| |
| |||||||
Log-Analyse und Auswertung: Microsoft AnrufWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.09.2016, 11:24
| #1 |
 |  Microsoft Anruf Hallo Trojaner-Team, ich hab´s geschafft und bin auf einen Microsoft-Anruf reingefallen. Bin leider erst bei der Geldforderung abgesprungen, sprich die Jungs waren mit Fernwartung schon bei mir drauf.  Bin jetzt über Systemwiederherstellung wider Erwarten doch wieder Zugriff auf meinen PC; Aufforderung für das Systemstart-Passwort kommt nicht mehr... . Ich glaub´ ich bin mit einem blauen Auge davongekommen, ich Vollhorst. Können wir zusammen bitte mal meinen PC checken? Hab euch das FRST + Addition mit drangehängt. Virenscanner-Log (Avast) bin ich mir nicht sicher welches, da tauchen gleich mehrere auf, wenn ich scanne... . Vorab vielen Dank! Viele Grüße, Michael FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von Artmeiers (Administrator) auf DESKTOP-ITK1JJ8 (01-09-2016 15:52:57)
Gestartet von C:\Users\Artmeiers\Downloads
Geladene Profile: Artmeiers (Verfügbare Profile: Artmeiers)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\System32\igfxTray.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) D:\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => D:\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-01] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => D:\Office2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Run: [Amazon Music] => C:\Users\Artmeiers\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-12-15] ()
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Run: [GarminExpressTrayApp] => D:\GarminExpress\Garmin\Express Tray\ExpressTray.exe [1400232 2016-07-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\RunOnce: [Uninstall C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\RunOnce: [Uninstall C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\RunOnce: [Uninstall C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => D:\GarminExpress\Garmin\Express Tray\ExpressTray.exe [1400232 2016-07-31] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-01] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-12-08]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{438db259-fafd-4446-a9a3-6612fee28844}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{438db259-fafd-4446-a9a3-6612fee28844}: [DhcpNameServer] 77.234.40.79
Tcpip\..\Interfaces\{7887f3a1-fb37-41cb-87e4-d8fdbce38193}: [DhcpNameServer] 192.168.32.1
Tcpip\..\Interfaces\{ec996c7e-bdc3-40c6-9b57-6ac17fe0f8a1}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-909546686-36640154-3940682474-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-909546686-36640154-3940682474-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-08-09] (Intel Security)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-08-09] (Intel Security)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Office2007\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-02] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-02] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF SearchPlugin: C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default\searchplugins\McSiteAdvisor.xml [2016-03-21]
FF Extension: (Ant Video Downloader) - C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default\extensions\anttoolbar@ant.com [2016-06-29]
FF Extension: (Mailvelope) - C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default\Extensions\jid1-AQqSMBYb0a8ADg@jetpack.xpi [2016-07-08]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-01]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-01] (AVAST Software)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
S2 Garmin Device Interaction Service; D:\GarminExpress\Garmin\Device Interaction Service\GarminService.exe [809488 2016-07-31] (Garmin Ltd. or its subsidiaries)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2016-01-09] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3036312 2016-07-28] (Intel(R) Corporation)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
S3 Microsoft Office Groove Audit Service; D:\Office2007\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2120712 2016-04-30] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-26] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [920616 2016-08-08] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-08-08] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-08-08] (McAfee, Inc.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S2 0104221470950157mcinstcleanup; C:\WINDOWS\TEMP\010422~1.EXE -cleanup -nolog [X]
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
S2 McAfee SiteAdvisor Service; "c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-01] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-01] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-09-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-01] (AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-01] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4317808 2015-07-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-01 15:52 - 2016-09-01 15:55 - 00019512 _____ C:\Users\Artmeiers\Downloads\FRST.txt
2016-09-01 15:52 - 2016-09-01 15:52 - 02397696 _____ (Farbar) C:\Users\Artmeiers\Downloads\FRST64.exe
2016-09-01 15:52 - 2016-09-01 15:52 - 00000000 ____D C:\FRST
2016-09-01 15:33 - 2016-09-01 15:33 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-09-01 15:33 - 2016-09-01 15:33 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-09-01 13:35 - 2016-09-01 16:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-01 13:35 - 2016-09-01 14:02 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\TeamViewer
2016-08-25 18:29 - 2016-08-25 18:29 - 00053848 _____ C:\Users\Artmeiers\Downloads\Seenrunde.gpx
2016-08-10 21:27 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 21:27 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 21:27 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 21:27 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 21:27 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 21:27 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 21:27 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 21:27 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 21:27 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 21:27 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 21:27 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 21:27 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 21:27 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 21:27 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 21:27 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 21:27 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 21:27 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 21:27 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 21:27 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 21:27 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 21:27 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 21:27 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 21:27 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 21:27 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 21:27 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 21:27 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 21:27 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 21:27 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 21:27 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 21:27 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 21:27 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 21:27 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 21:27 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 21:27 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 21:27 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 21:27 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 21:27 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 21:27 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 21:27 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 21:27 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 21:27 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 21:27 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 21:27 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 21:27 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 21:27 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 21:27 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 21:27 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 21:27 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 21:27 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 21:27 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 21:27 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 21:27 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 21:27 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 21:27 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 21:27 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 21:27 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 21:27 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 21:27 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 21:27 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 21:27 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 21:27 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 21:27 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 21:27 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 21:27 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 21:27 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 21:27 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 21:27 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 21:27 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 21:27 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 21:27 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 21:27 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 21:27 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 21:27 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 21:27 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 21:27 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 21:27 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 21:27 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 21:27 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 21:27 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 21:27 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 21:27 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 21:27 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 21:27 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 21:27 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 21:27 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 21:27 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 21:27 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 21:27 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 21:27 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 21:27 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 21:27 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 21:27 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 21:27 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 21:27 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 21:27 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-10 21:27 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 21:26 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 21:26 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 21:26 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 21:26 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 21:26 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 21:26 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 21:26 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 21:26 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 21:26 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 21:26 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 21:26 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 21:26 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 21:26 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 21:26 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 21:26 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 21:26 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 21:26 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 21:26 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 21:26 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 21:26 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 21:26 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 21:26 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 21:26 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 21:26 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 21:26 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 21:26 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 21:26 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 21:26 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 21:26 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 21:26 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 21:26 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 21:26 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 21:26 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-07 10:11 - 2016-08-07 10:11 - 00000224 _____ C:\Users\Artmeiers\Desktop\Artmeier, Michael - Outlook Web App.URL
2016-08-02 16:51 - 2016-08-02 16:51 - 00001692 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2016-08-02 16:51 - 2016-08-02 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-01 16:00 - 2016-05-12 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-01 16:00 - 2016-04-30 00:39 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\vlc
2016-09-01 16:00 - 2016-01-05 13:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-01 16:00 - 2015-10-30 20:44 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-01 16:00 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-09-01 16:00 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-09-01 15:59 - 2016-05-09 19:10 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Microsoft Help
2016-09-01 15:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration
2016-09-01 15:48 - 2016-01-13 15:59 - 00000416 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Artmeiers.job
2016-09-01 15:48 - 2016-01-05 13:36 - 00000165 _____ C:\Users\Artmeiers\AppData\Roaming\sp_data.sys
2016-09-01 15:47 - 2016-06-06 17:43 - 00000000 __RHD C:\MSOCache
2016-09-01 15:46 - 2016-02-21 10:39 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-09-01 15:45 - 2016-01-13 15:59 - 00000416 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Artmeiers.job
2016-09-01 15:44 - 2016-01-05 13:36 - 00000000 __SHD C:\Users\Artmeiers\IntelGraphicsProfiles
2016-09-01 15:43 - 2016-01-14 22:03 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-01 15:40 - 2016-04-18 22:39 - 00004042 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1461011943
2016-09-01 15:40 - 2016-04-18 22:39 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-09-01 15:39 - 2016-01-14 22:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-01 15:38 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-01 15:36 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-01 15:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-01 15:34 - 2016-03-17 01:07 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-09-01 15:33 - 2016-03-17 01:07 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-09-01 15:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 15:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 15:32 - 2016-04-17 17:54 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-09-01 15:32 - 2016-03-17 01:07 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-09-01 15:23 - 2016-06-07 18:59 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-09-01 15:23 - 2016-06-07 18:59 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-09-01 15:19 - 2016-01-13 20:10 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2FD2E94E-3865-46F7-A852-BF16F96D6D95}
2016-09-01 15:14 - 2016-07-10 21:10 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Pro Antivirus.lnk
2016-09-01 15:14 - 2016-07-10 21:10 - 00001969 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2016-09-01 15:14 - 2016-01-14 22:07 - 00000000 ____D C:\Users\Artmeiers
2016-08-30 09:37 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-30 09:37 - 2016-01-14 21:54 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-28 20:56 - 2016-01-06 13:10 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Comms
2016-08-27 23:00 - 2015-08-18 07:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job
2016-08-27 22:57 - 2015-08-18 07:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job
2016-08-25 18:36 - 2015-10-30 20:35 - 00778202 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-25 18:36 - 2015-10-30 20:35 - 00155964 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-25 18:36 - 2015-08-18 07:20 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-19 16:28 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-16 11:43 - 2016-04-16 20:37 - 00000000 ____D C:\Users\Artmeiers\Downloads\Ant Videos
2016-08-15 11:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-13 14:01 - 2016-03-30 15:26 - 00001241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-08-13 14:01 - 2016-03-30 15:07 - 00000000 ____D C:\Program Files\TrueKey
2016-08-11 22:00 - 2015-12-08 13:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 03:32 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 22:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 22:11 - 2016-01-06 12:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 22:04 - 2016-01-06 12:34 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-02 22:09 - 2016-03-30 14:58 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Adobe
2016-08-02 21:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-02 21:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-02 16:53 - 2015-12-08 13:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-02 16:51 - 2016-06-23 23:28 - 00003612 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-01-05 13:36 - 2016-09-01 15:48 - 0000165 _____ () C:\Users\Artmeiers\AppData\Roaming\sp_data.sys
2016-01-14 22:04 - 2016-01-14 22:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Artmeiers\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Artmeiers\AppData\Local\Temp\installerdll1563264203.dll
C:\Users\Artmeiers\AppData\Local\Temp\installerdll1563286453.dll
C:\Users\Artmeiers\AppData\Local\Temp\installerdll1566378296.dll
C:\Users\Artmeiers\AppData\Local\Temp\rootsupd.exe
C:\Users\Artmeiers\AppData\Local\Temp\Setup.exe
C:\Users\Artmeiers\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Artmeiers\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Artmeiers\AppData\Local\Temp\vlc-2.2.4-win32.exe
C:\Users\Artmeiers\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-31 17:49
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von Artmeiers (01-09-2016 15:55:56)
Gestartet von C:\Users\Artmeiers\Downloads
Windows 10 Home Version 1511 (X64) (2016-01-14 20:28:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-909546686-36640154-3940682474-500 - Administrator - Disabled)
Artmeiers (S-1-5-21-909546686-36640154-3940682474-1001 - Administrator - Enabled) => C:\Users\Artmeiers
DefaultAccount (S-1-5-21-909546686-36640154-3940682474-503 - Limited - Disabled)
Gast (S-1-5-21-909546686-36640154-3940682474-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Amazon Amazon Music) (Version: 4.0.0.1205 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.105 - ICEpower a/s)
Avast Pro Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Elevated Installer (x32 Version: 4.1.25.0 - Garmin Ltd or its subsidiaries) Hidden
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
Garmin Express (HKLM-x32\...\{686d881a-083e-4030-80db-52c493bf89d3}) (Version: 4.1.25.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.25.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.25.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.5.146.1 - Intel Security)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mystery Trackers: Paxton Creek Avenger Collector's Edition (HKLM-x32\...\BFG-Mystery Trackers - Paxton Creek Avenger Collectors Edition) (Version: - )
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.6.547 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-909546686-36640154-3940682474-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {06C810E1-DB69-4585-8CF3-8B43CD137D4D} - System32\Tasks\WpsUpdateTask_Artmeiers => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {0DD2D148-BBBF-4F28-B970-B108AF46D69E} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {10780CBC-A993-43AD-AA7F-5AA4E751922B} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-05-16] (AVAST Software)
Task: {123413D6-12C9-4CA1-B62E-D898DA59082D} - System32\Tasks\GarminUpdaterTask => D:\GarminExpress\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-07-31] ()
Task: {161BFB3C-7877-4FF0-9DE3-CA90C2CB3C44} - System32\Tasks\Amazon Music Helper => C:\Users\Artmeiers\AppData\Local\Amazon Music\Amazon Music Helper.exe [2015-12-15] ()
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {1DC6A48B-4AFC-4355-9F2A-AB2C41B95899} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {2B94D7A1-8F78-4CD8-A3AD-79CCED1300B4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {37B3289F-9CFF-4D6F-868D-E809FD26A7E4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-30] (Realtek Semiconductor)
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {4D0D9DA7-5B22-4C82-BD19-611B9ED15758} - System32\Tasks\SafeZone scheduled Autoupdate 1461011943 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {54DDEBB9-A1B3-4B8E-85B7-503F07C58041} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {828E28A8-95FE-4995-901A-71113BCCBD91} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {8781B190-2F9E-4453-B5CA-D1BD04948A44} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {8D9825D5-3B22-4369-B8F6-F7717D7408EE} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {8E549D46-37B8-49A5-98E2-A2D0D9271670} - System32\Tasks\WpsNotifyTask_Artmeiers => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {A78326BD-BBA1-4858-8E63-A41227AB29AF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-01] (AVAST Software)
Task: {BBBEB45A-32AF-4DE3-BB48-DDCF35E97CFA} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {CD473B17-D7EC-4571-BF1C-D67C3E5B2948} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {D0A3F0B3-11A3-4CD7-80E2-A887FE94B532} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-30] (Realtek Semiconductor)
Task: {D17B1B38-35ED-44E7-B676-F4F4F4CA23CF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Artmeiers.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Artmeiers.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-05-19 11:11 - 2015-05-19 11:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-08 14:12 - 2014-04-14 20:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-05-16 13:57 - 2016-05-26 18:26 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-07-13 20:05 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 20:05 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-25 20:54 - 2016-04-25 20:54 - 00959176 _____ () C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-04-19 15:00 - 2016-04-19 15:01 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-09 16:03 - 2016-01-09 16:03 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-01-14 21:50 - 2016-01-14 21:50 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 20:07 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 20:05 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 20:05 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 20:05 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 20:05 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll
2016-09-01 15:33 - 2016-09-01 15:33 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-01 15:15 - 2016-09-01 15:15 - 03017728 _____ () C:\Program Files\AVAST Software\Avast\defs\16090102\algo.dll
2016-09-01 15:33 - 2016-09-01 15:33 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-04-19 15:00 - 2016-04-19 15:01 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 15:00 - 2016-04-19 15:01 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-08-07 03:09 - 2015-08-07 03:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-07-10 21:09 - 2016-07-10 21:09 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:0BFBB93D [132]
AlternateDataStreams: C:\ProgramData\Temp:268A5068 [125]
AlternateDataStreams: C:\ProgramData\Temp:282A4C88 [127]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:6BB32FFE [286]
AlternateDataStreams: C:\ProgramData\Temp:C00AB302 [280]
AlternateDataStreams: C:\ProgramData\Temp:DBC28EB1 [127]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 13:04 - 2016-06-09 07:30 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Artmeiers\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "avast! SecureLine.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0D61E945-27DD-4868-AE1A-190906C3925E}] => (Allow) D:\Winamp\winamp.exe
FirewallRules: [{257C0C75-E4E2-4859-9469-FC57B7324EBC}] => (Allow) D:\Winamp\winamp.exe
FirewallRules: [{DD48E167-C0AE-4EA2-9A8A-5D8ADECC696F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E90B154A-D1A6-4F6D-A67B-8D4DB084DC39}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B5CC28F-52F4-4DBD-BD45-583125E24209}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{9C4E0D54-2648-4A9F-9782-5EE68A8DE557}] => (Allow) D:\Spiele\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{9E71EFB5-8B82-40E9-B104-D09CD59D301C}] => (Allow) D:\Spiele\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{53853710-8F98-49DE-9B80-8DDCC3F02FD9}] => (Allow) D:\Spiele\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{ED9935EE-0616-4F48-94BE-153E53A061E5}] => (Allow) D:\Spiele\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{1A1A37C9-0985-4562-BFAA-4AEC4949F760}] => (Allow) D:\Spiele\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{6AC50427-8B32-44A4-8CD1-E99C306803D1}] => (Allow) D:\Spiele\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{BC7EED60-D4C5-4370-9464-4DE9953A15F4}] => (Allow) D:\Office2007\Office12\outlook.exe
FirewallRules: [{60853862-1159-429D-A647-F3B65E5237E3}] => (Allow) D:\Office2007\Office12\GROOVE.EXE
FirewallRules: [{F606267A-BC8B-4A35-966C-24EB230F4F41}] => (Allow) D:\Office2007\Office12\GROOVE.EXE
FirewallRules: [{2A5AFC06-0443-4408-94CE-990803451297}] => (Allow) D:\Office2007\Office12\ONENOTE.EXE
FirewallRules: [{D7DAFC87-6D09-403B-9FCB-FAFB4752C8AD}] => (Allow) D:\Office2007\Office12\ONENOTE.EXE
FirewallRules: [{55EF4539-CF3D-4206-836D-2CBA7F88F777}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4609F333-661C-4C9E-A86D-3333BAB71037}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EA0DD4B9-9EC0-4612-A658-EB7934A51C85}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BB6CA7DF-1A2A-46FD-8897-ED7A05C30F18}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{664DF271-2F29-4956-9B6A-165BA748A160}] => (Allow) D:\iTunes.exe
==================== Wiederherstellungspunkte =========================
10-08-2016 21:52:40 Windows Update
27-08-2016 23:43:16 Windows Update
01-09-2016 15:31:25 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/01/2016 03:32:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (09/01/2016 03:27:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 47.0.1.6018 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1910
Startzeit: 01d20453d51b4259
Beendigungszeit: 45
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: cd72f62e-7047-11e6-9bfa-2c56dcb80c7e
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (09/01/2016 03:10:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1476) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU00DAB.log.
Error: (09/01/2016 02:01:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/01/2016 01:59:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/01/2016 01:57:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/01/2016 01:55:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/01/2016 01:53:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/01/2016 01:51:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/01/2016 01:49:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (09/01/2016 03:51:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Netzwerkdienst" (SID: S-1-5-20) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
und der APPID
{7006698D-2974-4091-A424-85DD0B909E23}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/01/2016 03:51:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Netzwerkdienst" (SID: S-1-5-20) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{3185A766-B338-11E4-A71E-12E3F512A338}
und der APPID
{7006698D-2974-4091-A424-85DD0B909E23}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/01/2016 03:47:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Manager für heruntergeladene Karten" wurde nicht richtig gestartet.
Error: (09/01/2016 03:44:19 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet.
Error: (09/01/2016 03:40:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (09/01/2016 03:40:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Device Interaction Service erreicht.
Error: (09/01/2016 03:39:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kingsoft_WPS_UpdateService" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (09/01/2016 03:39:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Kingsoft_WPS_UpdateService erreicht.
Error: (09/01/2016 03:39:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (09/01/2016 03:39:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "InstallerService" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity:
===================================
Date: 2016-09-01 15:35:16.107
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-11 21:58:50.572
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-22 17:04:14.707
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-15 16:48:18.905
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 20:24:27.381
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 00:27:20.505
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-17 15:39:16.251
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-17 07:28:10.288
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-16 17:35:33.179
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-26 18:43:37.441
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 4004.71 MB
Verfügbarer physikalischer RAM: 2169.11 MB
Summe virtueller Speicher: 4708.71 MB
Verfügbarer virtueller Speicher: 2924.69 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:303.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:536.8 GB) NTFS
Drive e: (NFS The Run) (CDROM) (Total:6.2 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 78E63199)
Partition: GPT.
==================== Ende von Addition.txt ============================
Geändert von drarti (02.09.2016 um 11:46 Uhr) Grund: Aktualisierung Avast |
|
06.09.2016, 20:07
| #2 |
| | Nachfrage wg. Check nach Microsoft-Anruf Hallo Trojaner-Board-Team,
__________________ist irgendetwas nicht in Ordnung? Habe ich was falsch gemacht? Oder habt ihr mich übersehen? Bitte Info! Danke und viele Grüße, Michael |
|
07.09.2016, 22:00
| #3 |
| /// TB-Ausbilder   | Microsoft Anruf Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Entschuldige bitte, irgendwie wurdest du übersehen, was normal nicht vorkommen sollte.  Zur ersten Analyse bitte nochmal FRST und TDSS-Killer ausführen: Schritt 1
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
08.09.2016, 22:55
| #4 |
| | Microsoft-Anruf Hallo Matthias, kein Ding, kann schon mal vorkommen. Hier die neuen Scans: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von Artmeiers (Administrator) auf DESKTOP-ITK1JJ8 (08-09-2016 23:38:00)
Gestartet von C:\Users\Artmeiers\Desktop
Geladene Profile: Artmeiers (Verfügbare Profile: Artmeiers)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Apple Inc.) D:\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
() C:\Program Files (x86)\bfgclient\bfgclient.exe
() C:\Program Files (x86)\bfgclient\bfgclient.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.11.7293.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11607.1001.51.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
() C:\Program Files (x86)\bfgclient\bfggameservices.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => D:\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-01] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => D:\Office2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Run: [Amazon Music] => C:\Users\Artmeiers\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-12-15] ()
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Run: [GarminExpressTrayApp] => D:\GarminExpress\Garmin\Express Tray\ExpressTray.exe [1400232 2016-07-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-01] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-12-08]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{438db259-fafd-4446-a9a3-6612fee28844}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{7887f3a1-fb37-41cb-87e4-d8fdbce38193}: [DhcpNameServer] 192.168.32.1
Tcpip\..\Interfaces\{ec996c7e-bdc3-40c6-9b57-6ac17fe0f8a1}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-909546686-36640154-3940682474-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-909546686-36640154-3940682474-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-08-09] (Intel Security)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-08-09] (Intel Security)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Office2007\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-02] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-02] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF SearchPlugin: C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default\searchplugins\McSiteAdvisor.xml [2016-03-21]
FF Extension: (Ant Video Downloader) - C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default\extensions\anttoolbar@ant.com [2016-06-29]
FF Extension: (Mailvelope) - C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default\Extensions\jid1-AQqSMBYb0a8ADg@jetpack.xpi [2016-07-08]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-01]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-01] (AVAST Software)
R2 esifsvc; C:\Windows\SysWoW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
S2 Garmin Device Interaction Service; D:\GarminExpress\Garmin\Device Interaction Service\GarminService.exe [809488 2016-07-31] (Garmin Ltd. or its subsidiaries)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3036312 2016-07-28] (Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
S3 Microsoft Office Groove Audit Service; D:\Office2007\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2120712 2016-04-30] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-26] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [920616 2016-08-08] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-08-08] (McAfee, Inc.)
R3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-08-08] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-01] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-01] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-09-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-01] (AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-01] (AVAST Software)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-08 23:38 - 2016-09-08 23:38 - 00018822 _____ C:\Users\Artmeiers\Desktop\FRST.txt
2016-09-08 21:38 - 2016-09-08 21:38 - 00001282 _____ C:\Users\Public\Desktop\More Great Games.lnk
2016-09-08 14:47 - 2016-09-08 14:47 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Foxit Reader
2016-09-08 14:33 - 2016-09-08 14:33 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-08 14:30 - 2016-09-08 14:30 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\PackageStaging
2016-09-08 14:28 - 2016-09-08 20:19 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\ConnectedDevicesPlatform
2016-09-08 14:28 - 2016-09-08 14:28 - 00000020 ___SH C:\Users\Artmeiers\ntuser.ini
2016-09-08 14:28 - 2016-09-08 14:28 - 00000000 ____D C:\ProgramData\USOShared
2016-09-08 14:16 - 2016-09-08 14:03 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-08 14:13 - 2016-09-08 14:13 - 00000000 ____D C:\Windows.old
2016-09-08 14:12 - 2016-09-08 14:12 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-08 14:12 - 2016-09-08 14:12 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-08 14:12 - 2016-09-08 14:12 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-08 14:12 - 2016-09-08 14:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-08 14:12 - 2016-09-08 14:12 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-08 14:12 - 2016-09-08 14:12 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-08 14:12 - 2016-09-08 14:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-08 14:12 - 2016-09-08 14:12 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-08 14:12 - 2016-09-08 14:12 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-08 14:12 - 2016-09-08 14:12 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-08 14:12 - 2016-09-08 14:12 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-08 14:07 - 2016-09-08 14:07 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-08 14:05 - 2016-09-08 14:05 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-08 14:05 - 2016-09-08 14:05 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-08 14:05 - 2016-09-08 14:05 - 00000000 ____D C:\Program Files\MSBuild
2016-09-08 14:05 - 2016-09-08 14:05 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-08 14:05 - 2016-09-08 13:36 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-08 14:04 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-08 14:04 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-08 14:04 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-08 14:04 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-08 14:04 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-08 14:04 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-08 14:03 - 2016-09-08 14:03 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-09-08 13:56 - 2016-09-08 14:02 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-08 13:56 - 2016-09-08 14:02 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-08 13:44 - 2016-09-08 13:45 - 00003316 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2FD2E94E-3865-46F7-A852-BF16F96D6D95}
2016-09-08 13:44 - 2016-09-08 13:45 - 00003000 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_Administrator
2016-09-08 13:44 - 2016-09-08 13:45 - 00003000 _____ C:\WINDOWS\System32\Tasks\WpsNotifyTask_Administrator
2016-09-08 13:44 - 2016-09-08 13:45 - 00002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2016-09-08 13:44 - 2016-09-08 13:45 - 00002896 _____ C:\WINDOWS\System32\Tasks\WpsNotifyTask_Artmeiers
2016-09-08 13:44 - 2016-09-08 13:45 - 00002830 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-09-08 13:44 - 2016-09-08 13:45 - 00002820 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-09-08 13:44 - 2016-09-08 13:44 - 00003390 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1461011943
2016-09-08 13:44 - 2016-09-08 13:44 - 00003158 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-09-08 13:44 - 2016-09-08 13:44 - 00003132 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2016-09-08 13:44 - 2016-09-08 13:44 - 00002968 _____ C:\WINDOWS\System32\Tasks\Update Checker
2016-09-08 13:44 - 2016-09-08 13:44 - 00002896 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_Artmeiers
2016-09-08 13:44 - 2016-09-08 13:44 - 00002862 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-09-08 13:44 - 2016-09-08 13:44 - 00002690 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-09-08 13:44 - 2016-09-08 13:44 - 00002466 _____ C:\WINDOWS\System32\Tasks\Amazon Music Helper
2016-09-08 13:44 - 2016-09-08 13:44 - 00002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2016-09-08 13:44 - 2016-09-08 13:44 - 00002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-09-08 13:44 - 2016-09-08 13:44 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2016-09-08 13:44 - 2016-09-08 13:44 - 00002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2016-09-08 13:44 - 2016-09-08 13:44 - 00002214 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2016-09-08 13:44 - 2016-09-08 13:44 - 00002172 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2016-09-08 13:44 - 2016-09-08 13:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-08 13:44 - 2016-09-08 13:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2016-09-08 13:33 - 2016-09-08 13:33 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-08 13:33 - 2016-09-08 13:33 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-09-08 13:33 - 2016-09-08 13:33 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-09-08 13:28 - 2016-09-08 13:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-08 13:25 - 2016-09-08 20:18 - 00000000 ____D C:\Users\Artmeiers
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Vorlagen
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Startmenü
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Netzwerkumgebung
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Lokale Einstellungen
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Eigene Dateien
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Druckumgebung
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Documents\Eigene Videos
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Documents\Eigene Musik
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Documents\Eigene Bilder
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\AppData\Local\Verlauf
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\AppData\Local\Anwendungsdaten
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Anwendungsdaten
2016-09-08 13:21 - 2016-09-08 20:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-08 13:21 - 2016-09-08 13:21 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-09-08 13:21 - 2016-09-08 13:21 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-09-08 13:21 - 2016-09-08 13:21 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-08 13:21 - 2016-09-08 13:21 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-08 13:21 - 2016-09-08 13:21 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-09-08 13:21 - 2016-09-08 13:21 - 00000000 ____D C:\Program Files\Realtek
2016-09-08 13:21 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-08 13:20 - 2016-09-08 13:28 - 00000000 ____D C:\Program Files\Intel
2016-09-08 13:20 - 2016-09-08 13:20 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2016-09-08 13:20 - 2016-05-27 15:50 - 00104584 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-09-08 13:20 - 2016-05-27 15:50 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-09-08 13:19 - 2016-09-08 13:28 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-08 13:19 - 2016-09-08 13:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2016-09-08 13:18 - 2016-09-08 21:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-08 13:18 - 2016-09-08 13:37 - 00194296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-08 13:18 - 2016-09-08 13:18 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-06 23:23 - 2016-09-08 22:22 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\Elephant Games
2016-09-06 21:58 - 2016-09-07 22:32 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\Eipix
2016-09-06 21:04 - 2016-09-08 20:50 - 00237568 _____ (Big Fish Games) C:\Users\Artmeiers\Downloads\mystery-trackers-train-to-hellswich-ce_s1_l1_gF11534T1L1_d2646484960.exe
2016-09-01 16:24 - 2016-09-08 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-01 16:24 - 2016-09-01 16:24 - 00001390 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files\iPod
2016-09-01 16:23 - 2016-09-01 16:23 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-09-01 15:55 - 2016-09-01 15:56 - 00037054 _____ C:\Users\Artmeiers\Downloads\Addition.txt
2016-09-01 15:52 - 2016-09-08 23:38 - 00000000 ____D C:\FRST
2016-09-01 15:52 - 2016-09-01 15:56 - 00043667 _____ C:\Users\Artmeiers\Downloads\FRST.txt
2016-09-01 15:52 - 2016-09-01 15:52 - 02397696 _____ (Farbar) C:\Users\Artmeiers\Desktop\FRST64.exe
2016-09-01 15:33 - 2016-09-01 15:33 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-09-01 15:33 - 2016-09-01 15:33 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-09-01 13:35 - 2016-09-01 16:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-01 13:35 - 2016-09-01 14:02 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\TeamViewer
2016-08-25 18:29 - 2016-08-25 18:29 - 00053848 _____ C:\Users\Artmeiers\Downloads\Seenrunde.gpx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-08 23:33 - 2015-08-18 07:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-08 23:32 - 2016-01-05 13:36 - 00000165 _____ C:\Users\Artmeiers\AppData\Roaming\sp_data.sys
2016-09-08 23:32 - 2015-12-08 14:08 - 00000000 ____D C:\ProgramData\Temp
2016-09-08 21:03 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-08 20:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-08 20:22 - 2016-01-05 13:36 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Packages
2016-09-08 20:19 - 2016-02-21 10:39 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-09-08 20:18 - 2016-01-05 13:36 - 00000000 __SHD C:\Users\Artmeiers\IntelGraphicsProfiles
2016-09-08 14:35 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-08 14:35 - 2016-01-05 13:40 - 00002393 _____ C:\Users\Artmeiers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-08 14:35 - 2016-01-05 13:40 - 00000000 ___RD C:\Users\Artmeiers\OneDrive
2016-09-08 14:29 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-08 14:28 - 2015-12-08 13:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-08 14:16 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-08 14:13 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-08 14:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-08 14:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-08 14:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-08 14:03 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-09-08 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-08 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-08 13:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-08 13:45 - 2016-01-14 22:20 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-08 13:43 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-08 13:41 - 2016-07-17 00:51 - 00468686 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-08 13:41 - 2016-07-17 00:51 - 00080936 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-08 13:41 - 2015-08-18 07:20 - 01414004 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-08 13:36 - 2016-08-02 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-09-08 13:36 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-08 13:36 - 2016-07-10 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-09-08 13:36 - 2016-05-13 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2016-09-08 13:36 - 2016-05-09 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-09-08 13:36 - 2016-04-09 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-09-08 13:36 - 2016-01-08 01:40 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2016-09-08 13:36 - 2015-12-08 14:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 5
2016-09-08 13:36 - 2015-12-08 14:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2016-09-08 13:36 - 2015-12-08 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-09-08 13:36 - 2015-12-08 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2016-09-08 13:36 - 2015-10-30 20:44 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-08 13:36 - 2015-08-18 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2016-09-08 13:36 - 2015-08-18 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB
2016-09-08 13:36 - 2015-08-18 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-09-08 13:33 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-08 13:33 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-08 13:30 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-09-08 13:30 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-09-08 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-08 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-08 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-08 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-08 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-08 13:28 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-08 13:28 - 2015-12-08 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2016-09-08 13:28 - 2015-08-18 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-09-08 13:24 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-08 13:22 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-08 13:22 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-08 13:22 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-08 02:48 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-08 02:48 - 2016-01-13 15:59 - 00000416 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Artmeiers.job
2016-09-07 23:45 - 2016-01-13 15:59 - 00000416 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Artmeiers.job
2016-09-07 23:00 - 2015-08-18 07:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job
2016-09-07 22:57 - 2015-08-18 07:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job
2016-09-07 00:51 - 2016-04-30 00:39 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\vlc
2016-09-02 19:35 - 2015-08-18 07:27 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-09-01 16:23 - 2016-05-26 14:49 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-01 16:00 - 2016-05-12 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-01 16:00 - 2016-01-05 13:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-01 15:59 - 2016-05-09 19:10 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Microsoft Help
2016-09-01 15:47 - 2016-06-06 17:43 - 00000000 __RHD C:\MSOCache
2016-09-01 15:40 - 2016-04-18 22:39 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-09-01 15:33 - 2016-03-17 01:07 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-09-01 15:32 - 2016-04-17 17:54 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-09-01 15:32 - 2016-03-17 01:07 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-09-01 15:14 - 2016-07-10 21:10 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Pro Antivirus.lnk
2016-09-01 15:14 - 2016-07-10 21:10 - 00001969 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2016-08-28 20:56 - 2016-01-06 13:10 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Comms
2016-08-16 11:43 - 2016-04-16 20:37 - 00000000 ____D C:\Users\Artmeiers\Downloads\Ant Videos
2016-08-13 14:01 - 2016-03-30 15:26 - 00001241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-08-13 14:01 - 2016-03-30 15:07 - 00000000 ____D C:\Program Files\TrueKey
2016-08-10 22:11 - 2016-01-06 12:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 22:04 - 2016-01-06 12:34 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-01-05 13:36 - 2016-09-08 23:32 - 0000165 _____ () C:\Users\Artmeiers\AppData\Roaming\sp_data.sys
2016-09-08 13:21 - 2016-09-08 13:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-08 13:17
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von Artmeiers (08-09-2016 23:39:37)
Gestartet von C:\Users\Artmeiers\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-08 12:03:32)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-909546686-36640154-3940682474-500 - Administrator - Disabled)
Artmeiers (S-1-5-21-909546686-36640154-3940682474-1001 - Administrator - Enabled) => C:\Users\Artmeiers
DefaultAccount (S-1-5-21-909546686-36640154-3940682474-503 - Limited - Disabled)
Gast (S-1-5-21-909546686-36640154-3940682474-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Amazon Amazon Music) (Version: 4.0.0.1205 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.105 - ICEpower a/s)
Avast Pro Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Elevated Installer (x32 Version: 4.1.25.0 - Garmin Ltd or its subsidiaries) Hidden
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
Garmin Express (HKLM-x32\...\{686d881a-083e-4030-80db-52c493bf89d3}) (Version: 4.1.25.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.25.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.25.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.5.146.1 - Intel Security)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.280 - Electronic Arts)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.6.547 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-909546686-36640154-3940682474-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0227A4BE-05FE-4BCC-AD30-F5B032AC7ED9} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {06C810E1-DB69-4585-8CF3-8B43CD137D4D} - System32\Tasks\WpsUpdateTask_Artmeiers => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {0DD2D148-BBBF-4F28-B970-B108AF46D69E} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {10780CBC-A993-43AD-AA7F-5AA4E751922B} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-05-16] (AVAST Software)
Task: {123413D6-12C9-4CA1-B62E-D898DA59082D} - System32\Tasks\GarminUpdaterTask => D:\GarminExpress\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-07-31] ()
Task: {161BFB3C-7877-4FF0-9DE3-CA90C2CB3C44} - System32\Tasks\Amazon Music Helper => C:\Users\Artmeiers\AppData\Local\Amazon Music\Amazon Music Helper.exe [2015-12-15] ()
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {1DC6A48B-4AFC-4355-9F2A-AB2C41B95899} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2015-03-14] (Microsoft Corporation)
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {2B94D7A1-8F78-4CD8-A3AD-79CCED1300B4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {37B3289F-9CFF-4D6F-868D-E809FD26A7E4} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-30] (Realtek Semiconductor)
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {4D0D9DA7-5B22-4C82-BD19-611B9ED15758} - System32\Tasks\SafeZone scheduled Autoupdate 1461011943 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {54DDEBB9-A1B3-4B8E-85B7-503F07C58041} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {673329BB-1073-4DE8-BB50-8B69F4446DBC} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {8781B190-2F9E-4453-B5CA-D1BD04948A44} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {8E549D46-37B8-49A5-98E2-A2D0D9271670} - System32\Tasks\WpsNotifyTask_Artmeiers => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {A78326BD-BBA1-4858-8E63-A41227AB29AF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-01] (AVAST Software)
Task: {BBBEB45A-32AF-4DE3-BB48-DDCF35E97CFA} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {D0A3F0B3-11A3-4CD7-80E2-A887FE94B532} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-30] (Realtek Semiconductor)
Task: {D17B1B38-35ED-44E7-B676-F4F4F4CA23CF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {DB77CD9B-A584-4632-83A3-CFB47BCBE7BB} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Artmeiers.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Artmeiers.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-08 14:12 - 2014-04-14 20:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-05-16 13:57 - 2016-05-26 18:26 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-27 15:50 - 2016-05-27 15:50 - 00402520 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-08 14:35 - 2016-09-08 14:35 - 00959176 _____ () C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-08 15:10 - 2016-09-08 15:12 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-08 15:10 - 2016-09-08 15:12 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-08 15:10 - 2016-09-08 15:12 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-09-08 15:10 - 2016-09-08 15:12 - 00108544 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.Proxies.dll
2014-03-05 23:44 - 2014-03-05 23:44 - 04598048 _____ () C:\Program Files (x86)\bfgclient\bfgclient.exe
2016-06-03 20:42 - 2016-06-03 20:51 - 00173056 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.11.7293.0_x64__8wekyb3d8bbwe\CellNativeClientUniversal.dll
2016-07-04 14:44 - 2016-07-04 14:46 - 04108184 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1606.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-03-15 21:15 - 2016-03-15 21:18 - 03128832 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.11.7293.0_x64__8wekyb3d8bbwe\Avatars.dll
2014-03-05 23:44 - 2014-03-05 23:44 - 00274208 _____ () C:\Program Files (x86)\bfgclient\bfggameservices.exe
2016-09-01 15:33 - 2016-09-01 15:33 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-01 15:33 - 2016-09-01 15:33 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-09-08 22:23 - 2016-09-08 22:23 - 03084464 _____ () C:\Program Files\AVAST Software\Avast\defs\16090802\algo.dll
2015-08-07 03:09 - 2015-08-07 03:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-07-10 21:09 - 2016-07-10 21:09 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-05 23:44 - 2014-03-05 23:44 - 01568032 _____ () C:\Program Files (x86)\bfgclient\bfgcommon.dll
2014-01-14 21:29 - 2014-01-14 21:29 - 00059904 _____ () C:\Program Files (x86)\bfgclient\zlib1.dll
2014-01-14 21:27 - 2014-01-14 21:27 - 28768768 _____ () C:\ProgramData\Big Fish\cef\3.1180.823\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:0BFBB93D [132]
AlternateDataStreams: C:\ProgramData\Temp:268A5068 [125]
AlternateDataStreams: C:\ProgramData\Temp:282A4C88 [127]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:6996950F [147]
AlternateDataStreams: C:\ProgramData\Temp:6BB32FFE [286]
AlternateDataStreams: C:\ProgramData\Temp:898B0A1F [132]
AlternateDataStreams: C:\ProgramData\Temp:9DD01D6C [119]
AlternateDataStreams: C:\ProgramData\Temp:C00AB302 [280]
AlternateDataStreams: C:\ProgramData\Temp:C32ECE41 [244]
AlternateDataStreams: C:\ProgramData\Temp:DBC28EB1 [127]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 13:04 - 2016-06-09 07:30 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Artmeiers\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "avast! SecureLine.lnk"
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E3F330AB-D8E4-4B64-93D1-F6F294B76698}] => (Allow) D:\iTunes.exe
FirewallRules: [{BB6CA7DF-1A2A-46FD-8897-ED7A05C30F18}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EA0DD4B9-9EC0-4612-A658-EB7934A51C85}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4609F333-661C-4C9E-A86D-3333BAB71037}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{55EF4539-CF3D-4206-836D-2CBA7F88F777}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7DAFC87-6D09-403B-9FCB-FAFB4752C8AD}] => (Allow) D:\Office2007\Office12\ONENOTE.EXE
FirewallRules: [{2A5AFC06-0443-4408-94CE-990803451297}] => (Allow) D:\Office2007\Office12\ONENOTE.EXE
FirewallRules: [{F606267A-BC8B-4A35-966C-24EB230F4F41}] => (Allow) D:\Office2007\Office12\GROOVE.EXE
FirewallRules: [{60853862-1159-429D-A647-F3B65E5237E3}] => (Allow) D:\Office2007\Office12\GROOVE.EXE
FirewallRules: [{BC7EED60-D4C5-4370-9464-4DE9953A15F4}] => (Allow) D:\Office2007\Office12\outlook.exe
FirewallRules: [{6AC50427-8B32-44A4-8CD1-E99C306803D1}] => (Allow) D:\Spiele\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{1A1A37C9-0985-4562-BFAA-4AEC4949F760}] => (Allow) D:\Spiele\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{ED9935EE-0616-4F48-94BE-153E53A061E5}] => (Allow) D:\Spiele\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{53853710-8F98-49DE-9B80-8DDCC3F02FD9}] => (Allow) D:\Spiele\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{9E71EFB5-8B82-40E9-B104-D09CD59D301C}] => (Allow) D:\Spiele\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{9C4E0D54-2648-4A9F-9782-5EE68A8DE557}] => (Allow) D:\Spiele\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{2B5CC28F-52F4-4DBD-BD45-583125E24209}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{E90B154A-D1A6-4F6D-A67B-8D4DB084DC39}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD48E167-C0AE-4EA2-9A8A-5D8ADECC696F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{257C0C75-E4E2-4859-9469-FC57B7324EBC}] => (Allow) D:\Winamp\winamp.exe
FirewallRules: [{0D61E945-27DD-4868-AE1A-190906C3925E}] => (Allow) D:\Winamp\winamp.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/08/2016 03:18:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/08/2016 03:13:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/08/2016 03:08:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/08/2016 03:08:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/08/2016 03:02:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/08/2016 02:57:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/08/2016 02:48:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ITK1JJ8)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/08/2016 02:48:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FOXITREADER.EXE, Version: 7.3.6.321, Zeitstempel: 0x56f0c322
Name des fehlerhaften Moduls: FOXITREADER.EXE, Version: 7.3.6.321, Zeitstempel: 0x56f0c322
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0132a46d
ID des fehlerhaften Prozesses: 0x1db4
Startzeit der fehlerhaften Anwendung: 0x01d209cf30bf1012
Pfad der fehlerhaften Anwendung: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXITREADER.EXE
Pfad des fehlerhaften Moduls: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FOXITREADER.EXE
Berichtskennung: 6175ed50-d4b8-4b1c-a167-a8f287f36ff8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/08/2016 02:33:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SearchUI.exe, Version: 10.0.14393.103, Zeitstempel: 0x57b7e3f0
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.82, Zeitstempel: 0x57a55b79
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d68ab
ID des fehlerhaften Prozesses: 0xd4
Startzeit der fehlerhaften Anwendung: 0x01d209cccb27c819
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 229a78f5-08da-4fd6-bf29-f9db4535a90c
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CortanaUI
Error: (09/08/2016 02:19:17 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.
Details:
(HRESULT : 0x80040210) (0x80040210)
Systemfehler:
=============
Error: (09/08/2016 11:36:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ITK1JJ8)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-ITK1JJ8\Artmeiers" (SID: S-1-5-21-909546686-36640154-3940682474-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe" (SID: S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2016 08:18:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2016 08:16:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ITK1JJ8)
Description: Der Server "{D63B10C5-BB46-4990-A94F-E40B9D520160}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2016 08:16:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ITK1JJ8)
Description: Der Server "{D63B10C5-BB46-4990-A94F-E40B9D520160}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2016 08:16:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ITK1JJ8)
Description: Der Server "{D63B10C5-BB46-4990-A94F-E40B9D520160}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2016 08:16:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ITK1JJ8)
Description: Der Server "{D63B10C5-BB46-4990-A94F-E40B9D520160}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2016 08:16:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ITK1JJ8)
Description: Der Server "{D63B10C5-BB46-4990-A94F-E40B9D520160}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2016 05:42:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{4EDD6725-7003-4120-A0BB-BBDEBA704FB7}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2016 05:42:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2016 02:36:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
Code: 8 0x0 0x0
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 4004.71 MB
Verfügbarer physikalischer RAM: 2107.65 MB
Summe virtueller Speicher: 5412.71 MB
Verfügbarer virtueller Speicher: 3263.45 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:295.88 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:536.8 GB) NTFS
Drive e: (NFS The Run) (CDROM) (Total:6.2 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 78E63199)
Partition: GPT.
==================== Ende von Addition.txt ===========================
|
|
08.09.2016, 23:03
| #5 |
| | Microsoft Anruf TDSS in zwei Teilen, hoffentlich an der richtigen Stelle geschnitten. Teil 1 Code:
ATTFilter 23:49:10.0660 0x0638 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
23:49:10.0660 0x0638 UEFI system
23:49:16.0288 0x0638 ============================================================
23:49:16.0288 0x0638 Current date / time: 2016/09/08 23:49:16.0288
23:49:16.0289 0x0638 SystemInfo:
23:49:16.0289 0x0638
23:49:16.0289 0x0638 OS Version: 10.0.14393 ServicePack: 0.0
23:49:16.0289 0x0638 Product type: Workstation
23:49:16.0289 0x0638 ComputerName: DESKTOP-ITK1JJ8
23:49:16.0289 0x0638 UserName: Artmeiers
23:49:16.0289 0x0638 Windows directory: C:\WINDOWS
23:49:16.0289 0x0638 System windows directory: C:\WINDOWS
23:49:16.0289 0x0638 Running under WOW64
23:49:16.0289 0x0638 Processor architecture: Intel x64
23:49:16.0289 0x0638 Number of processors: 4
23:49:16.0289 0x0638 Page size: 0x1000
23:49:16.0289 0x0638 Boot type: Normal boot
23:49:16.0289 0x0638 CodeIntegrityOptions = 0x00000001
23:49:16.0289 0x0638 ============================================================
23:49:16.0722 0x0638 KLMD registered as C:\WINDOWS\system32\drivers\62931208.sys
23:49:16.0723 0x0638 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.103, osProperties = 0x19
23:49:17.0218 0x0638 System UUID: {3ED8FEDD-2CEF-E9C5-3199-92AB7151676C}
23:49:18.0144 0x0638 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:49:18.0162 0x0638 ============================================================
23:49:18.0162 0x0638 \Device\Harddisk0\DR0:
23:49:18.0162 0x0638 GPT partitions:
23:49:18.0162 0x0638 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {DEBAFDFB-9C65-4B25-B26B-6ACF88B5F870}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
23:49:18.0163 0x0638 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FBD7990C-5870-4193-953A-C92624499859}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
23:49:18.0163 0x0638 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {182D6847-6EC3-4436-B88F-EC2A8898406A}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x2E7B2000
23:49:18.0163 0x0638 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A6E37430-CD4B-46DF-96FA-FEF2CAB81952}, Name: Basic data partition, StartLBA 0x2E83C800, BlocksNum 0xF9800
23:49:18.0163 0x0638 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3482773C-887C-488D-9D77-CE6704C091EE}, Name: Basic data partition, StartLBA 0x2E936000, BlocksNum 0x45DD0800
23:49:18.0163 0x0638 MBR partitions:
23:49:18.0163 0x0638 ============================================================
23:49:18.0192 0x0638 C: <-> \Device\Harddisk0\DR0\Partition3
23:49:18.0235 0x0638 D: <-> \Device\Harddisk0\DR0\Partition5
23:49:18.0236 0x0638 ============================================================
23:49:18.0236 0x0638 Initialize success
23:49:18.0236 0x0638 ============================================================
23:49:59.0117 0x2164 ============================================================
23:49:59.0117 0x2164 Scan started
23:49:59.0117 0x2164 Mode: Manual; SigCheck; TDLFS;
23:49:59.0117 0x2164 ============================================================
23:49:59.0117 0x2164 KSN ping started
23:49:59.0360 0x2164 KSN ping finished: true
23:50:03.0031 0x2164 ================ Scan system memory ========================
23:50:03.0031 0x2164 System memory - ok
23:50:03.0032 0x2164 ================ Scan services =============================
23:50:03.0232 0x2164 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
23:50:03.0402 0x2164 1394ohci - ok
23:50:03.0454 0x2164 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
23:50:03.0522 0x2164 3ware - ok
23:50:03.0586 0x2164 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
23:50:03.0692 0x2164 ACPI - ok
23:50:03.0731 0x2164 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
23:50:03.0805 0x2164 AcpiDev - ok
23:50:03.0832 0x2164 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
23:50:03.0900 0x2164 acpiex - ok
23:50:03.0905 0x2164 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
23:50:03.0950 0x2164 acpipagr - ok
23:50:03.0982 0x2164 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
23:50:04.0052 0x2164 AcpiPmi - ok
23:50:04.0073 0x2164 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
23:50:04.0148 0x2164 acpitime - ok
23:50:04.0227 0x2164 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:50:04.0323 0x2164 ADP80XX - ok
23:50:04.0364 0x2164 [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD C:\WINDOWS\system32\drivers\afd.sys
23:50:04.0473 0x2164 AFD - ok
23:50:04.0504 0x2164 [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:50:04.0563 0x2164 ahcache - ok
23:50:04.0593 0x2164 [ 50910888109FA9C041D9256541BE70EC, 3E907506E386423DBD8DDCB36FDCE4F2FC2F90A522B24BEF60B8ED05F5A3BD0F ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys
23:50:04.0648 0x2164 AiCharger - ok
23:50:04.0696 0x2164 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
23:50:04.0740 0x2164 AJRouter - ok
23:50:04.0970 0x2164 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
23:50:05.0015 0x2164 ALG - ok
23:50:05.0054 0x2164 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
23:50:05.0148 0x2164 AmdK8 - ok
23:50:05.0174 0x2164 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
23:50:05.0229 0x2164 AmdPPM - ok
23:50:05.0248 0x2164 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
23:50:05.0322 0x2164 amdsata - ok
23:50:05.0356 0x2164 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
23:50:05.0431 0x2164 amdsbs - ok
23:50:05.0442 0x2164 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
23:50:05.0502 0x2164 amdxata - ok
23:50:05.0545 0x2164 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
23:50:05.0606 0x2164 AppID - ok
23:50:05.0655 0x2164 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
23:50:05.0706 0x2164 AppIDSvc - ok
23:50:05.0728 0x2164 [ 008E4CCA7A4B33042276061E0A5B8244, DAD980540B564EFA06760435AF1B3213056E6DE8B2A55DF98E7D871625D4B080 ] Appinfo C:\WINDOWS\System32\appinfo.dll
23:50:05.0756 0x2164 Appinfo - ok
23:50:05.0848 0x2164 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:50:05.0878 0x2164 Apple Mobile Device Service - ok
23:50:05.0892 0x2164 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
23:50:05.0958 0x2164 applockerfltr - ok
23:50:06.0026 0x2164 [ 41BF82B41BD24BAC9D9890DAC3212007, 0644BEE740244188B3D39F875D313B560D288B7FC33064E352C2A5F09073E361 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
23:50:06.0074 0x2164 AppReadiness - ok
23:50:06.0208 0x2164 [ 1212D65C0B8757ACF1201785B3BD4CDC, 7FDB781ED2DEB296371E7ACFC2A34DDB5A7742A2883C486E465C1D4617D9EC80 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
23:50:06.0329 0x2164 AppXSvc - ok
23:50:06.0358 0x2164 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
23:50:06.0431 0x2164 arcsas - ok
23:50:06.0531 0x2164 [ 16829ED03B336F1B09DE2D6939B39778, D3FBE494537B2CB6D66E6A15B0F73C22CEFD3D8702256B5B5FA5F99E3EF821B6 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
23:50:06.0561 0x2164 ASLDRService - ok
23:50:06.0591 0x2164 [ 116DD55EEF8843D7C526EB17A932822F, 003326A58256A5BF9912A0B4F6F39295C2909596B33C3837A0C85C7BA7523E14 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
23:50:06.0619 0x2164 ASMMAP64 - ok
23:50:06.0654 0x2164 [ 53D6A8E4BAA773E1E628EF3A68413CD2, 84A64C26028B4E490EF941C163911DE5093AF5874584A479AAB80758242174A6 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
23:50:06.0672 0x2164 Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )
23:50:07.0046 0x2164 Detect skipped due to KSN trusted
23:50:07.0046 0x2164 Asus WebStorage Windows Service - ok
23:50:07.0105 0x2164 [ 36D09B8F7ABFA3C6BE5A9101F8B6A6E5, 0A5C36D146D73707DCDA263EF96063C63E5B32591EC0C9D781422F729E554D3A ] ASUSGiftBoxDekstop C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
23:50:07.0131 0x2164 ASUSGiftBoxDekstop - ok
23:50:07.0161 0x2164 [ 9B480B472D6826E7257C90E2D0EE2954, C52C198602D180011A9345AE6F108EC4B1FD91234AF2E6296B2E39C1888B0D4D ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
23:50:07.0230 0x2164 aswHwid - ok
23:50:07.0250 0x2164 [ 06362BBA1347CBA0996F4B39BB1D8353, 0C6B7B085F13FB7C71E2AF481CD216C6ACB63577DC7E2793182F734378C141DA ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
23:50:07.0291 0x2164 aswKbd - ok
23:50:07.0317 0x2164 [ 1BB00571CC2C78463ABD7E9C32970758, BF523468754CB1628D66F28B06FAF7C545C5724801B04888517A2FB4BF9582BF ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
23:50:07.0362 0x2164 aswMonFlt - ok
23:50:07.0369 0x2164 [ 7010B57D708DA5C9686A5923EE621776, 5A554B8941C156EC341C602F34679A7475802B19EE6A99AA29AE2628A123ECB1 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
23:50:07.0422 0x2164 aswRdr - ok
23:50:07.0434 0x2164 [ 937885085BFE5BD08EC1BC0245DD203B, 6DDD89245EEA3B8106C5F2EB6FA8CF525F3B42AA7032276DE78953E06FE7F4B4 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
23:50:07.0479 0x2164 aswRvrt - ok
23:50:07.0550 0x2164 [ 0589C00EB56A5BEEFE7F1496CD5184FE, 2728E481A610F1FA023D1BBA3E9CC48443213675E6C4A42E084B4851956B742C ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
23:50:07.0677 0x2164 aswSnx - ok
23:50:07.0713 0x2164 [ 89D228621266365F1D82D73BA48A9D0E, E61E0C61FACDA48801BF8CDF14523C0B1B21B2920B3CF2CCC4212B12548971C8 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
23:50:07.0769 0x2164 aswSP - ok
23:50:07.0796 0x2164 [ 9C58B6E9663D0A76D00D83E43C765BDF, 3F474932E77318CD450A3A9C89667D2B26A7E3FAB9AA95D97FF3B1979623A7F2 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
23:50:07.0812 0x2164 aswStm - ok
23:50:07.0836 0x2164 [ E4ABC023E251D2BB6B98C9FCAF5CF16D, 2A94320A3EF16E641B693BF6EABABB57C891B914B00F73ACD7ADB8CA5089EC40 ] aswTap C:\WINDOWS\System32\drivers\aswTap.sys
23:50:07.0890 0x2164 aswTap - ok
23:50:07.0943 0x2164 [ 3267ED11A7EE6CA7F30505197B9FEC85, 474B10F03F991FEFC5FDE512F1EA73FE903D2F145393F1EB3E2D5CC9E44E6F3E ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
23:50:08.0028 0x2164 aswVmm - ok
23:50:08.0054 0x2164 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
23:50:08.0119 0x2164 AsyncMac - ok
23:50:08.0155 0x2164 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
23:50:08.0219 0x2164 atapi - ok
23:50:08.0385 0x2164 [ 835E2C1A3D32492E2B90BD4FE5527CB6, DE129E570C85EE8AAE8084B40F4E32766B4B789A2EED81E46311712B0826053D ] athr C:\WINDOWS\System32\drivers\athw8x.sys
23:50:08.0680 0x2164 athr - ok
23:50:08.0713 0x2164 [ 89810E9E27C8BB0AFB01814523A76347, A85B817A16096730D8559FD5D5597CA1A9FA3F192FF83885840089AE8F7C9EF5 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
23:50:08.0726 0x2164 ATKGFNEXSrv - ok
23:50:08.0739 0x2164 [ 0E717D7FED23731863EC44B4031DC268, A6F98FE201320FE3FF041768E426008C86B15BA7593EA04B1AC71B6FAE837A1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
23:50:08.0781 0x2164 ATKWMIACPIIO - ok
23:50:08.0818 0x2164 [ F71DEAB9297A5E4E35A08D7544C9E748, 2C685094B36F607173F8B089B0C31C31C806DBD10125EA55075301D4C9B0AC44 ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
23:50:08.0856 0x2164 ATP - ok
23:50:08.0929 0x2164 [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:50:08.0970 0x2164 AudioEndpointBuilder - ok
23:50:09.0038 0x2164 [ FDD11F6C771FC6FD5EAE7D2D7502D39A, 4E75EA7BB36D2FACF71DEDFC604E1A618978273448D16FCAFE98D244642E9EAD ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
23:50:09.0102 0x2164 Audiosrv - ok
23:50:09.0204 0x2164 [ F4E0580B5789474385E7ACB189C4AF2C, DB5BE2C852AC102AB8EB186362E582E250B843BA52B3B71AF08A5FDA8A6F91AF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:50:09.0231 0x2164 avast! Antivirus - ok
23:50:09.0293 0x2164 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
23:50:09.0328 0x2164 AxInstSV - ok
23:50:09.0392 0x2164 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
23:50:09.0431 0x2164 b06bdrv - ok
23:50:09.0451 0x2164 [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:50:09.0539 0x2164 BasicDisplay - ok
23:50:09.0552 0x2164 [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
23:50:09.0658 0x2164 BasicRender - ok
23:50:09.0688 0x2164 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
23:50:09.0725 0x2164 bcmfn - ok
23:50:09.0746 0x2164 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
23:50:09.0786 0x2164 bcmfn2 - ok
23:50:09.0858 0x2164 [ D4EFDA0D56429018281F8F3188E6F86C, 020B861338BAF8E2A861CA1D2D22640CCD39BA84F18260F9862F7E3AC5014985 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
23:50:09.0900 0x2164 BDESVC - ok
23:50:09.0948 0x2164 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:50:10.0065 0x2164 Beep - ok
23:50:10.0130 0x2164 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
23:50:10.0190 0x2164 BFE - ok
23:50:10.0455 0x2164 [ BC27BF1FCD63540A194E549FB80C9C8D, E0D698201AC00BA8A8D8E2B19FAAB6DD0488E837EDB011943ACAD5E72EF281DA ] BITS C:\WINDOWS\System32\qmgr.dll
23:50:10.0526 0x2164 BITS - ok
23:50:10.0592 0x2164 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:50:10.0621 0x2164 Bonjour Service - ok
23:50:10.0645 0x2164 [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
23:50:10.0704 0x2164 bowser - ok
23:50:10.0775 0x2164 [ 78C35DD7CF780428650B1EE9B0F8D41E, C5A3111383CD9813A4ED33E244E20E2E0607CDEFC5BF00A760F63DAD019EE90E ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:50:10.0831 0x2164 BrokerInfrastructure - ok
23:50:10.0870 0x2164 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll
23:50:10.0894 0x2164 Browser - ok
23:50:10.0938 0x2164 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:50:11.0020 0x2164 BthAvrcpTg - ok
23:50:11.0032 0x2164 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
23:50:11.0120 0x2164 BthHFEnum - ok
23:50:11.0129 0x2164 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
23:50:11.0194 0x2164 bthhfhid - ok
23:50:11.0242 0x2164 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
23:50:11.0279 0x2164 BthHFSrv - ok
23:50:11.0286 0x2164 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
23:50:11.0323 0x2164 BTHMODEM - ok
23:50:11.0357 0x2164 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\WINDOWS\system32\bthserv.dll
23:50:11.0383 0x2164 bthserv - ok
23:50:11.0426 0x2164 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
23:50:11.0478 0x2164 buttonconverter - ok
23:50:11.0498 0x2164 [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
23:50:11.0569 0x2164 CapImg - ok
23:50:11.0588 0x2164 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:50:11.0655 0x2164 cdfs - ok
23:50:11.0722 0x2164 [ 7AD576CF28F1E7AEFC3D6E8279DF84F6, 1F7E26F9354B543881E940F5183086AC00684CDC0AB7A797E1F0AB21C4AD8716 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
23:50:11.0766 0x2164 CDPSvc - ok
23:50:11.0802 0x2164 [ 0415CA08674F64D63329CB51D4004685, 12F3AB9A263F2E131F4969E6CED2AE6DD7AF06C10AF02923256FF4C9E34698BF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
23:50:11.0840 0x2164 CDPUserSvc - ok
23:50:11.0918 0x2164 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
23:50:11.0971 0x2164 cdrom - ok
23:50:12.0002 0x2164 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
23:50:12.0032 0x2164 CertPropSvc - ok
23:50:12.0055 0x2164 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
23:50:12.0130 0x2164 cht4iscsi - ok
23:50:12.0244 0x2164 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
23:50:12.0334 0x2164 cht4vbd - ok
23:50:12.0375 0x2164 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
23:50:12.0396 0x2164 circlass - ok
23:50:12.0437 0x2164 [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
23:50:12.0503 0x2164 CLFS - ok
23:50:12.0571 0x2164 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
23:50:12.0613 0x2164 ClipSVC - ok
23:50:12.0654 0x2164 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
23:50:12.0703 0x2164 clreg - ok
23:50:12.0735 0x2164 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
23:50:12.0832 0x2164 CmBatt - ok
23:50:12.0912 0x2164 [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG C:\WINDOWS\system32\Drivers\cng.sys
23:50:13.0020 0x2164 CNG - ok
23:50:13.0064 0x2164 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
23:50:13.0129 0x2164 cnghwassist - ok
23:50:13.0214 0x2164 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
23:50:13.0279 0x2164 CompositeBus - ok
23:50:13.0284 0x2164 COMSysApp - ok
23:50:13.0306 0x2164 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
23:50:13.0357 0x2164 condrv - ok
23:50:13.0416 0x2164 [ 9CE94A05A5BA6A92013CAD1B924B1EC2, 19ECE2C607BAE5DCE7ED4AB46722E63EF834B219716F3A90AF661C02B58088C4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
23:50:13.0460 0x2164 CoreMessagingRegistrar - ok
23:50:13.0543 0x2164 [ 00431929A879841E642A626DBD8311C6, E77C3CE24DA8748F96A0F6F8E410BAC484A6393EC969EF30D79E0D71FF36967A ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
23:50:13.0570 0x2164 cphs - ok
23:50:13.0611 0x2164 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
23:50:13.0636 0x2164 CryptSvc - ok
23:50:13.0684 0x2164 [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam C:\WINDOWS\system32\drivers\dam.sys
23:50:13.0734 0x2164 dam - ok
23:50:13.0791 0x2164 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:50:13.0855 0x2164 DcomLaunch - ok
23:50:13.0895 0x2164 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
23:50:13.0930 0x2164 DcpSvc - ok
23:50:13.0978 0x2164 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
23:50:14.0027 0x2164 defragsvc - ok
23:50:14.0074 0x2164 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:50:14.0113 0x2164 DeviceAssociationService - ok
23:50:14.0153 0x2164 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
23:50:14.0187 0x2164 DeviceInstall - ok
23:50:14.0224 0x2164 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
23:50:14.0245 0x2164 DevQueryBroker - ok
23:50:14.0275 0x2164 [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
23:50:14.0333 0x2164 Dfsc - ok
23:50:14.0373 0x2164 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
23:50:14.0410 0x2164 Dhcp - ok
23:50:14.0461 0x2164 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
23:50:14.0492 0x2164 diagnosticshub.standardcollector.service - ok
23:50:14.0576 0x2164 [ 6079A6F6406C4FFB552F66384F25F919, 8B38645F1F4A8F72DF18373EDCD3828DDF8D4E2A406E42E654F21C0C1A5EB661 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
23:50:14.0688 0x2164 DiagTrack - ok
23:50:14.0718 0x2164 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
23:50:14.0790 0x2164 disk - ok
23:50:14.0847 0x2164 [ 53757B27986CDC970725FAE35F45CA11, 3B332C2FBD502BAD959DDD65C86FEAFA78DFDDF6405F130F2F26A8AF9424E21B ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
23:50:14.0899 0x2164 DmEnrollmentSvc - ok
23:50:14.0915 0x2164 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
23:50:14.0963 0x2164 dmvsc - ok
23:50:15.0006 0x2164 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
23:50:15.0048 0x2164 dmwappushservice - ok
23:50:15.0083 0x2164 [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:50:15.0115 0x2164 Dnscache - ok
23:50:15.0145 0x2164 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
23:50:15.0176 0x2164 dot3svc - ok
23:50:15.0211 0x2164 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
23:50:15.0239 0x2164 DPS - ok
23:50:15.0276 0x2164 [ C1283B0BEE35F9AF3511E0EBA71F311C, 542D560B654EA4E4708837231A4A967FB4DF5CDB190B7D763E92B1F6FCB255B4 ] dptf_cpu C:\WINDOWS\System32\drivers\dptf_cpu.sys
23:50:15.0323 0x2164 dptf_cpu - ok
23:50:15.0357 0x2164 [ DB81D7A6BD9B191A09199D534E8BBEAB, 2AD2453C6FC2AB82BC91007F3E757D76E9EC310F788A29F649A030F4B45C338A ] dptf_pch C:\WINDOWS\System32\drivers\dptf_pch.sys
23:50:15.0381 0x2164 dptf_pch - ok
23:50:15.0400 0x2164 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
23:50:15.0444 0x2164 drmkaud - ok
23:50:15.0491 0x2164 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
23:50:15.0532 0x2164 DsmSvc - ok
23:50:15.0663 0x2164 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
23:50:15.0707 0x2164 DsSvc - ok
23:50:15.0811 0x2164 [ A39F5D1A0BB032DDDBAD3A0C050B1049, BDA669BCF60EFB17A539CE8474613B0AC69E9976F6C3080ED325B9EA4D8C0AF5 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:50:15.0954 0x2164 DXGKrnl - ok
23:50:15.0994 0x2164 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:50:16.0027 0x2164 EapHost - ok
23:50:16.0196 0x2164 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
23:50:16.0602 0x2164 ebdrv - ok
23:50:16.0636 0x2164 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] EFS C:\WINDOWS\System32\lsass.exe
23:50:16.0665 0x2164 EFS - ok
23:50:16.0707 0x2164 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
23:50:16.0765 0x2164 EhStorClass - ok
23:50:16.0789 0x2164 [ 4D49B99DCACA1FC782A94DB596246504, 878B27A128093640830AB4C78973E1D896CF3AA918FA24FAB1029F0C9D1CB98B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:50:16.0836 0x2164 EhStorTcgDrv - ok
23:50:16.0870 0x2164 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
23:50:16.0910 0x2164 embeddedmode - ok
23:50:16.0935 0x2164 [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
23:50:16.0975 0x2164 EntAppSvc - ok
23:50:16.0987 0x2164 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
23:50:17.0050 0x2164 ErrDev - ok
23:50:17.0146 0x2164 [ 8A00CC653B8F02503C250FC1B9475807, 496517DD9E0BFFE03701E813EB7732578482ABA808771BE7889A27E1E2FEB647 ] esifsvc C:\WINDOWS\SysWoW64\esif_uf.exe
23:50:17.0206 0x2164 esifsvc - ok
23:50:17.0232 0x2164 [ 99984B5D3378F8236F3A85E51ACEDD16, 73EE5B93C27C09F15BBAEADC8A293CB14FDD1E3DC65DDC0C665549D71F307D33 ] esif_lf C:\WINDOWS\system32\DRIVERS\esif_lf.sys
23:50:17.0265 0x2164 esif_lf - ok
23:50:17.0333 0x2164 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
23:50:17.0388 0x2164 EventSystem - ok
23:50:17.0431 0x2164 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
23:50:17.0507 0x2164 exfat - ok
23:50:17.0543 0x2164 [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
23:50:17.0597 0x2164 fastfat - ok
23:50:17.0649 0x2164 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe
23:50:17.0698 0x2164 Fax - ok
23:50:17.0712 0x2164 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
23:50:17.0777 0x2164 fdc - ok
23:50:17.0808 0x2164 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
23:50:17.0846 0x2164 fdPHost - ok
23:50:17.0878 0x2164 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
23:50:17.0904 0x2164 FDResPub - ok
23:50:17.0960 0x2164 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
23:50:18.0001 0x2164 fhsvc - ok
23:50:18.0029 0x2164 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
23:50:18.0072 0x2164 FileCrypt - ok
23:50:18.0099 0x2164 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
23:50:18.0165 0x2164 FileInfo - ok
23:50:18.0188 0x2164 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
23:50:18.0241 0x2164 Filetrace - ok
23:50:18.0256 0x2164 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
23:50:18.0297 0x2164 flpydisk - ok
23:50:18.0347 0x2164 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:50:18.0443 0x2164 FltMgr - ok
23:50:18.0564 0x2164 [ 289EFA0470B308F01BAF955DE81E0682, F88081AD427BD90B3085A07439D1BDBB4966A898D49B0ABEFF7829D68BE532A5 ] FontCache C:\WINDOWS\system32\FntCache.dll
23:50:18.0667 0x2164 FontCache - ok
23:50:18.0763 0x2164 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:50:18.0790 0x2164 FontCache3.0.0.0 - ok
23:50:18.0871 0x2164 [ AF0811F38B56B57B3FF53F14E04AA1B0, 45DC6775762E4E9216DAF3914A3C99C536BFF96E1CF8577FC4B5758248D1D043 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
23:50:18.0928 0x2164 FrameServer - ok
23:50:18.0945 0x2164 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
23:50:19.0023 0x2164 FsDepends - ok
23:50:19.0040 0x2164 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:50:19.0086 0x2164 Fs_Rec - ok
23:50:19.0108 0x2164 [ B719EAA1EC93586955B013BD7DD61356, 0D0D94CF33322EEC0AD08835D0314E578F9687F361CD436A2073A4D2C0D56C86 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:50:19.0192 0x2164 fvevol - ok
23:50:19.0284 0x2164 [ D32DCD05E383D673F31FEB4442A52AA5, D0B529ACD196A8B50172584569CC7FB5D98F2CCC51C4EA141603F5ECCA084501 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
23:50:19.0309 0x2164 GamesAppIntegrationService - ok
23:50:19.0335 0x2164 [ C23410A44ADDF0E1A9B4BA42A5DD5EA7, 384382D16D09A17E29D8348E1CF8DD7E377607DB3472AB8888EF8E83671B772C ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
23:50:19.0352 0x2164 GamesAppService - ok
23:50:19.0463 0x2164 [ AF9BAE4951574DC4EA289A19EB24B2A0, 9DB76FDE3A594F2233849AACFD76D695A2E81997222D30C18EA62AA2C1C2D910 ] Garmin Device Interaction Service D:\GarminExpress\Garmin\Device Interaction Service\GarminService.exe
23:50:19.0502 0x2164 Garmin Device Interaction Service - ok
23:50:19.0529 0x2164 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
23:50:19.0613 0x2164 gencounter - ok
23:50:19.0642 0x2164 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
23:50:19.0665 0x2164 genericusbfn - ok
23:50:19.0709 0x2164 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:50:19.0760 0x2164 GPIOClx0101 - ok
23:50:19.0823 0x2164 [ C9316C91895057669386E620C89580E5, 5C7BF2C890E77AE3D401BB1F9F76B42D8A0ECD98118F17929FCD4097C768D90A ] gpsvc C:\WINDOWS\System32\gpsvc.dll
23:50:19.0903 0x2164 gpsvc - ok
23:50:19.0936 0x2164 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
23:50:19.0975 0x2164 GpuEnergyDrv - ok
23:50:20.0004 0x2164 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
23:50:20.0074 0x2164 HDAudBus - ok
23:50:20.0103 0x2164 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
23:50:20.0166 0x2164 HidBatt - ok
23:50:20.0186 0x2164 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
23:50:20.0219 0x2164 HidBth - ok
23:50:20.0241 0x2164 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
23:50:20.0318 0x2164 hidi2c - ok
23:50:20.0362 0x2164 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
23:50:20.0423 0x2164 hidinterrupt - ok
23:50:20.0441 0x2164 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
23:50:20.0482 0x2164 HidIr - ok
23:50:20.0516 0x2164 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
23:50:20.0540 0x2164 hidserv - ok
23:50:20.0572 0x2164 [ 38DA94B6DD8022DA43810E4328608E54, ACE0A36143FF37BC42F136DB7317028540D1C0F21A5FD13F67E1A3DB2426A5EA ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
23:50:20.0630 0x2164 HIDSwitch - ok
23:50:20.0663 0x2164 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
23:50:20.0719 0x2164 HidUsb - ok
23:50:20.0746 0x2164 [ 44D54C8356588525D7AD0FDCFDDA0811, 46963ADBF14FA8A9B0E6564106ADEA49BBD4EBD9E43DF389CCD31F9B9BD080D9 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:50:20.0778 0x2164 HomeGroupListener - ok
23:50:20.0880 0x2164 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:50:20.0923 0x2164 HomeGroupProvider - ok
23:50:20.0960 0x2164 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
23:50:21.0038 0x2164 HpSAMD - ok
23:50:21.0125 0x2164 [ 65E358D604267CBAACB74A2598BBE22B, A645E48641D638A58789B7948FC3DD5072179C0919B546A6DB08094FA9321A30 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
23:50:21.0216 0x2164 HTTP - ok
23:50:21.0250 0x2164 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
23:50:21.0273 0x2164 HvHost - ok
23:50:21.0301 0x2164 [ 9B6C35343348CC1B5E9D81F0702A3271, DB25C9FA14A197568B1023A40A83348CE14C9C118854B83372C6D2AE3C323156 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
23:50:21.0353 0x2164 hvservice - ok
23:50:21.0364 0x2164 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
23:50:21.0417 0x2164 hwpolicy - ok
23:50:21.0436 0x2164 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
23:50:21.0481 0x2164 hyperkbd - ok
23:50:21.0517 0x2164 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
23:50:21.0592 0x2164 i8042prt - ok
23:50:21.0617 0x2164 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
23:50:21.0669 0x2164 iagpio - ok
23:50:21.0687 0x2164 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
23:50:21.0734 0x2164 iai2c - ok
23:50:21.0768 0x2164 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
23:50:21.0798 0x2164 iaLPSS2i_GPIO2 - ok
23:50:21.0829 0x2164 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
23:50:21.0847 0x2164 iaLPSS2i_I2C - ok
23:50:21.0866 0x2164 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:50:21.0930 0x2164 iaLPSSi_GPIO - ok
23:50:21.0955 0x2164 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:50:21.0982 0x2164 iaLPSSi_I2C - ok
23:50:22.0068 0x2164 [ 5F6CA62BE8ECC4D0E1F5D4D4A02B456B, F720A1F14C9053D24C5B42827E5F9578A27F3E62A6C65A3CFA068E580F02F072 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
23:50:22.0218 0x2164 iaStorA - ok
23:50:22.0271 0x2164 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
23:50:22.0345 0x2164 iaStorAV - ok
23:50:22.0387 0x2164 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
23:50:22.0446 0x2164 iaStorV - ok
23:50:22.0483 0x2164 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
23:50:22.0547 0x2164 ibbus - ok
23:50:22.0587 0x2164 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
23:50:22.0635 0x2164 icssvc - ok
23:50:22.0944 0x2164 [ DCADFA880DF77BB103F7A034A4B33577, 4AA267EE18104AEBA40A98A1D2DE2E10F1BB84F6FB4C5496600A45C072E18EC9 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
23:50:23.0191 0x2164 igfx - ok
23:50:23.0267 0x2164 [ E1C55B9A0BC573F95CBB0FE981C390D2, C19BAB0E55DD23F0CC106D73DAA1154D359D8033E065832E41B9D710E241FCF0 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
23:50:23.0299 0x2164 igfxCUIService2.0.0.0 - ok
23:50:23.0354 0x2164 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
23:50:23.0416 0x2164 IKEEXT - ok
23:50:23.0437 0x2164 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
23:50:23.0503 0x2164 IndirectKmd - ok
23:50:23.0703 0x2164 [ 0673227369C14ACC35057CDADC50B3D7, D79CE32BA44AB4D26D933AFBD5B49D5F22CB21D8DA08A216DB69E0F240B97CCE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:50:23.0936 0x2164 IntcAzAudAddService - ok
23:50:23.0994 0x2164 [ B1679D907958C3F62EFDAA8BF1093209, DBAC2E49A4888AC8DC479279C2E67DAFF1D9153D4167325057C8DF53119A6E6D ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
23:50:24.0020 0x2164 IntcDAud - ok
23:50:24.0167 0x2164 [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
23:50:24.0207 0x2164 Intel(R) Capability Licensing Service TCP IP Interface - ok
23:50:24.0291 0x2164 [ 8213094EA736A9C575AB0E22AD09B0BA, 12670A466B5AA37283BD4CB481D000DE3AE2A8D1BD159F67A41703A6FE5675EC ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
23:50:24.0317 0x2164 Intel(R) Security Assist - detected UnsignedFile.Multi.Generic ( 1 )
23:50:24.0605 0x2164 Detect skipped due to KSN trusted
23:50:24.0605 0x2164 Intel(R) Security Assist - ok
23:50:24.0793 0x2164 [ F7D08D69508C0DCCE6D21C172E0D0406, 3C0933596D6A13109C2C959C3855E8ADD711FBB2FC142645E0B5C6080DCB1F64 ] IntelBCAsvc C:\Program Files\Intel\BCA\pabeSvc64.exe
23:50:24.0906 0x2164 IntelBCAsvc - ok
23:50:24.0935 0x2164 [ 72586E6D6DD4144D0C4CBD9D2653BBED, 3EE3CBB98D7A2CEEC92A86D5D2F49733BB1FD42F45CDE8973B71022E57093BBA ] IntelHSWPcc C:\WINDOWS\system32\drivers\IntelPcc.sys
23:50:24.0954 0x2164 IntelHSWPcc - ok
23:50:24.0967 0x2164 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
23:50:25.0050 0x2164 intelide - ok
23:50:25.0095 0x2164 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
23:50:25.0171 0x2164 intelpep - ok
23:50:25.0201 0x2164 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
23:50:25.0257 0x2164 intelppm - ok
23:50:25.0263 0x2164 [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
23:50:25.0309 0x2164 iorate - ok
23:50:25.0324 0x2164 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:50:25.0356 0x2164 IpFilterDriver - ok
23:50:25.0439 0x2164 [ 89548E57FD0A7BC703541C69C0286B13, 261698B302DF5B80C57FC4257E0A0AABC8DEFFED16D8CD142AD8E7CB51AF2007 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
23:50:25.0504 0x2164 iphlpsvc - ok
23:50:25.0526 0x2164 [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:50:25.0581 0x2164 IPMIDRV - ok
23:50:25.0593 0x2164 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
23:50:25.0678 0x2164 IPNAT - ok
23:50:25.0743 0x2164 [ EECB45F889E99174DA56FBDF37962D25, 12B407C45C9D0396FF3B5B118A863CBDEE0867034AE365F4CF5A8F66A4DB2003 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:50:25.0773 0x2164 iPod Service - ok
23:50:25.0795 0x2164 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
23:50:25.0842 0x2164 irda - ok
23:50:25.0847 0x2164 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
23:50:25.0897 0x2164 IRENUM - ok
23:50:25.0929 0x2164 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
23:50:25.0952 0x2164 irmon - ok
23:50:25.0999 0x2164 [ 1DFC3CCA51785254C5604238BB1A5467, 31451A90A91AEE14C6B24F84CB9816E5C77179D411B8B3E8547F538235BEEFB0 ] isaHelperSvc C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
23:50:26.0006 0x2164 isaHelperSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:50:26.0360 0x2164 Detect skipped due to KSN trusted
23:50:26.0360 0x2164 isaHelperSvc - ok
23:50:26.0392 0x2164 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
23:50:26.0451 0x2164 isapnp - ok
23:50:26.0477 0x2164 [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
23:50:26.0531 0x2164 iScsiPrt - ok
23:50:26.0610 0x2164 [ 038CDE75D1D81B157C133EFC3471F939, 4E64FE8ECD53C06FCC07E361B727A6689E0738D453CE4EFB9C64428F3884DE46 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:50:26.0644 0x2164 jhi_service - ok
23:50:26.0674 0x2164 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
23:50:26.0700 0x2164 kbdclass - ok
23:50:26.0718 0x2164 [ 2D05785B0C58D90A34EA15032EADBBA9, 3E1238FF7F6ECA522761830FE7EA7587B704FCB3ECE8C6BF94CC17A640B678ED ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
23:50:26.0779 0x2164 kbdhid - ok
23:50:26.0784 0x2164 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
23:50:26.0815 0x2164 kdnic - ok
23:50:26.0842 0x2164 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] KeyIso C:\WINDOWS\system32\lsass.exe
23:50:26.0862 0x2164 KeyIso - ok
23:50:26.0908 0x2164 [ ED8E4FEC1D078C709DCC4D920416F7F5, 06197ECC1C8F315F6D843313AF24D269F1AAECC349D6E3BAA039057C85C75E72 ] Kingsoft_WPS_UpdateService C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe
23:50:26.0933 0x2164 Kingsoft_WPS_UpdateService - ok
23:50:26.0943 0x2164 [ 9FA1B5D84F596F0664F0465F302044DC, 47B41D3D6119B5B20C83AF84D315C4AB40B5534D687736A8B67BD985A3B232C1 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
23:50:26.0997 0x2164 KSecDD - ok
23:50:27.0044 0x2164 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:50:27.0143 0x2164 KSecPkg - ok
23:50:27.0152 0x2164 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
23:50:27.0221 0x2164 ksthunk - ok
23:50:27.0276 0x2164 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
23:50:27.0326 0x2164 KtmRm - ok
23:50:27.0352 0x2164 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
23:50:27.0390 0x2164 LanmanServer - ok
23:50:27.0424 0x2164 [ 752FE77F22592016A5EBBF399EC12E14, 231CF3E069FF64A4E8C81D0799A73924D864585B25382EFF8D1707F87747AC9E ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:50:27.0462 0x2164 LanmanWorkstation - ok
23:50:27.0540 0x2164 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
23:50:27.0577 0x2164 lfsvc - ok
23:50:27.0617 0x2164 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
23:50:27.0639 0x2164 LicenseManager - ok
23:50:27.0658 0x2164 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
23:50:27.0706 0x2164 lltdio - ok
23:50:27.0734 0x2164 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
23:50:27.0774 0x2164 lltdsvc - ok
23:50:27.0817 0x2164 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
23:50:27.0854 0x2164 lmhosts - ok
23:50:27.0921 0x2164 [ 57AD6DFAB9C84BAAF008F57DFE2335EA, 8981A7D1C1FBA57530B274246D5DD4D8C09D16A255B0E91EDB7047F0E6910C23 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:50:27.0951 0x2164 LMS - ok
23:50:27.0998 0x2164 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
23:50:28.0058 0x2164 LSI_SAS - ok
23:50:28.0085 0x2164 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
23:50:28.0128 0x2164 LSI_SAS2i - ok
23:50:28.0152 0x2164 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
23:50:28.0200 0x2164 LSI_SAS3i - ok
23:50:28.0223 0x2164 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
23:50:28.0267 0x2164 LSI_SSS - ok
23:50:28.0348 0x2164 [ 5570D03E2048AC7961BEF6FFEE3A2CA5, FD0232312D87015FA0B8062FA175A44410F8C1C9778145CCDD57BA1C23929C87 ] LSM C:\WINDOWS\System32\lsm.dll
23:50:28.0401 0x2164 LSM - ok
23:50:28.0450 0x2164 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
23:50:28.0513 0x2164 luafv - ok
23:50:28.0550 0x2164 [ 6D4111E1852A9F0BFC07BB69F3141841, 9BFF4517F26F1E9DF4DA6633B542EAA20A698B9397D2ED73134E7AEF306FBB15 ] MapsBroker C:\WINDOWS\System32\moshost.dll
23:50:28.0595 0x2164 MapsBroker - ok
23:50:28.0632 0x2164 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
23:50:28.0696 0x2164 megasas - ok
23:50:28.0747 0x2164 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
23:50:28.0825 0x2164 megasr - ok
23:50:28.0854 0x2164 [ 296C443FCC228EA643ED310465772820, 4846A29DD631E2E253560E7A28439AE11F244AB77F0C826AD56EA485577DBDD6 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
23:50:28.0883 0x2164 MEIx64 - ok
23:50:28.0932 0x2164 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
23:50:28.0957 0x2164 MessagingService - ok
23:50:29.0059 0x2164 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service D:\Office2007\Office12\GrooveAuditService.exe
23:50:29.0089 0x2164 Microsoft Office Groove Audit Service - ok
23:50:29.0160 0x2164 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
23:50:29.0205 0x2164 mlx4_bus - ok
23:50:29.0236 0x2164 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
23:50:29.0302 0x2164 MMCSS - ok
23:50:29.0323 0x2164 [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem C:\WINDOWS\system32\drivers\modem.sys
23:50:29.0400 0x2164 Modem - ok
23:50:29.0411 0x2164 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
23:50:29.0470 0x2164 monitor - ok
23:50:29.0500 0x2164 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
23:50:29.0587 0x2164 mouclass - ok
23:50:29.0619 0x2164 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
23:50:29.0686 0x2164 mouhid - ok
23:50:29.0693 0x2164 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
23:50:29.0748 0x2164 mountmgr - ok
23:50:29.0808 0x2164 [ D6F67A73E6557578B755F7B534E00F47, 769F3D6CB86B2DC4065BDE4CE39139879B7D96F455A3BE80C7ECEAD5494E8B79 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:50:29.0832 0x2164 MozillaMaintenance - ok
23:50:29.0839 0x2164 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
23:50:29.0890 0x2164 mpsdrv - ok
23:50:29.0980 0x2164 [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
23:50:30.0060 0x2164 MpsSvc - ok
23:50:30.0080 0x2164 [ 50C2389CD04C5B8632E3DC2D733EF15D, 0F83A8A5F405BC6F401B5A75D45F6D07C61C0CA692D2A77C63E742622F5BF921 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
23:50:30.0129 0x2164 MRxDAV - ok
23:50:30.0181 0x2164 [ 4D5F17C23D25B5BDF7EB35A54F483C9B, 1A0AFB4151F8D5CB164A53A7851C618F3E4C1A4FF411BC8B0B6402124C311E03 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:50:30.0248 0x2164 mrxsmb - ok
23:50:30.0272 0x2164 [ 8F58AEAE00B39AC9AD93755E777B19D8, 335E4D9E9E81609BEAFA08376EE29C35DA6A1839FAFC37399B9066F03BFFFBC1 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:50:30.0344 0x2164 mrxsmb10 - ok
23:50:30.0373 0x2164 [ FC501F50E6214AF38D4B22220537187A, DACF1A76F98DDCB7F385BBDE2B522A23C32C9838B9CA5CECC9550BD9443DAEED ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:50:30.0470 0x2164 mrxsmb20 - ok
23:50:30.0522 0x2164 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
23:50:30.0581 0x2164 MsBridge - ok
23:50:30.0613 0x2164 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
23:50:30.0652 0x2164 MSDTC - ok
23:50:30.0677 0x2164 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:50:30.0752 0x2164 Msfs - ok
23:50:30.0791 0x2164 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:50:30.0859 0x2164 msgpiowin32 - ok
23:50:30.0871 0x2164 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:50:30.0922 0x2164 mshidkmdf - ok
23:50:30.0926 0x2164 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
23:50:30.0953 0x2164 mshidumdf - ok
23:50:30.0965 0x2164 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
23:50:31.0006 0x2164 msisadrv - ok
23:50:31.0048 0x2164 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
23:50:31.0092 0x2164 MSiSCSI - ok
23:50:31.0097 0x2164 msiserver - ok
23:50:31.0111 0x2164 [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
23:50:31.0183 0x2164 MSKSSRV - ok
23:50:31.0224 0x2164 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
23:50:31.0287 0x2164 MsLldp - ok
23:50:31.0308 0x2164 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
23:50:31.0365 0x2164 MSPCLOCK - ok
23:50:31.0408 0x2164 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
23:50:31.0460 0x2164 MSPQM - ok
23:50:31.0485 0x2164 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
23:50:31.0554 0x2164 MsRPC - ok
23:50:31.0565 0x2164 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
23:50:31.0611 0x2164 mssmbios - ok
23:50:31.0632 0x2164 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
23:50:31.0705 0x2164 MSTEE - ok
23:50:31.0723 0x2164 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
23:50:31.0775 0x2164 MTConfig - ok
23:50:31.0782 0x2164 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
23:50:31.0838 0x2164 Mup - ok
23:50:31.0854 0x2164 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
23:50:31.0888 0x2164 mvumis - ok
23:50:31.0941 0x2164 [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:50:32.0031 0x2164 NativeWifiP - ok
23:50:32.0091 0x2164 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
23:50:32.0126 0x2164 NcaSvc - ok
23:50:32.0162 0x2164 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
23:50:32.0198 0x2164 NcbService - ok
23:50:32.0206 0x2164 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
23:50:32.0243 0x2164 NcdAutoSetup - ok
23:50:32.0270 0x2164 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
23:50:32.0290 0x2164 ndfltr - ok
23:50:32.0349 0x2164 [ 36DD2C614720EC2970CB5E870BA69D8D, 692BDA4201119E0561E17E7E1A72320DBECDE3F8E4E65FBEA1B2C1128E16508B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
23:50:32.0469 0x2164 NDIS - ok
23:50:32.0491 0x2164 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
23:50:32.0520 0x2164 NdisCap - ok
23:50:32.0548 0x2164 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
23:50:32.0626 0x2164 NdisImPlatform - ok
23:50:32.0645 0x2164 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:50:32.0704 0x2164 NdisTapi - ok
23:50:32.0721 0x2164 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
23:50:32.0762 0x2164 Ndisuio - ok
23:50:32.0767 0x2164 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:50:32.0818 0x2164 NdisVirtualBus - ok
23:50:32.0841 0x2164 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
23:50:32.0901 0x2164 NdisWan - ok
23:50:32.0911 0x2164 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:50:32.0955 0x2164 ndiswanlegacy - ok
23:50:32.0971 0x2164 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
23:50:33.0040 0x2164 ndproxy - ok
23:50:33.0080 0x2164 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
23:50:33.0172 0x2164 Ndu - ok
23:50:33.0196 0x2164 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
23:50:33.0271 0x2164 NetAdapterCx - ok
23:50:33.0313 0x2164 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
23:50:33.0406 0x2164 NetBIOS - ok
23:50:33.0444 0x2164 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:50:33.0545 0x2164 NetBT - ok
23:50:33.0578 0x2164 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:50:33.0609 0x2164 Netlogon - ok
23:50:33.0675 0x2164 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
23:50:33.0711 0x2164 Netman - ok
23:50:33.0773 0x2164 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
23:50:33.0818 0x2164 netprofm - ok
23:50:33.0860 0x2164 [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
23:50:33.0893 0x2164 NetSetupSvc - ok
23:50:33.0983 0x2164 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:50:34.0052 0x2164 NetTcpPortSharing - ok
23:50:34.0117 0x2164 [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
23:50:34.0152 0x2164 NgcCtnrSvc - ok
23:50:34.0184 0x2164 [ 2EC2F2E4C88BA9B72D1F6B92234BCD53, 4DC98EBE5A3B34ED654017F076F457970D3FBF749DC54A6533DAABDE85A7C4FE ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
23:50:34.0250 0x2164 NgcSvc - ok
23:50:34.0313 0x2164 [ 0B5083278F195C26FE9E0140AEAEDCBE, B4D505963D5EBA14EC80E6D0BB8B862D96D1D1C3A57F4744AEBA3FF4BFB1997A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
23:50:34.0361 0x2164 NlaSvc - ok
23:50:34.0420 0x2164 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:50:34.0479 0x2164 Npfs - ok
23:50:34.0495 0x2164 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
23:50:34.0537 0x2164 npsvctrig - ok
23:50:34.0607 0x2164 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
23:50:34.0652 0x2164 nsi - ok
23:50:34.0674 0x2164 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
23:50:34.0746 0x2164 nsiproxy - ok
23:50:34.0887 0x2164 [ BE43EC0D5AD467CFC5C9770F2F8EBCC2, 6D22EB974709D3115FD4347FB835454FA41FE6DBF99A79779CF14FB49A5BDD8F ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
23:50:35.0047 0x2164 NTFS - ok
23:50:35.0080 0x2164 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
23:50:35.0124 0x2164 Null - ok
23:50:35.0161 0x2164 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
23:50:35.0244 0x2164 nvraid - ok
23:50:35.0268 0x2164 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
23:50:35.0317 0x2164 nvstor - ok
Geändert von drarti (08.09.2016 um 23:09 Uhr) Grund: zu groß |
|
08.09.2016, 23:10
| #6 |
| | Microsoft Anruf TDSS Teil 2: Code:
ATTFilter 23:50:35.0403 0x2164 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:50:35.0431 0x2164 odserv - ok
23:50:35.0511 0x2164 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
23:50:35.0550 0x2164 OneSyncSvc - ok
23:50:35.0708 0x2164 [ 7D006FC340B301A1DEAFB5878C078A12, 245A4647DEB2CD5D0C3FF07B45D50D6EE039733000C7F7FEC0A1B58162594B9D ] Origin Client Service D:\Origin\OriginClientService.exe
23:50:35.0782 0x2164 Origin Client Service - ok
23:50:35.0838 0x2164 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:50:35.0862 0x2164 ose - ok
23:50:35.0926 0x2164 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
23:50:35.0970 0x2164 p2pimsvc - ok
23:50:36.0020 0x2164 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
23:50:36.0065 0x2164 p2psvc - ok
23:50:36.0098 0x2164 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
23:50:36.0146 0x2164 Parport - ok
23:50:36.0297 0x2164 [ 64E0AA114871B2A37908E44A18F35A73, 2FB434EE48894C9B538349918B9B96FE9C6A76ADAC325EB9DA6E84D0B104D457 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
23:50:36.0360 0x2164 partmgr - ok
23:50:36.0420 0x2164 [ CE515B2C6E2EA50053A8862398646B38, C85D370E5250AFCF44796CE274B5A100C6829DC28BF1D4C6991EF61DE46FD10A ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
23:50:36.0456 0x2164 PcaSvc - ok
23:50:36.0480 0x2164 [ 55E45E0A89429AE9C62D728B9C4891C0, 729922C3488866C8D67F00E82C082F2E8E6F05180F4767AD30FC7E1FFE4946C5 ] pci C:\WINDOWS\system32\drivers\pci.sys
23:50:36.0521 0x2164 pci - ok
23:50:36.0540 0x2164 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
23:50:36.0596 0x2164 pciide - ok
23:50:36.0629 0x2164 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
23:50:36.0683 0x2164 pcmcia - ok
23:50:36.0689 0x2164 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
23:50:36.0744 0x2164 pcw - ok
23:50:36.0784 0x2164 [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc C:\WINDOWS\system32\drivers\pdc.sys
23:50:36.0858 0x2164 pdc - ok
23:50:36.0934 0x2164 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
23:50:37.0028 0x2164 PEAUTH - ok
23:50:37.0063 0x2164 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
23:50:37.0141 0x2164 percsas2i - ok
23:50:37.0173 0x2164 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
23:50:37.0242 0x2164 percsas3i - ok
23:50:37.0322 0x2164 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
23:50:37.0358 0x2164 PerfHost - ok
23:50:37.0450 0x2164 [ CFA4868B2932396D47BCC8E7350907C1, C757910212982F54CF9B2CFFCB632D58E3A07E468A2DA42CDF97BFB6A05823DE ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
23:50:37.0519 0x2164 PhoneSvc - ok
23:50:37.0534 0x2164 [ 06A31E2C90347128A1A25290568E152C, 7F0BC96C116A5C6B9796233CA975B1F6A73D554A533191F38295D60221E503C4 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
23:50:37.0565 0x2164 PimIndexMaintenanceSvc - ok
23:50:37.0668 0x2164 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
23:50:37.0757 0x2164 pla - ok
23:50:37.0796 0x2164 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
23:50:37.0830 0x2164 PlugPlay - ok
23:50:37.0848 0x2164 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
23:50:37.0872 0x2164 PNRPAutoReg - ok
23:50:37.0895 0x2164 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
23:50:37.0934 0x2164 PNRPsvc - ok
23:50:37.0970 0x2164 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
23:50:38.0010 0x2164 PolicyAgent - ok
23:50:38.0030 0x2164 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
23:50:38.0061 0x2164 Power - ok
23:50:38.0108 0x2164 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
23:50:38.0176 0x2164 PptpMiniport - ok
23:50:38.0722 0x2164 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:50:38.0907 0x2164 PrintNotify - ok
23:50:38.0948 0x2164 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
23:50:39.0009 0x2164 Processor - ok
23:50:39.0062 0x2164 [ B2DC3BA675F95343D55EC989FE303561, C53FCA036358B0B11BBE5348074FA24831CF67C9FEE31A3DC9CF88B6178CFBC8 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
23:50:39.0116 0x2164 ProfSvc - ok
23:50:39.0137 0x2164 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
23:50:39.0197 0x2164 Psched - ok
23:50:39.0272 0x2164 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
23:50:39.0320 0x2164 QWAVE - ok
23:50:39.0357 0x2164 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
23:50:39.0420 0x2164 QWAVEdrv - ok
23:50:39.0458 0x2164 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:50:39.0552 0x2164 RasAcd - ok
23:50:39.0603 0x2164 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
23:50:39.0694 0x2164 RasAgileVpn - ok
23:50:39.0741 0x2164 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:50:39.0774 0x2164 RasAuto - ok
23:50:39.0796 0x2164 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
23:50:39.0836 0x2164 Rasl2tp - ok
23:50:39.0891 0x2164 [ DF0702D6A190452E1BFA52F36E58640A, 37B7B8220CDE965F1232D883CEEEDDDB309ABA0ACBE38486E69B9052D39187C4 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:50:39.0951 0x2164 RasMan - ok
23:50:39.0959 0x2164 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:50:40.0027 0x2164 RasPppoe - ok
23:50:40.0052 0x2164 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
23:50:40.0098 0x2164 RasSstp - ok
23:50:40.0149 0x2164 [ 392CD98739F4A8F188A3CB34F6AB193E, C36D1CD8EEB57DB37A0A079DFC87120F948A8E3EE09973CCF5D613566B17EA10 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:50:40.0204 0x2164 rdbss - ok
23:50:40.0255 0x2164 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
23:50:40.0298 0x2164 rdpbus - ok
23:50:40.0315 0x2164 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
23:50:40.0362 0x2164 RDPDR - ok
23:50:40.0377 0x2164 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:50:40.0429 0x2164 RdpVideoMiniport - ok
23:50:40.0443 0x2164 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
23:50:40.0530 0x2164 rdyboost - ok
23:50:40.0607 0x2164 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
23:50:40.0710 0x2164 ReFSv1 - ok
23:50:40.0766 0x2164 [ FD2B3A645798A2EFB7FB61AC42AAA611, 8A121D361A73CA19AA87B1AD33B8020A99444BF4C8904944AD5913C5083859B8 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:50:40.0810 0x2164 RemoteAccess - ok
23:50:40.0846 0x2164 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:50:40.0882 0x2164 RemoteRegistry - ok
23:50:40.0913 0x2164 [ 94DCF20DF6170B557AFD386E37C128BC, 70FB7C7A7D2BFA95EACEEE38B39E1DCA93DA63AE1898C4F54956B9413C60EB88 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
23:50:40.0964 0x2164 RetailDemo - ok
23:50:41.0097 0x2164 [ 9E18DF158751CF968E7DF83256D70233, 89385DA5ABD283F289E37D7D9E33358B06216E9B3659B2E70F19FD5BA49C7F90 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
23:50:41.0124 0x2164 RichVideo64 - ok
23:50:41.0150 0x2164 [ 068220E1B417556F4226E6A3CA0A1C24, 381DD82EF6EAEE83B5B3FA123D04A4D1EEB3407737683C22BBA787C39DCAFFE3 ] RmSvc C:\WINDOWS\System32\RMapi.dll
23:50:41.0187 0x2164 RmSvc - ok
23:50:41.0222 0x2164 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
23:50:41.0264 0x2164 RpcEptMapper - ok
23:50:41.0292 0x2164 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
23:50:41.0317 0x2164 RpcLocator - ok
23:50:41.0371 0x2164 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:50:41.0435 0x2164 RpcSs - ok
23:50:41.0477 0x2164 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
23:50:41.0526 0x2164 rspndr - ok
23:50:41.0610 0x2164 [ E11A3F79475F9D019CD51ADCCC377909, CF14C494C4A969233C1D2B32A56C86C8636AC70004725B53447C42EB63C31BA9 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
23:50:41.0695 0x2164 rt640x64 - ok
23:50:41.0758 0x2164 [ 065532A5DE3FCD9D9F104A9AA42584BE, 87A5CF88DD080E3D91E0137B4A8B255C3AF0C6436447702BE1EE0BCDFFD11A9B ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
23:50:41.0809 0x2164 RTSUER - ok
23:50:41.0840 0x2164 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
23:50:41.0925 0x2164 s3cap - ok
23:50:41.0953 0x2164 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] SamSs C:\WINDOWS\system32\lsass.exe
23:50:41.0979 0x2164 SamSs - ok
23:50:42.0009 0x2164 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
23:50:42.0042 0x2164 sbp2port - ok
23:50:42.0081 0x2164 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
23:50:42.0118 0x2164 SCardSvr - ok
23:50:42.0128 0x2164 [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
23:50:42.0162 0x2164 ScDeviceEnum - ok
23:50:42.0192 0x2164 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:50:42.0215 0x2164 scfilter - ok
23:50:42.0246 0x2164 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:50:42.0318 0x2164 Schedule - ok
23:50:42.0328 0x2164 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
23:50:42.0356 0x2164 scmbus - ok
23:50:42.0364 0x2164 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
23:50:42.0399 0x2164 scmdisk0101 - ok
23:50:42.0439 0x2164 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
23:50:42.0474 0x2164 SCPolicySvc - ok
23:50:42.0502 0x2164 [ FCBB8A17B4437B2CA8CC8DA8CB1D306E, 5FA762B1B6C8A45ED6F304A45B500038537ABD3DF6328F3C8E2BD43CBDEAB835 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
23:50:42.0554 0x2164 sdbus - ok
23:50:42.0580 0x2164 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
23:50:42.0618 0x2164 SDRSVC - ok
23:50:42.0647 0x2164 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
23:50:42.0710 0x2164 sdstor - ok
23:50:42.0716 0x2164 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
23:50:42.0757 0x2164 seclogon - ok
23:50:42.0855 0x2164 [ EA160DB2589350DFF52C7ACCD7763187, 1EA4C33AE67EE0EC0748D892D402AD49832FE752F6864AF99AFCA52873D6F4A4 ] SecureLine C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
23:50:42.0893 0x2164 SecureLine - ok
23:50:42.0943 0x2164 [ B605A44ACA1FCFF736235A4D7AEDA548, 48D8B5BC027CFE91AF7402C463327572181D4C1B1E2942F4D05792EED070B2DC ] SENS C:\WINDOWS\System32\sens.dll
23:50:42.0972 0x2164 SENS - ok
23:50:43.0041 0x2164 [ 1CC993A041899B48D5DF4D3F4A4425FC, 8D138B3A92C0E181C865A37AD55EE2D55CC352ED9B60BF60BE0AC610F13F8FA1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
23:50:43.0131 0x2164 SensorDataService - ok
23:50:43.0163 0x2164 [ 7BFD114F0F308CE29AEB8F16056D0658, 0CD3B3C69DCB3EAD8F8EF5C633911DD4F2C1167DC6FE28107EE38713A35A1F5C ] SensorService C:\WINDOWS\system32\SensorService.dll
23:50:43.0204 0x2164 SensorService - ok
23:50:43.0228 0x2164 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
23:50:43.0259 0x2164 SensrSvc - ok
23:50:43.0287 0x2164 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
23:50:43.0327 0x2164 SerCx - ok
23:50:43.0374 0x2164 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
23:50:43.0417 0x2164 SerCx2 - ok
23:50:43.0430 0x2164 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
23:50:43.0488 0x2164 Serenum - ok
23:50:43.0516 0x2164 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
23:50:43.0594 0x2164 Serial - ok
23:50:43.0617 0x2164 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
23:50:43.0661 0x2164 sermouse - ok
23:50:43.0724 0x2164 [ D525D273BE5691BDACE72B07AB0D1E02, 9231BD2137E71B3D555CEBBA8811297F239FDA08BF573CA4741D03D76718B5B1 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
23:50:44.0043 0x2164 SessionEnv - ok
23:50:44.0069 0x2164 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
23:50:44.0132 0x2164 sfloppy - ok
23:50:44.0216 0x2164 [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:50:44.0271 0x2164 SharedAccess - ok
23:50:44.0335 0x2164 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:50:44.0394 0x2164 ShellHWDetection - ok
23:50:44.0432 0x2164 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
23:50:44.0462 0x2164 shpamsvc - ok
23:50:44.0478 0x2164 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:50:44.0516 0x2164 SiSRaid2 - ok
23:50:44.0531 0x2164 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
23:50:44.0581 0x2164 SiSRaid4 - ok
23:50:44.0641 0x2164 [ 3EB12F95C259907F976B9FFCD26FA047, 1ADC40D8911F7C3C7376882DC0B5526F1C16089E13883734498D36C9CE4D8E76 ] smphost C:\WINDOWS\System32\smphost.dll
23:50:44.0679 0x2164 smphost - ok
23:50:44.0726 0x2164 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
23:50:44.0777 0x2164 SmsRouter - ok
23:50:44.0815 0x2164 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
23:50:44.0839 0x2164 SNMPTRAP - ok
23:50:44.0906 0x2164 [ 3DB9C2950439B61A038BF83E697C7A14, 6BF5EA5D4A251CB982F336840A60EF4241A3FC7442E7CD4D7C82199F5BF8D4D2 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
23:50:44.0969 0x2164 spaceport - ok
23:50:44.0994 0x2164 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
23:50:45.0064 0x2164 SpbCx - ok
23:50:45.0142 0x2164 [ DA5A9752A702E86AFC10F06115A8AF4C, 1EBF973AAEE0D851934CFD99BF6FC3B33D6EF5EDE95F81450D2EA18117172FC9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
23:50:45.0204 0x2164 Spooler - ok
23:50:45.0413 0x2164 [ DB386D52ABDCF0577B6921D02EEDC8B3, 523247781F230B7273248C2AB8262E63BBE55EFD2DE0DF9A40F5FA0DA7DD2AE6 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
23:50:45.0654 0x2164 sppsvc - ok
23:50:45.0691 0x2164 [ EDCDCD95B916DB156A903AC6256F0CCF, 4158EFE298235EDE2C34CE9F3978A4F3690379F14B21F917647EEAA0A8C1DE4A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:50:45.0769 0x2164 srv - ok
23:50:45.0809 0x2164 [ DF7147DE10921DBAAE9F9EEF94590E10, 2222BA441227056DA17194648B3AF49655650F7BBA9E4A9ACEF519E392099C6D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
23:50:45.0893 0x2164 srv2 - ok
23:50:45.0921 0x2164 [ 416D224AF7481A4179F018FB1F9A5B6B, 38159D7957A8091DFC5C32DCAC4DB07FDE14BBE4E75B4E61B4FBB332E3F9259D ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:50:46.0004 0x2164 srvnet - ok
23:50:46.0061 0x2164 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:50:46.0103 0x2164 SSDPSRV - ok
23:50:46.0136 0x2164 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
23:50:46.0169 0x2164 SstpSvc - ok
23:50:46.0355 0x2164 [ DF762D30EF0EE10E569C507BE75EAA6B, C23BA05E778CF1A547E7D3FE2226E0E68917570C56D5E703E599CAF2FD10BD17 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
23:50:46.0566 0x2164 StateRepository - ok
23:50:46.0587 0x2164 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
23:50:46.0627 0x2164 stexstor - ok
23:50:46.0698 0x2164 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\WINDOWS\System32\wiaservc.dll
23:50:46.0757 0x2164 stisvc - ok
23:50:46.0783 0x2164 [ 0FE3B9A9E40DE1029B0AC2368A3F765D, AB06795E456DB9CE4E5A91DD1C2638B4D474CE1C5DB4819D5EE17A337D74A231 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
23:50:46.0813 0x2164 storahci - ok
23:50:46.0850 0x2164 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
23:50:46.0900 0x2164 storflt - ok
23:50:46.0935 0x2164 [ B739FF1C1FAF9D0ADFBFB0FD59A5AB37, F128D872283AD1F91B56667DB885E7404D76B1CC72D6D71382C5DFA19AE433ED ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
23:50:47.0001 0x2164 stornvme - ok
23:50:47.0017 0x2164 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
23:50:47.0049 0x2164 storqosflt - ok
23:50:47.0119 0x2164 [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc C:\WINDOWS\system32\storsvc.dll
23:50:47.0164 0x2164 StorSvc - ok
23:50:47.0199 0x2164 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
23:50:47.0239 0x2164 storufs - ok
23:50:47.0245 0x2164 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
23:50:47.0282 0x2164 storvsc - ok
23:50:47.0326 0x2164 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
23:50:47.0353 0x2164 svsvc - ok
23:50:47.0371 0x2164 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
23:50:47.0395 0x2164 swenum - ok
23:50:47.0426 0x2164 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
23:50:47.0474 0x2164 swprv - ok
23:50:47.0510 0x2164 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
23:50:47.0540 0x2164 Synth3dVsc - ok
23:50:47.0620 0x2164 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
23:50:47.0691 0x2164 SysMain - ok
23:50:47.0725 0x2164 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:50:47.0765 0x2164 SystemEventsBroker - ok
23:50:47.0808 0x2164 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:50:47.0844 0x2164 TabletInputService - ok
23:50:47.0858 0x2164 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:50:47.0896 0x2164 TapiSrv - ok
23:50:48.0008 0x2164 [ E93C3AB8B29AB4905541B5AB87963906, A9352792815C543E7129D16CCCDB7A6F9FB63C0C95A4BB22FA5709E886FFD6D4 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
23:50:48.0193 0x2164 Tcpip - ok
23:50:48.0269 0x2164 [ E93C3AB8B29AB4905541B5AB87963906, A9352792815C543E7129D16CCCDB7A6F9FB63C0C95A4BB22FA5709E886FFD6D4 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
23:50:48.0412 0x2164 Tcpip6 - ok
23:50:48.0436 0x2164 [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
23:50:48.0489 0x2164 tcpipreg - ok
23:50:48.0517 0x2164 [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
23:50:48.0560 0x2164 tdx - ok
23:50:48.0598 0x2164 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
23:50:48.0658 0x2164 terminpt - ok
23:50:48.0758 0x2164 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
23:50:48.0826 0x2164 TermService - ok
23:50:48.0850 0x2164 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
23:50:48.0885 0x2164 Themes - ok
23:50:48.0926 0x2164 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
23:50:48.0966 0x2164 TieringEngineService - ok
23:50:48.0986 0x2164 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
23:50:49.0035 0x2164 tiledatamodelsvc - ok
23:50:49.0046 0x2164 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
23:50:49.0076 0x2164 TimeBrokerSvc - ok
23:50:49.0099 0x2164 [ 798C8CB861EB09C5AFB77468E5449BBB, F6631E779159B99B097A59792D11713809CA493618B6A210A4BC905F16782094 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
23:50:49.0186 0x2164 TPM - ok
23:50:49.0201 0x2164 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
23:50:49.0229 0x2164 TrkWks - ok
23:50:49.0309 0x2164 [ 8CD584C49A738630030023327AEA4524, 7B3906436DCCBC7023BC15133B4C9B6CFEFFCD30B4DD7E3332A72403414076F6 ] TrueKey C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
23:50:49.0354 0x2164 TrueKey - ok
23:50:49.0394 0x2164 [ 8FA25777713037F041D369F673CFB46A, C1428BFFABA34DF10C2F440184AB1337D7C344757769D3B8B36B062FB2D5C5E8 ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
23:50:49.0405 0x2164 TrueKeyScheduler - ok
23:50:49.0437 0x2164 [ 178E484602BFBF1115D7B9817D0D2989, D43677B4D1BEF63822CC0998FEED720DA44893D23BC49E4780D98D75A092B451 ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
23:50:49.0450 0x2164 TrueKeyServiceHelper - ok
23:50:49.0498 0x2164 [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:50:49.0522 0x2164 TrustedInstaller - ok
23:50:49.0542 0x2164 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
23:50:49.0572 0x2164 tsusbflt - ok
23:50:49.0578 0x2164 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:50:49.0599 0x2164 TsUsbGD - ok
23:50:49.0615 0x2164 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
23:50:49.0671 0x2164 tunnel - ok
23:50:49.0723 0x2164 [ 0F38FCE8C61CC14DE3718FAB5FFC0D3A, 527071956BDC0F2863DCDFEDD314DB5265A6AE525F810186F508E0D58A97D767 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
23:50:49.0761 0x2164 tzautoupdate - ok
23:50:49.0797 0x2164 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
23:50:49.0824 0x2164 UASPStor - ok
23:50:49.0866 0x2164 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
23:50:49.0930 0x2164 UcmCx0101 - ok
23:50:49.0946 0x2164 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
23:50:49.0992 0x2164 UcmTcpciCx0101 - ok
23:50:49.0998 0x2164 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
23:50:50.0041 0x2164 UcmUcsi - ok
23:50:50.0067 0x2164 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
23:50:50.0146 0x2164 Ucx01000 - ok
23:50:50.0172 0x2164 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
23:50:50.0223 0x2164 UdeCx - ok
23:50:50.0256 0x2164 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
23:50:50.0332 0x2164 udfs - ok
23:50:50.0364 0x2164 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
23:50:50.0422 0x2164 UEFI - ok
23:50:50.0454 0x2164 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
23:50:50.0533 0x2164 Ufx01000 - ok
23:50:50.0554 0x2164 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
23:50:50.0614 0x2164 UfxChipidea - ok
23:50:50.0645 0x2164 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
23:50:50.0715 0x2164 ufxsynopsys - ok
23:50:50.0762 0x2164 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
23:50:50.0793 0x2164 UI0Detect - ok
23:50:50.0820 0x2164 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
23:50:50.0845 0x2164 umbus - ok
23:50:50.0869 0x2164 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
23:50:50.0896 0x2164 UmPass - ok
23:50:50.0950 0x2164 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
23:50:50.0995 0x2164 UmRdpService - ok
23:50:51.0133 0x2164 [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
23:50:51.0209 0x2164 UnistoreSvc - ok
23:50:51.0243 0x2164 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:50:51.0293 0x2164 upnphost - ok
23:50:51.0336 0x2164 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
23:50:51.0388 0x2164 UrsChipidea - ok
23:50:51.0394 0x2164 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
23:50:51.0421 0x2164 UrsCx01000 - ok
23:50:51.0427 0x2164 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
23:50:51.0451 0x2164 UrsSynopsys - ok
23:50:51.0478 0x2164 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
23:50:51.0508 0x2164 usbccgp - ok
23:50:51.0517 0x2164 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
23:50:51.0541 0x2164 usbcir - ok
23:50:51.0571 0x2164 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
23:50:51.0647 0x2164 usbehci - ok
23:50:51.0709 0x2164 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
23:50:51.0815 0x2164 usbhub - ok
23:50:51.0852 0x2164 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
23:50:51.0930 0x2164 USBHUB3 - ok
23:50:51.0959 0x2164 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
23:50:52.0021 0x2164 usbohci - ok
23:50:52.0038 0x2164 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
23:50:52.0083 0x2164 usbprint - ok
23:50:52.0102 0x2164 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
23:50:52.0132 0x2164 usbser - ok
23:50:52.0168 0x2164 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:50:52.0199 0x2164 USBSTOR - ok
23:50:52.0235 0x2164 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
23:50:52.0334 0x2164 usbuhci - ok
23:50:52.0362 0x2164 [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
23:50:52.0404 0x2164 usbvideo - ok
23:50:52.0439 0x2164 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:50:52.0534 0x2164 USBXHCI - ok
23:50:52.0665 0x2164 [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
23:50:52.0755 0x2164 UserDataSvc - ok
23:50:52.0830 0x2164 [ 8F6DAAFDDDA27D83ACC8C7FF1536CAF6, 5E1B67A5B388CBB3B193C238546BAD4DC5F5DF54859E16607A60681E6D38FA73 ] UserManager C:\WINDOWS\System32\usermgr.dll
23:50:52.0907 0x2164 UserManager - ok
23:50:52.0974 0x2164 [ 0F3C4209200F3DAD2015DA3044FA8DC3, 84DC9CB21ECD79C3BFDBBDF66173F4E2D7E6CB118E0EEA4516A6661636D4CE8F ] UsoSvc C:\WINDOWS\system32\usocore.dll
23:50:53.0024 0x2164 UsoSvc - ok
23:50:53.0047 0x2164 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] VaultSvc C:\WINDOWS\system32\lsass.exe
23:50:53.0067 0x2164 VaultSvc - ok
23:50:53.0087 0x2164 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
23:50:53.0149 0x2164 vdrvroot - ok
23:50:53.0201 0x2164 [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds C:\WINDOWS\System32\vds.exe
23:50:53.0257 0x2164 vds - ok
23:50:53.0284 0x2164 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
23:50:53.0326 0x2164 VerifierExt - ok
23:50:53.0376 0x2164 [ C12B4859FC255AA6B3021CF8BB14A11F, E95922351825D23ABCADD173E9256FC9AFFF28555DD1971CFF5666A2055958C5 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
23:50:53.0472 0x2164 vhdmp - ok
23:50:53.0502 0x2164 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
23:50:53.0577 0x2164 vhf - ok
23:50:53.0623 0x2164 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
23:50:53.0688 0x2164 vmbus - ok
23:50:53.0694 0x2164 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
23:50:53.0757 0x2164 VMBusHID - ok
23:50:53.0777 0x2164 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
23:50:53.0833 0x2164 vmgid - ok
23:50:53.0893 0x2164 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
23:50:53.0927 0x2164 vmicguestinterface - ok
23:50:53.0940 0x2164 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
23:50:53.0975 0x2164 vmicheartbeat - ok
23:50:53.0987 0x2164 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
23:50:54.0022 0x2164 vmickvpexchange - ok
23:50:54.0060 0x2164 [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
23:50:54.0095 0x2164 vmicrdv - ok
23:50:54.0109 0x2164 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
23:50:54.0144 0x2164 vmicshutdown - ok
23:50:54.0156 0x2164 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
23:50:54.0190 0x2164 vmictimesync - ok
23:50:54.0202 0x2164 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
23:50:54.0236 0x2164 vmicvmsession - ok
23:50:54.0250 0x2164 [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
23:50:54.0286 0x2164 vmicvss - ok
23:50:54.0308 0x2164 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
23:50:54.0350 0x2164 volmgr - ok
23:50:54.0365 0x2164 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
23:50:54.0408 0x2164 volmgrx - ok
23:50:54.0439 0x2164 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
23:50:54.0522 0x2164 volsnap - ok
23:50:54.0555 0x2164 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
23:50:54.0602 0x2164 volume - ok
23:50:54.0638 0x2164 [ 04BEC879AD7B3FDDD0339B19FECB0160, 8C92755DDB41AD7DDA1643D7F32FAA0FCA7E2C65C69611EB5EC1B3276EA8DBC7 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
23:50:54.0706 0x2164 vpci - ok
23:50:54.0740 0x2164 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
23:50:54.0801 0x2164 vsmraid - ok
23:50:54.0891 0x2164 [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\WINDOWS\system32\vssvc.exe
23:50:54.0984 0x2164 VSS - ok
23:50:55.0013 0x2164 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
23:50:55.0078 0x2164 VSTXRAID - ok
23:50:55.0116 0x2164 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
23:50:55.0148 0x2164 vwifibus - ok
23:50:55.0155 0x2164 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
23:50:55.0196 0x2164 vwififlt - ok
23:50:55.0220 0x2164 [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
23:50:55.0257 0x2164 vwifimp - ok
23:50:55.0303 0x2164 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
23:50:55.0349 0x2164 W32Time - ok
23:50:55.0368 0x2164 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
23:50:55.0417 0x2164 WacomPen - ok
23:50:55.0486 0x2164 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
23:50:55.0535 0x2164 WalletService - ok
23:50:55.0567 0x2164 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:50:55.0606 0x2164 wanarp - ok
23:50:55.0612 0x2164 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:50:55.0651 0x2164 wanarpv6 - ok
23:50:55.0733 0x2164 [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\WINDOWS\system32\wbengine.exe
23:50:55.0825 0x2164 wbengine - ok
23:50:55.0909 0x2164 [ 6BE945D6DE02713BAD8627205CDF9F48, F6548EAF5D67DA4682D8B31E5B565606DEAAB9276B44F25F1A4203AB61B9400B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
23:50:55.0977 0x2164 WbioSrvc - ok
23:50:56.0007 0x2164 [ CD24DEEA22152524CCFE859591D12A57, C60ACF77647E5D6EDC10BBBCF974DF264145123C8EDB6506AFA9C949EBA53D7F ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
23:50:56.0068 0x2164 wcifs - ok
23:50:56.0106 0x2164 [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
23:50:56.0170 0x2164 Wcmsvc - ok
23:50:56.0209 0x2164 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
23:50:56.0252 0x2164 wcncsvc - ok
23:50:56.0295 0x2164 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
23:50:56.0341 0x2164 wcnfs - ok
23:50:56.0363 0x2164 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
23:50:56.0404 0x2164 WdBoot - ok
23:50:56.0469 0x2164 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
23:50:56.0563 0x2164 Wdf01000 - ok
23:50:56.0621 0x2164 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
23:50:56.0668 0x2164 WdFilter - ok
23:50:56.0703 0x2164 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
23:50:56.0734 0x2164 WdiServiceHost - ok
23:50:56.0741 0x2164 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
23:50:56.0773 0x2164 WdiSystemHost - ok
23:50:56.0828 0x2164 [ 373DF27CD5D5E50FFA2A90FEE0C0D994, 09E6C6C690AEE1C1A9A84BBA87A934040B2A20F677E5F5B2D24F8433B61BD81E ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
23:50:56.0881 0x2164 wdiwifi - ok
23:50:56.0891 0x2164 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:50:56.0944 0x2164 WdNisDrv - ok
23:50:56.0984 0x2164 WdNisSvc - ok
23:50:57.0017 0x2164 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:50:57.0055 0x2164 WebClient - ok
23:50:57.0072 0x2164 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
23:50:57.0107 0x2164 Wecsvc - ok
23:50:57.0113 0x2164 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
23:50:57.0140 0x2164 WEPHOSTSVC - ok
23:50:57.0148 0x2164 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
23:50:57.0180 0x2164 wercplsupport - ok
23:50:57.0204 0x2164 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
23:50:57.0236 0x2164 WerSvc - ok
23:50:57.0257 0x2164 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
23:50:57.0311 0x2164 WFPLWFS - ok
23:50:57.0338 0x2164 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
23:50:57.0376 0x2164 WiaRpc - ok
23:50:57.0402 0x2164 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
23:50:57.0437 0x2164 WIMMount - ok
23:50:57.0441 0x2164 WinDefend - ok
23:50:57.0457 0x2164 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
23:50:57.0478 0x2164 WindowsTrustedRT - ok
23:50:57.0504 0x2164 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
23:50:57.0538 0x2164 WindowsTrustedRTProxy - ok
23:50:57.0601 0x2164 [ C9E7D91A044B77CBCB4121C06610A86C, 9FF039D67A5CE4732920EA4F1F5CFD9DE0AAADC34829A007EA697030D42D3623 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:50:57.0663 0x2164 WinHttpAutoProxySvc - ok
23:50:57.0691 0x2164 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
23:50:57.0708 0x2164 WinMad - ok
23:50:57.0760 0x2164 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:50:57.0791 0x2164 Winmgmt - ok
23:50:57.0907 0x2164 [ F86E9029774478D276E0AAB7D169896D, EDCB96F745E1F16BDFF70B140B38412096FA29A407157183223AE6111CBB4B38 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
23:50:58.0059 0x2164 WinRM - ok
23:50:58.0087 0x2164 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
23:50:58.0164 0x2164 WINUSB - ok
23:50:58.0185 0x2164 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
23:50:58.0221 0x2164 WinVerbs - ok
23:50:58.0279 0x2164 [ 4D694EDF85F1BFC463B15846D4E00A9B, 4ED44C0E22D2843121E4C8A58F97B526BB7D85C0D7A0BB4B1158A970258C791E ] wisvc C:\WINDOWS\system32\flightsettings.dll
23:50:58.0331 0x2164 wisvc - ok
23:50:58.0440 0x2164 [ 0ECFEB0CABA7FEE6E14FAD5D6BF4777E, 7C8F69E1B04B5F7853D18216C91233B7DD53760281B295DA7D23024C0D4B378A ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
23:50:58.0570 0x2164 WlanSvc - ok
23:50:58.0692 0x2164 [ 7A98AF088E0B1A5EB98863B14F493716, 8B2F8D02AC0637C72859AF29C05C01D7D1C81C6A15CBE2D579F27F3254E66076 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
23:50:58.0814 0x2164 wlidsvc - ok
23:50:58.0836 0x2164 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
23:50:58.0873 0x2164 WmiAcpi - ok
23:50:58.0910 0x2164 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:50:58.0938 0x2164 wmiApSrv - ok
23:50:58.0971 0x2164 WMPNetworkSvc - ok
23:50:59.0009 0x2164 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
23:50:59.0058 0x2164 Wof - ok
23:50:59.0200 0x2164 [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
23:50:59.0306 0x2164 workfolderssvc - ok
23:50:59.0334 0x2164 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
23:50:59.0361 0x2164 WPDBusEnum - ok
23:50:59.0400 0x2164 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:50:59.0440 0x2164 WpdUpFltr - ok
23:50:59.0452 0x2164 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
23:50:59.0485 0x2164 WpnService - ok
23:50:59.0510 0x2164 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
23:50:59.0537 0x2164 WpnUserService - ok
23:50:59.0575 0x2164 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:50:59.0629 0x2164 ws2ifsl - ok
23:50:59.0640 0x2164 [ 519806FBCF00A0B17B8E03297DB0F551, 1911EA7168B06DBF3D36833120E4731437BF1ACC294C289B132C50280A40F548 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
23:50:59.0688 0x2164 wscsvc - ok
23:50:59.0694 0x2164 WSearch - ok
23:50:59.0804 0x2164 [ A93273F9EA274B87E76C9FE9A98E169D, E5961AC5DB93B365D04AD6C54CFD54F58CB9851398312CC63D937282265F81A7 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
23:50:59.0932 0x2164 wuauserv - ok
23:50:59.0975 0x2164 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
23:51:00.0009 0x2164 WudfPf - ok
23:51:00.0035 0x2164 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:51:00.0114 0x2164 WUDFRd - ok
23:51:00.0163 0x2164 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
23:51:00.0201 0x2164 wudfsvc - ok
23:51:00.0287 0x2164 [ FD25CA03DE4372B6D3B7584248240D40, 91743D71A25FA0EB10C1C3DA71C534DDF2C4224BB96F081159465EED11B1C468 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
23:51:00.0369 0x2164 WwanSvc - ok
23:51:00.0435 0x2164 [ 89841EAF6C36E0B708BEAC939837AB27, 5B2A521E9C1051DA9D472CE9969E97C4F61A3D315B1C0ABDE01E43D033033268 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
23:51:00.0505 0x2164 XblAuthManager - ok
23:51:00.0616 0x2164 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
23:51:00.0694 0x2164 XblGameSave - ok
23:51:00.0732 0x2164 [ 59335CEA021FB89E07AD5DB5D17F09D0, 33FEFD5798BFA306FBEDCC8F2D0D984B6546A61B5026E921A8AC0466ADF2B698 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
23:51:00.0838 0x2164 xboxgip - ok
23:51:00.0918 0x2164 [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
23:51:00.0999 0x2164 XboxNetApiSvc - ok
23:51:01.0030 0x2164 [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
23:51:01.0090 0x2164 xinputhid - ok
23:51:01.0095 0x2164 ================ Scan global ===============================
23:51:01.0150 0x2164 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
23:51:01.0184 0x2164 [ 1FEF9536BA2779E2F3CB524E34BAC715, 6387C7E2FD538EFD9AC19B622AEC81F6F924576FDAB6F003AF5B6CBD33F6A379 ] C:\WINDOWS\system32\winsrv.dll
23:51:01.0223 0x2164 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
23:51:01.0268 0x2164 [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
23:51:01.0283 0x2164 [ Global ] - ok
23:51:01.0285 0x2164 ================ Scan MBR ==================================
23:51:01.0320 0x2164 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:51:01.0435 0x2164 \Device\Harddisk0\DR0 - ok
23:51:01.0435 0x2164 ================ Scan VBR ==================================
23:51:01.0438 0x2164 [ D531C9284AA9E2B7871B59BE4CF51855 ] \Device\Harddisk0\DR0\Partition1
23:51:01.0439 0x2164 \Device\Harddisk0\DR0\Partition1 - ok
23:51:01.0473 0x2164 [ 494C8CC71311C136DFDA0E9135EF2DC7 ] \Device\Harddisk0\DR0\Partition2
23:51:01.0473 0x2164 \Device\Harddisk0\DR0\Partition2 - ok
23:51:01.0485 0x2164 [ 5C10E07BA5861398232E1EFAFE294A04 ] \Device\Harddisk0\DR0\Partition3
23:51:01.0487 0x2164 \Device\Harddisk0\DR0\Partition3 - ok
23:51:01.0505 0x2164 [ 32DD256CE53AF5E6A789661E229FEDE8 ] \Device\Harddisk0\DR0\Partition4
23:51:01.0507 0x2164 \Device\Harddisk0\DR0\Partition4 - ok
23:51:01.0523 0x2164 [ C8E6D7B0E42A6BAC53B3CB3D3931998B ] \Device\Harddisk0\DR0\Partition5
23:51:01.0526 0x2164 \Device\Harddisk0\DR0\Partition5 - ok
23:51:01.0526 0x2164 ================ Scan generic autorun ======================
23:51:01.0544 0x2164 [ ADEA393B2B49EB25578702F4F5525E93, 8F0AB94BEA3751C566CBFF2F9A29495CCAC029DE3721107BBA892A418FD70581 ] D:\iTunesHelper.exe
23:51:01.0561 0x2164 iTunesHelper - ok
23:51:01.0649 0x2164 [ A98EDFA4B05E29234100101F176AE5C5, C8A402B9FFA1AE63A58EE27A30C78572367F371F6C2138340635E0B495B750A4 ] C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe
23:51:01.0674 0x2164 WebStorage - ok
23:51:02.0041 0x2164 [ 802D3FE2564F4BDB3467FF20364B8A0B, 93432FA3B4B4D3A10B4BB5C31B4334D325E678AB4D7E166CB0C8E33A1B5BBE66 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
23:51:02.0454 0x2164 AvastUI.exe - ok
23:51:02.0486 0x2164 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] D:\Office2007\Office12\GrooveMonitor.exe
23:51:02.0499 0x2164 GrooveMonitor - ok
23:51:02.0891 0x2164 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:51:03.0181 0x2164 OneDriveSetup - ok
23:51:03.0422 0x2164 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:51:03.0693 0x2164 OneDriveSetup - ok
23:51:03.0861 0x2164 [ F9387D080BF8566354CDB0445AB8F87B, 4EE5D4A15E2D3DF578FA0370449C0894166B1B2998B63D9F02A994845350B86A ] C:\Users\Artmeiers\AppData\Local\Microsoft\OneDrive\OneDrive.exe
23:51:03.0897 0x2164 OneDrive - ok
23:51:04.0160 0x2164 [ D1E5E36E4A2C821799FDAA9DE2A0CF89, 7958BAC04FDB3325EB981596DDF3C8379E95206FEF48A045E7C3EA20B28903E4 ] C:\Users\Artmeiers\AppData\Local\Amazon Music\Amazon Music Helper.exe
23:51:04.0352 0x2164 Amazon Music - ok
23:51:04.0456 0x2164 [ CDD7709E77A1E40C7269C0625818E286, 2F142D191E5A6F1215586B2FB80E2CEF4663104A76A2A4CF194B50DEE1969B40 ] D:\GarminExpress\Garmin\Express Tray\ExpressTray.exe
23:51:04.0511 0x2164 GarminExpressTrayApp - ok
23:51:04.0513 0x2164 Waiting for KSN requests completion. In queue: 232
23:51:05.0673 0x2164 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.0 ), 0x60100 ( disabled : updated )
23:51:05.0676 0x2164 AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41000 ( enabled : updated )
23:51:05.0697 0x2164 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 12.3.3154.0 ), 0x40010 ( disabled )
23:51:05.0705 0x2164 Win FW state via NFP2: enabled ( trusted )
23:51:05.0971 0x2164 ============================================================
23:51:05.0971 0x2164 Scan finished
23:51:05.0971 0x2164 ============================================================
23:51:05.0989 0x2544 Detected object count: 0
23:51:05.0989 0x2544 Actual detected object count: 0
Danke schon mal und viele Grüße, Michael |
|
09.09.2016, 20:24
| #7 |
| /// TB-Ausbilder | Microsoft Anruf Servus, bisher siehts gut aus.  Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Bitte poste mit deiner nächsten Antwort
|
|
11.09.2016, 09:52
| #8 |
| | Microsof Hallo Matthias, hört sich gut an. Da bin ich (bis jetzt) wahrscheinlich glimpflich davongekommen... . So, dann das AdwCleaner-File: Code:
ATTFilter # AdwCleaner v6.010 - Bericht erstellt am 11/09/2016 um 10:36:09
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-11.1 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Artmeiers - DESKTOP-ITK1JJ8
# Gestartet von : C:\Users\Artmeiers\Downloads\AdwCleaner_6.010.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default\extensions\anttoolbar@ant.com
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKU\S-1-5-21-909546686-36640154-3940682474-1001\Software\OCS
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1122 Bytes] - [11/09/2016 10:36:09]
C:\AdwCleaner\AdwCleaner[S0].txt - [1483 Bytes] - [11/09/2016 10:32:15]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1268 Bytes] ##########
Und Malwarebytes-Log: |
|
11.09.2016, 10:37
| #9 | ||
| /// TB-Ausbilder | Microsoft Anruf Servus, Zitat:
Zitat:
 |
|
11.09.2016, 11:20
| #10 |
| | Microsoft Anruf Hi, nicht vergessen, musste unbedingt während des Scans weg. Jetzt aber: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 11.09.2016 Suchlaufzeit: 10:58 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.09.11.04 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Artmeiers Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 342029 Abgelaufene Zeit: 15 Min., 44 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Michael |
|
11.09.2016, 11:51
| #11 |
| /// TB-Ausbilder | Microsoft Anruf Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
CMD: dir /B "%ProgramFiles%"
CMD: dir /B "%ProgramFiles(x86)%"
CMD: dir /B "%ProgramData%"
CMD: dir /B "%Appdata%"
CMD: dir /B "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
13.09.2016, 21:35
| #12 |
| | Microsoft Anruf Hi Matthias, komm erst morgen dazu dir die angeforderten Logs zu schicken. Viele Grüße, Michael |
|
14.09.2016, 13:59
| #13 | |
| /// TB-Ausbilder | Microsoft AnrufZitat:
|
|
15.09.2016, 06:06
| #14 |
| | Microsoft Anruf Hi Matthias, hier die Fortsetzung: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016 durchgeführt von Artmeiers (11-09-2016 22:56:06) Run:1 Gestartet von C:\Users\Artmeiers\Desktop Geladene Profile: Artmeiers (Verfügbare Profile: Artmeiers) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** start CloseProcesses: CMD: dir /B "%ProgramFiles%" CMD: dir /B "%ProgramFiles(x86)%" CMD: dir /B "%ProgramData%" CMD: dir /B "%Appdata%" CMD: dir /B "%LocalAppdata%" RemoveProxy: CMD: ipconfig /flushdns CMD: netsh winsock reset EmptyTemp: end ***************** Prozess erfolgreich geschlossen. ========= dir /B "%ProgramFiles%" ========= AVAST Software Bonjour Common Files CyberLink DIFX Intel Intel Security Internet Explorer iPod Microsoft Office MSBuild Realtek Reference Assemblies TrueKey Windows Defender Windows Mail Windows Media Player Windows Multimedia Platform Windows NT Windows Photo Viewer Windows Portable Devices WindowsPowerShell ========= Ende von CMD: ========= ========= dir /B "%ProgramFiles(x86)%" ========= Apple Software Update ASUS bfgclient Bonjour Common Files Cyberlink Dropbox Evernote Foxit Software Garmin Google ICEpower Intel Internet Explorer iTunes Kingsoft Malwarebytes Anti-Malware McAfee Microsoft Microsoft Office Microsoft Visual Studio Microsoft Visual Studio 8 Microsoft Works Microsoft.NET Mozilla Firefox Mozilla Maintenance Service MSBuild Origin Games Qualcomm Atheros Realtek Reference Assemblies TeamViewer WildTangent Games Windows Defender Windows Mail Windows Media Player Windows Multimedia Platform Windows NT Windows Photo Viewer Windows Portable Devices WindowsPowerShell ========= Ende von CMD: ========= ========= dir /B "%ProgramData%" ========= Apple Apple Computer ASUS ASUS Smart Gesture ASUS WebStorage AVAST Software Big Fish Comms CyberLink EA Core EA Logs Electronic Arts Foxit ContentPlatform Garmin install_clap Intel JollyBear Kingsoft Malwarebytes McAfee Microsoft Help Microsoft OneDrive Origin Package Cache Qualcomm Atheros regid.1991-06.com.microsoft SetupTPDriver SoftwareDistribution Temp TrueKey USBChargerPlus USOPrivate USOShared WebStorage WildTangent ========= Ende von CMD: ========= ========= dir /B "%Appdata%" ========= Adobe Apple Computer AVAST Software awsRun DropboxOEM Eipix EleFun Games Elephant Games ERS Game Studios Foxit Software Garmin Kingsoft Macromedia Mozilla MysteryTag Origin sp_data.sys TeamViewer Vendel-GAMES vlc WebStorage WildWestChase Winamp ========= Ende von CMD: ========= ========= dir /B "%LocalAppdata%" ========= ActiveSync Adobe Amazon Music Apple Apple Computer Big Fish CEF Comms ConnectedDevicesPlatform Diagnostics DropboxOEM ElevatedDiagnostics Foxit Reader Garmin_Ltd._or_its_subsid Google JollyBear Kingsoft Macromedia Microsoft Microsoft Help MicrosoftEdge Mozilla NetworkTiles Origin Packages PackageStaging Programs Publishers Temp TileDataLayer tkdata VirtualStore ========= Ende von CMD: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt HKU\S-1-5-21-909546686-36640154-3940682474-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-909546686-36640154-3940682474-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt ========= Ende von RemoveProxy: ========= ========= ipconfig /flushdns ========= Windows-IP-Konfiguration Der DNS-Aufl”sungscache wurde geleert. ========= Ende von CMD: ========= ========= netsh winsock reset ========= Der Winsock-Katalog wurde zurckgesetzt. Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen. ========= Ende von CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 2787168 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16940149 B Java, Flash, Steam htmlcache => 725 B Windows/system/drivers => 821350 B Edge => 1616456 B Chrome => 0 B Firefox => 24878569 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 112308 B NetworkService => 0 B Artmeiers => 23238012 B RecycleBin => 0 B EmptyTemp: => 67.1 MB temporäre Dateien entfernt. ================================ Das System musste neu gestartet werden. ==== Ende von Fixlog 22:57:00 ==== Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de2d058f80c794f838d9e2bc2e247a9
# end=init
# utc_time=2016-09-11 09:07:31
# local_time=2016-09-11 11:07:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 30721
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de2d058f80c794f838d9e2bc2e247a9
# end=updated
# utc_time=2016-09-11 09:13:25
# local_time=2016-09-11 11:13:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3de2d058f80c794f838d9e2bc2e247a9
# engine=30721
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-09-12 06:27:37
# local_time=2016-09-12 08:27:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=787 16777213 83 86 117164 15538858 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4995406 5035473 0 0
# scanned=60932
# found=2
# cleaned=0
# scan_time=76452
sh=DCCD669A6BE90FDFAECD1C31BA657B66F7A139E8 ft=1 fh=c018004a9112bec8 vn="Variante von Win32/KingSoft.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe"
sh=F091ACC5BF388B3981A707BD8BE454A2EC916BA4 ft=1 fh=dda5d3f6c2cdd214 vn="Variante von Win32/KingSoft.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de2d058f80c794f838d9e2bc2e247a9
# end=init
# utc_time=2016-09-14 08:18:50
# local_time=2016-09-14 10:18:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 30755
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3de2d058f80c794f838d9e2bc2e247a9
# end=updated
# utc_time=2016-09-14 08:21:18
# local_time=2016-09-14 10:21:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3de2d058f80c794f838d9e2bc2e247a9
# engine=30755
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-09-14 10:55:28
# local_time=2016-09-15 12:55:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=787 16777213 83 86 188547 15727729 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 5184277 5224344 0 0
# scanned=387699
# found=5
# cleaned=0
# scan_time=9249
sh=DCCD669A6BE90FDFAECD1C31BA657B66F7A139E8 ft=1 fh=c018004a9112bec8 vn="Variante von Win32/KingSoft.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe"
sh=F091ACC5BF388B3981A707BD8BE454A2EC916BA4 ft=1 fh=dda5d3f6c2cdd214 vn="Variante von Win32/KingSoft.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe"
sh=06B869F8862ADFC3E4F5B1DC28865890C8146C68 ft=1 fh=9df3014893f18df3 vn="Variante von Win32/KingSoft.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Artmeiers\AppData\Roaming\Kingsoft\office6\update\down\wpsupdate.exe"
sh=EF56314198E146F3DB5E38B07BC0FD15AB377793 ft=1 fh=28714f4a96953adb vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Artmeiers\Downloads\Foxit Reader Deutsch - CHIP-Installer.exe"
sh=C1C66AA7FFD537DF1720DD63E3BE4E009B0793F2 ft=1 fh=c25b5c4dff3942af vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Artmeiers\AppData\Local\Temp\DMR\dmr_72.exe"
Code:
ATTFilter
|
|
15.09.2016, 06:07
| #15 |
| | Microsoft Anruf FRST-Log Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2016
durchgeführt von Artmeiers (Administrator) auf DESKTOP-ITK1JJ8 (15-09-2016 06:58:01)
Gestartet von C:\Users\Artmeiers\Desktop
Geladene Profile: Artmeiers (Verfügbare Profile: Artmeiers)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Garmin Ltd. or its subsidiaries) D:\GarminExpress\Garmin\Device Interaction Service\GarminService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) D:\iTunesHelper.exe
(Garmin Ltd. or its subsidiaries) D:\GarminExpress\Garmin\Express Tray\ExpressTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.11.7293.0_x64__8wekyb3d8bbwe\Solitaire.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11607.1001.51.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.82_none_5be7b69702339d1d\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => D:\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-01] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => D:\Office2007\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Run: [Amazon Music] => C:\Users\Artmeiers\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-12-15] ()
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Run: [GarminExpressTrayApp] => D:\GarminExpress\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => D:\GarminExpress\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-01] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-12-08]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{438db259-fafd-4446-a9a3-6612fee28844}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{7887f3a1-fb37-41cb-87e4-d8fdbce38193}: [DhcpNameServer] 192.168.32.1
Tcpip\..\Interfaces\{ec996c7e-bdc3-40c6-9b57-6ac17fe0f8a1}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-909546686-36640154-3940682474-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-909546686-36640154-3940682474-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-909546686-36640154-3940682474-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-08-09] (Intel Security)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Office2007\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-08-09] (Intel Security)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Office2007\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-02] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-02] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF SearchPlugin: C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default\searchplugins\McSiteAdvisor.xml [2016-03-21]
FF Extension: (Mailvelope) - C:\Users\Artmeiers\AppData\Roaming\Mozilla\Firefox\Profiles\nr24x66z.default\Extensions\jid1-AQqSMBYb0a8ADg@jetpack.xpi [2016-09-12]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-01]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-01] (AVAST Software)
R2 esifsvc; C:\Windows\SysWoW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 Garmin Device Interaction Service; D:\GarminExpress\Garmin\Device Interaction Service\GarminService.exe [928272 2016-08-31] (Garmin Ltd. or its subsidiaries)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3036312 2016-07-28] (Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
S3 Microsoft Office Groove Audit Service; D:\Office2007\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2120712 2016-04-30] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-26] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [920616 2016-08-08] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-08-08] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-08-08] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-01] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-01] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-01] (AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-01] (AVAST Software)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50696 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-15 06:57 - 2016-09-15 06:57 - 00000000 ____D C:\Users\Artmeiers\Desktop\FRST-OlderVersion
2016-09-15 06:39 - 2016-09-15 06:55 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-15 06:30 - 2016-09-15 06:39 - 11572656 _____ (SurfRight B.V.) C:\Users\Artmeiers\Downloads\HitmanPro_x64.exe
2016-09-14 20:44 - 2016-09-14 20:44 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\3DCB5A7E-A0F2-48DD-99DD-E191B935316B.aplzod
2016-09-14 20:43 - 2016-09-14 20:43 - 00000000 ___RD C:\Users\Artmeiers\iCloudDrive
2016-09-14 20:43 - 2016-09-14 20:43 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2016-09-14 20:43 - 2016-09-14 20:43 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Apple Inc
2016-09-13 23:38 - 2016-09-13 23:38 - 00001390 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-09-13 23:38 - 2016-09-13 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-13 23:38 - 2016-09-13 23:38 - 00000000 ____D C:\Program Files\iPod
2016-09-13 23:15 - 2016-09-13 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-09-12 21:21 - 2016-09-12 21:21 - 00001692 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2016-09-12 21:21 - 2016-09-12 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-09-11 23:05 - 2016-09-11 23:05 - 00000000 ____D C:\Program Files (x86)\ESET
2016-09-11 23:03 - 2016-09-11 23:05 - 02870984 _____ (ESET) C:\Users\Artmeiers\Desktop\esetsmartinstaller_deu.exe
2016-09-11 22:56 - 2016-09-11 22:57 - 00004967 _____ C:\Users\Artmeiers\Desktop\Fixlog.txt
2016-09-11 12:15 - 2016-09-11 12:15 - 00001200 _____ C:\Users\Artmeiers\Desktop\mbam.txt
2016-09-11 12:14 - 2016-09-11 12:14 - 00001200 _____ C:\mbam.txt
2016-09-11 10:54 - 2016-09-11 12:12 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-11 10:54 - 2016-09-11 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-09-11 10:54 - 2016-09-11 10:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-11 10:54 - 2016-09-11 10:54 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-09-11 10:54 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-11 10:54 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-11 10:54 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-11 10:28 - 2016-09-11 10:36 - 00000000 ____D C:\AdwCleaner
2016-09-11 10:26 - 2016-09-11 10:53 - 22851472 _____ (Malwarebytes ) C:\Users\Artmeiers\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-11 10:26 - 2016-09-11 10:28 - 03826240 _____ C:\Users\Artmeiers\Desktop\AdwCleaner_6.010.exe
2016-09-08 23:49 - 2016-09-09 00:15 - 00264338 _____ C:\TDSSKiller.3.1.0.11_08.09.2016_23.49.10_log.txt
2016-09-08 23:47 - 2016-09-08 23:48 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Artmeiers\Desktop\tdsskiller.exe
2016-09-08 23:39 - 2016-09-08 23:41 - 00037095 _____ C:\Users\Artmeiers\Desktop\Addition.txt
2016-09-08 23:38 - 2016-09-15 06:58 - 00019946 _____ C:\Users\Artmeiers\Desktop\FRST.txt
2016-09-08 21:38 - 2016-09-08 21:38 - 00001282 _____ C:\Users\Public\Desktop\More Great Games.lnk
2016-09-08 14:47 - 2016-09-08 14:47 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Foxit Reader
2016-09-08 14:33 - 2016-09-08 14:33 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-08 14:30 - 2016-09-08 14:30 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\PackageStaging
2016-09-08 14:28 - 2016-09-08 20:19 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\ConnectedDevicesPlatform
2016-09-08 14:28 - 2016-09-08 14:28 - 00000020 ___SH C:\Users\Artmeiers\ntuser.ini
2016-09-08 14:28 - 2016-09-08 14:28 - 00000000 ____D C:\ProgramData\USOShared
2016-09-08 14:16 - 2016-09-08 14:03 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-08 14:13 - 2016-09-08 14:13 - 00000000 ____D C:\Windows.old
2016-09-08 14:12 - 2016-09-08 14:12 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-08 14:12 - 2016-09-08 14:12 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-08 14:12 - 2016-09-08 14:12 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-08 14:12 - 2016-09-08 14:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-08 14:12 - 2016-09-08 14:12 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-08 14:12 - 2016-09-08 14:12 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-08 14:12 - 2016-09-08 14:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-08 14:12 - 2016-09-08 14:12 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-08 14:12 - 2016-09-08 14:12 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-08 14:12 - 2016-09-08 14:12 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-08 14:12 - 2016-09-08 14:12 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-08 14:12 - 2016-09-08 14:12 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-08 14:12 - 2016-09-08 14:12 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-08 14:12 - 2016-09-08 14:12 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-08 14:12 - 2016-09-08 14:12 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-08 14:07 - 2016-09-08 14:07 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-08 14:05 - 2016-09-08 14:05 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-08 14:05 - 2016-09-08 14:05 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-08 14:05 - 2016-09-08 14:05 - 00000000 ____D C:\Program Files\MSBuild
2016-09-08 14:05 - 2016-09-08 14:05 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-08 14:05 - 2016-09-08 13:36 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-08 14:04 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-08 14:04 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-08 14:04 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-08 14:04 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-08 14:04 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-08 14:04 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-08 14:03 - 2016-09-08 14:03 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-09-08 14:03 - 2016-09-08 14:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-09-08 13:56 - 2016-09-08 14:02 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-08 13:56 - 2016-09-08 14:02 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-08 13:44 - 2016-09-14 20:45 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-09-08 13:44 - 2016-09-14 20:45 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-09-08 13:44 - 2016-09-12 21:21 - 00003612 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-09-08 13:44 - 2016-09-11 22:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-08 13:44 - 2016-09-08 13:45 - 00003316 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2FD2E94E-3865-46F7-A852-BF16F96D6D95}
2016-09-08 13:44 - 2016-09-08 13:45 - 00003000 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_Administrator
2016-09-08 13:44 - 2016-09-08 13:45 - 00003000 _____ C:\WINDOWS\System32\Tasks\WpsNotifyTask_Administrator
2016-09-08 13:44 - 2016-09-08 13:45 - 00002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2016-09-08 13:44 - 2016-09-08 13:45 - 00002896 _____ C:\WINDOWS\System32\Tasks\WpsNotifyTask_Artmeiers
2016-09-08 13:44 - 2016-09-08 13:44 - 00003390 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1461011943
2016-09-08 13:44 - 2016-09-08 13:44 - 00003158 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-09-08 13:44 - 2016-09-08 13:44 - 00003132 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2016-09-08 13:44 - 2016-09-08 13:44 - 00002968 _____ C:\WINDOWS\System32\Tasks\Update Checker
2016-09-08 13:44 - 2016-09-08 13:44 - 00002896 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_Artmeiers
2016-09-08 13:44 - 2016-09-08 13:44 - 00002862 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-09-08 13:44 - 2016-09-08 13:44 - 00002466 _____ C:\WINDOWS\System32\Tasks\Amazon Music Helper
2016-09-08 13:44 - 2016-09-08 13:44 - 00002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2016-09-08 13:44 - 2016-09-08 13:44 - 00002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-09-08 13:44 - 2016-09-08 13:44 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2016-09-08 13:44 - 2016-09-08 13:44 - 00002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2016-09-08 13:44 - 2016-09-08 13:44 - 00002214 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2016-09-08 13:44 - 2016-09-08 13:44 - 00002172 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2016-09-08 13:44 - 2016-09-08 13:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2016-09-08 13:33 - 2016-09-08 13:33 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-08 13:33 - 2016-09-08 13:33 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-09-08 13:33 - 2016-09-08 13:33 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-09-08 13:28 - 2016-09-08 13:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-08 13:25 - 2016-09-14 20:43 - 00000000 ____D C:\Users\Artmeiers
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Vorlagen
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Startmenü
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Netzwerkumgebung
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Lokale Einstellungen
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Eigene Dateien
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Druckumgebung
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Documents\Eigene Videos
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Documents\Eigene Musik
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Documents\Eigene Bilder
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\AppData\Local\Verlauf
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\AppData\Local\Anwendungsdaten
2016-09-08 13:25 - 2016-09-08 13:25 - 00000000 _SHDL C:\Users\Artmeiers\Anwendungsdaten
2016-09-08 13:21 - 2016-09-14 20:39 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-08 13:21 - 2016-09-08 13:21 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-09-08 13:21 - 2016-09-08 13:21 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-09-08 13:21 - 2016-09-08 13:21 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-08 13:21 - 2016-09-08 13:21 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-08 13:21 - 2016-09-08 13:21 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-09-08 13:21 - 2016-09-08 13:21 - 00000000 ____D C:\Program Files\Realtek
2016-09-08 13:21 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-08 13:20 - 2016-09-08 13:28 - 00000000 ____D C:\Program Files\Intel
2016-09-08 13:20 - 2016-09-08 13:20 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2016-09-08 13:20 - 2016-05-27 15:50 - 00104584 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-09-08 13:20 - 2016-05-27 15:50 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-09-08 13:19 - 2016-09-08 13:28 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-08 13:19 - 2016-09-08 13:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2016-09-08 13:18 - 2016-09-15 06:54 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-08 13:18 - 2016-09-11 10:37 - 00350472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-08 13:18 - 2016-09-08 13:18 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-06 23:23 - 2016-09-08 22:22 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\Elephant Games
2016-09-06 21:58 - 2016-09-07 22:32 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\Eipix
2016-09-06 21:04 - 2016-09-08 20:50 - 00237568 _____ (Big Fish Games) C:\Users\Artmeiers\Downloads\mystery-trackers-train-to-hellswich-ce_s1_l1_gF11534T1L1_d2646484960.exe
2016-09-01 15:55 - 2016-09-01 15:56 - 00037054 _____ C:\Users\Artmeiers\Downloads\Addition.txt
2016-09-01 15:52 - 2016-09-15 06:58 - 00000000 ____D C:\FRST
2016-09-01 15:52 - 2016-09-15 06:57 - 02398720 _____ (Farbar) C:\Users\Artmeiers\Desktop\FRST64.exe
2016-09-01 15:52 - 2016-09-01 15:56 - 00043667 _____ C:\Users\Artmeiers\Downloads\FRST.txt
2016-09-01 15:33 - 2016-09-01 15:33 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-09-01 15:33 - 2016-09-01 15:33 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-09-01 13:35 - 2016-09-01 16:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-09-01 13:35 - 2016-09-01 14:02 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\TeamViewer
2016-08-25 18:29 - 2016-08-25 18:29 - 00053848 _____ C:\Users\Artmeiers\Downloads\Seenrunde.gpx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-15 03:34 - 2016-03-17 01:07 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-09-15 01:09 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-15 01:07 - 2016-01-06 12:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-15 01:02 - 2016-01-06 12:34 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-15 00:14 - 2016-01-05 13:36 - 00000165 _____ C:\Users\Artmeiers\AppData\Roaming\sp_data.sys
2016-09-14 20:43 - 2016-05-26 14:55 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\Apple Computer
2016-09-14 20:40 - 2016-02-21 10:39 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-09-14 20:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-14 20:39 - 2016-01-05 13:36 - 00000000 __SHD C:\Users\Artmeiers\IntelGraphicsProfiles
2016-09-13 23:38 - 2016-05-26 14:49 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-13 23:15 - 2016-05-26 14:55 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Apple Computer
2016-09-13 18:14 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-12 21:22 - 2015-12-08 13:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-11 22:57 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-11 22:56 - 2016-03-02 20:57 - 00000000 ____D C:\Users\Artmeiers\AppData\LocalLow\Temp
2016-09-11 16:44 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-11 10:42 - 2016-07-17 00:51 - 00486884 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-11 10:42 - 2016-07-17 00:51 - 00085912 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-11 10:42 - 2015-08-18 07:20 - 01448270 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-11 09:50 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-09 00:32 - 2016-04-30 00:39 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\vlc
2016-09-08 23:33 - 2015-08-18 07:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-08 23:32 - 2015-12-08 14:08 - 00000000 ____D C:\ProgramData\Temp
2016-09-08 20:22 - 2016-01-05 13:36 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Packages
2016-09-08 14:35 - 2016-01-05 13:40 - 00002393 _____ C:\Users\Artmeiers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-08 14:35 - 2016-01-05 13:40 - 00000000 ___RD C:\Users\Artmeiers\OneDrive
2016-09-08 14:29 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-08 14:28 - 2015-12-08 13:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-08 14:16 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-08 14:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-08 14:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-08 14:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-08 14:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-08 14:03 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-09-08 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-08 13:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-08 13:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-08 13:45 - 2016-01-14 22:20 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-08 13:43 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-08 13:36 - 2016-07-10 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-09-08 13:36 - 2016-05-13 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2016-09-08 13:36 - 2016-05-09 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-09-08 13:36 - 2016-04-09 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-09-08 13:36 - 2016-01-08 01:40 - 00000000 ____D C:\Users\Artmeiers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2016-09-08 13:36 - 2015-12-08 14:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 5
2016-09-08 13:36 - 2015-12-08 14:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2016-09-08 13:36 - 2015-12-08 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-09-08 13:36 - 2015-12-08 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2016-09-08 13:36 - 2015-10-30 20:44 - 00000000 ____D C:\WINDOWS\ShellNew
2016-09-08 13:36 - 2015-08-18 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2016-09-08 13:36 - 2015-08-18 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB
2016-09-08 13:36 - 2015-08-18 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-09-08 13:33 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-08 13:33 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-08 13:30 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-09-08 13:30 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-09-08 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-08 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-08 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-08 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-08 13:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-08 13:28 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-08 13:28 - 2015-12-08 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2016-09-08 13:28 - 2015-08-18 07:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2016-09-08 13:24 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-08 13:22 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-08 13:22 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-08 13:22 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-08 02:48 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-08 02:48 - 2016-01-13 15:59 - 00000416 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Artmeiers.job
2016-09-07 23:45 - 2016-01-13 15:59 - 00000416 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Artmeiers.job
2016-09-07 23:00 - 2015-08-18 07:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job
2016-09-07 22:57 - 2015-08-18 07:29 - 00000424 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job
2016-09-07 18:32 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-02 19:35 - 2015-08-18 07:27 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-09-01 16:00 - 2016-05-12 21:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-01 16:00 - 2016-01-05 13:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-01 15:59 - 2016-05-09 19:10 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Microsoft Help
2016-09-01 15:47 - 2016-06-06 17:43 - 00000000 __RHD C:\MSOCache
2016-09-01 15:40 - 2016-04-18 22:39 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-09-01 15:33 - 2016-03-17 01:07 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-09-01 15:33 - 2016-03-17 01:07 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-09-01 15:32 - 2016-04-17 17:54 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-09-01 15:32 - 2016-03-17 01:07 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.147390325290601
2016-09-01 15:14 - 2016-07-10 21:10 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Pro Antivirus.lnk
2016-09-01 15:14 - 2016-07-10 21:10 - 00001969 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2016-08-28 20:56 - 2016-01-06 13:10 - 00000000 ____D C:\Users\Artmeiers\AppData\Local\Comms
2016-08-16 11:43 - 2016-04-16 20:37 - 00000000 ____D C:\Users\Artmeiers\Downloads\Ant Videos
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-01-05 13:36 - 2016-09-15 00:14 - 0000165 _____ () C:\Users\Artmeiers\AppData\Roaming\sp_data.sys
2016-09-08 13:21 - 2016-09-08 13:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-08 13:17
==================== Ende von FRST.txt ============================
|
|
| Themen zu Microsoft Anruf |
| antivirus, avast, bonjour, computer, cpu, defender, downloader, excel, firefox, flash player, home, installation, karte, microsoft anruf, microsoft anruf support syskey, microsoft-anruf, mozilla, performance, prozesse, realtek, registry, scan, security, services.exe, software, svchost.exe, temp, windows, windowsapps |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
