:20.0172 0x2950  bcmfn - ok
23:11:20.0188 0x2950  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
23:11:20.0208 0x2950  bcmfn2 - ok
23:11:20.0272 0x2950  [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
23:11:20.0356 0x2950  BDESVC - ok
23:11:20.0372 0x2950  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:11:20.0410 0x2950  Beep - ok
23:11:20.0488 0x2950  [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE             C:\WINDOWS\System32\bfe.dll
23:11:20.0573 0x2950  BFE - ok
23:11:20.0711 0x2950  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
23:11:20.0789 0x2950  BITS - ok
23:11:20.0826 0x2950  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
23:11:20.0873 0x2950  bowser - ok
23:11:20.0942 0x2950  [ 492FB85E61768950CDD27C87AED6E8FA, 1BFF11D899581E406D1AB5F2C66C9D816161ECF4B81AAACCCA3663875E86C0A5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:11:21.0026 0x2950  BrokerInfrastructure - ok
23:11:21.0089 0x2950  [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser         C:\WINDOWS\System32\browser.dll
23:11:21.0173 0x2950  Browser - ok
23:11:21.0245 0x2950  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:11:21.0292 0x2950  BthAvrcpTg - ok
23:11:21.0334 0x2950  [ FD74F7C4D04496FC46D2BB8464FA2CA4, 24F3750187D4A4CD3DB1451E358E36AC5169C83E794B6DFEF4E3D16BA2AC3951 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
23:11:21.0396 0x2950  BthEnum - ok
23:11:21.0417 0x2950  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
23:11:21.0449 0x2950  BthHFEnum - ok
23:11:21.0465 0x2950  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
23:11:21.0515 0x2950  bthhfhid - ok
23:11:21.0581 0x2950  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
23:11:21.0681 0x2950  BthHFSrv - ok
23:11:21.0750 0x2950  [ 3B3BF88BB54CB9A18DE1EF07292B5A3D, 7B9C1E7E07435B976E4AE89425F10541E1DEB153172A375CBC2D03A4D7B7F3D2 ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
23:11:21.0819 0x2950  BthLEEnum - ok
23:11:21.0835 0x2950  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
23:11:21.0866 0x2950  BTHMODEM - ok
23:11:21.0897 0x2950  [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
23:11:21.0919 0x2950  BthPan - ok
23:11:22.0068 0x2950  [ 2A0EF9AF5FD3FCCC25E17C47198D6E25, 4B548DD7235EF5EEC36AC443F9F44A042332BA01CB38B3D2E804618F2DC31813 ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
23:11:22.0184 0x2950  BTHPORT - ok
23:11:22.0216 0x2950  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
23:11:22.0237 0x2950  bthserv - ok
23:11:22.0268 0x2950  [ B13CB5CCEE91ACA77C985B8E0D53A7D4, 1DB76A52E30B3DCC0FAF8579A7D5A24AD010ACA7613FB00B541FDDED7BE3F08E ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
23:11:22.0284 0x2950  BTHUSB - ok
23:11:22.0325 0x2950  [ 8B8B304DF17084338326BC4ACC2716C5, 426D56742D0E3E8471EE28FC5E0158223826770DF5BED88D5863D265A070A45D ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
23:11:22.0357 0x2950  btwampfl - ok
23:11:22.0404 0x2950  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
23:11:22.0441 0x2950  buttonconverter - ok
23:11:22.0660 0x2950  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
23:11:22.0725 0x2950  c2cautoupdatesvc - ok
23:11:22.0845 0x2950  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
23:11:22.0927 0x2950  c2cpnrsvc - ok
23:11:22.0961 0x2950  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
23:11:22.0976 0x2950  CapImg - ok
23:11:23.0161 0x2950  [ CCF8C0F7A886BC43091C3B7EE45881B2, 0C418BAB65807CF4E8C4E423C3CC2FA0A7065DA1526C552BA9E73B03F9FACC36 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
23:11:23.0341 0x2950  CCDMonitorService - ok
23:11:23.0361 0x2950  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:11:23.0376 0x2950  cdfs - ok
23:11:23.0423 0x2950  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
23:11:23.0464 0x2950  CDPSvc - ok
23:11:23.0480 0x2950  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
23:11:23.0511 0x2950  cdrom - ok
23:11:23.0542 0x2950  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
23:11:23.0564 0x2950  CertPropSvc - ok
23:11:23.0611 0x2950  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
23:11:23.0642 0x2950  circlass - ok
23:11:23.0727 0x2950  [ 716D91B6990A4D3532DBFFAF9D707D2E, CBE6AA8207BCB80296A2F3EC6E0BD28DD3BBBD2E1CC4204818BBA4F2F94C8A85 ] cjpcsc          C:\WINDOWS\SysWOW64\cjpcsc.exe
23:11:23.0780 0x2950  cjpcsc - ok
23:11:23.0812 0x2950  [ 5E743F85B5B9C5D646C714C62CC21B77, 3E622A21F52F18E8E4F3CE8FFA597EB42B7C4DD2C2F8A259FC3767023CE8E66F ] cjusb           C:\WINDOWS\system32\DRIVERS\cjusb.sys
23:11:23.0843 0x2950  cjusb - ok
23:11:23.0897 0x2950  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
23:11:23.0997 0x2950  CLFS - ok
23:11:24.0329 0x2950  [ D7C6DB84CF2D88DD450654C7D1DD469E, 5A63352B5DFEB05CAB98920DFAB80F8A8CC52FD11B5B5BBFAABFF27CA4FA13C6 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
23:11:24.0414 0x2950  ClickToRunSvc - ok
23:11:24.0498 0x2950  [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
23:11:24.0583 0x2950  ClipSVC - ok
23:11:24.0614 0x2950  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
23:11:24.0667 0x2950  CmBatt - ok
23:11:24.0761 0x2950  [ 3B866F8CB10719A5AF9E410B1B149714, B0A32B526290ED8E1DD93C70AB49DD417B82CA23D6B815163131247091D61DBA ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
23:11:24.0817 0x2950  CNG - ok
23:11:24.0832 0x2950  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
23:11:24.0848 0x2950  cnghwassist - ok
23:11:25.0156 0x2950  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
23:11:25.0178 0x2950  CompositeBus - ok
23:11:25.0194 0x2950  COMSysApp - ok
23:11:25.0225 0x2950  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
23:11:25.0241 0x2950  condrv - ok
23:11:25.0357 0x2950  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
23:11:25.0425 0x2950  CoreMessagingRegistrar - ok
23:11:25.0841 0x2950  [ BB812787B838A74943DEF209350C3883, 2C168F48A68644AA3CB6167BEC2A260E3E9C78D0766A15AA0FAA39CDBD7FA040 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
23:11:25.0895 0x2950  cphs - ok
23:11:25.0942 0x2950  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
23:11:25.0995 0x2950  CryptSvc - ok
23:11:26.0026 0x2950  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
23:11:26.0075 0x2950  dam - ok
23:11:26.0095 0x2950  [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
23:11:26.0142 0x2950  dc3d - ok
23:11:26.0280 0x2950  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:11:26.0342 0x2950  DcomLaunch - ok
23:11:26.0411 0x2950  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
23:11:26.0481 0x2950  DcpSvc - ok
23:11:26.0512 0x2950  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
23:11:26.0596 0x2950  defragsvc - ok
23:11:26.0659 0x2950  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:11:26.0760 0x2950  DeviceAssociationService - ok
23:11:26.0798 0x2950  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
23:11:26.0860 0x2950  DeviceInstall - ok
23:11:26.0914 0x2950  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
23:11:26.0960 0x2950  DevQueryBroker - ok
23:11:26.0998 0x2950  [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
23:11:27.0083 0x2950  Dfsc - ok
23:11:27.0145 0x2950  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
23:11:27.0230 0x2950  Dhcp - ok
23:11:27.0298 0x2950  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
23:11:27.0345 0x2950  diagnosticshub.standardcollector.service - ok
23:11:27.0445 0x2950  [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
23:11:27.0583 0x2950  DiagTrack - ok
23:11:27.0630 0x2950  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
23:11:27.0662 0x2950  disk - ok
23:11:27.0699 0x2950  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
23:11:27.0783 0x2950  DmEnrollmentSvc - ok
23:11:27.0799 0x2950  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
23:11:27.0861 0x2950  dmvsc - ok
23:11:27.0899 0x2950  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
23:11:27.0961 0x2950  dmwappushservice - ok
23:11:28.0014 0x2950  [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:11:28.0115 0x2950  Dnscache - ok
23:11:28.0184 0x2950  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
23:11:28.0262 0x2950  dot3svc - ok
23:11:28.0284 0x2950  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
23:11:28.0330 0x2950  DPS - ok
23:11:28.0377 0x2950  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
23:11:28.0400 0x2950  drmkaud - ok
23:11:28.0530 0x2950  [ 4B802E6C2243B9D3033DD0590DF2623C, A7743916B0540D6D14293F2C5BDF2CE158FB093B7CB7224D530F5E84B1EB8068 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
23:11:28.0599 0x2950  DsiWMIService - ok
23:11:28.0646 0x2950  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
23:11:28.0700 0x2950  DsmSvc - ok
23:11:28.0762 0x2950  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
23:11:28.0816 0x2950  DsSvc - ok
23:11:29.0047 0x2950  [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:11:29.0181 0x2950  DXGKrnl - ok
23:11:29.0209 0x2950  [ 372FF3A3FAD103A036EEDC57AEC0D411, 2785A064973E5A079E26514DA5A598EDC290B898E7D832C6D40C959BD2AB1208 ] eamonm          C:\WINDOWS\system32\DRIVERS\eamonm.sys
23:11:29.0256 0x2950  eamonm - ok
23:11:29.0325 0x2950  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
23:11:29.0372 0x2950  Eaphost - ok
23:11:29.0560 0x2950  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
23:11:29.0792 0x2950  ebdrv - ok
23:11:29.0829 0x2950  [ B7DF79F87A4FB96089D06BD6EB4D3AC7, FFFA443B0603F88E3C566357842636297BDACA69B2C2514F3496A8809F7F4566 ] edevmon         C:\WINDOWS\system32\DRIVERS\edevmon.sys
23:11:29.0845 0x2950  edevmon - ok
23:11:29.0892 0x2950  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
23:11:29.0914 0x2950  EFS - ok
23:11:29.0961 0x2950  [ E19846EA7838C0310598BD36B2FA5C41, A52360D37C4EC3B2502A72F8ED68C39586D4DAB1B0A2CDAC7BDBE1F43924EA9F ] ehdrv           C:\WINDOWS\system32\DRIVERS\ehdrv.sys
23:11:29.0977 0x2950  ehdrv - ok
23:11:30.0014 0x2950  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
23:11:30.0030 0x2950  EhStorClass - ok
23:11:30.0061 0x2950  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:11:30.0076 0x2950  EhStorTcgDrv - ok
23:11:30.0314 0x2950  [ 0F32048BF3EA2A85FE3AC48E8E7B7C85, 5267511EEA80B37816C3ECA165602EF40CD644A4DA63A02C5DA37B16A889DA0C ] ekrn            C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
23:11:30.0411 0x2950  ekrn - ok
23:11:30.0446 0x2950  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
23:11:30.0461 0x2950  embeddedmode - ok
23:11:30.0515 0x2950  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
23:11:30.0593 0x2950  EntAppSvc - ok
23:11:30.0662 0x2950  [ E4A99E681B93133D6DA3D321CB074349, 4AE61A02518F9ABCC2CD2C9F86CCAB3985D7AD90DDA20C45D0E51AF19BCA4AA3 ] epfw            C:\WINDOWS\system32\DRIVERS\epfw.sys
23:11:30.0693 0x2950  epfw - ok
23:11:30.0715 0x2950  [ EA2A21CEAD9C7421EAF5A52E59483EA2, B0049B797514EE01E908F499988B5EB261674781F55DA8D5C2668555ADFDDCE2 ] EpfwLWF         C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys
23:11:30.0746 0x2950  EpfwLWF - ok
23:11:30.0778 0x2950  [ 453B2FECCF6800A040224051C422C1C2, 3FD65C52778E479657E08AE56B0A149A8F3F7A9BEFB11418D91040D68982D41D ] epfwwfp         C:\WINDOWS\system32\DRIVERS\epfwwfp.sys
23:11:30.0813 0x2950  epfwwfp - ok
23:11:30.0910 0x2950  [ 138690A45CE2EE341D00A86AFF44D95F, 79230ED8285E5A9FCB7A6C3EFE64E1BAEBC64018394F9E8849A493F4ADA5C006 ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
23:11:30.0947 0x2950  ePowerSvc - ok
23:11:30.0978 0x2950  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
23:11:31.0010 0x2950  ErrDev - ok
23:11:31.0147 0x2950  [ 926B2B7400E15FFA9630170C1B26E1AC, 55E83220624F62F0E62777B8E74FACDD30A804AC6D610A02EAB5810F70B57F68 ] ESETCleanersDriver C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys
23:11:31.0178 0x2950  ESETCleanersDriver - ok
23:11:31.0231 0x2950  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
23:11:31.0294 0x2950  ETD - ok
23:11:31.0420 0x2950  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
23:11:31.0452 0x2950  ETDService - ok
23:11:31.0536 0x2950  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
23:11:31.0599 0x2950  EventSystem - ok
23:11:31.0668 0x2950  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
23:11:31.0768 0x2950  exfat - ok
23:11:31.0836 0x2950  Fabs - ok
23:11:31.0868 0x2950  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
23:11:31.0937 0x2950  fastfat - ok
23:11:32.0099 0x2950  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:11:32.0169 0x2950  Fax - ok
23:11:32.0200 0x2950  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
23:11:32.0238 0x2950  fdc - ok
23:11:32.0284 0x2950  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
23:11:32.0333 0x2950  fdPHost - ok
23:11:32.0351 0x2950  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
23:11:32.0398 0x2950  FDResPub - ok
23:11:32.0455 0x2950  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
23:11:32.0524 0x2950  fhsvc - ok
23:11:32.0555 0x2950  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
23:11:32.0587 0x2950  FileCrypt - ok
23:11:32.0624 0x2950  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
23:11:32.0655 0x2950  FileInfo - ok
23:11:32.0686 0x2950  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
23:11:32.0740 0x2950  Filetrace - ok
23:11:32.0903 0x2950  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC, 159EAA1893D871C309A063829CB3BC51A019FBCA1E07530B5CA1A382B2CCAF61 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
23:11:33.0146 0x2950  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
23:11:35.0526 0x2950  Detect skipped due to KSN trusted
23:11:35.0526 0x2950  FirebirdServerMAGIXInstance - ok
23:11:35.0557 0x2950  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
23:11:35.0595 0x2950  flpydisk - ok
23:11:35.0658 0x2950  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:11:35.0727 0x2950  FltMgr - ok
23:11:35.0858 0x2950  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
23:11:36.0012 0x2950  FontCache - ok
23:11:36.0143 0x2950  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:11:36.0174 0x2950  FontCache3.0.0.0 - ok
23:11:36.0212 0x2950  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
23:11:36.0243 0x2950  FsDepends - ok
23:11:36.0297 0x2950  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:11:36.0328 0x2950  Fs_Rec - ok
23:11:36.0396 0x2950  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:11:36.0459 0x2950  fvevol - ok
23:11:36.0497 0x2950  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
23:11:36.0512 0x2950  gagp30kx - ok
23:11:36.0528 0x2950  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
23:11:36.0559 0x2950  gencounter - ok
23:11:36.0575 0x2950  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
23:11:36.0598 0x2950  genericusbfn - ok
23:11:36.0644 0x2950  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:11:36.0695 0x2950  GPIOClx0101 - ok
23:11:36.0798 0x2950  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
23:11:36.0930 0x2950  gpsvc - ok
23:11:36.0945 0x2950  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
23:11:36.0961 0x2950  GpuEnergyDrv - ok
23:11:37.0018 0x2950  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:11:37.0065 0x2950  gusvc - ok
23:11:37.0149 0x2950  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
23:11:37.0203 0x2950  HDAudBus - ok
23:11:37.0218 0x2950  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
23:11:37.0265 0x2950  HidBatt - ok
23:11:37.0281 0x2950  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
23:11:37.0334 0x2950  HidBth - ok
23:11:37.0366 0x2950  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
23:11:37.0403 0x2950  hidi2c - ok
23:11:37.0419 0x2950  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
23:11:37.0435 0x2950  hidinterrupt - ok
23:11:37.0450 0x2950  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
23:11:37.0481 0x2950  HidIr - ok
23:11:37.0535 0x2950  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
23:11:37.0582 0x2950  hidserv - ok
23:11:37.0604 0x2950  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
23:11:37.0619 0x2950  HidUsb - ok
23:11:37.0702 0x2950  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:11:37.0767 0x2950  HomeGroupListener - ok
23:11:37.0866 0x2950  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:11:37.0920 0x2950  HomeGroupProvider - ok
23:11:37.0935 0x2950  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
23:11:37.0951 0x2950  HpSAMD - ok
23:11:38.0035 0x2950  [ CB5A8B34FA37AE53053F2D3DF05AC1E6, 2C7357079A66AE609F49900181B013E735B4A01C45DA316CD1E8698F93DE6EA8 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
23:11:38.0067 0x2950  HPSupportSolutionsFrameworkService - ok
23:11:38.0167 0x2950  [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
23:11:38.0252 0x2950  HTTP - ok
23:11:38.0283 0x2950  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
23:11:38.0305 0x2950  hwpolicy - ok
23:11:38.0321 0x2950  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
23:11:38.0336 0x2950  hyperkbd - ok
23:11:38.0368 0x2950  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
23:11:38.0421 0x2950  i8042prt - ok
23:11:38.0437 0x2950  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
23:11:38.0468 0x2950  iai2c - ok
23:11:38.0505 0x2950  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
23:11:38.0537 0x2950  iaLPSS2i_I2C - ok
23:11:38.0552 0x2950  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:11:38.0568 0x2950  iaLPSSi_GPIO - ok
23:11:38.0606 0x2950  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:11:38.0653 0x2950  iaLPSSi_I2C - ok
23:11:38.0722 0x2950  [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
23:11:38.0753 0x2950  iaStorA - ok
23:11:38.0802 0x2950  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
23:11:38.0888 0x2950  iaStorAV - ok
23:11:38.0921 0x2950  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
23:11:38.0968 0x2950  iaStorV - ok
23:11:39.0001 0x2950  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
23:11:39.0037 0x2950  ibbus - ok
23:11:39.0185 0x2950  [ 5AD5A7781BE907D6E2D75CA1DADAA97B, 355234ED6E49A1080CFFC9C18D185DA653A00C6B79B204368A971EACE5A416A9 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
23:11:39.0286 0x2950  IconMan_R - ok
23:11:39.0355 0x2950  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
23:11:39.0424 0x2950  icssvc - ok
23:11:39.0424 0x2950  IEEtwCollectorService - ok
23:11:39.0657 0x2950  [ CEFA6BDB4789F3DA003ACBDCC64F5877, 0FE78AEFA9A75B4A99AD6B73AC3252E4C6DFA9D306FEC02D26C1FD574108BFBA ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
23:11:39.0857 0x2950  igfx - ok
23:11:39.0888 0x2950  [ 75909533EECD0CD9D5974B59474AA6C0, F81D0F949F1F01D09C91735C79288395B82C27B8FB78804752E5A678D7EF3860 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
23:11:39.0910 0x2950  igfxCUIService1.0.0.0 - ok
23:11:40.0011 0x2950  [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
23:11:40.0111 0x2950  IKEEXT - ok
23:11:40.0158 0x2950  [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
23:11:40.0173 0x2950  intaud_WaveExtensible - ok
23:11:40.0342 0x2950  [ CCC757B8FD330D0AEF548ACE265BD196, 9244F2AA8A1E9E1B8BA139E8025E9AA3D93A8556216CBE6C9F46CA51FBDCA426 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:11:40.0512 0x2950  IntcAzAudAddService - ok
23:11:40.0559 0x2950  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
23:11:40.0574 0x2950  IntcDAud - ok
23:11:40.0658 0x2950  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:11:40.0712 0x2950  Intel(R) Capability Licensing Service Interface - ok
23:11:40.0728 0x2950  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
23:11:40.0759 0x2950  intelide - ok
23:11:40.0775 0x2950  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
23:11:40.0809 0x2950  intelpep - ok
23:11:40.0844 0x2950  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
23:11:40.0891 0x2950  intelppm - ok
23:11:40.0912 0x2950  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
23:11:40.0943 0x2950  IoQos - ok
23:11:40.0959 0x2950  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:11:40.0990 0x2950  IpFilterDriver - ok
23:11:41.0075 0x2950  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
23:11:41.0159 0x2950  iphlpsvc - ok
23:11:41.0191 0x2950  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:11:41.0213 0x2950  IPMIDRV - ok
23:11:41.0213 0x2950  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
23:11:41.0244 0x2950  IPNAT - ok
23:11:41.0275 0x2950  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
23:11:41.0291 0x2950  IRENUM - ok
23:11:41.0313 0x2950  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
23:11:41.0328 0x2950  isapnp - ok
23:11:41.0344 0x2950  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
23:11:41.0375 0x2950  iScsiPrt - ok
23:11:41.0413 0x2950  [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
23:11:41.0429 0x2950  iwdbus - ok
23:11:41.0529 0x2950  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:11:41.0560 0x2950  jhi_service - ok
23:11:41.0576 0x2950  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
23:11:41.0614 0x2950  kbdclass - ok
23:11:41.0645 0x2950  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
23:11:41.0676 0x2950  kbdhid - ok
23:11:41.0692 0x2950  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
23:11:41.0729 0x2950  kdnic - ok
23:11:41.0745 0x2950  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
23:11:41.0792 0x2950  KeyIso - ok
23:11:41.0813 0x2950  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
23:11:41.0845 0x2950  KSecDD - ok
23:11:41.0876 0x2950  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:11:41.0930 0x2950  KSecPkg - ok
23:11:41.0930 0x2950  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
23:11:41.0961 0x2950  ksthunk - ok
23:11:42.0030 0x2950  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
23:11:42.0114 0x2950  KtmRm - ok
23:11:42.0161 0x2950  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
23:11:42.0215 0x2950  LanmanServer - ok
23:11:42.0277 0x2950  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:11:42.0346 0x2950  LanmanWorkstation - ok
23:11:42.0419 0x2950  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
23:11:42.0466 0x2950  lfsvc - ok
23:11:42.0482 0x2950  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
23:11:42.0519 0x2950  LicenseManager - ok
23:11:42.0566 0x2950  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
23:11:42.0620 0x2950  lltdio - ok
23:11:42.0651 0x2950  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
23:11:42.0698 0x2950  lltdsvc - ok
23:11:42.0723 0x2950  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
23:11:42.0755 0x2950  lmhosts - ok
23:11:42.0802 0x2950  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:11:42.0855 0x2950  LMS - ok
23:11:42.0886 0x2950  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
23:11:42.0924 0x2950  LSI_SAS - ok
23:11:42.0940 0x2950  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
23:11:42.0971 0x2950  LSI_SAS2i - ok
23:11:42.0987 0x2950  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
23:11:43.0018 0x2950  LSI_SAS3i - ok
23:11:43.0040 0x2950  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
23:11:43.0071 0x2950  LSI_SSS - ok
23:11:43.0171 0x2950  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
23:11:43.0287 0x2950  LSM - ok
23:11:43.0324 0x2950  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
23:11:43.0371 0x2950  luafv - ok
23:11:43.0420 0x2950  [ 9BC40C5A140B5F380042E391CC95993F, 4FFE8A6A473530CE171AC47C7E8D51B8C29BDC209E7129F66B06F8D40F07DAED ] MapsBroker      C:\WINDOWS\System32\moshost.dll
23:11:43.0440 0x2950  MapsBroker - ok
23:11:43.0487 0x2950  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
23:11:43.0524 0x2950  megasas - ok
23:11:43.0556 0x2950  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
23:11:43.0625 0x2950  megasr - ok
23:11:43.0672 0x2950  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
23:11:43.0703 0x2950  MEIx64 - ok
23:11:43.0757 0x2950  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
23:11:43.0822 0x2950  MessagingService - ok
23:11:43.0941 0x2950  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
23:11:44.0004 0x2950  mlx4_bus - ok
23:11:44.0026 0x2950  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
23:11:44.0073 0x2950  MMCSS - ok
23:11:44.0073 0x2950  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
23:11:44.0127 0x2950  Modem - ok
23:11:44.0127 0x2950  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
23:11:44.0174 0x2950  monitor - ok
23:11:44.0189 0x2950  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
23:11:44.0227 0x2950  mouclass - ok
23:11:44.0258 0x2950  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
23:11:44.0290 0x2950  mouhid - ok
23:11:44.0327 0x2950  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
23:11:44.0359 0x2950  mountmgr - ok
23:11:44.0405 0x2950  [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:11:44.0428 0x2950  MozillaMaintenance - ok
23:11:44.0443 0x2950  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
23:11:44.0474 0x2950  mpsdrv - ok
23:11:44.0544 0x2950  [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
23:11:44.0628 0x2950  MpsSvc - ok
23:11:44.0706 0x2950  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
23:11:44.0759 0x2950  MRxDAV - ok
23:11:44.0844 0x2950  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:11:44.0906 0x2950  mrxsmb - ok
23:11:45.0010 0x2950  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:11:45.0097 0x2950  mrxsmb10 - ok
23:11:45.0135 0x2950  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:11:45.0182 0x2950  mrxsmb20 - ok
23:11:45.0214 0x2950  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
23:11:45.0251 0x2950  MsBridge - ok
23:11:45.0282 0x2950  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
23:11:45.0335 0x2950  MSDTC - ok
23:11:45.0351 0x2950  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:11:45.0414 0x2950  Msfs - ok
23:11:45.0467 0x2950  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:11:45.0498 0x2950  msgpiowin32 - ok
23:11:45.0514 0x2950  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:11:45.0552 0x2950  mshidkmdf - ok
23:11:45.0567 0x2950  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
23:11:45.0599 0x2950  mshidumdf - ok
23:11:45.0651 0x2950  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
23:11:45.0683 0x2950  msisadrv - ok
23:11:45.0736 0x2950  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
23:11:45.0783 0x2950  MSiSCSI - ok
23:11:45.0799 0x2950  msiserver - ok
23:11:45.0814 0x2950  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
23:11:45.0868 0x2950  MSKSSRV - ok
23:11:45.0883 0x2950  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
23:11:45.0937 0x2950  MsLldp - ok
23:11:45.0968 0x2950  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
23:11:46.0015 0x2950  MSPCLOCK - ok
23:11:46.0068 0x2950  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
23:11:46.0099 0x2950  MSPQM - ok
23:11:46.0137 0x2950  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
23:11:46.0237 0x2950  MsRPC - ok
23:11:46.0269 0x2950  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
23:11:46.0316 0x2950  mssmbios - ok
23:11:46.0316 0x2950  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
23:11:46.0353 0x2950  MSTEE - ok
23:11:46.0369 0x2950  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
23:11:46.0400 0x2950  MTConfig - ok
23:11:46.0437 0x2950  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
23:11:46.0469 0x2950  Mup - ok
23:11:46.0500 0x2950  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
23:11:46.0536 0x2950  mvumis - ok
23:11:46.0569 0x2950  NasPmService - ok
23:11:46.0638 0x2950  [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:11:46.0701 0x2950  NativeWifiP - ok
23:11:46.0800 0x2950  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        c:\Program Files (x86)\Nero\Update\NASvc.exe
23:11:46.0869 0x2950  NAUpdate - ok
23:11:46.0901 0x2950  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
23:11:46.0938 0x2950  NcaSvc - ok
23:11:47.0001 0x2950  [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService      C:\WINDOWS\System32\ncbservice.dll
23:11:47.0086 0x2950  NcbService - ok
23:11:47.0117 0x2950  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
23:11:47.0217 0x2950  NcdAutoSetup - ok
23:11:47.0240 0x2950  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
23:11:47.0271 0x2950  ndfltr - ok
23:11:47.0372 0x2950  [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
23:11:47.0472 0x2950  NDIS - ok
23:11:47.0503 0x2950  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
23:11:47.0519 0x2950  NdisCap - ok
23:11:47.0541 0x2950  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
23:11:47.0604 0x2950  NdisImPlatform - ok
23:11:47.0657 0x2950  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:11:47.0704 0x2950  NdisTapi - ok
23:11:47.0741 0x2950  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
23:11:47.0757 0x2950  Ndisuio - ok
23:11:47.0788 0x2950  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:11:47.0842 0x2950  NdisVirtualBus - ok
23:11:47.0873 0x2950  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
23:11:47.0942 0x2950  NdisWan - ok
23:11:47.0973 0x2950  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:11:48.0020 0x2950  ndiswanlegacy - ok
23:11:48.0042 0x2950  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
23:11:48.0074 0x2950  ndproxy - ok

deskaisers · 21.04.2016, 22:21

und der zweite Teil von TDSSKiller

Code:

ATTFilter

23:11:48.0074 0x2950  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
23:11:48.0105 0x2950  Ndu - ok
23:11:48.0121 0x2950  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
23:11:48.0141 0x2950  NetBIOS - ok
23:11:48.0158 0x2950  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:11:48.0190 0x2950  NetBT - ok
23:11:48.0221 0x2950  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:11:48.0241 0x2950  Netlogon - ok
23:11:48.0290 0x2950  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
23:11:48.0321 0x2950  Netman - ok
23:11:48.0374 0x2950  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
23:11:48.0452 0x2950  netprofm - ok
23:11:48.0490 0x2950  [ C5DEEC4F7ED591D1E322899ADC4EE45F, CA3BE40FA1216F77C6D5B9FD518378DB9561163BFDC90C8CB1C2C2EA4112B263 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
23:11:48.0516 0x2950  NetSetupSvc - ok
23:11:48.0711 0x2950  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:11:48.0773 0x2950  NetTcpPortSharing - ok
23:11:48.0827 0x2950  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
23:11:48.0864 0x2950  NgcCtnrSvc - ok
23:11:48.0908 0x2950  [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
23:11:48.0971 0x2950  NgcSvc - ok
23:11:49.0020 0x2950  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
23:11:49.0052 0x2950  NlaSvc - ok
23:11:49.0089 0x2950  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:11:49.0174 0x2950  Npfs - ok
23:11:49.0221 0x2950  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
23:11:49.0252 0x2950  npsvctrig - ok
23:11:49.0321 0x2950  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
23:11:49.0374 0x2950  nsi - ok
23:11:49.0390 0x2950  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
23:11:49.0437 0x2950  nsiproxy - ok
23:11:49.0574 0x2950  [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
23:11:49.0706 0x2950  NTFS - ok
23:11:49.0737 0x2950  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:11:49.0775 0x2950  Null - ok
23:11:49.0790 0x2950  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
23:11:49.0822 0x2950  nvraid - ok
23:11:49.0837 0x2950  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
23:11:49.0875 0x2950  nvstor - ok
23:11:49.0891 0x2950  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
23:11:49.0922 0x2950  nv_agp - ok
23:11:49.0975 0x2950  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
23:11:50.0075 0x2950  OneSyncSvc - ok
23:11:50.0138 0x2950  [ 7B2FD92550C937DBDADCC39854A1A6E5, 7AB1FAEF087585963751BDD2485FEE34A73915C25015504D961B102D80178DCB ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:11:50.0176 0x2950  ose - ok
23:11:50.0222 0x2950  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
23:11:50.0291 0x2950  p2pimsvc - ok
23:11:50.0376 0x2950  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
23:11:50.0471 0x2950  p2psvc - ok
23:11:50.0507 0x2950  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
23:11:50.0554 0x2950  Parport - ok
23:11:50.0578 0x2950  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
23:11:50.0593 0x2950  partmgr - ok
23:11:50.0656 0x2950  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
23:11:50.0709 0x2950  PcaSvc - ok
23:11:50.0725 0x2950  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
23:11:50.0756 0x2950  pci - ok
23:11:50.0777 0x2950  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
23:11:50.0778 0x2950  pciide - ok
23:11:50.0810 0x2950  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
23:11:50.0825 0x2950  pcmcia - ok
23:11:50.0841 0x2950  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
23:11:50.0856 0x2950  pcw - ok
23:11:50.0878 0x2950  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
23:11:50.0894 0x2950  pdc - ok
23:11:51.0010 0x2950  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
23:11:51.0110 0x2950  PEAUTH - ok
23:11:51.0126 0x2950  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
23:11:51.0141 0x2950  percsas2i - ok
23:11:51.0157 0x2950  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
23:11:51.0179 0x2950  percsas3i - ok
23:11:51.0577 0x2950  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
23:11:51.0614 0x2950  PerfHost - ok
23:11:51.0699 0x2950  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
23:11:51.0799 0x2950  PhoneSvc - ok
23:11:51.0831 0x2950  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
23:11:51.0915 0x2950  PimIndexMaintenanceSvc - ok
23:11:52.0050 0x2950  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
23:11:52.0151 0x2950  pla - ok
23:11:52.0203 0x2950  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
23:11:52.0219 0x2950  PlugPlay - ok
23:11:52.0235 0x2950  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
23:11:52.0250 0x2950  PNRPAutoReg - ok
23:11:52.0289 0x2950  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
23:11:52.0320 0x2950  PNRPsvc - ok
23:11:52.0367 0x2950  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
23:11:52.0466 0x2950  PolicyAgent - ok
23:11:52.0504 0x2950  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
23:11:52.0535 0x2950  Power - ok
23:11:52.0589 0x2950  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
23:11:52.0636 0x2950  PptpMiniport - ok
23:11:53.0396 0x2950  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:11:53.0894 0x2950  PrintNotify - ok
23:11:53.0926 0x2950  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
23:11:53.0958 0x2950  Processor - ok
23:11:54.0011 0x2950  [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
23:11:54.0111 0x2950  ProfSvc - ok
23:11:54.0158 0x2950  [ 138DBAE80F390B22297ACD861BDA996E, F0799F40266A11058710AD8ED5D8797A350DCB2A55D3DEF179C1D8C87AFB5208 ] Ps2Kb2Hid       C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
23:11:54.0173 0x2950  Ps2Kb2Hid - ok
23:11:54.0227 0x2950  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
23:11:54.0274 0x2950  Psched - ok
23:11:54.0346 0x2950  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
23:11:54.0362 0x2950  PSI_SVC_2 - ok
23:11:54.0450 0x2950  [ 788CB65D49D1162C5EE6814AFE5B0A70, 74072698692C8237F5041BB111C4E24B6583456FDA084895EA00B677B6FF64FC ] PSI_SVC_2_x64   c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
23:11:54.0519 0x2950  PSI_SVC_2_x64 - ok
23:11:54.0581 0x2950  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
23:11:54.0666 0x2950  QWAVE - ok
23:11:54.0704 0x2950  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
23:11:54.0751 0x2950  QWAVEdrv - ok
23:11:54.0782 0x2950  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:11:54.0820 0x2950  RasAcd - ok
23:11:54.0882 0x2950  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
23:11:54.0936 0x2950  RasAgileVpn - ok
23:11:54.0983 0x2950  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:11:55.0036 0x2950  RasAuto - ok
23:11:55.0083 0x2950  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
23:11:55.0120 0x2950  Rasl2tp - ok
23:11:55.0205 0x2950  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:11:55.0336 0x2950  RasMan - ok
23:11:55.0352 0x2950  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:11:55.0383 0x2950  RasPppoe - ok
23:11:55.0405 0x2950  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
23:11:55.0436 0x2950  RasSstp - ok
23:11:55.0501 0x2950  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:11:55.0554 0x2950  rdbss - ok
23:11:55.0585 0x2950  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
23:11:55.0607 0x2950  rdpbus - ok
23:11:55.0623 0x2950  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
23:11:55.0654 0x2950  RDPDR - ok
23:11:55.0670 0x2950  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:11:55.0685 0x2950  RdpVideoMiniport - ok
23:11:55.0708 0x2950  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
23:11:55.0739 0x2950  rdyboost - ok
23:11:55.0808 0x2950  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
23:11:55.0855 0x2950  ReFSv1 - ok
23:11:55.0941 0x2950  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:11:56.0055 0x2950  RemoteAccess - ok
23:11:56.0086 0x2950  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:11:56.0139 0x2950  RemoteRegistry - ok
23:11:56.0255 0x2950  [ 518A992A6700A86A47F79388F91737C0, 29B5D48F1E360714F9BCB26939AD49ED07F6D9C82E0DB5C9C6AF5B0BBFF04341 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
23:11:56.0339 0x2950  RetailDemo - ok
23:11:56.0386 0x2950  [ F61333867216EDE1A09A7C55FEDCB6A8, 991FC810FB281F4E91B7D22A7C5AF5D11419ACE05BBB3F664812391069A336F0 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
23:11:56.0408 0x2950  RfButtonDriverService - ok
23:11:56.0440 0x2950  [ AEEF76F938188EBF27DF70C1806877F2, 08560C5DE13EBC46EE77F369E92B89350135D5E01A2AF61AA2EA46BEC41EEDD6 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
23:11:56.0509 0x2950  RFCOMM - ok
23:11:56.0571 0x2950  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
23:11:56.0609 0x2950  RpcEptMapper - ok
23:11:56.0656 0x2950  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:11:56.0671 0x2950  RpcLocator - ok
23:11:56.0740 0x2950  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:11:56.0787 0x2950  RpcSs - ok
23:11:56.0824 0x2950  [ 49EEC19C34A6906883E1279EF8EDA361, 333E9A0A5A497B54D32AFF5D4E2E655FE849E73B8E2AE46CFC5E4E638617AE85 ] RSBASTOR        C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys
23:11:56.0855 0x2950  RSBASTOR - ok
23:11:56.0887 0x2950  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
23:11:56.0940 0x2950  rspndr - ok
23:11:56.0987 0x2950  [ FBEFF38DE03450E03E6CD9E8E37A8C74, C1C0876785DB4366D67792A3AFA219FC933FC1894AF93D07B0016BBCC81A5886 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
23:11:57.0087 0x2950  rt640x64 - ok
23:11:57.0107 0x2950  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
23:11:57.0124 0x2950  s3cap - ok
23:11:57.0156 0x2950  [ A49CDA75F8E41F769D19E2669BD62B37, 768A7CAD039C0285191E9D20E36ED8B9A2009499D75888AD88418385B0B9E1AB ] S3XXx64         C:\WINDOWS\system32\DRIVERS\S3XXx64.sys
23:11:57.0204 0x2950  S3XXx64 - ok
23:11:57.0209 0x2950  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
23:11:57.0241 0x2950  SamSs - ok
23:11:57.0288 0x2950  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
23:11:57.0325 0x2950  sbp2port - ok
23:11:57.0357 0x2950  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
23:11:57.0457 0x2950  SCardSvr - ok
23:11:57.0510 0x2950  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
23:11:57.0588 0x2950  ScDeviceEnum - ok
23:11:57.0614 0x2950  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:11:57.0646 0x2950  scfilter - ok
23:11:57.0715 0x2950  [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:11:57.0813 0x2950  Schedule - ok
23:11:57.0846 0x2950  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
23:11:57.0893 0x2950  SCPolicySvc - ok
23:11:57.0930 0x2950  [ B24408471C1BCB17FC44F5B47EA8DEA3, 1CFE07C793F2A3D883E9071B8703C01A7619C8C0A02AAEBAA1130F36654AFD4F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
23:11:57.0962 0x2950  sdbus - ok
23:11:57.0993 0x2950  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
23:11:58.0015 0x1e20  Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
23:11:58.0077 0x2950  SDRSVC - ok
23:11:58.0115 0x2950  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
23:11:58.0146 0x2950  sdstor - ok
23:11:58.0178 0x2950  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\WINDOWS\system32\seclogon.dll
23:11:58.0210 0x2950  seclogon - ok
23:11:58.0231 0x2950  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
23:11:58.0262 0x2950  SENS - ok
23:11:58.0381 0x2950  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
23:11:58.0519 0x2950  SensorDataService - ok
23:11:58.0566 0x2950  [ 45D26646E3AD737E5DE3DB91CCCE7DBA, B05AB32700998C8347BC5797B18EB97F303FCB2302BED852348F2703DEDE72F9 ] SensorService   C:\WINDOWS\system32\SensorService.dll
23:11:58.0619 0x2950  SensorService - ok
23:11:58.0666 0x2950  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
23:11:58.0698 0x2950  SensrSvc - ok
23:11:58.0735 0x2950  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
23:11:58.0766 0x2950  SerCx - ok
23:11:58.0797 0x2950  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
23:11:58.0851 0x2950  SerCx2 - ok
23:11:58.0897 0x2950  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
23:11:58.0935 0x2950  Serenum - ok
23:11:58.0982 0x2950  [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial          C:\WINDOWS\System32\drivers\serial.sys
23:11:59.0020 0x2950  Serial - ok
23:11:59.0036 0x2950  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
23:11:59.0067 0x2950  sermouse - ok
23:11:59.0135 0x2950  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
23:11:59.0198 0x2950  SessionEnv - ok
23:11:59.0218 0x2950  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
23:11:59.0219 0x2950  sfloppy - ok
23:11:59.0266 0x2950  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:11:59.0320 0x2950  SharedAccess - ok
23:11:59.0487 0x2950  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:11:59.0587 0x2950  ShellHWDetection - ok
23:11:59.0641 0x2950  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:11:59.0672 0x2950  SiSRaid2 - ok
23:11:59.0726 0x2950  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
23:11:59.0757 0x2950  SiSRaid4 - ok
23:11:59.0845 0x2950  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:11:59.0908 0x2950  SkypeUpdate - ok
23:11:59.0981 0x2950  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
23:12:00.0034 0x2950  smphost - ok
23:12:00.0234 0x2950  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
23:12:00.0350 0x2950  SmsRouter - ok
23:12:00.0397 0x2950  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:12:00.0434 0x2950  SNMPTRAP - ok
23:12:00.0513 0x2950  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
23:12:00.0582 0x1e20  Object send P2P result: true
23:12:00.0582 0x1e20  Object required for P2P: [ D7C6DB84CF2D88DD450654C7D1DD469E ] ClickToRunSvc
23:12:00.0629 0x2950  spaceport - ok
23:12:00.0650 0x2950  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
23:12:00.0682 0x2950  SpbCx - ok
23:12:00.0751 0x2950  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\WINDOWS\System32\spoolsv.exe
23:12:00.0798 0x2950  Spooler - ok
23:12:01.0061 0x2950  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
23:12:01.0395 0x2950  sppsvc - ok
23:12:01.0442 0x2950  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:12:01.0511 0x2950  srv - ok
23:12:01.0558 0x2950  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
23:12:01.0626 0x2950  srv2 - ok
23:12:01.0675 0x2950  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:12:01.0742 0x2950  srvnet - ok
23:12:01.0827 0x2950  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:12:01.0896 0x2950  SSDPSRV - ok
23:12:01.0927 0x2950  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
23:12:01.0980 0x2950  SstpSvc - ok
23:12:02.0158 0x2950  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
23:12:02.0211 0x2950  ss_conn_service - ok
23:12:02.0346 0x2950  [ E2496AF75B2099453D6DBCD91C600D2D, 4B00123F677F6998223B5C51ADFB44781348919BA154442146AA0542C36D76B9 ] StarMoney 10 OnlineUpdate C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
23:12:02.0384 0x2950  StarMoney 10 OnlineUpdate - ok
23:12:02.0520 0x2950  [ 3BF022F8064A83A23DF90971DD78CA83, 85754DF1C6DE745ADF9A0BAB1948AFF2CA16C4569128DA90AF610D199E621BF4 ] StarMoney 9.0 OnlineUpdate C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
23:12:02.0589 0x2950  StarMoney 9.0 OnlineUpdate - ok
23:12:02.0767 0x2950  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
23:12:02.0968 0x2950  StateRepository - ok
23:12:02.0989 0x2950  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
23:12:03.0020 0x2950  stexstor - ok
23:12:03.0052 0x2950  [ 2834415C4EDD6CE35CB3CFEC50E08469, 28426616C709457DF38B5E2B4B9666C1255B81D2097589A95AAABD1BFACD302A ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
23:12:03.0089 0x2950  StillCam - ok
23:12:03.0105 0x1e20  Object send P2P result: true
23:12:03.0105 0x1e20  Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
23:12:03.0168 0x2950  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
23:12:03.0268 0x2950  stisvc - ok
23:12:03.0290 0x2950  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
23:12:03.0306 0x2950  storahci - ok
23:12:03.0353 0x2950  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
23:12:03.0391 0x2950  storflt - ok
23:12:03.0422 0x2950  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
23:12:03.0453 0x2950  stornvme - ok
23:12:03.0488 0x2950  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
23:12:03.0522 0x2950  storqosflt - ok
23:12:03.0591 0x2950  [ E5C3042B68D4EA89B3C52E150E553DA0, 83428E8EFC584778745F6B30F6F8FD96A645AD33F39AA955E97F9A0D458847B1 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
23:12:03.0669 0x2950  StorSvc - ok
23:12:03.0695 0x2950  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
23:12:03.0710 0x2950  storufs - ok
23:12:03.0742 0x2950  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
23:12:03.0773 0x2950  storvsc - ok
23:12:03.0814 0x2950  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
23:12:03.0877 0x2950  svsvc - ok
23:12:03.0877 0x2950  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
23:12:03.0899 0x2950  swenum - ok
23:12:03.0946 0x2950  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
23:12:04.0015 0x2950  swprv - ok
23:12:04.0077 0x2950  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
23:12:04.0162 0x2950  Synth3dVsc - ok
23:12:05.0049 0x2950  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
23:12:05.0322 0x2950  SysMain - ok
23:12:05.0422 0x2950  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:12:05.0485 0x2950  SystemEventsBroker - ok
23:12:05.0553 0x2950  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:12:05.0622 0x1e20  Object send P2P result: true
23:12:05.0622 0x2950  TabletInputService - ok
23:12:05.0638 0x1e20  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
23:12:05.0704 0x2950  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:12:05.0770 0x2950  TapiSrv - ok
23:12:05.0907 0x2950  [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
23:12:06.0023 0x2950  Tcpip - ok
23:12:06.0123 0x2950  [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
23:12:06.0224 0x2950  Tcpip6 - ok
23:12:06.0286 0x2950  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
23:12:06.0324 0x2950  tcpipreg - ok
23:12:06.0371 0x2950  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
23:12:06.0409 0x2950  tdx - ok
23:12:06.0847 0x2950  [ E1E13735B6D2FE4FFEAEB91989B9C46F, 32CCCDD17C72ECBD96BB15B9362AD5BC0B173E95F9A4045F084719A5E956932B ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
23:12:07.0094 0x2950  TeamViewer - ok
23:12:07.0110 0x2950  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
23:12:07.0125 0x2950  terminpt - ok
23:12:07.0241 0x2950  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
23:12:07.0327 0x2950  TermService - ok
23:12:07.0342 0x2950  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
23:12:07.0364 0x2950  Themes - ok
23:12:07.0396 0x2950  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
23:12:07.0463 0x2950  TieringEngineService - ok
23:12:07.0543 0x2950  [ 62300878366762EABAC7834543964A6E, 84E3DE6C93B31CBA71BA90669EB52C3122774E0EF803390EE8A483164D2CFE18 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
23:12:07.0627 0x2950  tiledatamodelsvc - ok
23:12:07.0665 0x2950  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
23:12:07.0728 0x2950  TimeBroker - ok
23:12:07.0765 0x2950  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
23:12:07.0797 0x2950  TPM - ok
23:12:07.0863 0x2950  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
23:12:07.0913 0x2950  TrkWks - ok
23:12:07.0997 0x2950  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:12:08.0044 0x2950  TrustedInstaller - ok
23:12:08.0082 0x2950  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
23:12:08.0128 0x2950  tsusbflt - ok
23:12:08.0144 0x2950  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:12:08.0182 0x2950  TsUsbGD - ok
23:12:08.0182 0x1e20  Object send P2P result: true
23:12:08.0182 0x1e20  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
23:12:08.0197 0x2950  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
23:12:08.0244 0x2950  tunnel - ok
23:12:08.0297 0x2950  [ 56C238ACFE4CB020D3E38508249039EA, 172868080F07D98175229A02410FE751B5958ED5A3D567D4AE5736F4025DF432 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
23:12:08.0344 0x2950  tzautoupdate - ok
23:12:08.0367 0x2950  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
23:12:08.0413 0x2950  uagp35 - ok
23:12:08.0429 0x2950  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
23:12:08.0445 0x2950  UASPStor - ok
23:12:08.0467 0x2950  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
23:12:08.0482 0x2950  UcmCx0101 - ok
23:12:08.0514 0x2950  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
23:12:08.0563 0x2950  UcmUcsi - ok
23:12:08.0598 0x2950  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
23:12:08.0630 0x2950  Ucx01000 - ok
23:12:08.0665 0x2950  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
23:12:08.0682 0x2950  UdeCx - ok
23:12:08.0729 0x2950  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
23:12:08.0829 0x2950  udfs - ok
23:12:08.0829 0x2950  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
23:12:08.0845 0x2950  UEFI - ok
23:12:08.0898 0x2950  [ 28B8E1C6CBCF9FFE2FABFF3160C26ADF, 1C90E6C4E17C9B5555151943970BB6CC196E7EFC6665D9B9DCBB1EC51C70C715 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
23:12:08.0963 0x2950  Ufx01000 - ok
23:12:08.0982 0x2950  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
23:12:08.0998 0x2950  UfxChipidea - ok
23:12:09.0029 0x2950  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
23:12:09.0045 0x2950  ufxsynopsys - ok
23:12:09.0098 0x2950  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
23:12:09.0130 0x2950  UI0Detect - ok
23:12:09.0187 0x2950  [ 6E566C1708DDC93ADF9286E9C714B652, AF179BCA9395D51ACDFB5BACE29388E2B4D5587FCAB53898AAA4F4011851B115 ] UimBus          C:\WINDOWS\System32\drivers\UimBus.sys
23:12:09.0218 0x2950  UimBus - ok
23:12:09.0249 0x2950  [ 7DF6A08B0B74C4F9357EFBAE309B87F1, 9A5BB8EA70709519A3599D0818923321AE691CC9EBC1ABC3F5BB008AF18B797B ] Uim_DEVIM       C:\WINDOWS\System32\drivers\uim_devim.sys
23:12:09.0271 0x2950  Uim_DEVIM - ok
23:12:09.0334 0x2950  [ 2DDD63E0948474B91046CF1AB7661189, A91A1F1E646B928C95C30DA4D70220262D3A67C1B66E365C981AA23A401624E9 ] Uim_IM          C:\WINDOWS\System32\drivers\uim_im.sys
23:12:09.0403 0x2950  Uim_IM - ok
23:12:09.0450 0x2950  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
23:12:09.0488 0x2950  uliagpkx - ok
23:12:09.0519 0x2950  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
23:12:09.0572 0x2950  umbus - ok
23:12:09.0588 0x2950  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
23:12:09.0635 0x2950  UmPass - ok
23:12:09.0704 0x2950  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
23:12:09.0788 0x2950  UmRdpService - ok
23:12:09.0867 0x2950  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
23:12:10.0005 0x2950  UnistoreSvc - ok
23:12:10.0172 0x2950  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:12:10.0205 0x2950  UNS - ok
23:12:10.0290 0x2950  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:12:10.0374 0x2950  upnphost - ok
23:12:10.0405 0x2950  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
23:12:10.0421 0x2950  UrsChipidea - ok
23:12:10.0452 0x2950  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
23:12:10.0474 0x2950  UrsCx01000 - ok
23:12:10.0474 0x2950  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
23:12:10.0490 0x2950  UrsSynopsys - ok
23:12:10.0537 0x2950  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
23:12:10.0552 0x2950  usbccgp - ok
23:12:10.0569 0x2950  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
23:12:10.0590 0x2950  usbcir - ok
23:12:10.0621 0x2950  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
23:12:10.0652 0x2950  usbehci - ok
23:12:10.0690 0x1e20  Object send P2P result: true
23:12:10.0706 0x1e20  Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
23:12:10.0722 0x2950  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
23:12:10.0791 0x2950  usbhub - ok
23:12:10.0837 0x2950  [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
23:12:10.0922 0x2950  USBHUB3 - ok
23:12:10.0937 0x2950  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
23:12:10.0953 0x2950  usbohci - ok
23:12:10.0973 0x2950  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
23:12:10.0991 0x2950  usbprint - ok
23:12:11.0022 0x2950  [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
23:12:11.0038 0x2950  usbser - ok
23:12:11.0071 0x2950  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:12:11.0075 0x2950  USBSTOR - ok
23:12:11.0107 0x2950  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
23:12:11.0138 0x2950  usbuhci - ok
23:12:11.0154 0x2950  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
23:12:11.0191 0x2950  usbvideo - ok
23:12:11.0307 0x2950  [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:12:11.0391 0x2950  USBXHCI - ok
23:12:11.0492 0x2950  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
23:12:11.0608 0x2950  UserDataSvc - ok
23:12:11.0655 0x2950  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
23:12:11.0738 0x2950  UserManager - ok
23:12:11.0777 0x2950  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
23:12:11.0896 0x2950  UsoSvc - ok
23:12:11.0927 0x2950  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
23:12:11.0958 0x2950  VaultSvc - ok
23:12:11.0996 0x2950  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
23:12:12.0027 0x2950  vdrvroot - ok
23:12:12.0080 0x2950  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
23:12:12.0158 0x2950  vds - ok
23:12:12.0181 0x2950  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
23:12:12.0196 0x2950  VerifierExt - ok
23:12:12.0243 0x2950  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
23:12:12.0296 0x2950  vhdmp - ok
23:12:12.0296 0x2950  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
23:12:12.0328 0x2950  vhf - ok
23:12:12.0359 0x2950  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
23:12:12.0381 0x2950  vmbus - ok
23:12:12.0397 0x2950  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
23:12:12.0412 0x2950  VMBusHID - ok
23:12:12.0497 0x2950  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:12:12.0582 0x2950  vmicguestinterface - ok
23:12:12.0629 0x2950  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
23:12:12.0682 0x2950  vmicheartbeat - ok
23:12:12.0698 0x2950  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:12:12.0744 0x2950  vmickvpexchange - ok
23:12:12.0760 0x2950  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
23:12:12.0798 0x2950  vmicrdv - ok
23:12:12.0877 0x2950  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
23:12:12.0914 0x2950  vmicshutdown - ok
23:12:12.0983 0x2950  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
23:12:13.0045 0x2950  vmictimesync - ok
23:12:13.0083 0x2950  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
23:12:13.0130 0x2950  vmicvmsession - ok
23:12:13.0180 0x2950  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
23:12:13.0215 0x2950  vmicvss - ok
23:12:13.0230 0x1e20  Object send P2P result: true
23:12:13.0230 0x1e20  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
23:12:13.0246 0x2950  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
23:12:13.0261 0x2950  volmgr - ok
23:12:13.0300 0x2950  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
23:12:13.0316 0x2950  volmgrx - ok
23:12:13.0347 0x2950  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
23:12:13.0384 0x2950  volsnap - ok
23:12:13.0416 0x2950  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
23:12:13.0447 0x2950  vpci - ok
23:12:13.0485 0x2950  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
23:12:13.0547 0x2950  vsmraid - ok
23:12:13.0663 0x2950  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
23:12:13.0785 0x2950  VSS - ok
23:12:13.0832 0x2950  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
23:12:13.0901 0x2950  VSTXRAID - ok
23:12:13.0932 0x2950  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
23:12:13.0964 0x2950  vwifibus - ok
23:12:13.0964 0x2950  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
23:12:14.0001 0x2950  vwififlt - ok
23:12:14.0001 0x2950  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
23:12:14.0032 0x2950  vwifimp - ok
23:12:14.0117 0x2950  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
23:12:14.0202 0x2950  W32Time - ok
23:12:14.0233 0x2950  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
23:12:14.0249 0x2950  WacomPen - ok
23:12:14.0334 0x2950  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
23:12:14.0418 0x2950  WalletService - ok
23:12:14.0449 0x2950  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:12:14.0486 0x2950  wanarp - ok
23:12:14.0487 0x2950  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:12:14.0518 0x2950  wanarpv6 - ok
23:12:14.0619 0x2950  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
23:12:14.0735 0x2950  wbengine - ok
23:12:14.0851 0x2950  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
23:12:14.0951 0x2950  WbioSrvc - ok
23:12:15.0035 0x2950  [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
23:12:15.0135 0x2950  Wcmsvc - ok
23:12:15.0204 0x2950  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
23:12:15.0288 0x2950  wcncsvc - ok
23:12:15.0304 0x2950  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:12:15.0320 0x2950  WcsPlugInService - ok
23:12:15.0389 0x2950  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
23:12:15.0420 0x2950  WdBoot - ok
23:12:15.0636 0x2950  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
23:12:15.0721 0x2950  Wdf01000 - ok
23:12:15.0721 0x1e20  Object send P2P result: true
23:12:15.0736 0x2950  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
23:12:15.0768 0x2950  WdFilter - ok
23:12:15.0805 0x2950  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
23:12:15.0821 0x2950  WdiServiceHost - ok
23:12:15.0852 0x2950  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
23:12:15.0884 0x2950  WdiSystemHost - ok
23:12:15.0953 0x2950  [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
23:12:16.0037 0x2950  wdiwifi - ok
23:12:16.0069 0x2950  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:12:16.0091 0x2950  WdNisDrv - ok
23:12:16.0122 0x2950  WdNisSvc - ok
23:12:16.0169 0x2950  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:12:16.0254 0x2950  WebClient - ok
23:12:16.0290 0x2950  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
23:12:16.0323 0x2950  Wecsvc - ok
23:12:16.0323 0x2950  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
23:12:16.0354 0x2950  WEPHOSTSVC - ok
23:12:16.0370 0x2950  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
23:12:16.0392 0x2950  wercplsupport - ok
23:12:16.0408 0x2950  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
23:12:16.0439 0x2950  WerSvc - ok
23:12:16.0439 0x2950  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
23:12:16.0470 0x2950  WFPLWFS - ok
23:12:16.0470 0x2950  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
23:12:16.0492 0x2950  WiaRpc - ok
23:12:16.0523 0x2950  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
23:12:16.0555 0x2950  WIMMount - ok
23:12:16.0570 0x2950  WinDefend - ok
23:12:16.0591 0x2950  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
23:12:16.0608 0x2950  WindowsTrustedRT - ok
23:12:16.0608 0x2950  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
23:12:16.0624 0x2950  WindowsTrustedRTProxy - ok
23:12:16.0692 0x2950  [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:12:16.0793 0x2950  WinHttpAutoProxySvc - ok
23:12:16.0808 0x2950  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
23:12:16.0840 0x2950  WinMad - ok
23:12:17.0072 0x2950  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:12:17.0110 0x2950  Winmgmt - ok
23:12:17.0294 0x2950  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
23:12:17.0503 0x2950  WinRM - ok
23:12:17.0543 0x2950  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
23:12:17.0574 0x2950  WINUSB - ok
23:12:17.0589 0x2950  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
23:12:17.0628 0x2950  WinVerbs - ok
23:12:17.0759 0x2950  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
23:12:17.0928 0x2950  WlanSvc - ok
23:12:18.0044 0x2950  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
23:12:18.0176 0x2950  wlidsvc - ok
23:12:18.0207 0x2950  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
23:12:18.0245 0x2950  WmiAcpi - ok
23:12:18.0291 0x2950  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:12:18.0345 0x2950  wmiApSrv - ok
23:12:18.0392 0x2950  WMPNetworkSvc - ok
23:12:18.0429 0x2950  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
23:12:18.0476 0x2950  Wof - ok
23:12:18.0607 0x2950  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
23:12:18.0777 0x2950  workfolderssvc - ok
23:12:18.0845 0x2950  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:12:18.0876 0x2950  wpcfltr - ok
23:12:18.0908 0x2950  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
23:12:18.0945 0x2950  WPDBusEnum - ok
23:12:18.0945 0x2950  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:12:18.0977 0x2950  WpdUpFltr - ok
23:12:18.0992 0x2950  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
23:12:19.0030 0x2950  WpnService - ok
23:12:19.0046 0x2950  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:12:19.0061 0x2950  ws2ifsl - ok
23:12:19.0108 0x2950  [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
23:12:19.0162 0x2950  wscsvc - ok
23:12:19.0177 0x2950  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
23:12:19.0209 0x2950  WSDPrintDevice - ok
23:12:19.0230 0x2950  [ 3A3294E2E5CBFC51999180C06051DDE9, 2EEE0A5BEBB366E4C12245E8175685CF2173E260B482A8EEB7F8255BA43C6CE3 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
23:12:19.0246 0x2950  WSDScan - ok
23:12:19.0246 0x2950  WSearch - ok
23:12:19.0482 0x2950  [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService       C:\WINDOWS\System32\WSService.dll
23:12:19.0667 0x2950  WSService - ok
23:12:19.0813 0x2950  [ 3D0DE8170ECCEC20CBF205D79C535BA1, 9249A420B9024AB3B18D7E4DAC20E2080E0759C620F46D37D467DC25A77F2025 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
23:12:20.0014 0x2950  wuauserv - ok
23:12:20.0054 0x2950  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
23:12:20.0085 0x2950  WudfPf - ok
23:12:20.0101 0x2950  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
23:12:20.0139 0x2950  WUDFRd - ok
23:12:20.0186 0x2950  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
23:12:20.0239 0x2950  wudfsvc - ok
23:12:20.0340 0x2950  [ 7F7591CCC146EC7D9EB77C1277D605F4, 80D6D45BD3C3C7F79BFA98B864CBFA443245416ED64C0BC16E9E7C8C5E958AFB ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
23:12:20.0518 0x2950  WwanSvc - ok
23:12:20.0574 0x2950  [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
23:12:20.0656 0x2950  XblAuthManager - ok
23:12:20.0740 0x2950  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
23:12:20.0856 0x2950  XblGameSave - ok
23:12:20.0888 0x2950  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
23:12:20.0919 0x2950  xboxgip - ok
23:12:21.0105 0x2950  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
23:12:21.0189 0x2950  XboxNetApiSvc - ok
23:12:21.0242 0x2950  [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
23:12:21.0273 0x2950  xinputhid - ok
23:12:21.0273 0x2950  ================ Scan global ===============================
23:12:21.0342 0x2950  [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
23:12:21.0389 0x2950  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
23:12:21.0457 0x2950  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
23:12:21.0520 0x2950  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
23:12:21.0557 0x2950  [ Global ] - ok
23:12:21.0557 0x2950  ================ Scan MBR ==================================
23:12:21.0589 0x2950  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:12:21.0773 0x2950  \Device\Harddisk0\DR0 - ok
23:12:21.0773 0x2950  ================ Scan VBR ==================================
23:12:21.0773 0x2950  [ DBC33C161DFFD249C144D5044CACBC58 ] \Device\Harddisk0\DR0\Partition1
23:12:21.0805 0x2950  \Device\Harddisk0\DR0\Partition1 - ok
23:12:21.0820 0x2950  [ 77B6A96EDC6FD9678CC787A5BD7F09B0 ] \Device\Harddisk0\DR0\Partition2
23:12:21.0842 0x2950  \Device\Harddisk0\DR0\Partition2 - ok
23:12:21.0857 0x2950  [ 7B04C5E3C6961173AD5D859B4356E58D ] \Device\Harddisk0\DR0\Partition3
23:12:21.0857 0x2950  \Device\Harddisk0\DR0\Partition3 - ok
23:12:21.0889 0x2950  [ D7126E14CD7A21BAAC731C97055F18D2 ] \Device\Harddisk0\DR0\Partition4
23:12:21.0904 0x2950  \Device\Harddisk0\DR0\Partition4 - ok
23:12:21.0942 0x2950  [ DF75BA8976686039BAC45B146B48FFDD ] \Device\Harddisk0\DR0\Partition5
23:12:21.0957 0x2950  \Device\Harddisk0\DR0\Partition5 - ok
23:12:21.0973 0x2950  [ 3E96DCCC3A532DA325866E0E97D4398C ] \Device\Harddisk0\DR0\Partition6
23:12:21.0989 0x2950  \Device\Harddisk0\DR0\Partition6 - ok
23:12:21.0989 0x2950  ================ Scan generic autorun ======================
23:12:21.0989 0x2950  ETDCtrl - ok
23:12:22.0538 0x2950  [ 6B446D957B19C6DFA0C0F1EA9AFE72BF, 58351ABDAF793BDBB2D19E090A15CD7792C6AF0D97E7D0941296AB18ADB9D256 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:12:23.0094 0x2950  RtHDVCpl - ok
23:12:23.0208 0x2950  [ DC1E9A0B09A6068BA2E48E04F0F7F406, 1F7C44175C3F54D6A791B0E2C75977764B27DF526A6D9A0A40B7424B03561FD2 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
23:12:23.0311 0x2950  RtHDVBg_Dolby - ok
23:12:23.0716 0x2950  [ A118C52E94780AEBFA52D05A3313CCF6, 26537CC3312B2C0477751152FDA18CECAC14023DCD1DB033944A11E12F449885 ] C:\Program Files\ESET\ESET Smart Security\egui.exe
23:12:23.0938 0x2950  egui - ok
23:12:23.0954 0x2950  mcui_exe - ok
23:12:23.0985 0x2950  [ FF7CB5344094510654C240486B4B1B3F, 2A50A3BC366D5293C61FEDC5639C0EB2BB3176933599B6C1533F06F9B6C5D2DF ] C:\Program Files (x86)\RadioController\RfBtnHelper.exe
23:12:24.0016 0x2950  RadioController - ok
23:12:24.0200 0x2950  [ 5EE9595568218E6AA0FE0F6065B65EC7, 8ED0A1A8E4FC37E24D205EC4BA357574FA22B8B5019AFCCB9D0F55B03519163C ] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
23:12:24.0416 0x2950  Family Tree Builder Update - detected UnsignedFile.Multi.Generic ( 1 )
23:12:26.0763 0x2950  Detect skipped due to KSN trusted
23:12:26.0763 0x2950  Family Tree Builder Update - ok
23:12:26.0964 0x2950  [ 42E4E281D9646F15E5C4D0CFD61CE684, 0F0ED72CA029C7B0F50DE507FD2EACFBCB89F2262B81A7DB0B260E34CB19BC05 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
23:12:27.0080 0x2950  WSHelperSetup.exe - ok
23:12:27.0160 0x2950  [ 42E4E281D9646F15E5C4D0CFD61CE684, 0F0ED72CA029C7B0F50DE507FD2EACFBCB89F2262B81A7DB0B260E34CB19BC05 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
23:12:27.0211 0x2950  Wondershare Helper Compact.exe - ok
23:12:27.0258 0x2950  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
23:12:27.0265 0x2950  APSDaemon - ok
23:12:27.0343 0x2950  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
23:12:27.0365 0x2950  HP Software Update - ok
23:12:28.0049 0x2950  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:12:28.0415 0x2950  OneDriveSetup - ok
23:12:28.0441 0x2570  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
23:12:28.0742 0x2950  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:12:29.0100 0x2950  OneDriveSetup - ok
23:12:29.0184 0x2950  [ 42E4E281D9646F15E5C4D0CFD61CE684, 0F0ED72CA029C7B0F50DE507FD2EACFBCB89F2262B81A7DB0B260E34CB19BC05 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
23:12:29.0254 0x2950  WSHelperSetup.exe - ok
23:12:29.0401 0x2950  [ 4FF9A9F17E5722357EA1F614155F7BCB, 6E43F9269383FEDDE31CC1D3F7268DB2910079550CC2CA440ABB8C3A1E31F2A0 ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
23:12:29.0486 0x2950  MyDriveConnect.exe - ok
23:12:29.0724 0x2950  [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\Julius\AppData\Local\Microsoft\OneDrive\OneDrive.exe
23:12:29.0802 0x2950  OneDrive - ok
23:12:30.0002 0x2950  [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
23:12:30.0186 0x2950  HP Officejet Pro 8610 (NET) - ok
23:12:30.0244 0x2950  Skype - ok
23:12:30.0750 0x2950  [ E93D62A6DB736AA82A3EEDDFDFE73311, 96EC57F66EE1A36580536518A814299DE6D5DACC0026F5A659B41918434ED8FA ] C:\Program Files\CCleaner\CCleaner64.exe
23:12:30.0973 0x2570  Object send P2P result: true
23:12:30.0978 0x2570  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
23:12:31.0077 0x2950  CCleaner Monitoring - ok
23:12:31.0278 0x2950  [ 7E2857D4C8F7732AABB68CEBD8C8A239, CCDC4A497B182A46DE4C11043D5F61EA467F59D6BF528F13341432BF2E0D1BE0 ] C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe
23:12:31.0440 0x2950  AcerCloud - ok
23:12:31.0709 0x2950  [ C18C7783D197EE27E8B71DB8F51E0628, 290F29FF5212B810DBDB5F23A537178EAC9E98BC05AFAC5F776A7BD4D3FB51AC ] C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe
23:12:31.0994 0x2950  MyPhoneExplorer - ok
23:12:32.0161 0x2950  [ BF0C5F1D9F26E3AFDD577D72B48EA917, 427C6CD1179F1B813C3068EC8F11A634C0F27407109E639F4AFA121644885B11 ] C:\Users\mail_000.DEKANPC09\AppData\Roaming\OTi\AndroidShadow1422\ExImg\ImageRoot\ADLauncher.exe
23:12:32.0214 0x2950  AndroidShadowCable - ok
23:12:32.0399 0x2950  [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
23:12:32.0584 0x2950  HP Officejet Pro 8610 (NET) - ok
23:12:32.0700 0x2950  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\mail_000.DEKANPC09\AppData\Local\Dropbox\Update\DropboxUpdate.exe
23:12:32.0731 0x2950  Dropbox Update - ok
23:12:32.0915 0x2950  [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\mail_000.DEKANPC09\AppData\Local\Microsoft\OneDrive\OneDrive.exe
23:12:32.0962 0x2950  OneDrive - ok
23:12:32.0962 0x2950  Waiting for KSN requests completion. In queue: 166
23:12:33.0501 0x2570  Object send P2P result: true
23:12:33.0516 0x2570  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
23:12:33.0985 0x2950  Waiting for KSN requests completion. In queue: 84
23:12:34.0998 0x2950  Waiting for KSN requests completion. In queue: 84
23:12:35.0326 0x2a84  Object required for P2P: [ 4FF9A9F17E5722357EA1F614155F7BCB ] C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
23:12:36.0013 0x2950  Waiting for KSN requests completion. In queue: 77
23:12:36.0047 0x2570  Object send P2P result: true
23:12:37.0025 0x2950  Waiting for KSN requests completion. In queue: 10
23:12:37.0855 0x2a84  Object send P2P result: true
23:12:37.0855 0x2a84  Object required for P2P: [ E93D62A6DB736AA82A3EEDDFDFE73311 ] C:\Program Files\CCleaner\CCleaner64.exe
23:12:38.0037 0x2950  Waiting for KSN requests completion. In queue: 5
23:12:39.0047 0x2950  Waiting for KSN requests completion. In queue: 5
23:12:40.0058 0x2950  Waiting for KSN requests completion. In queue: 5
23:12:40.0434 0x2a84  Object send P2P result: true
23:12:40.0434 0x2a84  Object required for P2P: [ 7E2857D4C8F7732AABB68CEBD8C8A239 ] C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe
23:12:41.0068 0x2950  Waiting for KSN requests completion. In queue: 4
23:12:42.0082 0x2950  Waiting for KSN requests completion. In queue: 4
23:12:42.0970 0x2a84  Object send P2P result: true
23:12:43.0190 0x2950  AV detected via SS2: ESET Smart Security 8.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 8.0.319.0 ), 0x41000 ( enabled : updated )
23:12:43.0230 0x2950  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
23:12:43.0230 0x2950  FW detected via SS2: ESET Personal Firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 8.0.319.0 ), 0x41010 ( enabled )
23:12:45.0689 0x2950  ============================================================
23:12:45.0689 0x2950  Scan finished
23:12:45.0689 0x2950  ============================================================
23:12:45.0705 0x16f4  Detected object count: 0
23:12:45.0705 0x16f4  Actual detected object count: 0

So...
Ich hoffe ich habe alles richtig gemacht

Nochmals danke

Werner

M-K-D-B · 22.04.2016, 19:58

Servus,

ich sehe keine Malware, daher bist du hier in diesem Teil des Forums falsch.

Wenn du mal Zeit hast, sichere deine Daten und setz Windows neu auf.

deskaisers · 22.04.2016, 23:40

Vielen Dank für die Mühe. Da bin ich ja beruhigt.

In welchem Forumteil wäre das ein Thema?

Es muss ja irgendwie auf den Rechner gekommen sein, also auch wieder entfernbar sein.

M-K-D-B · 23.04.2016, 20:53

Hier wäre der Beitrag gut aufgehoben.

deskaisers · 24.04.2016, 12:01

Ok.
Danke

M-K-D-B · 24.04.2016, 15:07

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

22.04.2016, 19:58	#8
M-K-D-B /// TB-Ausbilder	Benutzerkonto erstellt sich immer wieder neu Servus, ich sehe keine Malware, daher bist du hier in diesem Teil des Forums falsch. Wenn du mal Zeit hast, sichere deine Daten und setz Windows neu auf.

23.04.2016, 20:53	#10
M-K-D-B /// TB-Ausbilder	Benutzerkonto erstellt sich immer wieder neu Hier wäre der Beitrag gut aufgehoben.

24.04.2016, 15:07	#12
M-K-D-B /// TB-Ausbilder	Benutzerkonto erstellt sich immer wieder neu Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Benutzerkonto erstellt sich immer wieder neu

Plagegeister aller Art und deren Bekämpfung: Benutzerkonto erstellt sich immer wieder neu