startfenster und sm.de über vlc-player eingefangen

Meinersein · 15.11.2016, 12:37

Hallo,

ich habe dummerweise gestern auf eine update-Nachricht vom VLC-Player reagiert, ohne richtig hinzuschauen. Habe auch leider nicht "benutzerdefinierte Instalation" genutzt.
Mittels AdwCleaner konnte ich zwar "startfenster" deinstallieren, aber wenn ich im Mozilla-firefox-Browser eine Sucheanfrgae eingebe öffnet sich immer "sm.de". Kann das nicht deinstallieren.
Folgendes habe ich erfolglos ausprobiert / durchgeführt:

- scan mit AdwCleaner (5 x was von Startfenster sowie 3 andere Bedrohungen gefunden und gelöscht, www.sm.de erscheint trotzdem weiterhin)
- Wiederherstellung (war vom 11.11.2016)
- VLC-Player und VLC-Player-updaterdeinstallert

Hoffe mir kann geholfen werden.

cosinus · 15.11.2016, 14:58

Hi,

mal ein paar Fragen:

1. war der VLC-Player überhaupt installiert bei dir als du die Nachricht bekommen hast?
2. falls ja, wo wo hast du das Setup vom Player geladen?

Meinersein · 15.11.2016, 15:07

Ja, ich hatte den VLC-Player bereits auf dem Rechner. Weiss jetzt aber nicht wie lange bereits und wo ich den geladen hatte.

Ach ja, falls es wichtig ist. Habe Windows 10 Pro auf dem Rechner.

cosinus · 15.11.2016, 15:18

Hm schade, das hätte meine Theorie vllt untermauert. Aber egal.

+++ WICHTIGER HINWEIS +++

Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?

Meinersein · 15.11.2016, 15:19

Habe ich verstanden

cosinus · 15.11.2016, 15:20

ok

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Meinersein · 15.11.2016, 15:34

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
durchgeführt von MeinerSeiner (Administrator) auf DESKTOP-7LQ7CIL (15-11-2016 15:31:35)
Gestartet von C:\Users\MeinerSeiner\Desktop
Geladene Profile: MeinerSeiner (Verfügbare Profile: MeinerSeiner)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Polar Electro Oy) D:\Programme\Polar\Polar FlowSync\flowsync.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [706440 2015-09-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
HKU\S-1-5-21-913094260-803212928-734770114-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-913094260-803212928-734770114-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-913094260-803212928-734770114-1001\...\Run: [Polar FlowSync] => D:\Programme\Polar\Polar FlowSync\flowsync.exe [1191936 2015-11-19] (Polar Electro Oy)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4f2bd161-d76a-41c3-9d90-3945929c9850}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: mah7mhtg.default
FF ProfilePath: C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default [2016-11-15]
FF Extension: (Startfenster.de) - C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default\Extensions\1@startfenster.de.xpi [2016-11-14]
FF Extension: (NoScript) - C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-10]
FF Extension: (WOT) - C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-07-26]
FF Extension: (Video DownloadHelper) - C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11]
FF Extension: (Adblock Plus) - C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-29]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\Mediathek\Videos\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104840 2015-09-24] (Alps Electric Co., Ltd.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-02] ()
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [4072264 2016-09-30] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3286120 2016-09-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [391144 2016-11-11] ()
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2016-10-12] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [37400 2016-10-12] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [30280 2016-10-12] (G DATA Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [274400 2016-10-12] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [105544 2016-10-12] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2016-10-12] (G DATA Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [116296 2016-10-17] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [153160 2016-10-12] (G Data Software AG)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_33c9216502148e52\nvlddmkm.sys [14159928 2016-10-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-17] (NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-15 15:31 - 2016-11-15 15:31 - 00011916 _____ C:\Users\MeinerSeiner\Desktop\FRST.txt
2016-11-15 15:31 - 2016-11-15 15:31 - 00000000 ____D C:\FRST
2016-11-15 15:30 - 2016-11-15 15:31 - 02411520 _____ (Farbar) C:\Users\MeinerSeiner\Desktop\FRST64.exe
2016-11-15 11:38 - 2016-11-15 11:39 - 03910208 _____ C:\Users\MeinerSeiner\Desktop\AdwCleaner_6.030.exe
2016-11-15 11:27 - 2016-11-15 11:27 - 00001481 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-11-15 11:27 - 2016-11-15 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-15 11:27 - 2016-11-15 11:27 - 00000000 ____D C:\Program Files\iPod
2016-11-15 02:38 - 2016-11-15 02:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-15 02:28 - 2016-11-15 02:28 - 00000000 _____ C:\autoexec.bat
2016-11-15 02:21 - 2016-11-15 12:46 - 00000000 ____D C:\AdwCleaner
2016-10-29 20:44 - 2016-10-29 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-10-28 16:44 - 2016-10-28 16:44 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-28 16:44 - 2016-10-25 21:17 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-28 16:44 - 2016-10-24 07:31 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-28 16:44 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-10-28 16:44 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-10-28 16:44 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-10-28 16:44 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-10-28 16:43 - 2016-10-25 21:13 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-28 16:38 - 2016-10-26 23:17 - 00048704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-10-28 16:38 - 2016-10-25 22:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-28 16:38 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-28 16:38 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-27 19:59 - 2016-10-15 06:11 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-27 19:59 - 2016-10-15 05:51 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-27 19:59 - 2016-10-15 05:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-27 19:59 - 2016-10-15 05:48 - 07817568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-27 19:59 - 2016-10-15 05:48 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-27 19:59 - 2016-10-15 05:48 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-27 19:59 - 2016-10-15 05:48 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-27 19:59 - 2016-10-15 05:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-27 19:59 - 2016-10-15 05:47 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-27 19:59 - 2016-10-15 05:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-27 19:59 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-27 19:59 - 2016-10-15 05:32 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-27 19:59 - 2016-10-15 05:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-27 19:59 - 2016-10-15 05:26 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-27 19:59 - 2016-10-15 05:22 - 01608896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-10-27 19:59 - 2016-10-15 05:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-27 19:59 - 2016-10-15 05:22 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-27 19:59 - 2016-10-15 05:22 - 00628040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-27 19:59 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-27 19:59 - 2016-10-15 05:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-27 19:59 - 2016-10-15 05:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-10-27 19:59 - 2016-10-15 05:15 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-27 19:59 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-27 19:59 - 2016-10-15 05:11 - 01424488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-10-27 19:59 - 2016-10-15 05:11 - 01263848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-27 19:59 - 2016-10-15 05:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-27 19:59 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-27 19:59 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-27 19:59 - 2016-10-15 04:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-27 19:59 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-27 19:59 - 2016-10-15 04:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-27 19:59 - 2016-10-15 04:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-27 19:59 - 2016-10-15 04:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-27 19:59 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-27 19:59 - 2016-10-15 04:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-27 19:59 - 2016-10-15 04:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-27 19:59 - 2016-10-15 04:55 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-10-27 19:59 - 2016-10-15 04:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-27 19:59 - 2016-10-15 04:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-27 19:59 - 2016-10-15 04:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-27 19:59 - 2016-10-15 04:54 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-27 19:59 - 2016-10-15 04:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-27 19:59 - 2016-10-15 04:54 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-27 19:59 - 2016-10-15 04:54 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-27 19:59 - 2016-10-15 04:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-27 19:59 - 2016-10-15 04:53 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-27 19:59 - 2016-10-15 04:53 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-27 19:59 - 2016-10-15 04:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-27 19:59 - 2016-10-15 04:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-27 19:59 - 2016-10-15 04:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-27 19:59 - 2016-10-15 04:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-27 19:59 - 2016-10-15 04:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-27 19:59 - 2016-10-15 04:52 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-10-27 19:59 - 2016-10-15 04:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-27 19:59 - 2016-10-15 04:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-27 19:59 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-27 19:59 - 2016-10-15 04:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-27 19:59 - 2016-10-15 04:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-27 19:59 - 2016-10-15 04:50 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-10-27 19:59 - 2016-10-15 04:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-27 19:59 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-27 19:59 - 2016-10-15 04:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-27 19:59 - 2016-10-15 04:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-27 19:59 - 2016-10-15 04:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-27 19:59 - 2016-10-15 04:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-27 19:59 - 2016-10-15 04:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-27 19:59 - 2016-10-15 04:48 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-27 19:59 - 2016-10-15 04:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-27 19:59 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-27 19:59 - 2016-10-15 04:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-27 19:59 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-27 19:59 - 2016-10-15 04:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-27 19:59 - 2016-10-15 04:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-27 19:59 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 19:59 - 2016-10-15 04:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-27 19:59 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-27 19:59 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 19:59 - 2016-10-15 04:44 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-10-27 19:59 - 2016-10-15 04:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-27 19:59 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-27 19:59 - 2016-10-15 04:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-27 19:59 - 2016-10-15 04:40 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-27 19:59 - 2016-10-15 04:40 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-10-27 19:59 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-27 19:59 - 2016-10-15 04:37 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-27 19:59 - 2016-10-15 04:37 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-10-27 19:59 - 2016-10-15 04:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-27 19:59 - 2016-10-15 04:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-27 19:59 - 2016-10-15 04:36 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-27 19:59 - 2016-10-15 04:36 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 02999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-27 19:59 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-27 19:59 - 2016-10-15 04:34 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-27 19:59 - 2016-10-15 04:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-27 19:59 - 2016-09-10 14:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-27 19:59 - 2016-08-27 06:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-27 19:58 - 2016-10-15 05:51 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-27 19:58 - 2016-10-15 05:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-27 19:58 - 2016-10-15 05:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-27 19:58 - 2016-10-15 05:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-27 19:58 - 2016-10-15 05:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-27 19:58 - 2016-10-15 05:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-27 19:58 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-27 19:58 - 2016-10-15 05:32 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-27 19:58 - 2016-10-15 05:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-27 19:58 - 2016-10-15 05:31 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-27 19:58 - 2016-10-15 05:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-27 19:58 - 2016-10-15 05:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-27 19:58 - 2016-10-15 05:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-27 19:58 - 2016-10-15 05:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-27 19:58 - 2016-10-15 05:30 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-27 19:58 - 2016-10-15 05:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-27 19:58 - 2016-10-15 05:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-27 19:58 - 2016-10-15 05:30 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-27 19:58 - 2016-10-15 05:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-27 19:58 - 2016-10-15 05:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-27 19:58 - 2016-10-15 05:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-27 19:58 - 2016-10-15 05:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-27 19:58 - 2016-10-15 05:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-27 19:58 - 2016-10-15 05:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-27 19:58 - 2016-10-15 05:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-27 19:58 - 2016-10-15 05:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-10-27 19:58 - 2016-10-15 05:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-27 19:58 - 2016-10-15 05:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-27 19:58 - 2016-10-15 05:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-27 19:58 - 2016-10-15 05:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-27 19:58 - 2016-10-15 05:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-27 19:58 - 2016-10-15 05:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-27 19:58 - 2016-10-15 05:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-27 19:58 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-27 19:58 - 2016-10-15 05:19 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-27 19:58 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-27 19:58 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-27 19:58 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-27 19:58 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-27 19:58 - 2016-10-15 05:14 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-27 19:58 - 2016-10-15 05:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-27 19:58 - 2016-10-15 05:11 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-27 19:58 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-27 19:58 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-27 19:58 - 2016-10-15 05:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-27 19:58 - 2016-10-15 05:02 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-27 19:58 - 2016-10-15 05:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-27 19:58 - 2016-10-15 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-27 19:58 - 2016-10-15 04:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-27 19:58 - 2016-10-15 04:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-27 19:58 - 2016-10-15 04:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-10-27 19:58 - 2016-10-15 04:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-27 19:58 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-27 19:58 - 2016-10-15 04:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-27 19:58 - 2016-10-15 04:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-27 19:58 - 2016-10-15 04:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-27 19:58 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-27 19:58 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-27 19:58 - 2016-10-15 04:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-27 19:58 - 2016-10-15 04:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-27 19:58 - 2016-10-15 04:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-27 19:58 - 2016-10-15 04:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-27 19:58 - 2016-10-15 04:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-27 19:58 - 2016-10-15 04:55 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-10-27 19:58 - 2016-10-15 04:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-27 19:58 - 2016-10-15 04:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-27 19:58 - 2016-10-15 04:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-27 19:58 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-27 19:58 - 2016-10-15 04:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-27 19:58 - 2016-10-15 04:53 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-27 19:58 - 2016-10-15 04:53 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-10-27 19:58 - 2016-10-15 04:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-27 19:58 - 2016-10-15 04:53 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-27 19:58 - 2016-10-15 04:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-27 19:58 - 2016-10-15 04:51 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-27 19:58 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-27 19:58 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-27 19:58 - 2016-10-15 04:49 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-27 19:58 - 2016-10-15 04:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-10-27 19:58 - 2016-10-15 04:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-27 19:58 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-27 19:58 - 2016-10-15 04:48 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-27 19:58 - 2016-10-15 04:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-27 19:58 - 2016-10-15 04:47 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-27 19:58 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-27 19:58 - 2016-10-15 04:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 19:58 - 2016-10-15 04:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-27 19:58 - 2016-10-15 04:46 - 19418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-27 19:58 - 2016-10-15 04:46 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-27 19:58 - 2016-10-15 04:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 19:58 - 2016-10-15 04:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-10-27 19:58 - 2016-10-15 04:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-27 19:58 - 2016-10-15 04:45 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-27 19:58 - 2016-10-15 04:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 19:58 - 2016-10-15 04:45 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-27 19:58 - 2016-10-15 04:44 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-27 19:58 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-27 19:58 - 2016-10-15 04:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-27 19:58 - 2016-10-15 04:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-27 19:58 - 2016-10-15 04:42 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-27 19:58 - 2016-10-15 04:42 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-27 19:58 - 2016-10-15 04:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-27 19:58 - 2016-10-15 04:42 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-27 19:58 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-27 19:58 - 2016-10-15 04:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-27 19:58 - 2016-10-15 04:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-27 19:58 - 2016-10-15 04:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-27 19:58 - 2016-10-15 04:40 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-10-27 19:58 - 2016-10-15 04:38 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-27 19:58 - 2016-10-15 04:38 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-27 19:58 - 2016-10-15 04:36 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 02670592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-27 19:58 - 2016-10-15 04:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-10-27 19:58 - 2016-10-15 04:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-27 19:58 - 2016-10-15 04:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-27 19:58 - 2016-10-15 04:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-27 19:58 - 2016-10-15 04:34 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-27 19:58 - 2016-10-15 04:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-27 19:58 - 2016-10-15 04:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-27 19:58 - 2016-08-06 05:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-21 13:37 - 2016-10-21 20:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-15 15:06 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-11-15 15:05 - 2016-09-28 16:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-15 14:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-15 14:24 - 2016-07-26 10:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-15 14:23 - 2016-07-26 10:35 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-15 12:53 - 2016-07-26 10:17 - 02158838 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-15 12:53 - 2016-07-16 23:51 - 00885984 _____ C:\WINDOWS\system32\perfh007.dat
2016-11-15 12:53 - 2016-07-16 23:51 - 00199560 _____ C:\WINDOWS\system32\perfc007.dat
2016-11-15 12:47 - 2016-09-28 16:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-15 12:47 - 2016-09-28 16:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-15 12:47 - 2016-07-26 10:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-15 12:47 - 2016-07-26 10:45 - 00000000 __SHD C:\Users\MeinerSeiner\IntelGraphicsProfiles
2016-11-15 12:47 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-15 12:46 - 2016-09-28 16:24 - 00000000 ____D C:\Users\MeinerSeiner
2016-11-15 11:27 - 2016-07-26 10:50 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-15 11:26 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-15 11:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-15 11:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-15 11:14 - 2016-07-26 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-11-15 11:14 - 2016-07-16 23:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-15 11:14 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-15 11:14 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-11-15 11:14 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-11-15 11:14 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-11-15 11:13 - 2016-07-26 11:29 - 00000000 ____D C:\Users\MeinerSeiner\AppData\Roaming\vlc
2016-11-15 11:13 - 2016-07-26 10:51 - 00000000 ____D C:\ProgramData\Apple Computer
2016-11-15 11:13 - 2016-07-26 10:23 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-15 11:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-15 11:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-11-15 11:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-15 11:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-11-15 11:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2016-11-15 11:10 - 2016-07-26 10:28 - 00000000 ____D C:\Users\MeinerSeiner\AppData\Local\Mozilla
2016-11-15 11:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-11-08 17:02 - 2016-08-29 12:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-11-07 20:05 - 2016-09-28 16:31 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-05 22:01 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-04 20:02 - 2016-08-28 11:13 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-01 16:09 - 2016-09-14 23:50 - 00000000 ____D C:\Users\MeinerSeiner\AppData\Local\CrashDumps
2016-10-29 23:17 - 2016-09-28 16:22 - 00230824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 23:16 - 2016-07-16 12:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-29 23:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-29 23:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-29 00:56 - 2016-07-16 12:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-29 00:56 - 2016-07-16 12:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-28 16:44 - 2016-09-28 16:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-28 16:44 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Help
2016-10-28 16:43 - 2016-09-28 16:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-28 16:43 - 2016-09-28 16:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-25 14:08 - 2016-07-26 11:05 - 00000424 _____ C:\Users\MeinerSeiner\Desktop\Dieser PC - Verknüpfung.lnk
2016-10-22 20:11 - 2016-07-26 10:55 - 00000000 ____D C:\Users\MeinerSeiner\AppData\Local\NVIDIA Corporation
2016-10-21 20:32 - 2016-07-26 10:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-17 21:50 - 2016-08-11 15:55 - 00028208 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2016-10-17 21:50 - 2016-07-31 13:07 - 00116296 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-07-26 12:08 - 2016-07-26 12:08 - 0000000 _____ () C:\Users\MeinerSeiner\AppData\Roaming\gdfw.log
2016-07-26 12:08 - 2016-07-26 12:08 - 0000779 _____ () C:\Users\MeinerSeiner\AppData\Roaming\gdscan.log

Einige Dateien in TEMP:
====================
C:\Users\MeinerSeiner\AppData\Local\Temp\libeay32.dll
C:\Users\MeinerSeiner\AppData\Local\Temp\msvcr120.dll
C:\Users\MeinerSeiner\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-15 14:22

==================== Ende von FRST.txt ============================

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2016
durchgeführt von MeinerSeiner (15-11-2016 15:32:12)
Gestartet von C:\Users\MeinerSeiner\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-28 15:32:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-913094260-803212928-734770114-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-913094260-803212928-734770114-503 - Limited - Disabled)
Gast (S-1-5-21-913094260-803212928-734770114-501 - Limited - Disabled)
MeinerSeiner (S-1-5-21-913094260-803212928-734770114-1001 - Administrator - Enabled) => C:\Users\MeinerSeiner

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.2020.212 - Alps Electric)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ARK: Survival Of The Fittest (HKLM\...\Steam App 407530) (Version:  - Studio Wildcard)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
iCloud (HKLM\...\{29AAC3D3-23FC-496D-8266-0E3833686758}) (Version: 6.0.2.10 - Apple Inc.)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-913094260-803212928-734770114-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-913094260-803212928-734770114-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\MeinerSeiner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-913094260-803212928-734770114-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06CE32C3-B170-471C-9A6C-D6884E1AC5ED} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {09A65500-6B50-4326-B43D-4E8795C9B289} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {44E238DF-ED58-4E9B-86C5-20466B6507F2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {57F38E61-8B93-4CFD-B375-0A510660EBC7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {57FD8799-8F9F-424F-92C8-B81D575B43F5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {93A5DEFC-2AC8-4217-8E0D-EFC53C749448} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {DC1AC0F1-50E9-4CF9-A70D-5E8DE2EEA6B4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {F5652E80-81FA-4AFE-BA67-F41968694BA4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 21:44 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-28 20:58 - 2016-09-30 05:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-28 20:58 - 2016-09-30 05:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-28 20:58 - 2016-09-30 05:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-15 04:24 - 2016-09-15 04:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-29 21:44 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-28 16:34 - 2016-09-28 16:34 - 01864384 _____ () C:\Users\MeinerSeiner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-09-28 17:19 - 2016-09-28 17:19 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-12 14:22 - 2016-10-05 10:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-27 19:59 - 2016-10-15 04:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-27 19:59 - 2016-10-15 04:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-27 19:59 - 2016-10-15 04:34 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-27 19:59 - 2016-10-15 04:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-17 20:23 - 2016-08-17 20:23 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-17 20:23 - 2016-08-17 20:23 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-07-26 11:26 - 2016-07-26 11:27 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-07-26 11:24 - 2016-07-26 11:24 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-11-05 18:57 - 2016-11-05 18:58 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-05 18:57 - 2016-11-05 18:58 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-05 18:57 - 2016-11-05 18:58 - 41608704 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-09-28 20:58 - 2016-09-29 18:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-28 20:58 - 2016-09-29 18:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-28 20:58 - 2016-09-29 18:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-28 20:58 - 2016-09-29 18:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-28 20:58 - 2016-09-29 18:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-28 20:58 - 2016-09-29 18:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-28 20:58 - 2016-09-29 18:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-28 20:58 - 2016-09-30 05:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-28 16:34 - 2016-09-28 16:34 - 01383616 _____ () C:\Users\MeinerSeiner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-28 16:34 - 2016-09-28 16:34 - 00118976 _____ () C:\Users\MeinerSeiner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-07-26 10:57 - 2016-09-08 04:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-07-26 10:57 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-07-26 10:57 - 2016-10-13 02:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-07-26 10:57 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-07-26 10:57 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-07-26 10:57 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-07-26 10:57 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-07-26 10:57 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-07-26 10:57 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-07-26 10:57 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-07-26 10:57 - 2016-10-13 02:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-07-26 10:57 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-05 17:18 - 2016-10-05 17:18 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 17:18 - 2016-10-05 17:18 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-14 13:09 - 2016-08-04 21:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2015-03-01 18:00 - 2015-11-19 15:56 - 01759232 _____ () D:\Programme\Polar\Polar FlowSync\polar20.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-913094260-803212928-734770114-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F0CF482E-41C6-4F9C-AA53-6C7F63CA5C6F}] => (Allow) D:\Spiele\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{AFA56547-C8C2-4E93-91C8-D3672E959069}] => (Allow) D:\Spiele\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{24E63112-57F7-420C-9AEE-C93635D0AF72}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{77E4241E-0080-4847-B9EE-E8AC1ECB9879}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{47A1B4C4-71B0-448D-B049-D7F87FFEEACB}] => (Allow) D:\Programme\Büro\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{63D0A4F9-6715-4CAF-BB86-FA6F74469851}] => (Allow) D:\Programme\Büro\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{864159D4-8263-44AA-8A57-6A039FB0EE67}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{90F51F12-3550-4D6A-931E-60E4E29DE077}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{770A7968-5A12-4993-A912-D6198BB2CC28}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{3047B7A4-DBC4-4B88-82FA-7FB4E766811D}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{ECFE11C0-7DF8-4013-80E2-F4CC2954CF30}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9F607337-773D-41A2-9021-1DB52E576DF3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{05FD3B14-D707-4CCB-ACBF-7F1903EFB0D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B138DD95-56FF-4033-A28B-E232BCAD3F10}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{44EA6978-49B5-454E-8F82-A3F9C77CB3AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{32B48426-AABE-4CEA-9D7E-D7FF5DF2C98E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{42F65830-D676-43C5-89AD-C5BA9453CC57}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ECF81645-086F-4354-9431-86E859C41BF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{26D93591-C097-4C8F-BED1-FE4E82932E73}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8BB2BDF-CCC7-4559-B416-10C12AAA70A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3F014B2C-FF6F-48F9-8FE9-9A6B0FCC62BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{77E5FE87-872A-4C8B-B9BE-3496F59B909E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0E27E8B1-AC7C-4E32-A6D2-CEDC303AE36F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{45996C74-E675-4ABF-93F9-C9D54DE82BC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{252A2013-BFE9-4AB7-A5D6-F0D13E07BF85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{46B83462-074D-49F5-82C5-092A3F878A0A}] => (Allow) D:\iTunes\iTunes.exe

==================== Wiederherstellungspunkte =========================

15-11-2016 11:09:01 Wiederherstellungsvorgang

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/15/2016 02:24:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (11/15/2016 11:14:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1172) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU0021A.log.

Error: (11/15/2016 11:09:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/11/2016 09:31:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/11/2016 09:31:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/05/2016 10:00:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/01/2016 11:05:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-7LQ7CIL)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2016 11:05:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-7LQ7CIL)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2016 04:09:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0x1570
Startzeit der fehlerhaften Anwendung: 0x01d234506554707b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: bdcdc4e8-67e2-434d-8d2d-b9cd60012c61
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/29/2016 09:31:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (11/15/2016 02:41:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/15/2016 12:47:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/15/2016 12:47:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.

Error: (11/15/2016 12:47:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
Die Anforderung wird nicht unterstützt.


Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (11/15/2016 12:46:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7LQ7CIL)
Description: Der Server "{3EB3C877-1F16-487C-9050-104DBCD66683}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/15/2016 12:46:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7LQ7CIL)
Description: Der Server "{3EB3C877-1F16-487C-9050-104DBCD66683}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/15/2016 12:46:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Virtueller Datenträger" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/15/2016 12:46:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/15/2016 12:46:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/15/2016 12:46:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-11-15 02:44:32.075
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Schutz\ Malwarebytes Anti-Malware \mbampt.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16222.35 MB
Verfügbarer physikalischer RAM: 13128.66 MB
Summe virtueller Speicher: 18654.35 MB
Verfügbarer virtueller Speicher: 15371.02 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:223.08 GB) (Free:173.03 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.68 GB) (Free:145.57 GB) NTFS
Drive f: (Linux) (Fixed) (Total:100.01 GB) (Free:99.85 GB) NTFS
Drive g: (home) (Fixed) (Total:365.82 GB) (Free:299.02 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5F3D4D46)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3194C74E)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=365.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

Meinersein · 15.11.2016, 15:38

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
durchgeführt von MeinerSeiner (Administrator) auf DESKTOP-7LQ7CIL (15-11-2016 15:31:35)
Gestartet von C:\Users\MeinerSeiner\Desktop
Geladene Profile: MeinerSeiner (Verfügbare Profile: MeinerSeiner)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Polar Electro Oy) D:\Programme\Polar\Polar FlowSync\flowsync.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [706440 2015-09-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => D:\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
HKU\S-1-5-21-913094260-803212928-734770114-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-913094260-803212928-734770114-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-913094260-803212928-734770114-1001\...\Run: [Polar FlowSync] => D:\Programme\Polar\Polar FlowSync\flowsync.exe [1191936 2015-11-19] (Polar Electro Oy)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4f2bd161-d76a-41c3-9d90-3945929c9850}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: mah7mhtg.default
FF ProfilePath: C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default [2016-11-15]
FF Extension: (Startfenster.de) - C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default\Extensions\1@startfenster.de.xpi [2016-11-14]
FF Extension: (NoScript) - C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-10]
FF Extension: (WOT) - C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-07-26]
FF Extension: (Video DownloadHelper) - C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11]
FF Extension: (Adblock Plus) - C:\Users\MeinerSeiner\AppData\Roaming\Mozilla\Firefox\Profiles\mah7mhtg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-29]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\Mediathek\Videos\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104840 2015-09-24] (Alps Electric Co., Ltd.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [4950632 2016-10-06] (G DATA Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [984904 2016-09-15] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3044496 2016-09-27] (G Data Software AG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-02] ()
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [4072264 2016-09-30] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3286120 2016-09-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [822600 2016-09-27] (G DATA Software AG)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [455616 2016-09-30] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-30] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [391144 2016-11-11] ()
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [180808 2016-10-12] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [37400 2016-10-12] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [30280 2016-10-12] (G DATA Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [274400 2016-10-12] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [105544 2016-10-12] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [77384 2016-10-12] (G DATA Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [116296 2016-10-17] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [153160 2016-10-12] (G Data Software AG)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_33c9216502148e52\nvlddmkm.sys [14159928 2016-10-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-09-17] (NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-15 15:31 - 2016-11-15 15:31 - 00011916 _____ C:\Users\MeinerSeiner\Desktop\FRST.txt
2016-11-15 15:31 - 2016-11-15 15:31 - 00000000 ____D C:\FRST
2016-11-15 15:30 - 2016-11-15 15:31 - 02411520 _____ (Farbar) C:\Users\MeinerSeiner\Desktop\FRST64.exe
2016-11-15 11:38 - 2016-11-15 11:39 - 03910208 _____ C:\Users\MeinerSeiner\Desktop\AdwCleaner_6.030.exe
2016-11-15 11:27 - 2016-11-15 11:27 - 00001481 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-11-15 11:27 - 2016-11-15 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-15 11:27 - 2016-11-15 11:27 - 00000000 ____D C:\Program Files\iPod
2016-11-15 02:38 - 2016-11-15 02:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-15 02:28 - 2016-11-15 02:28 - 00000000 _____ C:\autoexec.bat
2016-11-15 02:21 - 2016-11-15 12:46 - 00000000 ____D C:\AdwCleaner
2016-10-29 20:44 - 2016-10-29 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-10-28 16:44 - 2016-10-28 16:44 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-28 16:44 - 2016-10-25 21:17 - 06386232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-10-28 16:44 - 2016-10-24 07:31 - 07507695 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-10-28 16:44 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-10-28 16:44 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-10-28 16:44 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-10-28 16:44 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-10-28 16:43 - 2016-10-25 21:13 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-28 16:38 - 2016-10-26 23:17 - 00048704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-10-28 16:38 - 2016-10-25 22:40 - 40123840 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 35224632 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 34711096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 28202040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 10912232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 10782952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 10332664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 09120512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 08913512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 08723968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 03927288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 03468736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 02940352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 02574784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437570.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437570.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 01037248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00975296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00943552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00897080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00644112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00394704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00390200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00327224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-10-28 16:38 - 2016-10-25 22:40 - 00042296 _____ C:\WINDOWS\system32\nvinfo.pb
2016-10-28 16:38 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-10-28 16:38 - 2016-10-25 22:40 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-10-27 19:59 - 2016-10-15 06:11 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-27 19:59 - 2016-10-15 05:51 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-27 19:59 - 2016-10-15 05:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-27 19:59 - 2016-10-15 05:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-27 19:59 - 2016-10-15 05:48 - 07817568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-27 19:59 - 2016-10-15 05:48 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-27 19:59 - 2016-10-15 05:48 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-27 19:59 - 2016-10-15 05:48 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-27 19:59 - 2016-10-15 05:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-27 19:59 - 2016-10-15 05:47 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-27 19:59 - 2016-10-15 05:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-27 19:59 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-27 19:59 - 2016-10-15 05:32 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-27 19:59 - 2016-10-15 05:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-27 19:59 - 2016-10-15 05:26 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-27 19:59 - 2016-10-15 05:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-27 19:59 - 2016-10-15 05:22 - 01608896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-10-27 19:59 - 2016-10-15 05:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-27 19:59 - 2016-10-15 05:22 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-27 19:59 - 2016-10-15 05:22 - 00628040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-27 19:59 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-27 19:59 - 2016-10-15 05:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-27 19:59 - 2016-10-15 05:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-10-27 19:59 - 2016-10-15 05:15 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-27 19:59 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-27 19:59 - 2016-10-15 05:11 - 01424488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-10-27 19:59 - 2016-10-15 05:11 - 01263848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-27 19:59 - 2016-10-15 05:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-27 19:59 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-27 19:59 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-27 19:59 - 2016-10-15 04:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-27 19:59 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-27 19:59 - 2016-10-15 04:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-27 19:59 - 2016-10-15 04:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-27 19:59 - 2016-10-15 04:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-27 19:59 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-27 19:59 - 2016-10-15 04:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-27 19:59 - 2016-10-15 04:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-27 19:59 - 2016-10-15 04:55 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-10-27 19:59 - 2016-10-15 04:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-27 19:59 - 2016-10-15 04:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-27 19:59 - 2016-10-15 04:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-27 19:59 - 2016-10-15 04:54 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-27 19:59 - 2016-10-15 04:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-27 19:59 - 2016-10-15 04:54 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-27 19:59 - 2016-10-15 04:54 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-27 19:59 - 2016-10-15 04:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-27 19:59 - 2016-10-15 04:53 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-27 19:59 - 2016-10-15 04:53 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-27 19:59 - 2016-10-15 04:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-27 19:59 - 2016-10-15 04:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-27 19:59 - 2016-10-15 04:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-27 19:59 - 2016-10-15 04:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-27 19:59 - 2016-10-15 04:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-27 19:59 - 2016-10-15 04:52 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-10-27 19:59 - 2016-10-15 04:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-27 19:59 - 2016-10-15 04:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-27 19:59 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-27 19:59 - 2016-10-15 04:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-27 19:59 - 2016-10-15 04:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-27 19:59 - 2016-10-15 04:50 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-10-27 19:59 - 2016-10-15 04:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-27 19:59 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-27 19:59 - 2016-10-15 04:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-27 19:59 - 2016-10-15 04:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-27 19:59 - 2016-10-15 04:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-27 19:59 - 2016-10-15 04:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-27 19:59 - 2016-10-15 04:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-27 19:59 - 2016-10-15 04:48 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-27 19:59 - 2016-10-15 04:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-27 19:59 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-27 19:59 - 2016-10-15 04:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-27 19:59 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-27 19:59 - 2016-10-15 04:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-27 19:59 - 2016-10-15 04:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-27 19:59 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 19:59 - 2016-10-15 04:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-27 19:59 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-27 19:59 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 19:59 - 2016-10-15 04:44 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-10-27 19:59 - 2016-10-15 04:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-27 19:59 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-27 19:59 - 2016-10-15 04:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-27 19:59 - 2016-10-15 04:42 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-27 19:59 - 2016-10-15 04:40 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-27 19:59 - 2016-10-15 04:40 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-27 19:59 - 2016-10-15 04:39 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-10-27 19:59 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-27 19:59 - 2016-10-15 04:37 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-27 19:59 - 2016-10-15 04:37 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-10-27 19:59 - 2016-10-15 04:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-27 19:59 - 2016-10-15 04:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-27 19:59 - 2016-10-15 04:36 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-27 19:59 - 2016-10-15 04:36 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-27 19:59 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 02999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-27 19:59 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-27 19:59 - 2016-10-15 04:35 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-27 19:59 - 2016-10-15 04:34 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-27 19:59 - 2016-10-15 04:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-27 19:59 - 2016-09-10 14:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-27 19:59 - 2016-08-27 06:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-27 19:58 - 2016-10-15 05:51 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-27 19:58 - 2016-10-15 05:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-27 19:58 - 2016-10-15 05:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-27 19:58 - 2016-10-15 05:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-27 19:58 - 2016-10-15 05:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-27 19:58 - 2016-10-15 05:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-27 19:58 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-27 19:58 - 2016-10-15 05:32 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-27 19:58 - 2016-10-15 05:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-27 19:58 - 2016-10-15 05:31 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-27 19:58 - 2016-10-15 05:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-27 19:58 - 2016-10-15 05:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-27 19:58 - 2016-10-15 05:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-27 19:58 - 2016-10-15 05:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-27 19:58 - 2016-10-15 05:30 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-27 19:58 - 2016-10-15 05:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-27 19:58 - 2016-10-15 05:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-27 19:58 - 2016-10-15 05:30 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-27 19:58 - 2016-10-15 05:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-27 19:58 - 2016-10-15 05:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-27 19:58 - 2016-10-15 05:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-27 19:58 - 2016-10-15 05:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-27 19:58 - 2016-10-15 05:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-27 19:58 - 2016-10-15 05:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-27 19:58 - 2016-10-15 05:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-27 19:58 - 2016-10-15 05:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-10-27 19:58 - 2016-10-15 05:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-27 19:58 - 2016-10-15 05:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-27 19:58 - 2016-10-15 05:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-27 19:58 - 2016-10-15 05:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-27 19:58 - 2016-10-15 05:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-27 19:58 - 2016-10-15 05:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-27 19:58 - 2016-10-15 05:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-27 19:58 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-27 19:58 - 2016-10-15 05:19 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-27 19:58 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-27 19:58 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-27 19:58 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-27 19:58 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-27 19:58 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-27 19:58 - 2016-10-15 05:14 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-27 19:58 - 2016-10-15 05:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-27 19:58 - 2016-10-15 05:11 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-27 19:58 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-27 19:58 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-27 19:58 - 2016-10-15 05:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-27 19:58 - 2016-10-15 05:02 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-27 19:58 - 2016-10-15 05:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-27 19:58 - 2016-10-15 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-27 19:58 - 2016-10-15 04:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-27 19:58 - 2016-10-15 04:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-27 19:58 - 2016-10-15 04:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-10-27 19:58 - 2016-10-15 04:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-27 19:58 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-27 19:58 - 2016-10-15 04:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-27 19:58 - 2016-10-15 04:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-27 19:58 - 2016-10-15 04:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-27 19:58 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-27 19:58 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-27 19:58 - 2016-10-15 04:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-27 19:58 - 2016-10-15 04:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-27 19:58 - 2016-10-15 04:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-27 19:58 - 2016-10-15 04:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-27 19:58 - 2016-10-15 04:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-27 19:58 - 2016-10-15 04:55 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-10-27 19:58 - 2016-10-15 04:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-27 19:58 - 2016-10-15 04:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-27 19:58 - 2016-10-15 04:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-27 19:58 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-27 19:58 - 2016-10-15 04:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-27 19:58 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-27 19:58 - 2016-10-15 04:53 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-27 19:58 - 2016-10-15 04:53 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-10-27 19:58 - 2016-10-15 04:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-27 19:58 - 2016-10-15 04:53 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-27 19:58 - 2016-10-15 04:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-27 19:58 - 2016-10-15 04:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-27 19:58 - 2016-10-15 04:51 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-27 19:58 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-27 19:58 - 2016-10-15 04:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-27 19:58 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-27 19:58 - 2016-10-15 04:49 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-27 19:58 - 2016-10-15 04:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-10-27 19:58 - 2016-10-15 04:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-27 19:58 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-27 19:58 - 2016-10-15 04:48 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-27 19:58 - 2016-10-15 04:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-27 19:58 - 2016-10-15 04:47 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-27 19:58 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-27 19:58 - 2016-10-15 04:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 19:58 - 2016-10-15 04:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-27 19:58 - 2016-10-15 04:46 - 19418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-27 19:58 - 2016-10-15 04:46 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-27 19:58 - 2016-10-15 04:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 19:58 - 2016-10-15 04:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-10-27 19:58 - 2016-10-15 04:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-27 19:58 - 2016-10-15 04:45 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-27 19:58 - 2016-10-15 04:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 19:58 - 2016-10-15 04:45 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-27 19:58 - 2016-10-15 04:44 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-27 19:58 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-27 19:58 - 2016-10-15 04:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-27 19:58 - 2016-10-15 04:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-27 19:58 - 2016-10-15 04:42 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-27 19:58 - 2016-10-15 04:42 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-27 19:58 - 2016-10-15 04:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-27 19:58 - 2016-10-15 04:42 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-27 19:58 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-27 19:58 - 2016-10-15 04:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-27 19:58 - 2016-10-15 04:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-27 19:58 - 2016-10-15 04:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-27 19:58 - 2016-10-15 04:40 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-10-27 19:58 - 2016-10-15 04:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-10-27 19:58 - 2016-10-15 04:38 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-27 19:58 - 2016-10-15 04:38 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-27 19:58 - 2016-10-15 04:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-27 19:58 - 2016-10-15 04:36 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-27 19:58 - 2016-10-15 04:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 02670592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-27 19:58 - 2016-10-15 04:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-10-27 19:58 - 2016-10-15 04:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-10-27 19:58 - 2016-10-15 04:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-27 19:58 - 2016-10-15 04:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-27 19:58 - 2016-10-15 04:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-27 19:58 - 2016-10-15 04:34 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-27 19:58 - 2016-10-15 04:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-27 19:58 - 2016-10-15 04:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-27 19:58 - 2016-08-06 05:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-21 13:37 - 2016-10-21 20:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-15 15:06 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-11-15 15:05 - 2016-09-28 16:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-15 14:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-15 14:24 - 2016-07-26 10:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-15 14:23 - 2016-07-26 10:35 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-15 12:53 - 2016-07-26 10:17 - 02158838 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-15 12:53 - 2016-07-16 23:51 - 00885984 _____ C:\WINDOWS\system32\perfh007.dat
2016-11-15 12:53 - 2016-07-16 23:51 - 00199560 _____ C:\WINDOWS\system32\perfc007.dat
2016-11-15 12:47 - 2016-09-28 16:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-15 12:47 - 2016-09-28 16:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-15 12:47 - 2016-07-26 10:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-15 12:47 - 2016-07-26 10:45 - 00000000 __SHD C:\Users\MeinerSeiner\IntelGraphicsProfiles
2016-11-15 12:47 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-15 12:46 - 2016-09-28 16:24 - 00000000 ____D C:\Users\MeinerSeiner
2016-11-15 11:27 - 2016-07-26 10:50 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-15 11:26 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-15 11:26 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-15 11:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-15 11:14 - 2016-07-26 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-11-15 11:14 - 2016-07-16 23:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-15 11:14 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-15 11:14 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-15 11:14 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-11-15 11:14 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-11-15 11:14 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-11-15 11:13 - 2016-07-26 11:29 - 00000000 ____D C:\Users\MeinerSeiner\AppData\Roaming\vlc
2016-11-15 11:13 - 2016-07-26 10:51 - 00000000 ____D C:\ProgramData\Apple Computer
2016-11-15 11:13 - 2016-07-26 10:23 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-15 11:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-15 11:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-11-15 11:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-15 11:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-11-15 11:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2016-11-15 11:10 - 2016-07-26 10:28 - 00000000 ____D C:\Users\MeinerSeiner\AppData\Local\Mozilla
2016-11-15 11:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-11-08 17:02 - 2016-08-29 12:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-11-07 20:05 - 2016-09-28 16:31 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-05 22:01 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-04 20:02 - 2016-08-28 11:13 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-01 16:09 - 2016-09-14 23:50 - 00000000 ____D C:\Users\MeinerSeiner\AppData\Local\CrashDumps
2016-10-29 23:17 - 2016-09-28 16:22 - 00230824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 23:16 - 2016-07-16 12:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-29 23:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-29 23:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-29 00:56 - 2016-07-16 12:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-29 00:56 - 2016-07-16 12:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-28 16:44 - 2016-09-28 16:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-28 16:44 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Help
2016-10-28 16:43 - 2016-09-28 16:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-28 16:43 - 2016-09-28 16:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-25 14:08 - 2016-07-26 11:05 - 00000424 _____ C:\Users\MeinerSeiner\Desktop\Dieser PC - Verknüpfung.lnk
2016-10-22 20:11 - 2016-07-26 10:55 - 00000000 ____D C:\Users\MeinerSeiner\AppData\Local\NVIDIA Corporation
2016-10-21 20:32 - 2016-07-26 10:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-17 21:50 - 2016-08-11 15:55 - 00028208 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2016-10-17 21:50 - 2016-07-31 13:07 - 00116296 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-07-26 12:08 - 2016-07-26 12:08 - 0000000 _____ () C:\Users\MeinerSeiner\AppData\Roaming\gdfw.log
2016-07-26 12:08 - 2016-07-26 12:08 - 0000779 _____ () C:\Users\MeinerSeiner\AppData\Roaming\gdscan.log

Einige Dateien in TEMP:
====================
C:\Users\MeinerSeiner\AppData\Local\Temp\libeay32.dll
C:\Users\MeinerSeiner\AppData\Local\Temp\msvcr120.dll
C:\Users\MeinerSeiner\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-15 14:22

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2016
durchgeführt von MeinerSeiner (15-11-2016 15:32:12)
Gestartet von C:\Users\MeinerSeiner\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-28 15:32:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-913094260-803212928-734770114-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-913094260-803212928-734770114-503 - Limited - Disabled)
Gast (S-1-5-21-913094260-803212928-734770114-501 - Limited - Disabled)
MeinerSeiner (S-1-5-21-913094260-803212928-734770114-1001 - Administrator - Enabled) => C:\Users\MeinerSeiner

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.2020.212 - Alps Electric)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ARK: Survival Of The Fittest (HKLM\...\Steam App 407530) (Version:  - Studio Wildcard)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.3.0.1 - G DATA Software AG)
iCloud (HKLM\...\{29AAC3D3-23FC-496D-8266-0E3833686758}) (Version: 6.0.2.10 - Apple Inc.)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-913094260-803212928-734770114-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-913094260-803212928-734770114-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\MeinerSeiner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-913094260-803212928-734770114-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06CE32C3-B170-471C-9A6C-D6884E1AC5ED} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {09A65500-6B50-4326-B43D-4E8795C9B289} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {44E238DF-ED58-4E9B-86C5-20466B6507F2} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {57F38E61-8B93-4CFD-B375-0A510660EBC7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {57FD8799-8F9F-424F-92C8-B81D575B43F5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {93A5DEFC-2AC8-4217-8E0D-EFC53C749448} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {DC1AC0F1-50E9-4CF9-A70D-5E8DE2EEA6B4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {F5652E80-81FA-4AFE-BA67-F41968694BA4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 21:44 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 17:17 - 2016-10-05 17:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-28 20:58 - 2016-09-30 05:24 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-28 20:58 - 2016-09-30 05:24 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-28 20:58 - 2016-09-30 05:24 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-15 04:24 - 2016-09-15 04:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-10-28 16:44 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-29 21:44 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-28 16:34 - 2016-09-28 16:34 - 01864384 _____ () C:\Users\MeinerSeiner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-09-28 17:19 - 2016-09-28 17:19 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-12 14:22 - 2016-10-05 10:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-27 19:59 - 2016-10-15 04:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-27 19:59 - 2016-10-15 04:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-27 19:59 - 2016-10-15 04:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-27 19:59 - 2016-10-15 04:34 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-27 19:59 - 2016-10-15 04:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-27 19:59 - 2016-10-15 04:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-17 20:23 - 2016-08-17 20:23 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-17 20:23 - 2016-08-17 20:23 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-07-26 11:26 - 2016-07-26 11:27 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-07-26 11:24 - 2016-07-26 11:24 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-11-05 18:57 - 2016-11-05 18:58 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-05 18:57 - 2016-11-05 18:58 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-05 18:57 - 2016-11-05 18:58 - 41608704 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-09-28 20:58 - 2016-09-29 18:20 - 00500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-28 20:58 - 2016-09-29 18:20 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-28 20:58 - 2016-09-29 18:20 - 02801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-28 20:58 - 2016-09-29 18:20 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-28 20:58 - 2016-09-29 18:20 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-28 20:58 - 2016-09-29 18:20 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-28 20:58 - 2016-09-29 18:20 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-09-28 20:58 - 2016-09-30 05:24 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-28 16:34 - 2016-09-28 16:34 - 01383616 _____ () C:\Users\MeinerSeiner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-28 16:34 - 2016-09-28 16:34 - 00118976 _____ () C:\Users\MeinerSeiner\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-07-26 10:57 - 2016-09-08 04:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-07-26 10:57 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-07-26 10:57 - 2016-10-13 02:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-07-26 10:57 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-07-26 10:57 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-07-26 10:57 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-07-26 10:57 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-07-26 10:57 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-07-26 10:57 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-07-26 10:57 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-07-26 10:57 - 2016-10-13 02:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-07-26 10:57 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-05 17:18 - 2016-10-05 17:18 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 17:18 - 2016-10-05 17:18 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-14 13:09 - 2016-08-04 21:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2015-03-01 18:00 - 2015-11-19 15:56 - 01759232 _____ () D:\Programme\Polar\Polar FlowSync\polar20.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-913094260-803212928-734770114-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F0CF482E-41C6-4F9C-AA53-6C7F63CA5C6F}] => (Allow) D:\Spiele\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{AFA56547-C8C2-4E93-91C8-D3672E959069}] => (Allow) D:\Spiele\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{24E63112-57F7-420C-9AEE-C93635D0AF72}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{77E4241E-0080-4847-B9EE-E8AC1ECB9879}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK SOTF\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{47A1B4C4-71B0-448D-B049-D7F87FFEEACB}] => (Allow) D:\Programme\Büro\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{63D0A4F9-6715-4CAF-BB86-FA6F74469851}] => (Allow) D:\Programme\Büro\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{864159D4-8263-44AA-8A57-6A039FB0EE67}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{90F51F12-3550-4D6A-931E-60E4E29DE077}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{770A7968-5A12-4993-A912-D6198BB2CC28}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{3047B7A4-DBC4-4B88-82FA-7FB4E766811D}] => (Allow) D:\Spiele\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{ECFE11C0-7DF8-4013-80E2-F4CC2954CF30}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9F607337-773D-41A2-9021-1DB52E576DF3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{05FD3B14-D707-4CCB-ACBF-7F1903EFB0D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B138DD95-56FF-4033-A28B-E232BCAD3F10}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{44EA6978-49B5-454E-8F82-A3F9C77CB3AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{32B48426-AABE-4CEA-9D7E-D7FF5DF2C98E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{42F65830-D676-43C5-89AD-C5BA9453CC57}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ECF81645-086F-4354-9431-86E859C41BF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{26D93591-C097-4C8F-BED1-FE4E82932E73}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8BB2BDF-CCC7-4559-B416-10C12AAA70A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3F014B2C-FF6F-48F9-8FE9-9A6B0FCC62BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{77E5FE87-872A-4C8B-B9BE-3496F59B909E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0E27E8B1-AC7C-4E32-A6D2-CEDC303AE36F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{45996C74-E675-4ABF-93F9-C9D54DE82BC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{252A2013-BFE9-4AB7-A5D6-F0D13E07BF85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{46B83462-074D-49F5-82C5-092A3F878A0A}] => (Allow) D:\iTunes\iTunes.exe

==================== Wiederherstellungspunkte =========================

15-11-2016 11:09:01 Wiederherstellungsvorgang

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/15/2016 02:24:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (11/15/2016 11:14:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1172) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\WINDOWS\system32\SRU\SRU0021A.log.

Error: (11/15/2016 11:09:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/11/2016 09:31:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/11/2016 09:31:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/05/2016 10:00:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/01/2016 11:05:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-7LQ7CIL)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2016 11:05:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-7LQ7CIL)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2016 04:09:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0x1570
Startzeit der fehlerhaften Anwendung: 0x01d234506554707b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: bdcdc4e8-67e2-434d-8d2d-b9cd60012c61
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/29/2016 09:31:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (11/15/2016 02:41:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/15/2016 12:47:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/15/2016 12:47:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.

Error: (11/15/2016 12:47:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
Die Anforderung wird nicht unterstützt.


Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (11/15/2016 12:46:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7LQ7CIL)
Description: Der Server "{3EB3C877-1F16-487C-9050-104DBCD66683}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/15/2016 12:46:55 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-7LQ7CIL)
Description: Der Server "{3EB3C877-1F16-487C-9050-104DBCD66683}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/15/2016 12:46:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Virtueller Datenträger" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/15/2016 12:46:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/15/2016 12:46:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/15/2016 12:46:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-11-15 02:44:32.075
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Schutz\ Malwarebytes Anti-Malware \mbampt.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16222.35 MB
Verfügbarer physikalischer RAM: 13128.66 MB
Summe virtueller Speicher: 18654.35 MB
Verfügbarer virtueller Speicher: 15371.02 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:223.08 GB) (Free:173.03 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.68 GB) (Free:145.57 GB) NTFS
Drive f: (Linux) (Fixed) (Total:100.01 GB) (Free:99.85 GB) NTFS
Drive g: (home) (Fixed) (Total:365.82 GB) (Free:299.02 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5F3D4D46)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3194C74E)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=365.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Sorry, die beiden ersten Posts waren ohne # ...

cosinus · 15.11.2016, 15:48

1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Meinersein · 15.11.2016, 17:15

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.11.15.10
  rootkit: v2016.10.31.01

Windows 10 x64 NTFS
Internet Explorer 11.321.14393.0
MeinerSeiner :: DESKTOP-7LQ7CIL [administrator]

15.11.2016 16:22:21
mbar-log-2016-11-15 (16-22-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 311882
Time elapsed: 11 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

17:03:27.0111 0x11ac  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
17:03:31.0561 0x11ac  ============================================================
17:03:31.0561 0x11ac  Current date / time: 2016/11/15 17:03:31.0561
17:03:31.0561 0x11ac  SystemInfo:
17:03:31.0562 0x11ac  
17:03:31.0562 0x11ac  OS Version: 10.0.14393 ServicePack: 0.0
17:03:31.0562 0x11ac  Product type: Workstation
17:03:31.0562 0x11ac  ComputerName: DESKTOP-7LQ7CIL
17:03:31.0562 0x11ac  UserName: MeinerSeiner
17:03:31.0562 0x11ac  Windows directory: C:\WINDOWS
17:03:31.0562 0x11ac  System windows directory: C:\WINDOWS
17:03:31.0562 0x11ac  Running under WOW64
17:03:31.0562 0x11ac  Processor architecture: Intel x64
17:03:31.0562 0x11ac  Number of processors: 8
17:03:31.0562 0x11ac  Page size: 0x1000
17:03:31.0562 0x11ac  Boot type: Normal boot
17:03:31.0562 0x11ac  CodeIntegrityOptions = 0x00000001
17:03:31.0562 0x11ac  ============================================================
17:03:31.0596 0x11ac  KLMD registered as C:\WINDOWS\system32\drivers\91652772.sys
17:03:31.0596 0x11ac  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.351, osProperties = 0x19
17:03:31.0838 0x11ac  System UUID: {012286B0-C04C-87DD-6DC7-55B8075E49C8}
17:03:32.0306 0x11ac  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:03:32.0659 0x11ac  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:03:32.0669 0x11ac  ============================================================
17:03:32.0669 0x11ac  \Device\Harddisk0\DR0:
17:03:32.0670 0x11ac  MBR partitions:
17:03:32.0670 0x11ac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
17:03:32.0670 0x11ac  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1BE29000
17:03:32.0670 0x11ac  \Device\Harddisk1\DR1:
17:03:32.0670 0x11ac  MBR partitions:
17:03:32.0670 0x11ac  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0x3A35D877
17:03:32.0670 0x11ac  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x67F02582, BlocksNum 0xC80343F
17:03:32.0670 0x11ac  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x3A35D8B7, BlocksNum 0x2DBA4CCB
17:03:32.0670 0x11ac  ============================================================
17:03:32.0672 0x11ac  C: <-> \Device\Harddisk0\DR0\Partition2
17:03:32.0688 0x11ac  D: <-> \Device\Harddisk1\DR1\Partition1
17:03:32.0729 0x11ac  F: <-> \Device\Harddisk1\DR1\Partition2
17:03:32.0772 0x11ac  G: <-> \Device\Harddisk1\DR1\Partition3
17:03:32.0772 0x11ac  ============================================================
17:03:32.0772 0x11ac  Initialize success
17:03:32.0772 0x11ac  ============================================================
17:04:53.0185 0x1314  ============================================================
17:04:53.0185 0x1314  Scan started
17:04:53.0185 0x1314  Mode: Manual; SigCheck; TDLFS; 
17:04:53.0185 0x1314  ============================================================
17:04:53.0185 0x1314  KSN ping started
17:04:53.0888 0x1314  KSN ping finished: true
17:04:54.0904 0x1314  ================ Scan system memory ========================
17:04:54.0904 0x1314  System memory - ok
17:04:54.0904 0x1314  ================ Scan services =============================
17:04:54.0967 0x1314  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:04:55.0014 0x1314  1394ohci - ok
17:04:55.0029 0x1314  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:04:55.0045 0x1314  3ware - ok
17:04:55.0060 0x1314  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:04:55.0076 0x1314  ACPI - ok
17:04:55.0092 0x1314  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
17:04:55.0092 0x1314  AcpiDev - ok
17:04:55.0107 0x1314  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:04:55.0123 0x1314  acpiex - ok
17:04:55.0123 0x1314  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:04:55.0139 0x1314  acpipagr - ok
17:04:55.0139 0x1314  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:04:55.0154 0x1314  AcpiPmi - ok
17:04:55.0154 0x1314  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:04:55.0154 0x1314  acpitime - ok
17:04:55.0170 0x1314  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:04:55.0185 0x1314  AdobeARMservice - ok
17:04:55.0201 0x1314  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:04:55.0232 0x1314  ADP80XX - ok
17:04:55.0248 0x1314  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:04:55.0279 0x1314  AFD - ok
17:04:55.0279 0x1314  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:04:55.0295 0x1314  ahcache - ok
17:04:55.0311 0x1314  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
17:04:55.0311 0x1314  AJRouter - ok
17:04:55.0326 0x1314  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
17:04:55.0342 0x1314  ALG - ok
17:04:55.0342 0x1314  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:04:55.0357 0x1314  AmdK8 - ok
17:04:55.0357 0x1314  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:04:55.0373 0x1314  AmdPPM - ok
17:04:55.0389 0x1314  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:04:55.0389 0x1314  amdsata - ok
17:04:55.0404 0x1314  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:04:55.0420 0x1314  amdsbs - ok
17:04:55.0420 0x1314  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:04:55.0436 0x1314  amdxata - ok
17:04:55.0451 0x1314  [ A518EF64278B42F1770CDE95BFDEECC4, 12084608C4EBD9E5B2C2C8D511BDBF9952F07BD953757958150416325288D34C ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
17:04:55.0467 0x1314  ApfiltrService - ok
17:04:55.0467 0x1314  [ 5A1473F88A90167A53334F6981CCDEB1, E6F79AB69CF74174CDAEF3A3919A0A450018AED0AF55C3792825F5F87D57E0C4 ] ApHidMonitorService C:\Program Files\Apoint2K\HidMonitorSvc.exe
17:04:55.0482 0x1314  ApHidMonitorService - ok
17:04:55.0482 0x1314  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:04:55.0498 0x1314  AppID - ok
17:04:55.0498 0x1314  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:04:55.0529 0x1314  AppIDSvc - ok
17:04:55.0529 0x1314  [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:04:55.0545 0x1314  Appinfo - ok
17:04:55.0545 0x1314  [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:04:55.0561 0x1314  Apple Mobile Device Service - ok
17:04:55.0561 0x1314  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
17:04:55.0576 0x1314  applockerfltr - ok
17:04:55.0592 0x1314  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:04:55.0607 0x1314  AppMgmt - ok
17:04:55.0623 0x1314  [ 21DC11DA29484AE026E536F2EA7E79E5, 6E17B679494CB293DE13DFA18F79A9DFAFEEBAAE41943F95B5E1AE0720A5CA26 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:04:55.0654 0x1314  AppReadiness - ok
17:04:55.0670 0x1314  [ 6010A920FDE5BFE4EA056F9736FBDC06, F55F68D5AD1F272BC285E716E02090C62FC87476DD6CE7ABA6BE7EF8EF6178DE ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
17:04:55.0717 0x1314  AppVClient - ok
17:04:55.0717 0x1314  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
17:04:55.0748 0x1314  AppvStrm - ok
17:04:55.0764 0x1314  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
17:04:55.0795 0x1314  AppvVemgr - ok
17:04:55.0795 0x1314  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
17:04:55.0826 0x1314  AppvVfs - ok
17:04:55.0904 0x1314  [ 8FF9C45D01C50D6C1F2A9D149624E240, 1F1998D76E2F0B49820498ECF2B17F43590828B621545AF311487D03542DFEED ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:04:56.0014 0x1314  AppXSvc - ok
17:04:56.0029 0x1314  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:04:56.0045 0x1314  arcsas - ok
17:04:56.0045 0x1314  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
17:04:56.0076 0x1314  AsyncMac - ok
17:04:56.0076 0x1314  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:04:56.0107 0x1314  atapi - ok
17:04:56.0217 0x1314  [ 835E2C1A3D32492E2B90BD4FE5527CB6, DE129E570C85EE8AAE8084B40F4E32766B4B789A2EED81E46311712B0826053D ] athr            C:\WINDOWS\System32\drivers\athw8x.sys
17:04:56.0342 0x1314  athr - ok
17:04:56.0358 0x1314  [ 30A8C6FAA572A020F373DA089AD9A603, 7828AE582FF5D99A94663AFB5A163BAD49611EE680ED63C548288F684906EDD8 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:04:56.0373 0x1314  AudioEndpointBuilder - ok
17:04:56.0404 0x1314  [ 59E69B38FBB892BED6F373AE428FB256, 1E729C19686A1785FCDD260661953E0BBF095D0D746C580581E536CD2642C2F3 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:04:56.0467 0x1314  Audiosrv - ok

Code:

ATTFilter

17:04:56.0592 0x1314  [ F6C322B06ABB622B32115BF32EEE253B, F06D265DDD56A052ACFBB46DD057E246FCF3F65457133D98C1EA130E0DDFEAFE ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
17:04:56.0686 0x1314  AVKProxy - ok
17:04:56.0717 0x1314  [ 98DAE6FDBEF58BF07E9650DF3B729C8A, F5B81DA51AE357A6EB094561AC4ECC4E1263FBC7D111579A888BDD6DC51C7C76 ] AVKService      C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
17:04:56.0733 0x1314  AVKService - ok
17:04:56.0826 0x1314  [ 580D451B3F20565634D048D7B229EE40, 36CD7EA285F908BEA1E8E68C6CC29CD5A70E23DB38C5E2D1A41684A62FF17AEA ] AVKWCtl         C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
17:04:56.0889 0x1314  AVKWCtl - ok
17:04:56.0904 0x1314  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:04:56.0920 0x1314  AxInstSV - ok
17:04:56.0936 0x1314  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:04:56.0951 0x1314  b06bdrv - ok
17:04:56.0951 0x1314  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:04:56.0967 0x1314  BasicDisplay - ok
17:04:56.0967 0x1314  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:04:56.0983 0x1314  BasicRender - ok
17:04:56.0998 0x1314  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
17:04:56.0998 0x1314  bcmfn - ok
17:04:57.0014 0x1314  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:04:57.0014 0x1314  bcmfn2 - ok
17:04:57.0029 0x1314  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:04:57.0045 0x1314  BDESVC - ok
17:04:57.0061 0x1314  [ F9A4671DCFB42163C136FB3B272AC680, 8A74B2DE6C5F79448D1FEBF99C277832A3C9F7530B70ACA2B1D84C34E4A301F2 ] BEDaisy         C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys
17:04:57.0076 0x1314  BEDaisy - ok
17:04:57.0076 0x1314  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:04:57.0092 0x1314  Beep - ok
17:04:57.0129 0x1314  [ E543472B75FC78B3205273AE1E8CFE5F, 97CCA65B2BD59DF45B069DE66522E768968CD03B377F797691429E14D448BE9F ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
17:04:57.0181 0x1314  BEService - ok
17:04:57.0212 0x1314  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
17:04:57.0244 0x1314  BFE - ok
17:04:57.0275 0x1314  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
17:04:57.0322 0x1314  BITS - ok
17:04:57.0322 0x1314  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:04:57.0338 0x1314  Bonjour Service - ok
17:04:57.0353 0x1314  [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:04:57.0369 0x1314  bowser - ok
17:04:57.0384 0x1314  [ BD33624B1F5C35F519E87B53DBC30B34, 3EFE680D7E9FCD89492DCF4E53980D01FC92DC1F63935DF16429B66DCA2AA865 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:04:57.0416 0x1314  BrokerInfrastructure - ok
17:04:57.0416 0x1314  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
17:04:57.0431 0x1314  Browser - ok
17:04:57.0447 0x1314  [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
17:04:57.0463 0x1314  BtFilter - ok
17:04:57.0478 0x1314  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:04:57.0494 0x1314  BthAvrcpTg - ok
17:04:57.0494 0x1314  [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
17:04:57.0509 0x1314  BthEnum - ok
17:04:57.0509 0x1314  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:04:57.0525 0x1314  BthHFEnum - ok
17:04:57.0525 0x1314  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:04:57.0541 0x1314  bthhfhid - ok
17:04:57.0556 0x1314  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
17:04:57.0572 0x1314  BthHFSrv - ok
17:04:57.0572 0x1314  [ 0AB691736D4D4029444AF62DE59CFD37, C1C22EFBF67331B87AB261BBF9813009257437BA02F728EC2DFA1A49ECC5FABF ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
17:04:57.0603 0x1314  BthLEEnum - ok
17:04:57.0603 0x1314  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:04:57.0619 0x1314  BTHMODEM - ok
17:04:57.0619 0x1314  [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
17:04:57.0634 0x1314  BthPan - ok
17:04:57.0650 0x1314  [ E6D5762958A839B119C041256149AAD6, 8FB489F6771C392347E333935E00024309A19F1D3143F365A039A9D2DE0A639C ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
17:04:57.0697 0x1314  BTHPORT - ok
17:04:57.0697 0x1314  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:04:57.0713 0x1314  bthserv - ok
17:04:57.0713 0x1314  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
17:04:57.0728 0x1314  BTHUSB - ok
17:04:57.0744 0x1314  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
17:04:57.0744 0x1314  buttonconverter - ok
17:04:57.0759 0x1314  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
17:04:57.0775 0x1314  CapImg - ok
17:04:57.0775 0x1314  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:04:57.0791 0x1314  cdfs - ok
17:04:57.0791 0x1314  [ B737F6FB33A6F79BCBC293A5B32C1C4E, B2EAF621052A4CBEE78208ECF1AC9286BD1EB431019372254E442319308112F8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
17:04:57.0822 0x1314  CDPSvc - ok
17:04:57.0838 0x1314  [ 2531EF3423A9FE1692005A41907E3BE3, 4E7D3E216937305B73CBCC5031F513CEC38F4FEFE3F2291DED5F37641221CCA0 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
17:04:57.0853 0x1314  CDPUserSvc - ok
17:04:57.0869 0x1314  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:04:57.0884 0x1314  cdrom - ok
17:04:57.0884 0x1314  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:04:57.0900 0x1314  CertPropSvc - ok
17:04:57.0916 0x1314  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
17:04:57.0931 0x1314  cht4iscsi - ok
17:04:57.0963 0x1314  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
17:04:58.0025 0x1314  cht4vbd - ok
17:04:58.0025 0x1314  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:04:58.0041 0x1314  circlass - ok
17:04:58.0056 0x1314  [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:04:58.0072 0x1314  CLFS - ok
17:04:58.0088 0x1314  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
17:04:58.0103 0x1314  ClipSVC - ok
17:04:58.0119 0x1314  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
17:04:58.0119 0x1314  clreg - ok
17:04:58.0134 0x1314  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:04:58.0150 0x1314  CmBatt - ok
17:04:58.0166 0x1314  [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:04:58.0181 0x1314  CNG - ok
17:04:58.0181 0x1314  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
17:04:58.0197 0x1314  cnghwassist - ok
17:04:58.0228 0x1314  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
17:04:58.0228 0x1314  CompositeBus - ok
17:04:58.0228 0x1314  COMSysApp - ok
17:04:58.0244 0x1314  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:04:58.0244 0x1314  condrv - ok
17:04:58.0275 0x1314  [ 03DCC01047713690E312B013C60881AE, B98174222DDFDA2A31BAC4795D99FA07D1D03107ABDB27BF5069FAFBBF00D278 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
17:04:58.0291 0x1314  CoreMessagingRegistrar - ok
17:04:58.0322 0x1314  [ A28D6FA203CE094BDE7ED8CEC6079E42, 5DCA8BA21F5FD0D9F00620E7592949ABCF3BA202CF7AF3D84F93DF7C13E2D4C9 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:04:58.0338 0x1314  cphs - ok
17:04:58.0353 0x1314  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:04:58.0369 0x1314  CryptSvc - ok
17:04:58.0385 0x1314  [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
17:04:58.0400 0x1314  CSC - ok
17:04:58.0431 0x1314  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
17:04:58.0463 0x1314  CscService - ok
17:04:58.0463 0x1314  [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:04:58.0463 0x1314  dam - ok

Code:

ATTFilter

17:04:58.0494 0x1314  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:04:58.0525 0x1314  DcomLaunch - ok
17:04:58.0541 0x1314  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
17:04:58.0556 0x1314  DcpSvc - ok
17:04:58.0572 0x1314  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:04:58.0603 0x1314  defragsvc - ok
17:04:58.0603 0x1314  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:04:58.0635 0x1314  DeviceAssociationService - ok
17:04:58.0635 0x1314  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:04:58.0666 0x1314  DeviceInstall - ok
17:04:58.0666 0x1314  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
17:04:58.0681 0x1314  DevQueryBroker - ok
17:04:58.0681 0x1314  [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:04:58.0697 0x1314  Dfsc - ok
17:04:58.0713 0x1314  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:04:58.0728 0x1314  Dhcp - ok
17:04:58.0728 0x1314  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
17:04:58.0744 0x1314  diagnosticshub.standardcollector.service - ok
17:04:58.0775 0x1314  [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
17:04:58.0869 0x1314  DiagTrack - ok
17:04:58.0885 0x1314  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:04:58.0885 0x1314  disk - ok
17:04:58.0900 0x1314  [ 44A5CAF4E736BCD4360015BB3B841179, 8CD74620C3E163FF998CA8C09A999FED5C9EFDC88D07493192A57032D18CA973 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
17:04:58.0931 0x1314  DmEnrollmentSvc - ok
17:04:58.0931 0x1314  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:04:58.0947 0x1314  dmvsc - ok
17:04:58.0947 0x1314  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
17:04:58.0963 0x1314  dmwappushservice - ok
17:04:58.0978 0x1314  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:04:58.0994 0x1314  Dnscache - ok
17:04:58.0994 0x1314  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:04:59.0025 0x1314  dot3svc - ok
17:04:59.0025 0x1314  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
17:04:59.0041 0x1314  DPS - ok
17:04:59.0041 0x1314  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
17:04:59.0056 0x1314  drmkaud - ok
17:04:59.0056 0x1314  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:04:59.0088 0x1314  DsmSvc - ok
17:04:59.0088 0x1314  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
17:04:59.0103 0x1314  DsSvc - ok
17:04:59.0150 0x1314  [ 125C83C44EEE61E2ED5893F23AEF0FC9, D6599AFFA1A554124AEF6862C69027F9FF9B343362091439866641A1CFB0E76A ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:04:59.0228 0x1314  DXGKrnl - ok
17:04:59.0244 0x1314  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
17:04:59.0275 0x1314  EapHost - ok
17:04:59.0369 0x1314  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:04:59.0447 0x1314  ebdrv - ok
17:04:59.0463 0x1314  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
17:04:59.0463 0x1314  EFS - ok
17:04:59.0478 0x1314  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:04:59.0478 0x1314  EhStorClass - ok
17:04:59.0494 0x1314  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:04:59.0494 0x1314  EhStorTcgDrv - ok
17:04:59.0510 0x1314  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
17:04:59.0525 0x1314  embeddedmode - ok
17:04:59.0525 0x1314  [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
17:04:59.0556 0x1314  EntAppSvc - ok
17:04:59.0556 0x1314  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:04:59.0572 0x1314  ErrDev - ok
17:04:59.0588 0x1314  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
17:04:59.0603 0x1314  EventSystem - ok
17:04:59.0619 0x1314  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:04:59.0635 0x1314  exfat - ok
17:04:59.0650 0x1314  [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:04:59.0666 0x1314  fastfat - ok
17:04:59.0681 0x1314  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:04:59.0713 0x1314  Fax - ok
17:04:59.0713 0x1314  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:04:59.0728 0x1314  fdc - ok
17:04:59.0728 0x1314  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:04:59.0744 0x1314  fdPHost - ok
17:04:59.0744 0x1314  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:04:59.0760 0x1314  FDResPub - ok
17:04:59.0775 0x1314  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:04:59.0791 0x1314  fhsvc - ok
17:04:59.0791 0x1314  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
17:04:59.0806 0x1314  FileCrypt - ok
17:04:59.0806 0x1314  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:04:59.0822 0x1314  FileInfo - ok
17:04:59.0822 0x1314  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:04:59.0838 0x1314  Filetrace - ok
17:04:59.0838 0x1314  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:04:59.0853 0x1314  flpydisk - ok
17:04:59.0869 0x1314  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:04:59.0885 0x1314  FltMgr - ok
17:04:59.0916 0x1314  [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:04:59.0978 0x1314  FontCache - ok
17:05:00.0010 0x1314  [ 4816E166BD2C0E637DB183D24765684F, 69580B82DA9A5F4E54EE9604C6B717D0307A345F8FFB42515669F086CC4A88D1 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
17:05:00.0056 0x1314  FrameServer - ok
17:05:00.0072 0x1314  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:05:00.0088 0x1314  FsDepends - ok
17:05:00.0103 0x1314  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:05:00.0119 0x1314  Fs_Rec - ok
17:05:00.0150 0x1314  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:05:00.0213 0x1314  fvevol - ok

Code:

ATTFilter

17:05:00.0322 0x1314  [ 5B687E80548998161B11E093150A3215, 7C29D725B69FBFD2A1C762D4567E8252A03246F36551389E98D4AF6F516B6100 ] GDBackupSvc     C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
17:05:00.0400 0x1314  GDBackupSvc - ok
17:05:00.0416 0x1314  [ 3F24DCB0037A0121C220CB8EAF9A340D, 6F1EED1A2FE31D03EF2050D6B124BD5782020B7B7A6862FE6FCA0F4C2481BFAF ] GDBehave        C:\WINDOWS\system32\drivers\GDBehave.sys
17:05:00.0416 0x1314  GDBehave - ok
17:05:00.0432 0x1314  [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam          C:\WINDOWS\system32\DRIVERS\GDElam.sys
17:05:00.0432 0x1314  GDElam - ok
17:05:00.0494 0x1314  [ EC7C7AEE53383D2FABB98B05F63514FF, 149633A96E9803F168D3EF0A3182529D0247FFB748021F262F1D19F2C993FCF8 ] GDFwSvc         C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
17:05:00.0572 0x1314  GDFwSvc - ok
17:05:00.0572 0x1314  [ DD7D5196EB9C4321EA57B668AF873840, 0E934032911203A22BC84519F303061703DF503F19382ACDE37AAD53FCBEDF1A ] GDKBB           C:\Windows\system32\drivers\GDKBB64.sys
17:05:00.0572 0x1314  GDKBB - ok
17:05:00.0588 0x1314  [ 4A9000A1B02C394CD2C5E6450A04002D, E979C07888C4E20D3037E60A1A48501A0B3EC905C407781B6D437314851E1C32 ] GDKBFlt         C:\Windows\system32\drivers\GDKBFlt64.sys
17:05:00.0588 0x1314  GDKBFlt - ok
17:05:00.0604 0x1314  [ EE1927F18C9298D96A47017272D591E8, 6D880B43969B41636D520962BD77DD3FA59374903F6E72354610DFC01306E7EE ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
17:05:00.0604 0x1314  GDMnIcpt - ok
17:05:00.0619 0x1314  [ DC5200C3055D6EB5355F8975FB38E9EE, 6E1E059DDEF04F1B0761570B75BF2914256243F1398E682BF4DF00AF3CE44585 ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys
17:05:00.0619 0x1314  GDPkIcpt - ok
17:05:00.0635 0x1314  [ 1FCEE46DEFDF64DC7E1939E3F9E56718, CED8A28472AF234DED48AE0EB38CC697F50B7D9BF0BDBDE2F9D29CEE9DF0454E ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
17:05:00.0666 0x1314  GDScan - ok
17:05:00.0666 0x1314  [ 4E294DB229885177DA056A3471476A19, CEC297E50B96650CB822C5D6BD89FF9DD96311A2A07692935C101F39F6A89BBA ] gdwfpcd         C:\WINDOWS\system32\drivers\gdwfpcd64.sys
17:05:00.0682 0x1314  gdwfpcd - ok
17:05:00.0682 0x1314  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:05:00.0713 0x1314  gencounter - ok
17:05:00.0729 0x1314  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
17:05:00.0744 0x1314  genericusbfn - ok
17:05:00.0760 0x1314  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:05:00.0791 0x1314  GPIOClx0101 - ok
17:05:00.0854 0x1314  [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:05:00.0916 0x1314  gpsvc - ok
17:05:00.0932 0x1314  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
17:05:00.0947 0x1314  GpuEnergyDrv - ok
17:05:00.0947 0x1314  [ 6809BA27F97EAFC5C30F743E30DE1DB6, BAC1E0E4542B9917731FD50B1A646CFDA31679FDF2A5A875742AA88600847547 ] GRD             C:\Windows\system32\drivers\GRD.sys
17:05:00.0979 0x1314  GRD - ok
17:05:00.0994 0x1314  [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
17:05:01.0041 0x1314  HdAudAddService - ok
17:05:01.0057 0x1314  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:05:01.0072 0x1314  HDAudBus - ok
17:05:01.0072 0x1314  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:05:01.0088 0x1314  HidBatt - ok
17:05:01.0104 0x1314  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:05:01.0119 0x1314  HidBth - ok
17:05:01.0119 0x1314  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:05:01.0150 0x1314  hidi2c - ok
17:05:01.0150 0x1314  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
17:05:01.0166 0x1314  hidinterrupt - ok
17:05:01.0166 0x1314  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:05:01.0182 0x1314  HidIr - ok
17:05:01.0182 0x1314  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:05:01.0197 0x1314  hidserv - ok
17:05:01.0197 0x1314  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:05:01.0213 0x1314  HidUsb - ok
17:05:01.0213 0x1314  [ B3F963EBD55AEBA106342F5CBBCFEF5F, 316F6D94421EEF31CA87A6C54B819E9AA06994011244A3A75EB5DD09A6B79ECB ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:05:01.0244 0x1314  HomeGroupListener - ok
17:05:01.0244 0x1314  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:05:01.0275 0x1314  HomeGroupProvider - ok
17:05:01.0275 0x1314  [ FEDBFAFC5BAD0AE52ADE4DF75DBFF69F, A16CED31C64EAA92FE1BB4194A5124476BD53459F4B758ED504F2CFB31D6A580 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
17:05:01.0291 0x1314  HookCentre - ok
17:05:01.0291 0x1314  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:05:01.0307 0x1314  HpSAMD - ok
17:05:01.0322 0x1314  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:05:01.0354 0x1314  HTTP - ok
17:05:01.0369 0x1314  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
17:05:01.0385 0x1314  HvHost - ok
17:05:01.0385 0x1314  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
17:05:01.0385 0x1314  hvservice - ok
17:05:01.0400 0x1314  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:05:01.0400 0x1314  hwpolicy - ok
17:05:01.0416 0x1314  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:05:01.0416 0x1314  hyperkbd - ok
17:05:01.0432 0x1314  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:05:01.0447 0x1314  i8042prt - ok
17:05:01.0447 0x1314  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
17:05:01.0463 0x1314  iagpio - ok
17:05:01.0463 0x1314  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
17:05:01.0479 0x1314  iai2c - ok
17:05:01.0479 0x1314  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
17:05:01.0494 0x1314  iaLPSS2i_GPIO2 - ok
17:05:01.0494 0x1314  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
17:05:01.0510 0x1314  iaLPSS2i_I2C - ok
17:05:01.0510 0x1314  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:05:01.0525 0x1314  iaLPSSi_GPIO - ok
17:05:01.0525 0x1314  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:05:01.0541 0x1314  iaLPSSi_I2C - ok
17:05:01.0557 0x1314  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:05:01.0588 0x1314  iaStorAV - ok
17:05:01.0588 0x1314  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:05:01.0604 0x1314  iaStorV - ok
17:05:01.0619 0x1314  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
17:05:01.0650 0x1314  ibbus - ok
17:05:01.0650 0x1314  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
17:05:01.0666 0x1314  icssvc - ok
17:05:01.0729 0x1314  [ 9CE4D3A79D3180AC5A141E2F7E7137F4, 1D717D2156B78632895281779D2646AB066619EA1DB293A9505BF7C174F53271 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:05:01.0807 0x1314  igfx - ok
17:05:01.0822 0x1314  [ 6A9C613D0F5F9676D128F39B63ACE45B, 027B9568C740E336C7CBBE952309E2719E8FFA14E7DFC2B85B49E0C0CE7D2149 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
17:05:01.0854 0x1314  igfxCUIService1.0.0.0 - ok
17:05:01.0885 0x1314  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:05:01.0932 0x1314  IKEEXT - ok
17:05:01.0932 0x1314  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
17:05:01.0947 0x1314  IndirectKmd - ok
17:05:01.0947 0x1314  [ 41CD73C13FCAEA4942F0CF7608B7530F, 835BF370E6624975E3CB7106D4835488D6F527C545E7B0ECD26A161D36CABABB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:05:01.0963 0x1314  intaud_WaveExtensible - ok
17:05:01.0963 0x1314  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:05:01.0979 0x1314  IntcDAud - ok
17:05:01.0994 0x1314  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:05:01.0994 0x1314  intelide - ok
17:05:01.0994 0x1314  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:05:02.0010 0x1314  intelpep - ok
17:05:02.0010 0x1314  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:05:02.0025 0x1314  intelppm - ok
17:05:02.0041 0x1314  [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
17:05:02.0041 0x1314  iorate - ok
17:05:02.0057 0x1314  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:05:02.0057 0x1314  IpFilterDriver - ok
17:05:02.0088 0x1314  [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:05:02.0119 0x1314  iphlpsvc - ok
17:05:02.0119 0x1314  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:05:02.0135 0x1314  IPMIDRV - ok
17:05:02.0150 0x1314  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:05:02.0166 0x1314  IPNAT - ok
17:05:02.0182 0x1314  [ C37FAF1F0CE458D124A326FC8A7FF08D, 0147897CDF6DC2AB7113672D2B62CB258303FB0482B084C23C2E7EFCDE0065B4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:05:02.0197 0x1314  iPod Service - ok
17:05:02.0197 0x1314  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
17:05:02.0213 0x1314  irda - ok
17:05:02.0213 0x1314  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:05:02.0229 0x1314  IRENUM - ok
17:05:02.0229 0x1314  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
17:05:02.0244 0x1314  irmon - ok
17:05:02.0260 0x1314  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:05:02.0260 0x1314  isapnp - ok
17:05:02.0276 0x1314  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:05:02.0291 0x1314  iScsiPrt - ok
17:05:02.0291 0x1314  [ 48B904D31F2369D7B0122617038D3F5B, 8A43CB37667929CCCC37B6E79E82509BBCA6C8884B44059DC87BCA7C21BE7FE1 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
17:05:02.0291 0x1314  iwdbus - ok

Code:

ATTFilter

17:05:02.0307 0x1314  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:05:02.0307 0x1314  kbdclass - ok
17:05:02.0322 0x1314  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:05:02.0322 0x1314  kbdhid - ok
17:05:02.0338 0x1314  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
17:05:02.0338 0x1314  kdnic - ok
17:05:02.0354 0x1314  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:05:02.0369 0x1314  KeyIso - ok
17:05:02.0369 0x1314  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:05:02.0385 0x1314  KSecDD - ok
17:05:02.0385 0x1314  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:05:02.0401 0x1314  KSecPkg - ok
17:05:02.0401 0x1314  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:05:02.0416 0x1314  ksthunk - ok
17:05:02.0432 0x1314  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:05:02.0447 0x1314  KtmRm - ok
17:05:02.0463 0x1314  [ 4E444F41E69BBE2E0BAE34D5DFCB5732, ACAEFB839CF7A3113D026B9A715994C3DFF8797D73B991253959EF606C4FBC00 ] L1C             C:\WINDOWS\System32\drivers\L1C63x64.sys
17:05:02.0479 0x1314  L1C - ok
17:05:02.0479 0x1314  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:05:02.0510 0x1314  LanmanServer - ok
17:05:02.0510 0x1314  [ B581907FD94F1FF148BF695331F67612, 05D1FFA456557A291566D788B8DE2485552E361EC3C0F63EA1A710BE940A5398 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:05:02.0526 0x1314  LanmanWorkstation - ok
17:05:02.0541 0x1314  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
17:05:02.0557 0x1314  lfsvc - ok
17:05:02.0557 0x1314  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
17:05:02.0572 0x1314  LicenseManager - ok
17:05:02.0572 0x1314  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
17:05:02.0588 0x1314  lltdio - ok
17:05:02.0588 0x1314  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:05:02.0619 0x1314  lltdsvc - ok
17:05:02.0619 0x1314  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:05:02.0635 0x1314  lmhosts - ok
17:05:02.0635 0x1314  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:05:02.0651 0x1314  LSI_SAS - ok
17:05:02.0651 0x1314  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
17:05:02.0666 0x1314  LSI_SAS2i - ok
17:05:02.0666 0x1314  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
17:05:02.0682 0x1314  LSI_SAS3i - ok
17:05:02.0682 0x1314  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:05:02.0697 0x1314  LSI_SSS - ok
17:05:02.0713 0x1314  [ 06276381A0797FD417E7068C1210FA06, 204144E9792216F952CED869ECB6B26FB466BF730B8A73FA4799B1EBC1A630AB ] LSM             C:\WINDOWS\System32\lsm.dll
17:05:02.0744 0x1314  LSM - ok
17:05:02.0744 0x1314  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:05:02.0760 0x1314  luafv - ok
17:05:02.0776 0x1314  [ ED5B42D75F3DEE93040B3930DA9F3009, E919DA20E46FE1C81CB76090B799DD858DD4771DB0EBDE4545DB4681A0AFFE8E ] MapsBroker      C:\WINDOWS\System32\moshost.dll
17:05:02.0791 0x1314  MapsBroker - ok
17:05:02.0791 0x1314  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:05:02.0807 0x1314  megasas - ok
17:05:02.0807 0x1314  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
17:05:02.0807 0x1314  megasas2i - ok
17:05:02.0822 0x1314  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:05:02.0854 0x1314  megasr - ok
17:05:02.0854 0x1314  [ 6D1671CB2E5402F01D2F13ECF764CAA1, 4778630F602FE8F9B9112DC5BB7A179632000D10D80C28E93711404108FCC6E0 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
17:05:02.0869 0x1314  MEIx64 - ok
17:05:02.0869 0x1314  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
17:05:02.0885 0x1314  MessagingService - ok
17:05:02.0901 0x1314  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
17:05:02.0932 0x1314  mlx4_bus - ok
17:05:02.0932 0x1314  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
17:05:02.0947 0x1314  MMCSS - ok
17:05:02.0947 0x1314  [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:05:02.0963 0x1314  Modem - ok
17:05:02.0963 0x1314  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:05:02.0979 0x1314  monitor - ok
17:05:02.0994 0x1314  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:05:02.0994 0x1314  mouclass - ok
17:05:02.0994 0x1314  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:05:03.0010 0x1314  mouhid - ok
17:05:03.0026 0x1314  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:05:03.0026 0x1314  mountmgr - ok
17:05:03.0041 0x1314  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:05:03.0041 0x1314  MozillaMaintenance - ok
17:05:03.0057 0x1314  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:05:03.0057 0x1314  mpsdrv - ok
17:05:03.0088 0x1314  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:05:03.0119 0x1314  MpsSvc - ok
17:05:03.0119 0x1314  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:05:03.0135 0x1314  MRxDAV - ok
17:05:03.0151 0x1314  [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:05:03.0166 0x1314  mrxsmb - ok
17:05:03.0182 0x1314  [ 200E4A385F5F370D8866BAE25B0D9D32, 114AD45000A0C74EAE26C3075BBFEF80B9386C69D58CE4436CAFCF13613EAEFA ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:05:03.0197 0x1314  mrxsmb10 - ok
17:05:03.0213 0x1314  [ F7C22604CD8AFB9AF1C1E3CE39A5A09F, 3F7B39336F8A72525C667D45C9300CA6D017BDE17A6E23EF794BA59D2F3C78F3 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:05:03.0213 0x1314  mrxsmb20 - ok
17:05:03.0229 0x1314  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
17:05:03.0244 0x1314  MsBridge - ok
17:05:03.0244 0x1314  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:05:03.0260 0x1314  MSDTC - ok
17:05:03.0260 0x1314  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:05:03.0276 0x1314  Msfs - ok
17:05:03.0291 0x1314  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:05:03.0291 0x1314  msgpiowin32 - ok
17:05:03.0291 0x1314  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:05:03.0307 0x1314  mshidkmdf - ok
17:05:03.0307 0x1314  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:05:03.0322 0x1314  mshidumdf - ok
17:05:03.0322 0x1314  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:05:03.0338 0x1314  msisadrv - ok
17:05:03.0338 0x1314  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:05:03.0354 0x1314  MSiSCSI - ok
17:05:03.0369 0x1314  msiserver - ok
17:05:03.0369 0x1314  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
17:05:03.0385 0x1314  MSKSSRV - ok
17:05:03.0385 0x1314  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
17:05:03.0401 0x1314  MsLldp - ok
17:05:03.0401 0x1314  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
17:05:03.0416 0x1314  MSPCLOCK - ok
17:05:03.0416 0x1314  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
17:05:03.0432 0x1314  MSPQM - ok
17:05:03.0447 0x1314  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:05:03.0463 0x1314  MsRPC - ok
17:05:03.0479 0x1314  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
17:05:03.0479 0x1314  MsSecFlt - ok
17:05:03.0494 0x1314  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:05:03.0494 0x1314  mssmbios - ok
17:05:03.0494 0x1314  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
17:05:03.0510 0x1314  MSTEE - ok
17:05:03.0526 0x1314  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:05:03.0526 0x1314  MTConfig - ok
17:05:03.0541 0x1314  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:05:03.0541 0x1314  Mup - ok
17:05:03.0557 0x1314  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:05:03.0557 0x1314  mvumis - ok
17:05:03.0572 0x1314  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:05:03.0604 0x1314  NativeWifiP - ok
17:05:03.0604 0x1314  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:05:03.0635 0x1314  NcaSvc - ok
17:05:03.0635 0x1314  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:05:03.0666 0x1314  NcbService - ok
17:05:03.0666 0x1314  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:05:03.0682 0x1314  NcdAutoSetup - ok
17:05:03.0682 0x1314  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
17:05:03.0698 0x1314  ndfltr - ok
17:05:03.0729 0x1314  [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:05:03.0760 0x1314  NDIS - ok
17:05:03.0760 0x1314  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
17:05:03.0776 0x1314  NdisCap - ok
17:05:03.0776 0x1314  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
17:05:03.0791 0x1314  NdisImPlatform - ok
17:05:03.0807 0x1314  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:05:03.0823 0x1314  NdisTapi - ok
17:05:03.0823 0x1314  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
17:05:03.0838 0x1314  Ndisuio - ok
17:05:03.0838 0x1314  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:05:03.0854 0x1314  NdisVirtualBus - ok
17:05:03.0854 0x1314  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
17:05:03.0885 0x1314  NdisWan - ok
17:05:03.0885 0x1314  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:05:03.0901 0x1314  ndiswanlegacy - ok
17:05:03.0916 0x1314  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
17:05:03.0932 0x1314  ndproxy - ok
17:05:03.0932 0x1314  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:05:03.0948 0x1314  Ndu - ok
17:05:03.0963 0x1314  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
17:05:03.0963 0x1314  NetAdapterCx - ok
17:05:03.0979 0x1314  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
17:05:03.0979 0x1314  NetBIOS - ok
17:05:03.0994 0x1314  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:05:04.0010 0x1314  NetBT - ok
17:05:04.0026 0x1314  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:05:04.0026 0x1314  Netlogon - ok
17:05:04.0041 0x1314  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
17:05:04.0057 0x1314  Netman - ok
17:05:04.0073 0x1314  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:05:04.0088 0x1314  netprofm - ok
17:05:04.0104 0x1314  [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
17:05:04.0119 0x1314  NetSetupSvc - ok
17:05:04.0135 0x1314  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:05:04.0151 0x1314  NetTcpPortSharing - ok
17:05:04.0151 0x1314  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
17:05:04.0182 0x1314  NgcCtnrSvc - ok
17:05:04.0198 0x1314  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
17:05:04.0244 0x1314  NgcSvc - ok
17:05:04.0244 0x1314  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:05:04.0276 0x1314  NlaSvc - ok
17:05:04.0276 0x1314  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:05:04.0291 0x1314  Npfs - ok
17:05:04.0291 0x1314  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:05:04.0307 0x1314  npsvctrig - ok
17:05:04.0307 0x1314  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:05:04.0323 0x1314  nsi - ok
17:05:04.0323 0x1314  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:05:04.0338 0x1314  nsiproxy - ok
17:05:04.0385 0x1314  [ 5DD8CB01C0394F8D052763D2E3C6E684, BF58C1586A2402576B91D7F862861974F7BDB38704E88F4974FF3F1D1B481386 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
17:05:04.0432 0x1314  NTFS - ok
17:05:04.0432 0x1314  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:05:04.0448 0x1314  Null - ok
17:05:04.0463 0x1314  [ EEA88C63F67A236097F02EEF0944152E, 1256BFAF5960D794DB9C6587B15E05BC681FD7AC159590F8E2C1250477AF95B7 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
17:05:04.0479 0x1314  NvContainerLocalSystem - ok
17:05:04.0495 0x1314  [ EEA88C63F67A236097F02EEF0944152E, 1256BFAF5960D794DB9C6587B15E05BC681FD7AC159590F8E2C1250477AF95B7 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
17:05:04.0510 0x1314  NvContainerNetworkService - ok
17:05:04.0526 0x1314  [ 2D6C4040310C274F93C7B35DF894EA16, E28E516EB3BF40FF27EBD3AE2B248D0AB3F10BD4F757C57423AE70D032C857A5 ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
17:05:04.0557 0x1314  NVIDIA Wireless Controller Service - ok
17:05:04.0854 0x1314  [ 76ECA562B95DB26C64BEC14BB188A3F6, B4DB40D391B227393EEC13659C64B03499632FD11A75E5183BE8A0C8F3C9688B ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_33c9216502148e52\nvlddmkm.sys
17:05:05.0120 0x1314  nvlddmkm - ok
17:05:05.0120 0x1314  [ 214CE3AF0C1ABDD3529246914663E4C1, 2668A18265FD5BC9C107D6B11BC7A7169FE3C486B1A5727825756B05B4EFE17D ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
17:05:05.0135 0x1314  nvpciflt - ok
17:05:05.0135 0x1314  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:05:05.0151 0x1314  nvraid - ok
17:05:05.0151 0x1314  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:05:05.0166 0x1314  nvstor - ok
17:05:05.0166 0x1314  [ 6DF7C9E4BF71EBA2CE838394D2EF55B4, 2F13422A2EB4AF6BFDADA9A2DB3BE6A3AFA0D7588645D24222D3A7D813721C7D ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:05:05.0182 0x1314  NvStreamKms - ok
17:05:05.0182 0x1314  [ 2DED4D370931E83C924C3B78AB2EA7D0, 4204A34C6FD6BE943AE43E204623D0B012AE3BC8CAE0CAE179B454C718DF6E42 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
17:05:05.0182 0x1314  nvvad_WaveExtensible - ok
17:05:05.0198 0x1314  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:05:05.0213 0x1314  odserv - ok
17:05:05.0229 0x1314  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
17:05:05.0245 0x1314  OneSyncSvc - ok
17:05:05.0245 0x1314  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:05:05.0276 0x1314  ose - ok
17:05:05.0291 0x1314  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:05:05.0354 0x1314  p2pimsvc - ok
17:05:05.0370 0x1314  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:05:05.0416 0x1314  p2psvc - ok
17:05:05.0432 0x1314  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:05:05.0448 0x1314  Parport - ok
17:05:05.0448 0x1314  [ 9DB326B54C03EF2892E7551D8B354036, 64CD77E8A4425E80CFB61DEE33C1A677A4044C6FC0614D74B20BDDD7C5D5334D ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:05:05.0463 0x1314  partmgr - ok
17:05:05.0479 0x1314  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:05:05.0510 0x1314  PcaSvc - ok
17:05:05.0510 0x1314  [ 101CC1FD8D48ED1EF71F0840158D0E6D, A944D70DE230E3FBD8B371EF3BED1FCD12AAFD56945A8F5C44994AF13283FCCD ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:05:05.0541 0x1314  pci - ok
17:05:05.0541 0x1314  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:05:05.0557 0x1314  pciide - ok
17:05:05.0557 0x1314  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:05:05.0573 0x1314  pcmcia - ok
17:05:05.0573 0x1314  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:05:05.0588 0x1314  pcw - ok
17:05:05.0588 0x1314  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:05:05.0604 0x1314  pdc - ok
17:05:05.0620 0x1314  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:05:05.0651 0x1314  PEAUTH - ok
17:05:05.0682 0x1314  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
17:05:05.0745 0x1314  PeerDistSvc - ok
17:05:05.0760 0x1314  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
17:05:05.0760 0x1314  percsas2i - ok
17:05:05.0776 0x1314  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
17:05:05.0776 0x1314  percsas3i - ok
17:05:05.0807 0x1314  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:05:05.0823 0x1314  PerfHost - ok
17:05:05.0838 0x1314  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
17:05:05.0885 0x1314  PhoneSvc - ok
17:05:05.0885 0x1314  [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
17:05:05.0901 0x1314  PimIndexMaintenanceSvc - ok
17:05:05.0932 0x1314  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
17:05:05.0979 0x1314  pla - ok
17:05:05.0995 0x1314  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:05:06.0010 0x1314  PlugPlay - ok
17:05:06.0010 0x1314  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:05:06.0026 0x1314  PNRPAutoReg - ok
17:05:06.0041 0x1314  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:05:06.0057 0x1314  PNRPsvc - ok
17:05:06.0073 0x1314  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:05:06.0088 0x1314  PolicyAgent - ok
17:05:06.0088 0x1314  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
17:05:06.0120 0x1314  Power - ok
17:05:06.0120 0x1314  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
17:05:06.0135 0x1314  PptpMiniport - ok
17:05:06.0198 0x1314  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:05:06.0292 0x1314  PrintNotify - ok
17:05:06.0307 0x1314  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:05:06.0323 0x1314  Processor - ok
17:05:06.0323 0x1314  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:05:06.0354 0x1314  ProfSvc - ok
17:05:06.0354 0x1314  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
17:05:06.0385 0x1314  Psched - ok
17:05:06.0401 0x1314  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:05:06.0448 0x1314  QWAVE - ok
17:05:06.0448 0x1314  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:05:06.0479 0x1314  QWAVEdrv - ok
17:05:06.0495 0x1314  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:05:06.0510 0x1314  RasAcd - ok
17:05:06.0526 0x1314  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
17:05:06.0573 0x1314  RasAgileVpn - ok
17:05:06.0588 0x1314  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:05:06.0620 0x1314  RasAuto - ok
17:05:06.0620 0x1314  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
17:05:06.0667 0x1314  Rasl2tp - ok
17:05:06.0698 0x1314  [ 3C0A10FFC3CB95D249CA64D62BC912EF, 8A75398EF3FF4BBE822031B3D1C63BFC75ABE11AB35BC0451DFF3B1D56477D97 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:05:06.0745 0x1314  RasMan - ok
17:05:06.0745 0x1314  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:05:06.0760 0x1314  RasPppoe - ok
17:05:06.0776 0x1314  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
17:05:06.0807 0x1314  RasSstp - ok
17:05:06.0823 0x1314  [ EDAF0E161BE98CCC4FC9671481600745, 50DB73C341086E346F6EF57E40A7C3A8F6279E5EBB53A67F9B71B7877EB75734 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:05:06.0838 0x1314  rdbss - ok
17:05:06.0854 0x1314  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:05:06.0870 0x1314  rdpbus - ok
17:05:06.0870 0x1314  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:05:06.0885 0x1314  RDPDR - ok
17:05:06.0885 0x1314  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:05:06.0901 0x1314  RdpVideoMiniport - ok
17:05:06.0901 0x1314  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:05:06.0917 0x1314  rdyboost - ok
17:05:06.0948 0x1314  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
17:05:06.0963 0x1314  ReFSv1 - ok
17:05:06.0979 0x1314  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:05:07.0010 0x1314  RemoteAccess - ok
17:05:07.0010 0x1314  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:05:07.0042 0x1314  RemoteRegistry - ok
17:05:07.0057 0x1314  [ FA62C4E1D753B489832DD0A7033665EE, BB0B59ABC79CEFA949632179239D711944C29E93EBCE60E629DE75AF2C3268B2 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
17:05:07.0088 0x1314  RetailDemo - ok
17:05:07.0088 0x1314  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
17:05:07.0104 0x1314  RFCOMM - ok
17:05:07.0120 0x1314  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
17:05:07.0135 0x1314  RmSvc - ok
17:05:07.0135 0x1314  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:05:07.0151 0x1314  RpcEptMapper - ok
17:05:07.0151 0x1314  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:05:07.0167 0x1314  RpcLocator - ok
17:05:07.0182 0x1314  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:05:07.0229 0x1314  RpcSs - ok
17:05:07.0229 0x1314  [ 3D2500823793E6826A5F8B3C46A0067C, D16D2C052FE19DB1EFF0DA38686AE634D51064CA64BF38D1B99FC6ACFCD64D00 ] RSPCIESTOR      C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
17:05:07.0245 0x1314  RSPCIESTOR - ok
17:05:07.0245 0x1314  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
17:05:07.0260 0x1314  rspndr - ok

Code:

ATTFilter

17:05:07.0276 0x1314  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:05:07.0276 0x1314  s3cap - ok
17:05:07.0292 0x1314  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:05:07.0292 0x1314  SamSs - ok
17:05:07.0307 0x1314  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:05:07.0307 0x1314  sbp2port - ok
17:05:07.0323 0x1314  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:05:07.0338 0x1314  SCardSvr - ok
17:05:07.0354 0x1314  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:05:07.0370 0x1314  ScDeviceEnum - ok
17:05:07.0370 0x1314  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:05:07.0385 0x1314  scfilter - ok
17:05:07.0401 0x1314  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:05:07.0448 0x1314  Schedule - ok
17:05:07.0448 0x1314  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
17:05:07.0463 0x1314  scmbus - ok
17:05:07.0463 0x1314  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
17:05:07.0479 0x1314  scmdisk0101 - ok
17:05:07.0495 0x1314  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:05:07.0510 0x1314  SCPolicySvc - ok
17:05:07.0510 0x1314  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:05:07.0526 0x1314  sdbus - ok
17:05:07.0542 0x1314  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
17:05:07.0557 0x1314  SDRSVC - ok
17:05:07.0557 0x1314  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:05:07.0573 0x1314  sdstor - ok
17:05:07.0573 0x1314  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:05:07.0588 0x1314  seclogon - ok
17:05:07.0588 0x1314  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
17:05:07.0604 0x1314  SENS - ok
17:05:07.0604 0x1314  Sense - ok
17:05:07.0635 0x1314  [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
17:05:07.0682 0x1314  SensorDataService - ok
17:05:07.0698 0x1314  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
17:05:07.0713 0x1314  SensorService - ok
17:05:07.0729 0x1314  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:05:07.0745 0x1314  SensrSvc - ok
17:05:07.0745 0x1314  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:05:07.0760 0x1314  SerCx - ok
17:05:07.0760 0x1314  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:05:07.0776 0x1314  SerCx2 - ok
17:05:07.0776 0x1314  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:05:07.0792 0x1314  Serenum - ok
17:05:07.0792 0x1314  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:05:07.0807 0x1314  Serial - ok
17:05:07.0823 0x1314  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:05:07.0823 0x1314  sermouse - ok
17:05:07.0838 0x1314  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:05:07.0854 0x1314  SessionEnv - ok
17:05:07.0870 0x1314  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:05:07.0870 0x1314  sfloppy - ok
17:05:07.0885 0x1314  [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:05:07.0917 0x1314  SharedAccess - ok
17:05:07.0932 0x1314  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:05:07.0979 0x1314  ShellHWDetection - ok
17:05:07.0979 0x1314  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
17:05:07.0995 0x1314  shpamsvc - ok
17:05:07.0995 0x1314  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:05:08.0010 0x1314  SiSRaid2 - ok
17:05:08.0010 0x1314  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:05:08.0026 0x1314  SiSRaid4 - ok
17:05:08.0026 0x1314  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
17:05:08.0042 0x1314  smphost - ok
17:05:08.0057 0x1314  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
17:05:08.0088 0x1314  SmsRouter - ok
17:05:08.0088 0x1314  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:05:08.0104 0x1314  SNMPTRAP - ok
17:05:08.0120 0x1314  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:05:08.0135 0x1314  spaceport - ok
17:05:08.0135 0x1314  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:05:08.0151 0x1314  SpbCx - ok
17:05:08.0167 0x1314  [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:05:08.0198 0x1314  Spooler - ok
17:05:08.0292 0x1314  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:05:08.0432 0x1314  sppsvc - ok
17:05:08.0432 0x1314  [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:05:08.0464 0x1314  srv - ok
17:05:08.0479 0x1314  [ 1312896CAE6AF0D4557DB7B37283C116, 9E3701DBBF0F45368A217549A7DFDA2543C4AB3AC9CCF65A73E1FE27CC4A278E ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:05:08.0510 0x1314  srv2 - ok
17:05:08.0510 0x1314  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:05:08.0526 0x1314  srvnet - ok
17:05:08.0542 0x1314  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:05:08.0557 0x1314  SSDPSRV - ok
17:05:08.0573 0x1314  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:05:08.0589 0x1314  SstpSvc - ok
17:05:08.0651 0x1314  [ FD881B87C853EB2F0B8B7B5CC71D6FE3, 780038C203C9277C366794302D90BC0AE75568863F1FB7044197BA20D798E4BA ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
17:05:08.0776 0x1314  StateRepository - ok
17:05:08.0807 0x1314  [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:05:08.0839 0x1314  Steam Client Service - ok
17:05:08.0839 0x1314  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:05:08.0854 0x1314  stexstor - ok
17:05:08.0870 0x1314  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:05:08.0901 0x1314  stisvc - ok
17:05:08.0901 0x1314  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:05:08.0917 0x1314  storahci - ok
17:05:08.0917 0x1314  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
17:05:08.0932 0x1314  storflt - ok
17:05:08.0932 0x1314  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:05:08.0948 0x1314  stornvme - ok
17:05:08.0948 0x1314  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
17:05:08.0964 0x1314  storqosflt - ok
17:05:08.0979 0x1314  [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:05:08.0995 0x1314  StorSvc - ok
17:05:08.0995 0x1314  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
17:05:09.0011 0x1314  storufs - ok
17:05:09.0011 0x1314  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:05:09.0026 0x1314  storvsc - ok
17:05:09.0026 0x1314  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:05:09.0042 0x1314  svsvc - ok
17:05:09.0042 0x1314  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:05:09.0057 0x1314  swenum - ok
17:05:09.0073 0x1314  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
17:05:09.0104 0x1314  swprv - ok
17:05:09.0104 0x1314  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
17:05:09.0120 0x1314  Synth3dVsc - ok
17:05:09.0136 0x1314  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:05:09.0182 0x1314  SysMain - ok
17:05:09.0182 0x1314  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:05:09.0214 0x1314  SystemEventsBroker - ok
17:05:09.0214 0x1314  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:05:09.0229 0x1314  TabletInputService - ok
17:05:09.0245 0x1314  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:05:09.0261 0x1314  TapiSrv - ok
17:05:09.0307 0x1314  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:05:09.0370 0x1314  Tcpip - ok
17:05:09.0417 0x1314  [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
17:05:09.0479 0x1314  Tcpip6 - ok
17:05:09.0495 0x1314  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:05:09.0495 0x1314  tcpipreg - ok
17:05:09.0511 0x1314  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:05:09.0526 0x1314  tdx - ok
17:05:09.0526 0x1314  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:05:09.0557 0x1314  terminpt - ok
17:05:09.0604 0x1314  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
17:05:09.0651 0x1314  TermService - ok
17:05:09.0667 0x1314  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
17:05:09.0682 0x1314  Themes - ok
17:05:09.0682 0x1314  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
17:05:09.0714 0x1314  TieringEngineService - ok
17:05:09.0745 0x1314  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
17:05:09.0792 0x1314  tiledatamodelsvc - ok
17:05:09.0792 0x1314  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
17:05:09.0807 0x1314  TimeBrokerSvc - ok
17:05:09.0823 0x1314  [ 3D04046C468AD2868A093925B5E2AA0A, 44696259BEF49AC200DEE146DE0E4375B0CD09F9356CCFA22BD7AD8B53E48658 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
17:05:09.0839 0x1314  TPM - ok
17:05:09.0839 0x1314  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:05:09.0854 0x1314  TrkWks - ok
17:05:09.0854 0x1314  [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:05:09.0870 0x1314  TrustedInstaller - ok
17:05:09.0886 0x1314  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
17:05:09.0901 0x1314  tsusbflt - ok
17:05:09.0901 0x1314  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:05:09.0901 0x1314  TsUsbGD - ok
17:05:09.0917 0x1314  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
17:05:09.0932 0x1314  tsusbhub - ok
17:05:09.0932 0x1314  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
17:05:09.0948 0x1314  tunnel - ok
17:05:09.0948 0x1314  [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
17:05:09.0964 0x1314  tzautoupdate - ok
17:05:09.0979 0x1314  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:05:09.0979 0x1314  UASPStor - ok
17:05:09.0995 0x1314  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
17:05:09.0995 0x1314  UcmCx0101 - ok
17:05:10.0011 0x1314  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
17:05:10.0026 0x1314  UcmTcpciCx0101 - ok
17:05:10.0026 0x1314  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
17:05:10.0042 0x1314  UcmUcsi - ok
17:05:10.0042 0x1314  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
17:05:10.0057 0x1314  Ucx01000 - ok
17:05:10.0057 0x1314  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
17:05:10.0073 0x1314  UdeCx - ok
17:05:10.0089 0x1314  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:05:10.0104 0x1314  udfs - ok
17:05:10.0104 0x1314  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:05:10.0120 0x1314  UEFI - ok
17:05:10.0120 0x1314  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
17:05:10.0136 0x1314  UevAgentDriver - ok
17:05:10.0151 0x1314  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
17:05:10.0198 0x1314  UevAgentService - ok
17:05:10.0214 0x1314  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
17:05:10.0229 0x1314  Ufx01000 - ok
17:05:10.0229 0x1314  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
17:05:10.0245 0x1314  UfxChipidea - ok
17:05:10.0245 0x1314  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
17:05:10.0261 0x1314  ufxsynopsys - ok
17:05:10.0261 0x1314  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:05:10.0276 0x1314  UI0Detect - ok
17:05:10.0292 0x1314  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:05:10.0292 0x1314  umbus - ok
17:05:10.0307 0x1314  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:05:10.0307 0x1314  UmPass - ok
17:05:10.0323 0x1314  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:05:10.0339 0x1314  UmRdpService - ok
17:05:10.0370 0x1314  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
17:05:10.0417 0x1314  UnistoreSvc - ok
17:05:10.0432 0x1314  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:05:10.0448 0x1314  upnphost - ok
17:05:10.0464 0x1314  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
17:05:10.0464 0x1314  UrsChipidea - ok
17:05:10.0479 0x1314  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
17:05:10.0479 0x1314  UrsCx01000 - ok
17:05:10.0479 0x1314  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
17:05:10.0495 0x1314  UrsSynopsys - ok
17:05:10.0495 0x1314  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:05:10.0511 0x1314  usbccgp - ok
17:05:10.0526 0x1314  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:05:10.0542 0x1314  usbcir - ok
17:05:10.0542 0x1314  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:05:10.0557 0x1314  usbehci - ok
17:05:10.0557 0x1314  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:05:10.0589 0x1314  usbhub - ok
17:05:10.0604 0x1314  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:05:10.0620 0x1314  USBHUB3 - ok
17:05:10.0620 0x1314  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:05:10.0636 0x1314  usbohci - ok
17:05:10.0636 0x1314  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:05:10.0651 0x1314  usbprint - ok
17:05:10.0651 0x1314  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
17:05:10.0667 0x1314  usbser - ok
17:05:10.0667 0x1314  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:05:10.0682 0x1314  USBSTOR - ok
17:05:10.0682 0x1314  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:05:10.0698 0x1314  usbuhci - ok
17:05:10.0714 0x1314  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
17:05:10.0729 0x1314  usbvideo - ok
17:05:10.0745 0x1314  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:05:10.0761 0x1314  USBXHCI - ok
17:05:10.0792 0x1314  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
17:05:10.0870 0x1314  UserDataSvc - ok
17:05:10.0886 0x1314  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
17:05:10.0932 0x1314  UserManager - ok
17:05:10.0948 0x1314  [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
17:05:10.0964 0x1314  UsoSvc - ok
17:05:10.0979 0x1314  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:05:10.0995 0x1314  VaultSvc - ok
17:05:10.0995 0x1314  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:05:10.0995 0x1314  vdrvroot - ok
17:05:11.0011 0x1314  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
17:05:11.0089 0x1314  vds - ok
17:05:11.0104 0x1314  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:05:11.0120 0x1314  VerifierExt - ok
17:05:11.0136 0x1314  [ C12B4859FC255AA6B3021CF8BB14A11F, E95922351825D23ABCADD173E9256FC9AFFF28555DD1971CFF5666A2055958C5 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:05:11.0167 0x1314  vhdmp - ok
17:05:11.0183 0x1314  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
17:05:11.0198 0x1314  vhf - ok
17:05:11.0198 0x1314  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:05:11.0214 0x1314  vmbus - ok
17:05:11.0214 0x1314  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:05:11.0245 0x1314  VMBusHID - ok
17:05:11.0245 0x1314  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
17:05:11.0261 0x1314  vmgid - ok
17:05:11.0276 0x1314  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
17:05:11.0292 0x1314  vmicguestinterface - ok
17:05:11.0308 0x1314  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
17:05:11.0339 0x1314  vmicheartbeat - ok
17:05:11.0339 0x1314  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
17:05:11.0370 0x1314  vmickvpexchange - ok
17:05:11.0386 0x1314  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
17:05:11.0417 0x1314  vmicrdv - ok
17:05:11.0417 0x1314  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
17:05:11.0448 0x1314  vmicshutdown - ok
17:05:11.0464 0x1314  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
17:05:11.0495 0x1314  vmictimesync - ok
17:05:11.0495 0x1314  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
17:05:11.0526 0x1314  vmicvmsession - ok
17:05:11.0542 0x1314  [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
17:05:11.0573 0x1314  vmicvss - ok
17:05:11.0573 0x1314  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:05:11.0589 0x1314  volmgr - ok
17:05:11.0589 0x1314  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:05:11.0604 0x1314  volmgrx - ok
17:05:11.0620 0x1314  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:05:11.0636 0x1314  volsnap - ok
17:05:11.0636 0x1314  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
17:05:11.0651 0x1314  volume - ok
17:05:11.0651 0x1314  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:05:11.0667 0x1314  vpci - ok
17:05:11.0667 0x1314  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:05:11.0683 0x1314  vsmraid - ok
17:05:11.0729 0x1314  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
17:05:11.0776 0x1314  VSS - ok
17:05:11.0792 0x1314  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:05:11.0808 0x1314  VSTXRAID - ok
17:05:11.0808 0x1314  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:05:11.0823 0x1314  vwifibus - ok
17:05:11.0839 0x1314  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
17:05:11.0870 0x1314  vwififlt - ok
17:05:11.0870 0x1314  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
17:05:11.0901 0x1314  vwifimp - ok
17:05:11.0933 0x1314  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
17:05:11.0980 0x1314  W32Time - ok
17:05:11.0980 0x1314  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:05:11.0995 0x1314  WacomPen - ok
17:05:12.0011 0x1314  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
17:05:12.0026 0x1314  WalletService - ok
17:05:12.0026 0x1314  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:05:12.0042 0x1314  wanarp - ok
17:05:12.0058 0x1314  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:05:12.0073 0x1314  wanarpv6 - ok
17:05:12.0105 0x1314  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:05:12.0151 0x1314  wbengine - ok
17:05:12.0167 0x1314  [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:05:12.0214 0x1314  WbioSrvc - ok
17:05:12.0214 0x1314  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
17:05:12.0230 0x1314  wcifs - ok

Meinersein · 15.11.2016, 18:11

Code:

ATTFilter

17:05:12.0245 0x1314  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:05:12.0276 0x1314  Wcmsvc - ok
17:05:12.0292 0x1314  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:05:12.0323 0x1314  wcncsvc - ok
17:05:12.0323 0x1314  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
17:05:12.0339 0x1314  wcnfs - ok
17:05:12.0339 0x1314  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:05:12.0355 0x1314  WdBoot - ok
17:05:12.0370 0x1314  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:05:12.0386 0x1314  Wdf01000 - ok
17:05:12.0401 0x1314  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:05:12.0417 0x1314  WdFilter - ok
17:05:12.0417 0x1314  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:05:12.0433 0x1314  WdiServiceHost - ok
17:05:12.0448 0x1314  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:05:12.0464 0x1314  WdiSystemHost - ok
17:05:12.0480 0x1314  [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
17:05:12.0511 0x1314  wdiwifi - ok
17:05:12.0511 0x1314  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:05:12.0526 0x1314  WdNisDrv - ok
17:05:12.0526 0x1314  WdNisSvc - ok
17:05:12.0542 0x1314  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:05:12.0558 0x1314  WebClient - ok
17:05:12.0573 0x1314  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:05:12.0589 0x1314  Wecsvc - ok
17:05:12.0589 0x1314  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:05:12.0605 0x1314  WEPHOSTSVC - ok
17:05:12.0605 0x1314  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:05:12.0620 0x1314  wercplsupport - ok
17:05:12.0636 0x1314  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:05:12.0651 0x1314  WerSvc - ok
17:05:12.0651 0x1314  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
17:05:12.0667 0x1314  WFPLWFS - ok
17:05:12.0667 0x1314  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:05:12.0683 0x1314  WiaRpc - ok
17:05:12.0698 0x1314  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:05:12.0698 0x1314  WIMMount - ok
17:05:12.0714 0x1314  WinDefend - ok
17:05:12.0714 0x1314  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
17:05:12.0730 0x1314  WindowsTrustedRT - ok
17:05:12.0730 0x1314  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
17:05:12.0745 0x1314  WindowsTrustedRTProxy - ok
17:05:12.0761 0x1314  [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:05:12.0792 0x1314  WinHttpAutoProxySvc - ok
17:05:12.0792 0x1314  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
17:05:12.0808 0x1314  WinMad - ok
17:05:12.0823 0x1314  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:05:12.0839 0x1314  Winmgmt - ok
17:05:12.0901 0x1314  [ A26570B4A21AD6F4D597148D3C22274E, 594BD3B9B9B4027E5A7025CAB715378FB565FC5E00A0315A2EC3A6EFBC9CC72E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:05:13.0011 0x1314  WinRM - ok
17:05:13.0011 0x1314  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
17:05:13.0026 0x1314  WINUSB - ok
17:05:13.0026 0x1314  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
17:05:13.0042 0x1314  WinVerbs - ok
17:05:13.0058 0x1314  [ 239B9AB452DE728ABCB5E957FAE2699D, CDA8293358CCA0AC247950A2F104E3554DEEEDC6C57CAC8350606D5612B8CA62 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
17:05:13.0089 0x1314  wisvc - ok
17:05:13.0120 0x1314  [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:05:13.0198 0x1314  WlanSvc - ok
17:05:13.0245 0x1314  [ 7A98AF088E0B1A5EB98863B14F493716, 8B2F8D02AC0637C72859AF29C05C01D7D1C81C6A15CBE2D579F27F3254E66076 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:05:13.0339 0x1314  wlidsvc - ok
17:05:13.0339 0x1314  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:05:13.0355 0x1314  WmiAcpi - ok
17:05:13.0370 0x1314  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:05:13.0386 0x1314  wmiApSrv - ok
17:05:13.0386 0x1314  WMPNetworkSvc - ok
17:05:13.0386 0x1314  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:05:13.0401 0x1314  Wof - ok
17:05:13.0464 0x1314  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:05:13.0526 0x1314  workfolderssvc - ok
17:05:13.0526 0x1314  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:05:13.0542 0x1314  WPDBusEnum - ok
17:05:13.0558 0x1314  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:05:13.0558 0x1314  WpdUpFltr - ok
17:05:13.0573 0x1314  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
17:05:13.0589 0x1314  WpnService - ok
17:05:13.0589 0x1314  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
17:05:13.0620 0x1314  WpnUserService - ok
17:05:13.0636 0x1314  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:05:13.0667 0x1314  ws2ifsl - ok
17:05:13.0683 0x1314  [ FF190115CBA067F58C981F0A9F43ABDF, C90353C748C02DB38B561C250682E12C82985A6F7ED7D497AF5DE10EC243FCBA ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:05:13.0730 0x1314  wscsvc - ok
17:05:13.0730 0x1314  WSearch - ok
17:05:13.0808 0x1314  [ 6BA66FE47BFAF223AEE6C98F28EB4D8E, 3B380329594DAD5BB50301F5A8A912BF6121788F395133C70C893879F68450FB ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:05:13.0886 0x1314  wuauserv - ok
17:05:13.0886 0x1314  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:05:13.0901 0x1314  WudfPf - ok
17:05:13.0917 0x1314  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
17:05:13.0933 0x1314  WUDFRd - ok
17:05:13.0933 0x1314  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:05:13.0948 0x1314  wudfsvc - ok
17:05:13.0980 0x1314  [ D4F2FFCF5D199152DD01026D3AA38138, 4F90FE9BFC6CC2ABB2A163A36A000458A96AB64071861582F17B74C95CAEFB32 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:05:14.0026 0x1314  WwanSvc - ok
17:05:14.0042 0x1314  [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
17:05:14.0089 0x1314  XblAuthManager - ok
17:05:14.0120 0x1314  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
17:05:14.0151 0x1314  XblGameSave - ok
17:05:14.0167 0x1314  [ C1E85B4FB08B4CCF16841B165910148B, AB33A6630BFC0E230BA464F721DD4ABB7DF79DF2D81C9C7366CC0BA2251F09F3 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
17:05:14.0183 0x1314  xboxgip - ok
17:05:14.0198 0x1314  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
17:05:14.0245 0x1314  XboxNetApiSvc - ok
17:05:14.0261 0x1314  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
17:05:14.0261 0x1314  xinputhid - ok
17:05:14.0261 0x1314  ================ Scan global ===============================
17:05:14.0277 0x1314  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
17:05:14.0277 0x1314  [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\WINDOWS\system32\winsrv.dll
17:05:14.0292 0x1314  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
17:05:14.0292 0x1314  [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
17:05:14.0308 0x1314  [ Global ] - ok
17:05:14.0308 0x1314  ================ Scan MBR ==================================
17:05:14.0308 0x1314  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:05:14.0464 0x1314  \Device\Harddisk0\DR0 - ok
17:05:14.0464 0x1314  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:05:15.0652 0x1314  \Device\Harddisk1\DR1 - ok
17:05:15.0652 0x1314  ================ Scan VBR ==================================
17:05:15.0667 0x1314  [ 63CF09F3E418B54DB22CF659996BFCA8 ] \Device\Harddisk0\DR0\Partition1
17:05:15.0667 0x1314  \Device\Harddisk0\DR0\Partition1 - ok
17:05:15.0683 0x1314  [ F2918C89A2B12A4B4A6A7A978DD92E52 ] \Device\Harddisk0\DR0\Partition2
17:05:15.0683 0x1314  \Device\Harddisk0\DR0\Partition2 - ok
17:05:15.0683 0x1314  [ 6C300C0CD9E98E9CE604FBB9B55E32E2 ] \Device\Harddisk1\DR1\Partition1
17:05:15.0683 0x1314  \Device\Harddisk1\DR1\Partition1 - ok
17:05:15.0714 0x1314  [ C34F077129BD64EC25F53146A9BF15EC ] \Device\Harddisk1\DR1\Partition2
17:05:15.0714 0x1314  \Device\Harddisk1\DR1\Partition2 - ok
17:05:15.0745 0x1314  [ F4ADC16AC01EC313ADAF18E3F89A7E74 ] \Device\Harddisk1\DR1\Partition3
17:05:15.0745 0x1314  \Device\Harddisk1\DR1\Partition3 - ok
17:05:15.0745 0x1314  ================ Scan generic autorun ======================
17:05:15.0777 0x1314  [ 6B48F3DDA6FDD92A8A6E4ED94FF040DE, 92521F6F2A761F408E60F2BD353B618745B7F54F9A85C53A271DB23FC6D99419 ] C:\Program Files\Apoint2K\Apoint.exe
17:05:15.0824 0x1314  Apoint - ok
17:05:15.0824 0x1314  [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\WINDOWS\system32\rundll32.exe
17:05:15.0855 0x1314  ShadowPlay - ok
17:05:15.0917 0x1314  [ D91AB5CCE502F95726AC1E035C867BC6, A27B2AAB26C844454A0CEA97F861623C518A837B9DF41778AC7F4E9184E6BC8C ] D:\iTunes\iTunesHelper.exe
17:05:15.0933 0x1314  iTunesHelper - ok
17:05:16.0136 0x1314  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:05:16.0308 0x1314  OneDriveSetup - ok
17:05:16.0480 0x1314  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:05:16.0636 0x1314  OneDriveSetup - ok
17:05:16.0652 0x1314  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\MeinerSeiner\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:05:16.0683 0x1314  OneDrive - ok
17:05:16.0730 0x1314  [ D2CE6EA0E9F641D7153462D40C6B4193, 3AAE5239F951E29497D759326BDC23E19644B763DC5661CA4E4980418195C37D ] C:\Program Files (x86)\Steam\steam.exe
17:05:16.0792 0x1314  Steam - ok
17:05:16.0792 0x1314  [ 91121D27CAD2674B8FDB248D83EDFF19, 2C4E24AD1C868D80FBA7B07DC562FF8F4C627AFA1B4181E2F851FA09B8A7753A ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
17:05:16.0792 0x1314  iCloudServices - ok
17:05:16.0933 0x1314  [ 757089BAB60489E96194E48A1D8A6587, 58489DF326C2F91DD485EF8281CB51762D8522316191B3CB94D328836222A07D ] D:\Programme\Polar\Polar FlowSync\flowsync.exe
17:05:16.0980 0x1314  Polar FlowSync - detected UnsignedFile.Multi.Generic ( 1 )
17:05:17.0027 0x1314  Polar FlowSync ( UnsignedFile.Multi.Generic ) - warning
17:05:17.0293 0x1314  AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G DATA\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
17:05:17.0293 0x1314  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
17:05:17.0293 0x1314  FW detected via SS2: G*DATA Personal Firewall, C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
17:05:17.0402 0x1314  ============================================================
17:05:17.0402 0x1314  Scan finished
17:05:17.0402 0x1314  ============================================================
17:05:17.0402 0x0404  Detected object count: 1
17:05:17.0402 0x0404  Actual detected object count: 1
17:07:30.0156 0x0404  Polar FlowSync ( UnsignedFile.Multi.Generic ) - skipped by user
17:07:30.0156 0x0404  Polar FlowSync ( UnsignedFile.Multi.Generic ) - User select action: Skip

Das war's. Als1 Post war er zu groß, wusste nicht, wie groß die einzelnen Pakete sein werden. daher ist es so viel geworden.

Hatte jetzt den Rechner die ganze Zeit an und er hat selbstständig neue Win10-updates installiert und sich neu gestartet. Hoffe das wird kein Problemfür die weitere Lösung meines Problems geben...

cosinus · 16.11.2016, 00:20

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Meinersein · 16.11.2016, 09:42

Code:

ATTFilter

# AdwCleaner v6.030 - Bericht erstellt am 16/11/2016 um 09:16:46
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-10-18.1 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : MeinerSeiner - DESKTOP-7LQ7CIL
# Gestartet von : C:\Users\MeinerSeiner\Desktop\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "extensions.1@startfenster.de.sdk.baseURI" -  "resource://1-at-startfenster-dot-de/"
[-] Firefox Einstellungen bereinigt: "extensions.1@startfenster.de.sdk.domain" -  "1-at-startfenster-dot-de"
[-] Firefox Einstellungen bereinigt: "extensions.1@startfenster.de.sdk.load.reason" -  "startup"
[-] Firefox Einstellungen bereinigt: "extensions.1@startfenster.de.sdk.rootURI" -  "jar:file:///C:/Users/MeinerSeiner/AppData/Roaming/Mozilla/Firefox/Profiles/mah7mhtg.default/extensions/1@startfenster.de.xpi!/"
[-] Firefox Einstellungen bereinigt: "extensions.1@startfenster.de.sdk.version" -  "0.0.1"
[-] Firefox Einstellungen bereinigt: "extensions.bootstrappedAddons" -  "{\"{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\":{\"version\":\"6.1.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\MeinerSeiner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mah7mhtg.default\\\\extensions\\\\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.8.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\MeinerSeiner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mah7mhtg.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false},\"1@startfenster.de\":{\"version\":\"0.0.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\MeinerSeiner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mah7mhtg.default\\\\extensions\\\\1@startfenster.de.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false},\"asyncrendering@mozilla.org\":{\"version\":\"2.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\MeinerSeiner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mah7mhtg.default\\\\features\\\\{fc2564b2-4150-4cdc-bc75-17ce12cf88d6}\\\\asyncrendering@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"e10srollout@mozilla.org\":{\"version\":\"1.3\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"firefox@getpocket.com\":{\"version\":\"1.0.4\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true},\"webcompat@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"multiprocessCompatible\":false,\"runInSafeMode\":true}}"
[-] Firefox Einstellungen bereinigt: "extensions.xpiState" -  "{\"app-profile\":{\"1@startfenster.de\":{\"d\":\"C:\\\\Users\\\\MeinerSeiner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mah7mhtg.default\\\\extensions\\\\1@startfenster.de.xpi\",\"e\":true,\"v\":\"0.0.1\",\"st\":1479159619119},\"{73a6fe31-595d-460b-a920-fcc0f8843232}\":{\"d\":\"C:\\\\Users\\\\MeinerSeiner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mah7mhtg.default\\\\extensions\\\\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi\",\"e\":true,\"v\":\"2.9.0.14\",\"st\":1470833447156},\"{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\":{\"d\":\"C:\\\\Users\\\\MeinerSeiner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mah7mhtg.default\\\\extensions\\\\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}\",\"e\":true,\"v\":\"20151208\",\"st\":1469528582094,\"mt\":1469528578010},\"{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\":{\"d\":\"C:\\\\Users\\\\MeinerSeiner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mah7mhtg.default\\\\extensions\\\\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi\",\"e\":true,\"v\":\"6.1.1\",\"st\":1476198508163},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"d\":\"C:\\\\Users\\\\MeinerSeiner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mah7mhtg.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"e\":true,\"v\":\"2.8.1\",\"st\":1477731979183}},\"app-system-addons\":{\"asyncrendering@mozilla.org\":{\"d\":\"C:\\\\Users\\\\MeinerSeiner\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mah7mhtg.default\\\\features\\\\{fc2564b2-4150-4cdc-bc75-17ce12cf88d6}\\\\asyncrendering@mozilla.org.xpi\",\"e\":true,\"v\":\"2.0\",\"st\":1477576870766}},\"app-system-defaults\":{\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.3\",\"st\":1477053450958},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.4\",\"st\":1477053450943},\"webcompat@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1477053450926}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"49.0.2\",\"st\":1477053450975}}}"


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6199 Bytes] - [16/11/2016 09:16:46]
C:\AdwCleaner\AdwCleaner[S0].txt - [2706 Bytes] - [16/11/2016 09:14:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6345 Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Pro x64 
Ran by MeinerSeiner (Administrator) on 16.11.2016 at  9:39:37,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.11.2016 at  9:40:48,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus · 16.11.2016, 10:21

Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:

1. Schritt: MBAM

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

2. Schritt: ESET

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

3. Schritt: SecurityCheck

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Meinersein · 16.11.2016, 21:23

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 16.11.2016
Suchlaufzeit: 12:36
Protokolldatei: Suchlaufmwb.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.11.16.05
Rootkit-Datenbank: v2016.10.31.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: MeinerSeiner

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 310989
Abgelaufene Zeit: 7 Min., 3 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ef1f066d99d7ce48968ccdd0f91443aa
# end=init
# utc_time=2016-11-16 06:57:23
# local_time=2016-11-16 07:57:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 31431
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ef1f066d99d7ce48968ccdd0f91443aa
# end=updated
# utc_time=2016-11-16 06:59:29
# local_time=2016-11-16 07:59:29 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ef1f066d99d7ce48968ccdd0f91443aa
# engine=31431
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-11-16 08:17:33
# local_time=2016-11-16 09:17:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 126208 10658069 0 0
# scanned=248878
# found=1
# cleaned=0
# scan_time=4684
sh=DB07C3E1BB4BA9EEFA8162890B2AEF48E21CF541 ft=1 fh=61a2381df76f46a1 vn="NSIS/StartPage.CC Trojaner" ac=I fn="D:\Programme\Musik_Video_Fotos\Video\VLC\vlc-2.1.5-win64.exe"

Code:

ATTFilter

 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
G DATA INTERNET SECURITY   
Windows Defender           
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Mozilla Firefox (49.0.2) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 G DATA InternetSecurity Firewall GDFwSvcx64.exe 
 G DATA InternetSecurity Firewall GDFirewallTray.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

15.11.2016, 14:58	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	startfenster und sm.de über vlc-player eingefangen Hi, mal ein paar Fragen: 1. war der VLC-Player überhaupt installiert bei dir als du die Nachricht bekommen hast? 2. falls ja, wo wo hast du das Setup vom Player geladen? __________________ __________________

startfenster und sm.de über vlc-player eingefangen

Plagegeister aller Art und deren Bekämpfung: startfenster und sm.de über vlc-player eingefangen