| |
| |||||||
Log-Analyse und Auswertung: Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder abWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
10.04.2017, 22:48
| #1 |
| |  Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab Hallo, ich brauche bitte dringend Hilfe. Ich habe mir Anfang des Jahres (ca. Mitte Februar) vermutlich einen Schädling eingefangen. Der Firefox war betroffen und spuckte nur noch Werbeseiten aus. Arbeiten war nicht möglich und die Startseite änderte sich immer wieder auf trotux. Avira und ADWCleaner hatten das Problem meiner Meinung nach beseitigt. Aber seither ist die Laptop Performance zeitweise mieserabel. Immer wieder sind die Speicher zu 100% ausgelastet und das ganze System hängt minutenlang. Immer wieder bricht dabei die WLAN Verbindung ab, verbindet sich neu, bricht wieder ab, teilweise im Minutentakt. Das Schlimmste ist allerdings, das plötzlich mein Desktop leer war. Zurücksetzen des Explorers über Taskmanager brachte ein paar Programme zurück, aber meine persönlichen Ordner mit Bildern und Dokumenten waren weg und auch mit Recovery Tool nicht mal teilweise auffindbar/wiederherstellbar. Ich glaube ich habe ungebetene Gäste, denn es taucht ständig neue Software auf, Dateien und ganze Ordner werden im Explorer versteckt und mit Verknüpfungen versehen, der Zugriff wird mir verweigert. Sieht so aus als hätte ich plötzlich Festplattenpartitionen wo vorher keine waren. Die Ereignisanzeige erzählt was von wilden Benutzerwechseln, ausgelöst durch Dateien wie explorer.exe. Ich würde ja einfach alles platt machen und von vorne anfangen aber ich habe die vage Hoffnung meine verlorenen Dateien noch wiederzufinden. Ich hab den Administrator aktiviert und so viele Ordnerberechtigungen wie möglich zurück geholt, aber ich werde ständig blockiert und die Ordnerstruktur ist inzwischen sowieso auch ohne mein Zutun nur ein einziges Durcheinander. Hilfe, bitte, bevor ich alles kaputt mache oder meinen schönen Lenovo in nem Wutanfall ausm 5. Stock schmeiße. Farbar habe ich gerade laufen lassen: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Manja (Administrator) auf LENOVO-PC (10-04-2017 22:55:10)
Gestartet von C:\Users\Manja\Desktop
Geladene Profile: Manja (Verfügbare Profile: Manja & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\Vidalia Relay Bundle\Tor\tor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Users\Manja\AppData\Local\Apps\2.0\H1XBY3NA.MTY\ORDNQXPM.YZE\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9309936 2015-08-30] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [393208 2016-10-07] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-03-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-03-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Everything] => C:\Users\Administrator\Desktop\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [tsnp2std] => C:\WINDOWS\tsnp2std.exe [258048 2007-01-05] (SONIX)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [63432 2017-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\Run: [Vidalia] => C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe [6239727 2013-01-26] ()
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\MountPoints2: {152510a8-0b88-11e7-8381-4a5ab6dfb585} - "F:\AutoRun.exe"
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKLM\...\Providers\uccs53rf: C:\Program Files (x86)\Grotersp Mapper\local64spl.dll [310784 2017-02-07] ()
ShellExecuteHooks: Kein Name - {B7F52870-EABC-11E6-A3B1-64006A5CFC23} - C:\Users\Manja\AppData\Roaming\Valrythujaent\Faoing.dll [145408 2017-02-07] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileSyncShell64.dll [2017-03-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncShell.dll [2017-03-02] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2015-10-11]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe (ArcSoft, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a859d951-1702-4c70-843c-1f03b6a5db08}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> DefaultScope {F89CBD86-A9F4-11E4-826F-485AB6DFB586} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {0BB5F216-46AD-4421-8307-71AD5A980D61} URL =
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {F89CBD86-A9F4-11E4-826F-485AB6DFB586} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {FF9451C6-C472-4F44-98C3-0A2D6DCACFBE} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 [2017-04-10]
FF Homepage: Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 -> hxxps://www.ixquick.com/do/mypage.pl?prf=71655fbbbc8e4b165b2a6245f3e01481
FF NetworkProxy: Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 -> type", 0
FF Extension: (Easy Screenshot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\easyscreenshot@mozillaonline.com.xpi [2017-03-05]
FF Extension: (Ghostery) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\firefox@ghostery.com.xpi [2017-03-05]
FF Extension: (HTTPS Everywhere) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\https-everywhere-eff@eff.org.xpi [2017-04-09]
FF Extension: (ProxTube) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\ich@maltegoetz.de.xpi [2017-03-05]
FF Extension: (YouTube mp3) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\info@youtube-mp3.org.xpi [2017-03-05]
FF Extension: (FireShot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2017-03-05]
FF Extension: (FlashGot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-03-05]
FF Extension: (Youtube to MP3 Converter) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{37115292-022c-4500-a5da-95738388073a}.xpi [2017-03-06]
FF Extension: (NoScript) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-18]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-03-05]
FF Extension: (Video DownloadHelper) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-03-05]
FF Extension: (Adblock Plus) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-05]
FF Extension: (DownThemAll!) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-03-05]
FF Extension: (Site Deployment Checker) - C:\Program Files\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-22] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-05] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-05] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-13] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-08-17] (Nitro PDF)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2024608735-1276328420-4132175576-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-07]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487432 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487432 2017-03-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519136 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349096 2017-01-19] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365048 2016-10-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-02-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-02-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-02-15] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\WINDOWS\System32\drivers\avmeject.sys [14120 2014-11-21] (AVM Berlin)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-02-15] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [48584 2017-02-15] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
S3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11245816 2015-07-31] (Broadcom Corp)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11245816 2015-07-31] (Broadcom Corp)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 fwlanusb5_nv2; C:\WINDOWS\system32\DRIVERS\fwlanusb5_nv2.sys [1322824 2014-11-21] (AVM GmbH)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059440 2015-08-30] (Realtek Semiconductor Corp.)
U5 sbnetsys; C:\Windows\System32\Drivers\sbnetsys.sys [44648 2015-04-17] (NT Kernel Resources)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 smsbda; C:\WINDOWS\system32\drivers\smsbda.sys [89224 2014-04-27] (Siano)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Geändert von Manicka (10.04.2017 um 22:53 Uhr) |
|
11.04.2017, 06:55
| #2 |
| | Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder abCode:
ATTFilter ==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-04-10 22:52 - 2017-04-10 22:53 - 00045181 _____ C:\Users\Manja\Desktop\Addition.txt
2017-04-10 22:51 - 2017-04-10 22:55 - 00024599 _____ C:\Users\Manja\Desktop\FRST.txt
2017-04-10 22:46 - 2017-04-10 22:55 - 00000000 ____D C:\FRST
2017-04-10 22:36 - 2017-04-10 22:39 - 02424832 _____ (Farbar) C:\Users\Manja\Desktop\FRST64.exe
2017-04-10 22:01 - 2017-04-10 22:01 - 00000000 ___HD C:\OneDriveTemp
2017-04-10 21:53 - 2017-04-10 21:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-09 22:03 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2017-04-09 22:03 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2017-04-09 20:25 - 2017-04-09 20:38 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2017-04-09 20:25 - 2017-04-09 20:30 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2017-04-09 20:25 - 2017-04-09 20:25 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2017-04-09 19:51 - 2017-04-09 19:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\NetworkTiles
2017-04-07 22:48 - 2017-04-07 22:48 - 00000064 _____ C:\Users\Administrator\Desktop\Liste.txt
2017-04-07 21:09 - 2017-04-07 21:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IrfanView
2017-04-07 19:23 - 2017-04-07 19:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Nitro
2017-04-07 19:23 - 2017-04-07 19:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\FileOpen
2017-04-07 11:22 - 2017-04-07 01:08 - 00380928 _____ C:\Users\Administrator\Desktop\gmer-2.2.19882.exe
2017-04-07 07:12 - 2017-04-07 07:12 - 00000000 _____ C:\WINDOWS\EEventManager.INI
2017-04-07 07:10 - 2017-04-07 07:10 - 00000126 _____ C:\Users\Administrator\Desktop\suchen.txt
2017-04-07 07:07 - 2017-04-07 07:07 - 00000000 ____D C:\Users\Manja\Desktop\Ordner
2017-04-07 07:04 - 2017-04-09 22:14 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Everything
2017-04-07 07:04 - 2017-04-07 07:04 - 00000000 ____D C:\Users\Administrator\Desktop\Everything
2017-04-07 07:04 - 2017-04-07 07:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2017-04-07 04:47 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-04-07 04:47 - 2017-04-07 04:47 - 00004130 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9DEBC851-7D2C-4B48-9E0E-F39BF352DD8A}
2017-04-07 04:22 - 2017-04-07 04:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2017-04-07 04:21 - 2017-04-07 04:21 - 00002458 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ___RD C:\Users\Administrator\OneDrive
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Epson
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ArcSoft
2017-04-07 04:20 - 2017-04-07 04:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2017-04-07 04:19 - 2017-04-09 22:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-04-07 04:19 - 2017-04-09 21:19 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2017-04-07 04:19 - 2017-04-07 08:58 - 00000000 ____D C:\Users\Administrator
2017-04-07 04:19 - 2017-04-07 08:56 - 00000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2017-04-07 04:19 - 2017-04-07 04:19 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI
2017-04-07 04:19 - 2013-02-04 08:18 - 00000189 _____ C:\Users\Administrator\Desktop\Lenovo Telephony Start Now.url
2017-04-07 01:43 - 2017-04-07 01:43 - 00000000 ____D C:\ProgramData\ATI
2017-04-06 07:01 - 2017-04-07 01:08 - 00380928 _____ C:\Users\Manja\Desktop\gmer-2.2.19882.exe
2017-04-03 21:12 - 2017-04-03 21:12 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2017-04-03 19:42 - 2017-04-03 19:49 - 286261248 _____ C:\Users\Manja\Downloads\gparted-live-0.28.1-1-amd64.iso
2017-04-03 19:42 - 2017-04-03 19:42 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-04-03 19:37 - 2017-04-03 19:39 - 01496584 _____ C:\Users\Manja\Downloads\GParted Live 64 Bit ISO Image - CHIP-Installer.exe
2017-03-31 05:15 - 2017-04-03 21:14 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Everything
2017-03-31 05:15 - 2017-03-31 05:15 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2017-03-31 05:15 - 2017-03-31 05:15 - 00000000 ____D C:\Program Files\Everything
2017-03-31 05:13 - 2017-03-31 05:13 - 00000000 ____D C:\Users\Manja\Documents\Everything_1.3.4.686
2017-03-27 00:37 - 2017-03-27 00:38 - 00412748 _____ C:\WINDOWS\Minidump\032717-28515-01.dmp
2017-03-25 21:04 - 2017-03-25 21:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-03-25 20:45 - 2017-03-27 00:37 - 594119935 _____ C:\WINDOWS\MEMORY.DMP
2017-03-25 20:45 - 2017-03-27 00:37 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-25 20:45 - 2017-03-25 20:47 - 00413052 _____ C:\WINDOWS\Minidump\032517-31109-01.dmp
2017-03-25 07:51 - 2017-04-06 03:30 - 00000437 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-03-25 07:32 - 2017-03-25 07:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2017-03-25 05:22 - 2017-03-25 05:23 - 00000000 ____D C:\Users\Manja\AppData\Local\Deployment
2017-03-25 05:19 - 2017-03-25 05:21 - 00611400 _____ () C:\Users\Manja\Downloads\LSBsetup(1).exe
2017-03-22 21:14 - 2017-03-16 07:17 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-22 21:14 - 2017-03-16 07:17 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-22 21:14 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-22 21:14 - 2017-03-16 06:46 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-22 21:14 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-22 21:14 - 2017-03-16 06:19 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-22 21:14 - 2017-03-16 06:05 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-22 21:14 - 2017-03-16 06:03 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-22 21:05 - 2017-03-22 21:05 - 00000000 ____D C:\Users\Manja\Documents\Epson
2017-03-16 04:10 - 2017-03-10 07:17 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-16 04:10 - 2017-03-10 07:17 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-16 03:33 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-16 03:33 - 2017-03-04 09:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-16 03:33 - 2017-03-04 09:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-16 03:33 - 2017-03-04 09:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-16 03:33 - 2017-03-04 09:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-16 03:33 - 2017-03-04 09:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-16 03:33 - 2017-03-04 09:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-16 03:33 - 2017-03-04 09:09 - 00412184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsMiraDisp.dll
2017-03-16 03:33 - 2017-03-04 09:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-16 03:33 - 2017-03-04 09:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-16 03:33 - 2017-03-04 09:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-16 03:33 - 2017-03-04 09:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-16 03:33 - 2017-03-04 08:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-16 03:33 - 2017-03-04 08:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-16 03:33 - 2017-03-04 08:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-16 03:33 - 2017-03-04 08:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-16 03:33 - 2017-03-04 08:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-16 03:33 - 2017-03-04 08:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-16 03:33 - 2017-03-04 08:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-16 03:33 - 2017-03-04 08:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-16 03:33 - 2017-03-04 08:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-16 03:33 - 2017-03-04 08:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-16 03:33 - 2017-03-04 08:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-16 03:33 - 2017-03-04 08:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-16 03:33 - 2017-03-04 08:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-16 03:33 - 2017-03-04 08:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-16 03:33 - 2017-03-04 08:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-16 03:33 - 2017-03-04 08:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-16 03:33 - 2017-03-04 08:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-16 03:33 - 2017-03-04 08:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-16 03:33 - 2017-03-04 08:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-16 03:33 - 2017-03-04 08:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-16 03:33 - 2017-03-04 08:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-16 03:33 - 2017-03-04 08:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-16 03:33 - 2017-03-04 08:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-16 03:33 - 2017-03-04 08:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-16 03:33 - 2017-03-04 08:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-16 03:33 - 2017-03-04 08:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-16 03:33 - 2017-03-04 08:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-16 03:33 - 2017-03-04 08:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-16 03:33 - 2017-03-04 08:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-16 03:33 - 2017-03-04 08:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-16 03:33 - 2017-03-04 08:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-16 03:33 - 2017-03-04 08:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-16 03:33 - 2017-03-04 08:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-16 03:33 - 2017-03-04 08:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-16 03:33 - 2017-03-04 08:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-16 03:33 - 2017-03-04 08:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-16 03:33 - 2017-03-04 08:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-16 03:33 - 2017-03-04 08:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-16 03:33 - 2017-03-04 08:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-16 03:33 - 2017-03-04 08:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-16 03:33 - 2017-03-04 08:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-16 03:33 - 2017-03-04 08:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-16 03:33 - 2017-03-04 08:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-16 03:33 - 2017-03-04 08:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-16 03:33 - 2017-03-04 08:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-16 03:33 - 2017-03-04 08:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-16 03:33 - 2017-03-04 08:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-16 03:33 - 2017-03-04 08:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-16 03:33 - 2017-03-04 08:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-16 03:33 - 2017-03-04 08:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-16 03:33 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-16 03:33 - 2017-03-04 08:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-16 03:33 - 2017-03-04 08:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-16 03:33 - 2017-03-04 08:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-16 03:33 - 2017-03-04 08:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-16 03:33 - 2017-03-04 08:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-16 03:33 - 2017-03-04 08:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-16 03:33 - 2017-03-04 08:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-16 03:33 - 2017-03-04 08:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-16 03:33 - 2017-03-04 08:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-16 03:33 - 2017-03-04 08:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-16 03:33 - 2017-03-04 08:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-16 03:33 - 2017-03-04 08:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-16 03:33 - 2017-03-04 08:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-16 03:33 - 2017-03-04 08:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-16 03:33 - 2017-03-04 08:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-16 03:33 - 2017-03-04 08:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-16 03:33 - 2017-03-04 08:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-16 03:33 - 2017-03-04 08:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-16 03:33 - 2017-03-04 08:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-16 03:33 - 2017-03-04 08:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-16 03:33 - 2017-03-04 08:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-16 03:33 - 2017-03-04 08:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-16 03:33 - 2017-03-04 08:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-16 03:33 - 2017-03-04 08:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-16 03:33 - 2017-03-04 08:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-16 03:33 - 2017-03-04 08:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-16 03:33 - 2017-03-04 08:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-16 03:33 - 2017-03-04 08:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-16 03:33 - 2017-03-04 08:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-16 03:33 - 2017-03-04 08:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-16 03:33 - 2017-03-04 08:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-16 03:33 - 2017-03-04 08:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-16 03:33 - 2017-03-04 08:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-16 03:33 - 2017-03-04 08:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-16 03:33 - 2017-03-04 08:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-16 03:33 - 2017-03-04 08:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-16 03:33 - 2017-03-04 08:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-16 03:33 - 2017-03-04 08:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-16 03:33 - 2017-03-04 08:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-16 03:33 - 2017-03-04 08:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-16 03:33 - 2017-03-04 08:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-16 03:33 - 2017-03-04 08:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-16 03:33 - 2017-03-04 08:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-16 03:33 - 2017-03-04 08:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-16 03:33 - 2017-03-04 08:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-16 03:33 - 2017-03-04 08:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-16 03:33 - 2017-03-04 08:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-16 03:33 - 2017-03-04 08:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-16 03:33 - 2017-03-04 08:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-16 03:33 - 2017-03-04 08:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-16 03:33 - 2017-03-04 08:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-16 03:33 - 2017-03-04 08:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-16 03:33 - 2017-03-04 08:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-16 03:33 - 2017-03-04 08:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-16 03:33 - 2017-03-04 07:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-16 03:33 - 2017-03-04 07:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-16 03:33 - 2017-03-04 07:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-16 03:33 - 2017-03-04 07:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-16 03:33 - 2017-03-04 07:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-16 03:33 - 2017-03-04 07:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-16 03:32 - 2017-03-04 09:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-16 03:32 - 2017-03-04 09:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-16 03:32 - 2017-03-04 09:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-16 03:32 - 2017-03-04 09:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-16 03:32 - 2017-03-04 09:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-16 03:32 - 2017-03-04 09:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-16 03:32 - 2017-03-04 09:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-16 03:32 - 2017-03-04 09:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-16 03:32 - 2017-03-04 09:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-16 03:32 - 2017-03-04 09:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-16 03:32 - 2017-03-04 09:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-16 03:32 - 2017-03-04 09:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-16 03:32 - 2017-03-04 09:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-16 03:32 - 2017-03-04 09:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-16 03:32 - 2017-03-04 09:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-16 03:32 - 2017-03-04 09:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-16 03:32 - 2017-03-04 09:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-16 03:32 - 2017-03-04 09:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-16 03:32 - 2017-03-04 09:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-16 03:32 - 2017-03-04 09:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-16 03:32 - 2017-03-04 09:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-16 03:32 - 2017-03-04 09:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-16 03:32 - 2017-03-04 09:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-16 03:32 - 2017-03-04 09:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-16 03:32 - 2017-03-04 09:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-16 03:32 - 2017-03-04 09:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-16 03:32 - 2017-03-04 09:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-16 03:32 - 2017-03-04 09:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-16 03:32 - 2017-03-04 09:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-16 03:32 - 2017-03-04 09:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-16 03:32 - 2017-03-04 09:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-16 03:32 - 2017-03-04 09:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-16 03:32 - 2017-03-04 09:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-16 03:32 - 2017-03-04 09:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-16 03:32 - 2017-03-04 09:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-16 03:32 - 2017-03-04 09:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-16 03:32 - 2017-03-04 09:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-16 03:32 - 2017-03-04 09:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-16 03:32 - 2017-03-04 09:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-16 03:32 - 2017-03-04 09:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-16 03:32 - 2017-03-04 09:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-16 03:32 - 2017-03-04 09:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-16 03:32 - 2017-03-04 09:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-16 03:32 - 2017-03-04 09:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-16 03:32 - 2017-03-04 09:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-16 03:32 - 2017-03-04 09:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-16 03:32 - 2017-03-04 09:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-16 03:32 - 2017-03-04 09:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-16 03:32 - 2017-03-04 09:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-16 03:32 - 2017-03-04 09:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-16 03:32 - 2017-03-04 09:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-16 03:32 - 2017-03-04 09:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-16 03:32 - 2017-03-04 09:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-16 03:32 - 2017-03-04 09:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-16 03:32 - 2017-03-04 09:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-16 03:32 - 2017-03-04 09:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-16 03:32 - 2017-03-04 09:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-16 03:32 - 2017-03-04 09:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
Code:
ATTFilter
2017-03-16 03:32 - 2017-03-04 09:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-16 03:32 - 2017-03-04 09:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-16 03:32 - 2017-03-04 09:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-16 03:32 - 2017-03-04 09:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-16 03:32 - 2017-03-04 09:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-16 03:32 - 2017-03-04 09:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-16 03:32 - 2017-03-04 09:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-16 03:32 - 2017-03-04 09:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-16 03:32 - 2017-03-04 09:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-16 03:32 - 2017-03-04 09:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-16 03:32 - 2017-03-04 09:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-16 03:32 - 2017-03-04 08:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-16 03:32 - 2017-03-04 08:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-16 03:32 - 2017-03-04 08:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-16 03:32 - 2017-03-04 08:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-16 03:32 - 2017-03-04 08:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-16 03:32 - 2017-03-04 08:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-16 03:32 - 2017-03-04 08:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-16 03:32 - 2017-03-04 08:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-16 03:32 - 2017-03-04 08:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-16 03:32 - 2017-03-04 08:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-16 03:32 - 2017-03-04 08:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-16 03:32 - 2017-03-04 08:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-16 03:32 - 2017-03-04 08:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-16 03:32 - 2017-03-04 08:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-16 03:32 - 2017-03-04 08:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-16 03:32 - 2017-03-04 08:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-16 03:32 - 2017-03-04 08:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-16 03:32 - 2017-03-04 08:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-16 03:32 - 2017-03-04 08:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-16 03:32 - 2017-03-04 08:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-16 03:32 - 2017-03-04 08:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-16 03:32 - 2017-03-04 08:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-16 03:32 - 2017-03-04 08:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-16 03:32 - 2017-03-04 08:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-16 03:32 - 2017-03-04 08:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-16 03:32 - 2017-03-04 08:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-16 03:32 - 2017-03-04 08:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-16 03:32 - 2017-03-04 08:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-16 03:32 - 2017-03-04 08:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-16 03:32 - 2017-03-04 08:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-16 03:32 - 2017-03-04 08:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-16 03:32 - 2017-03-04 08:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-16 03:32 - 2017-03-04 08:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-16 03:32 - 2017-03-04 08:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-16 03:32 - 2017-03-04 08:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-16 03:32 - 2017-03-04 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-16 03:32 - 2017-03-04 08:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-16 03:32 - 2017-03-04 08:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-16 03:32 - 2017-03-04 08:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-16 03:32 - 2017-03-04 08:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-16 03:32 - 2017-03-04 08:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-16 03:32 - 2017-03-04 08:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-16 03:32 - 2017-03-04 08:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-16 03:32 - 2017-03-04 08:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-16 03:32 - 2017-03-04 08:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-16 03:32 - 2017-03-04 08:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-16 03:32 - 2017-03-04 08:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-16 03:32 - 2017-03-04 08:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-16 03:32 - 2017-03-04 08:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-16 03:32 - 2017-03-04 08:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-16 03:32 - 2017-03-04 08:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-16 03:32 - 2017-03-04 08:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-16 03:32 - 2017-03-04 08:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-16 03:32 - 2017-03-04 08:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-16 03:32 - 2017-03-04 08:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-16 03:32 - 2017-03-04 08:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-16 03:32 - 2017-03-04 08:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-16 03:32 - 2017-03-04 08:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-16 03:32 - 2017-03-04 08:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-16 03:32 - 2017-03-04 08:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-16 03:32 - 2017-03-04 08:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-16 03:32 - 2017-03-04 08:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-16 03:32 - 2017-03-04 08:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-16 03:32 - 2017-03-04 08:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-16 03:32 - 2017-03-04 08:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-16 03:32 - 2017-03-04 08:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-16 03:32 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-16 03:32 - 2017-03-04 08:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-16 03:32 - 2017-03-04 08:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-16 03:32 - 2017-03-04 08:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-16 03:32 - 2017-03-04 08:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-16 03:32 - 2017-03-04 08:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-16 03:32 - 2017-03-04 08:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-16 03:32 - 2017-03-04 08:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-16 03:32 - 2017-03-04 08:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-16 03:32 - 2017-03-04 08:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-16 03:32 - 2017-03-04 08:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-16 03:32 - 2017-03-04 08:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-16 03:32 - 2017-03-04 08:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-16 03:32 - 2017-03-04 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-16 03:32 - 2017-03-04 08:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-16 03:32 - 2017-03-04 08:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-16 03:32 - 2017-03-04 08:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-16 03:32 - 2017-03-04 08:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-16 03:32 - 2017-03-04 08:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-16 03:32 - 2017-03-04 08:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-16 03:32 - 2017-03-04 08:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-16 03:32 - 2017-03-04 08:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-16 03:32 - 2017-03-04 08:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-16 03:32 - 2017-03-04 08:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-16 03:32 - 2017-03-04 08:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-16 03:32 - 2017-03-04 08:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-16 03:32 - 2017-03-04 08:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-16 03:32 - 2017-03-04 08:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-16 03:32 - 2017-03-04 08:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-16 03:32 - 2017-03-04 08:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-16 03:32 - 2017-03-04 08:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-16 03:32 - 2017-03-04 08:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-16 03:32 - 2017-03-04 08:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-16 03:32 - 2017-03-04 08:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-16 03:32 - 2017-03-04 08:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-16 03:32 - 2017-03-04 08:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-16 03:32 - 2017-03-04 08:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-16 03:32 - 2017-03-04 08:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-16 03:32 - 2017-03-04 08:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-16 03:32 - 2017-03-04 08:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-16 03:32 - 2017-03-04 08:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-16 03:32 - 2017-03-04 08:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-16 03:32 - 2017-03-04 08:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-16 03:32 - 2017-03-04 07:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-16 03:32 - 2017-02-22 04:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-16 03:32 - 2016-07-16 04:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-16 03:32 - 2016-07-16 04:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-16 03:32 - 2016-07-16 04:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-16 03:31 - 2016-05-29 20:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-16 02:48 - 2017-04-06 04:42 - 00007600 _____ C:\Users\Manja\AppData\Local\Resmon.ResmonCfg
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-04-10 22:51 - 2016-11-25 13:06 - 00000000 ____D C:\Users\Manja\AppData\LocalLow\Mozilla
2017-04-10 22:50 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Manja\AppData\Roaming\tor
2017-04-10 22:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-10 22:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-10 22:09 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-10 22:01 - 2016-02-24 11:37 - 00000000 ___RD C:\Users\Manja\OneDrive
2017-04-10 21:58 - 2017-02-28 04:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-10 21:53 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Manja\AppData\Local\Vidalia
2017-04-10 21:53 - 2016-02-24 11:28 - 00000000 __SHD C:\Users\Manja\IntelGraphicsProfiles
2017-04-09 21:17 - 2017-02-28 05:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-09 21:17 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-07 19:23 - 2014-06-03 11:42 - 00000000 ____D C:\ProgramData\tmp
2017-04-07 15:13 - 2017-02-28 05:22 - 02471578 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-07 15:13 - 2016-07-17 00:51 - 01043428 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-07 15:13 - 2016-07-17 00:51 - 00241188 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-07 04:19 - 2014-05-14 01:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-06 06:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2017-04-06 00:35 - 2016-08-30 01:10 - 00000000 ____D C:\Users\Manja\AppData\Local\ElevatedDiagnostics
2017-04-03 20:03 - 2014-05-13 18:56 - 00000000 ____D C:\Users\Manja\AppData\Local\Packages
2017-04-01 17:49 - 2017-03-05 03:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-01 17:49 - 2014-05-17 21:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-30 23:06 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-30 23:06 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-27 00:56 - 2017-02-28 05:02 - 00000000 ____D C:\Users\Manja
2017-03-27 00:46 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-26 00:58 - 2017-03-05 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-25 08:02 - 2014-05-29 13:06 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Nitro PDF
2017-03-24 00:27 - 2017-02-03 18:19 - 00000000 ____D C:\Users\Manja\Downloads\Intel Components
2017-03-24 00:19 - 2016-10-16 23:55 - 00000000 ____D C:\Users\Manja\Documents\My Albums
2017-03-24 00:19 - 2015-10-11 21:15 - 00000000 ____D C:\Users\Manja\AppData\Roaming\ArcSoft
2017-03-22 21:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-22 21:21 - 2016-10-28 17:51 - 00000000 ____D C:\Program Files (x86)\BILDmobil
2017-03-22 20:28 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-22 20:26 - 2015-01-13 08:02 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-03-20 23:00 - 2017-03-04 16:47 - 00000000 ____D C:\AdwCleaner
2017-03-18 05:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-16 04:07 - 2017-02-28 04:46 - 00240912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-16 04:07 - 2015-05-04 21:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-16 04:07 - 2015-05-04 21:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-16 04:04 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-16 03:58 - 2014-07-05 18:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-16 03:56 - 2014-07-05 18:19 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-16 03:37 - 2015-05-04 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-16 03:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-02-08 00:52 - 2017-02-08 00:52 - 1907939 _____ () C:\Users\Manja\AppData\Roaming\Bioflex.tst
2017-03-16 02:48 - 2017-04-06 04:42 - 0007600 _____ () C:\Users\Manja\AppData\Local\Resmon.ResmonCfg
2017-02-28 04:53 - 2017-02-28 04:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-04-09 13:44
==================== Ende von FRST.txt ============================
|
|
11.04.2017, 06:56
| #3 |
| | Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Manja (10-04-2017 22:55:33)
Gestartet von C:\Users\Manja\Desktop
Windows 10 Home Version 1607 (X64) (2017-02-28 03:37:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2024608735-1276328420-4132175576-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2024608735-1276328420-4132175576-503 - Limited - Disabled)
Gast (S-1-5-21-2024608735-1276328420-4132175576-501 - Limited - Disabled)
Manja (S-1-5-21-2024608735-1276328420-4132175576-1001 - Administrator - Enabled) => C:\Users\Manja
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.2.4 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{435CE0C6-084B-7235-D55E-8C6E630D78EA}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcSoft Software Suite (HKLM-x32\...\{4A712D29-DBE3-4381-A331-AF4AE5BEB244}) (Version: - )
ArcSoft TV 5.0 (HKLM-x32\...\{94ED52E0-24A0-4AD8-9BFD-0560CA680A80}) (Version: 5.0.28.218 - ArcSoft, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.172 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{1f8bb480-f5d7-4414-a6ea-28e005509ae4}) (Version: 1.2.81.6390 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.6390 - Avira Operations GmbH & Co. KG) Hidden
Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.1.18829 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden
Epson Benutzerhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Useg) (Version: - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.62.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Netg) (Version: - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0045 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4911.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 52.0.2 (x64 de) (HKLM\...\Mozilla Firefox 52.0.2 (x64 de)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
Nitro Pro 8 (HKLM\...\{84DAF9F1-513C-49F8-89D2-63CB3F4A7E39}) (Version: 8.5.7.1 - Nitro)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4911.1002 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.320.0 - Tracker Software Products Ltd)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0231 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Tor 0.2.4.9-alpha (HKLM-x32\...\Tor) (Version: - )
ultron AG ultron DVB-T Stick (HKLM-x32\...\ultron AG ultron DVB-T Stick) (Version: 4.3.5.7 - ultron AG)
USB2.0 PC Camera (SN9C201&202) (HKLM-x32\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.22.000 - Sonix)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
Vidalia 0.2.21 (HKLM-x32\...\Vidalia) (Version: - )
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows-Treiberpaket - ultron AG (smsbda) MEDIA (04/27/2014 4.3.5.7) (HKLM\...\37842D1EA68B09186EEC8F2AE7AB5BF2FF059EFD) (Version: 04/27/2014 4.3.5.7 - ultron AG)
Code:
ATTFilter ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {007CE586-4B43-4396-BFE2-48C8514C822D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {008A7AF6-95D9-43D8-A75B-1373322D096C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {0AF08785-5B75-4A1D-8B84-44A6BF45F641} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {1130142D-1830-4153-B73C-1581E70F4141} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {1199A92B-5DF3-49A8-A505-D7FEB1C8ECD9} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {25AB9E8F-02F4-49FE-93DA-D8D24303AC8A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {2B70B99A-C3F8-4818-9ADE-63195674E9BF} - System32\Tasks\{5CCF53E0-6195-7F54-A07D-AE72C1E5B301} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\de0915e3\9a636640.dll" <==== ACHTUNG
Task: {3362DCCF-B0FD-413F-84E4-CD6AFF019356} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {483B62EE-FDC9-404A-ADF8-A68EB03E4578} - System32\Tasks\Grotersp Mapper => C:\Program Files (x86)\Clerbespdremerle\rerjupy.exe
Task: {48FF7396-B258-4F3D-A824-CA9F5E06DBB9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4C18A89B-BCED-4D53-988C-3B9FF2D9D036} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {4C3373A6-B580-4D06-982D-0456F128C31A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {5442CF63-E79F-4E46-9FEA-E831ADA4D657} - \Lenovo\Lenovo Service Bridge\S-1-5-21-2024608735-1276328420-4132175576-1001 -> Keine Datei <==== ACHTUNG
Task: {5997D2F3-C670-4A8F-97AC-0E54F8541177} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5C054594-146F-495F-BF90-55074A55420B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {5F651B40-E495-40FC-97CC-B769D51E3625} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {5FB14A42-4AF0-4FCF-ACA5-C9AAB1A5AC30} - System32\Tasks\{5B99FE32-EC32-4999-CADC-3708E75AFA31} => C:\ProgramData\{1234AB96-A59F-1C3D-87BC-4DC6AFCEA6B8}\C27A3036-75D1-879D-3EA9-9F8FB2081826.exe <==== ACHTUNG
Task: {5FE19C98-5417-4C21-A91A-205AE70A2CE4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {60B080EC-5184-4AB0-B6BA-4FC6DD8F78B2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {6712DD73-AC71-419E-819B-8BBD8937253F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-16] (Microsoft Corporation)
Task: {69995769-F31F-4B57-B315-12E77BE81A30} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-08-24] (Lenovo)
Task: {7BBB3BD4-C6F6-4E53-88CA-8DF876BA46E0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9A16F10C-3941-40EC-8E53-4D6A0AD6E30A} - \WPD\SqmUpload_S-1-5-21-2024608735-1276328420-4132175576-1001 -> Keine Datei <==== ACHTUNG
Task: {A97D182E-6FD5-4958-B722-8B7AEF57915D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {ABA34A64-4C7A-4B97-A40B-E3FAEC12C771} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {AFF68E91-0BEB-46CA-983A-953F2E6C8006} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {B159F619-E2CE-44CC-A560-90AD0D7675AF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {B352E0CE-D6FF-4FC1-9638-7FCBF2C5DA91} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {B8ACA62D-0C89-4170-94AD-D8CA9BA18F3B} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {BDB645B7-5705-4CF1-93E9-A218011E3CA0} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2017-02-06] (Tracker Software Products (Canada) Ltd.)
Task: {C5E1E20C-B993-414C-8950-C242C3BC2BFF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {DC54BA35-E04E-4660-BF9F-072D454DB84E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {E7588F34-6D49-478B-92E0-D17D81DACCD2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {EFB1B60A-BE55-495E-B471-04CFE945341B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F3A0743A-9069-41A6-8B85-645E032923B4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {F6B9BC7D-407E-4F6C-B928-EE278BAA6425} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-08-24] ()
Task: {F742BC81-DCCF-42E3-9077-D19C28618FB7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Manja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk -> C:\Users\Manja\Desktop\Ordner\Tor Browser\Browser\firefox.bat (Keine Datei)
Shortcut: C:\Users\Manja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-01-15 07:38 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-12 03:03 - 2012-04-24 12:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-11-17 23:05 - 2016-11-17 23:05 - 00156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-02-07 23:24 - 2017-02-07 23:23 - 00145408 _____ () C:\Users\Manja\AppData\Roaming\Valrythujaent\Faoing.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-07 00:07 - 2016-10-07 00:07 - 00393208 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-02-28 04:35 - 2017-02-28 04:35 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-01-26 14:02 - 2013-01-26 14:02 - 06239727 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
2000-01-01 01:00 - 2000-01-01 02:00 - 03096064 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\tor.exe
2017-02-08 04:52 - 2017-02-08 04:52 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-01-29 22:45 - 2017-01-18 17:36 - 00023416 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2017-04-10 22:04 - 2017-04-10 22:08 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 22:04 - 2017-04-10 22:08 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 22:04 - 2017-04-10 22:08 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 22:04 - 2017-04-10 22:08 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2009-06-23 04:42 - 2009-06-23 04:42 - 00043008 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\libgcc_s_dw2-1.dll
2011-08-24 00:59 - 2011-08-24 00:59 - 00047972 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\mingwm10.dll
2015-10-11 21:15 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
2015-10-11 21:15 - 2013-09-02 09:45 - 00016384 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00719217 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libevent-2-0-5.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00092599 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libssp-0.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00523262 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libgcc_s_sjlj-1.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00107520 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\zlib1.dll
2016-09-20 09:48 - 2016-09-20 09:48 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-02-07 23:23 - 00007503 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "emsisoft anti-malware"
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "avgnt"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{7FD5A268-6318-48F0-8D91-557CEA5E5BC9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{468F2A13-871E-419E-8131-BDCCD8EC0650}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{959E9D9F-BF07-476F-B6A3-B75BA71E4E26}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{7A5E8E0A-128C-4F5A-9FCD-599D552B2A72}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{C41149A8-34A4-49AF-B780-D8057222A577}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{2537BB56-6DCB-4828-AA2B-4019C03D21B2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{D9852551-C2C2-46AE-8563-737DB5119F16}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AD7A18C9-3CA1-4090-B4DD-D49D6ECFA06B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{ABA2D586-0848-41C9-B75B-94D23CE8B2C1}] => (Allow) %systemroot%\system32\alg.exe
==================== Wiederherstellungspunkte =========================
22-03-2017 21:15:54 Windows Update
30-03-2017 23:04:02 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft Kerneldebugger-Netzwerkadapter
Description: Microsoft Kerneldebugger-Netzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/10/2017 10:41:18 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LENOVO-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c5
Error: (04/10/2017 09:55:05 PM) (Source: chip 1-click download service) (EventID: 0) (User: )
Description: |ERORRS=;(380) error at getOrdersForVersion:Der Remotename konnte nicht aufgelöst werden: 'service.chip-secured-download.de'
;(180) error at GetHttpWebRequest: 1Der Remotename konnte nicht aufgelöst werden: 'api.chip-secured-download.de'
;(480) Could not load new Downlaoder
Error: (04/09/2017 10:14:37 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Error: (04/09/2017 10:14:35 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Error: (04/09/2017 10:04:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppXxat4m5y1bf9ghax409y1vwyatpqea4s8.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (04/09/2017 10:01:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe:App.AppX65n3t4j73ch7cremsjxn7q8bph1ma8jw.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (04/09/2017 10:00:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (04/09/2017 10:00:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (04/09/2017 10:00:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (04/09/2017 09:17:46 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Systemfehler:
=============
Error: (04/10/2017 10:51:10 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/10/2017 10:51:10 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/10/2017 10:51:10 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/10/2017 10:47:01 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/10/2017 10:47:01 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/10/2017 10:47:01 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/10/2017 10:46:28 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/10/2017 10:46:28 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/10/2017 10:46:28 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Lenovo-PC\Manja" (SID: S-1-5-21-2024608735-1276328420-4132175576-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/10/2017 10:46:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
Code: 8 0x0 0x0
CodeIntegrity:
===================================
Date: 2017-03-05 02:17:37.039
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 02:13:48.866
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 02:08:50.229
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-03-05 02:07:50.147
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 02:07:50.139
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 02:05:31.368
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-05 01:59:37.819
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 01:58:40.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-03-05 01:45:29.239
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 01:16:53.221
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 5749.09 MB
Summe virtueller Speicher: 17832.27 MB
Verfügbarer virtueller Speicher: 15210.32 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:891.53 GB) (Free:834.55 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.2 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 401F9FD4)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
19.04.2017, 19:51
| #4 |
| /// TB-Ausbilder   | Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
21.04.2017, 20:21
| #5 |
| | Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab TDSS Code:
ATTFilter 20:57:35.0839 0x2674 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
20:57:35.0839 0x2674 UEFI system
20:57:54.0464 0x2674 ============================================================
20:57:54.0464 0x2674 Current date / time: 2017/04/21 20:57:54.0464
20:57:54.0464 0x2674 SystemInfo:
20:57:54.0464 0x2674
20:57:54.0464 0x2674 OS Version: 10.0.14393 ServicePack: 0.0
20:57:54.0464 0x2674 Product type: Workstation
20:57:54.0464 0x2674 ComputerName: LENOVO-PC
20:57:54.0464 0x2674 UserName: Manja
20:57:54.0464 0x2674 Windows directory: C:\WINDOWS
20:57:54.0464 0x2674 System windows directory: C:\WINDOWS
20:57:54.0464 0x2674 Running under WOW64
20:57:54.0464 0x2674 Processor architecture: Intel x64
20:57:54.0464 0x2674 Number of processors: 4
20:57:54.0464 0x2674 Page size: 0x1000
20:57:54.0464 0x2674 Boot type: Normal boot
20:57:54.0464 0x2674 CodeIntegrityOptions = 0x00000001
20:57:54.0464 0x2674 ============================================================
20:58:02.0229 0x2674 KLMD registered as C:\WINDOWS\system32\drivers\04160760.sys
20:58:02.0229 0x2674 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.953, osProperties = 0x19
20:58:03.0229 0x2674 System UUID: {4F31EA09-3837-F40B-F169-B5FDCF9CF545}
20:58:04.0511 0x2674 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:58:04.0589 0x2674 ============================================================
20:58:04.0589 0x2674 \Device\Harddisk0\DR0:
20:58:04.0604 0x2674 GPT partitions:
20:58:04.0604 0x2674 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BF6A7184-8544-45FB-A78B-BBC875CD61C8}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
20:58:04.0604 0x2674 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3C4D5381-1FEE-49F4-BD08-A2842BEBD1A1}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:58:04.0604 0x2674 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {37B2536D-FC21-4E94-B713-58F446803292}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
20:58:04.0604 0x2674 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {628B78F7-34B0-491A-9D29-C48630E2AD30}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
20:58:04.0604 0x2674 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F6046E4B-531D-47E6-B859-17E7D4316F7C}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F70D800
20:58:04.0604 0x2674 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1039B095-4DDE-40DA-8D93-4306C7407A22}, Name: Basic data partition, StartLBA 0x6FBB8000, BlocksNum 0x3200000
20:58:04.0604 0x2674 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2ABF23B6-FA2C-428F-BC39-6BEC8C606C7E}, Name: Basic data partition, StartLBA 0x72DB8000, BlocksNum 0x194E800
20:58:04.0604 0x2674 MBR partitions:
20:58:04.0604 0x2674 ============================================================
20:58:04.0745 0x2674 C: <-> \Device\Harddisk0\DR0\Partition5
20:58:04.0933 0x2674 D: <-> \Device\Harddisk0\DR0\Partition6
20:58:04.0933 0x2674 ============================================================
20:58:04.0933 0x2674 Initialize success
20:58:04.0933 0x2674 ============================================================
20:59:17.0063 0x1c98 ============================================================
20:59:17.0063 0x1c98 Scan started
20:59:17.0063 0x1c98 Mode: Manual; SigCheck; TDLFS;
20:59:17.0063 0x1c98 ============================================================
20:59:17.0063 0x1c98 KSN ping started
20:59:43.0657 0x1c98 KSN ping finished: true
20:59:56.0767 0x1c98 ================ Scan system memory ========================
20:59:56.0767 0x1c98 System memory - ok
20:59:56.0767 0x1c98 ================ Scan services =============================
20:59:57.0173 0x1c98 1394ohci - ok
20:59:57.0189 0x1c98 3ware - ok
20:59:57.0220 0x1c98 ACPI - ok
20:59:57.0251 0x1c98 AcpiDev - ok
20:59:57.0267 0x1c98 acpiex - ok
20:59:57.0267 0x1c98 acpipagr - ok
20:59:57.0329 0x1c98 AcpiPmi - ok
20:59:57.0345 0x1c98 acpitime - ok
20:59:57.0392 0x1c98 [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
20:59:57.0923 0x1c98 ACPIVPC - ok
20:59:58.0126 0x1c98 [ 671133C0AC2D8B40B7574F69059653E9, A36CC49A0C829A5C4D6CF273791071213F5FFB57DC7022D523CFB731374FF63C ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:59:58.0157 0x1c98 AdobeARMservice - ok
20:59:58.0220 0x1c98 ADP80XX - ok
20:59:58.0423 0x1c98 [ 0D0E5281784C2C526BA43C2ECD374288, BE4B16E08A96A24BEB904A2216A538340FD91A11E0CAB43BF8788C35DAD2D2B5 ] Afc C:\WINDOWS\syswow64\drivers\Afc.sys
20:59:58.0454 0x1c98 Afc - ok
20:59:58.0470 0x1c98 AFD - ok
20:59:58.0517 0x1c98 ahcache - ok
20:59:58.0532 0x1c98 AJRouter - ok
20:59:58.0548 0x1c98 ALG - ok
20:59:58.0642 0x1c98 [ 0990E6809D6C56C6DA85FE0EF20280EA, CC18608EB12DFB055C3AFCA2BB44FEDEE451F3F8CFEB87141F8EAD53F6BF6DD5 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
20:59:58.0689 0x1c98 AMD External Events Utility - ok
20:59:58.0720 0x1c98 AmdK8 - ok
20:59:58.0720 0x1c98 amdkmdag - ok
20:59:58.0861 0x1c98 [ 29C00798F093C2F54628F7C54DA77001, 8C85D9936103E19C60C8DE4DE98EA7F722BD3676911D873007FF2D152A456ED7 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
20:59:58.0954 0x1c98 amdkmdap - ok
20:59:59.0001 0x1c98 [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
20:59:59.0032 0x1c98 amdkmpfd - ok
20:59:59.0048 0x1c98 AmdPPM - ok
20:59:59.0048 0x1c98 amdsata - ok
20:59:59.0064 0x1c98 amdsbs - ok
20:59:59.0064 0x1c98 amdxata - ok
20:59:59.0345 0x1c98 [ E6CEE7C270AD1CAE17EA910C85211BAE, 1DEB7185CEDC5918C20353C13AA0398D739A318729700F057B13821FF0FF5C97 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
20:59:59.0392 0x1c98 AntiVirMailService - ok
20:59:59.0423 0x1c98 [ 9658B76971381D9053E48E896256D5EB, 48C763BAF349E663D0E41657779BF5D1106A7C3E7F8C898185DC5D1998C0CDAF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
20:59:59.0470 0x1c98 AntiVirSchedulerService - ok
20:59:59.0517 0x1c98 [ 9658B76971381D9053E48E896256D5EB, 48C763BAF349E663D0E41657779BF5D1106A7C3E7F8C898185DC5D1998C0CDAF ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
20:59:59.0564 0x1c98 AntiVirService - ok
20:59:59.0736 0x1c98 [ B62E24EEC8C4B6E8A173CAD069B5033A, 719F7C51D615591E70D549552AC66343526902007480278C0E56AA7E1F406F96 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
20:59:59.0782 0x1c98 AntiVirWebService - ok
20:59:59.0798 0x1c98 AppID - ok
20:59:59.0814 0x1c98 AppIDSvc - ok
20:59:59.0829 0x1c98 Appinfo - ok
20:59:59.0861 0x1c98 applockerfltr - ok
20:59:59.0907 0x1c98 AppReadiness - ok
20:59:59.0923 0x1c98 AppXSvc - ok
20:59:59.0939 0x1c98 arcsas - ok
20:59:59.0954 0x1c98 AsyncMac - ok
21:00:00.0017 0x1c98 atapi - ok
21:00:00.0048 0x1c98 athr - ok
21:00:00.0079 0x1c98 AudioEndpointBuilder - ok
21:00:00.0095 0x1c98 Audiosrv - ok
21:00:00.0173 0x1c98 [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:00:00.0236 0x1c98 avgntflt - ok
21:00:00.0298 0x1c98 [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:00:00.0345 0x1c98 avipbb - ok
21:00:00.0517 0x1c98 [ 586FCB1EEC849C06A8DDDDAB276AF113, E193FA64A86C27B2B7AA43E74A196BCBF79A9644F94C96E84E6CC76A405193B6 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:00:00.0548 0x1c98 Avira.ServiceHost - ok
21:00:00.0579 0x1c98 [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:00:00.0595 0x1c98 avkmgr - ok
21:00:00.0626 0x1c98 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\WINDOWS\system32\drivers\avmeject.sys
21:00:00.0673 0x1c98 avmeject - ok
21:00:00.0720 0x1c98 [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
21:00:00.0767 0x1c98 avnetflt - ok
21:00:00.0907 0x1c98 [ D50D54178CA7BF63BD60ABEC8E7772CC, 19EFE0808C2660A22DD69158FEC30F8CB83167D832C3EBE12C99261C6FB79ADF ] avusbflt C:\WINDOWS\system32\Drivers\avusbflt.sys
21:00:00.0939 0x1c98 avusbflt - ok
21:00:00.0970 0x1c98 AxInstSV - ok
21:00:00.0986 0x1c98 b06bdrv - ok
21:00:01.0017 0x1c98 BasicDisplay - ok
21:00:01.0032 0x1c98 BasicRender - ok
21:00:01.0079 0x1c98 [ E68481BE45ADDF4E2A6790BB653610A4, 1F868D19C2CF206CAB36E990E5DC20782DB69FC51944CDFD494A09333E35F026 ] bcbtums C:\WINDOWS\system32\drivers\bcbtums.sys
21:00:01.0157 0x1c98 bcbtums - ok
21:00:01.0986 0x1c98 [ 85081187E02D743CDC8E2B8728281734, AB1BB7BB4A1C4446754D5A77D4DE25B042AEA95870092FE951C8C4CCDA8FCD15 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
21:00:02.0345 0x1c98 BCM43XX - ok
21:00:02.0564 0x1c98 [ 02123BE5D4D5CA48E93AC914EC936DC4, 1F5EBE116590726D0F601D487F26C7FC550F62144A0F9A64022E3DC2C940F17E ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe
21:00:02.0626 0x1c98 BcmBtRSupport - ok
21:00:02.0657 0x1c98 bcmfn - ok
21:00:02.0673 0x1c98 bcmfn2 - ok
21:00:03.0376 0x1c98 [ 85081187E02D743CDC8E2B8728281734, AB1BB7BB4A1C4446754D5A77D4DE25B042AEA95870092FE951C8C4CCDA8FCD15 ] BCMWL63A C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
21:00:03.0579 0x1c98 BCMWL63A - ok
21:00:03.0611 0x1c98 BDESVC - ok
21:00:03.0626 0x1c98 Beep - ok
21:00:03.0657 0x1c98 BFE - ok
21:00:03.0689 0x1c98 BITS - ok
21:00:03.0689 0x1c98 bowser - ok
21:00:03.0720 0x1c98 BrokerInfrastructure - ok
21:00:03.0751 0x1c98 Browser - ok
21:00:03.0767 0x1c98 BthA2DP - ok
21:00:03.0829 0x1c98 BthAvrcpTg - ok
21:00:03.0829 0x1c98 BthEnum - ok
21:00:03.0892 0x1c98 BthHFAud - ok
21:00:03.0907 0x1c98 BthHFEnum - ok
21:00:03.0923 0x1c98 bthhfhid - ok
21:00:03.0939 0x1c98 BthHFSrv - ok
21:00:03.0970 0x1c98 BthLEEnum - ok
21:00:03.0986 0x1c98 BTHMODEM - ok
21:00:04.0001 0x1c98 BthPan - ok
21:00:04.0017 0x1c98 BTHPORT - ok
21:00:04.0017 0x1c98 bthserv - ok
21:00:04.0017 0x1c98 BTHUSB - ok
21:00:04.0111 0x1c98 [ 93995198BCBA40C99994B4CF3ABCE964, 38A9422D9202FC1BA4104186BBA60CE55FD7A7239DB2CDE12B8D727F00F977AF ] btwampfl C:\WINDOWS\system32\DRIVERS\btwampfl.sys
21:00:04.0329 0x1c98 btwampfl - ok
21:00:04.0376 0x1c98 buttonconverter - ok
21:00:04.0392 0x1c98 CapImg - ok
21:00:04.0407 0x1c98 cdfs - ok
21:00:04.0439 0x1c98 CDPSvc - ok
21:00:04.0439 0x1c98 CDPUserSvc - ok
21:00:04.0626 0x1c98 cdrom - ok
21:00:04.0704 0x1c98 CertPropSvc - ok
21:00:04.0892 0x1c98 [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
21:00:05.0282 0x1c98 chip1click - detected UnsignedFile.Multi.Generic ( 1 )
21:00:05.0970 0x1c98 Detect skipped due to KSN trusted
21:00:05.0970 0x1c98 chip1click - ok
21:00:05.0986 0x1c98 cht4iscsi - ok
21:00:06.0017 0x1c98 cht4vbd - ok
21:00:06.0079 0x1c98 circlass - ok
21:00:06.0111 0x1c98 CLFS - ok
21:00:06.0767 0x1c98 [ 209D07A9F54C2211C4C1E387EC971C97, 02112545E31E617602ED527E9191BD819413FB3732EAD16699E0C5795F8C58B2 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:00:06.0829 0x1c98 ClickToRunSvc - ok
21:00:06.0845 0x1c98 ClipSVC - ok
21:00:06.0861 0x1c98 clreg - ok
21:00:06.0907 0x1c98 CmBatt - ok
21:00:06.0939 0x1c98 CNG - ok
21:00:06.0970 0x1c98 cnghwassist - ok
21:00:07.0095 0x1c98 [ A0E8F4630E62D7616F0186B07ED3B66B, 9EF5FCA42FF7ECA59EDE736908D37CF53421EED830FAA8EBBD461CE7939EA09C ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
21:00:07.0126 0x1c98 CnxtHdAudService - ok
21:00:07.0282 0x1c98 CompositeBus - ok
21:00:07.0298 0x1c98 COMSysApp - ok
21:00:07.0329 0x1c98 condrv - ok
21:00:07.0345 0x1c98 CoreMessagingRegistrar - ok
21:00:07.0501 0x1c98 [ 2EF1127FFCB66C5D41A98A734B021FE1, 4587DF6F67BAD40BDC07B9670CF15EBC86337A2B8AFAE73F89827076886F8B1A ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:00:09.0064 0x1c98 cphs - ok
21:00:09.0079 0x1c98 CryptSvc - ok
21:00:09.0142 0x1c98 [ 4E6337DE03F36BCE168110E6B59F6A5B, 2DB940EBBA971B3801E273B80D8CBD975040A8B87908E7E0733E4DBB0EFC2611 ] CxAudMsg C:\WINDOWS\system32\CxAudMsg64.exe
21:00:09.0157 0x1c98 CxAudMsg - ok
21:00:09.0173 0x1c98 dam - ok
21:00:09.0204 0x1c98 DcomLaunch - ok
21:00:09.0236 0x1c98 DcpSvc - ok
21:00:09.0267 0x1c98 defragsvc - ok
21:00:09.0282 0x1c98 DeviceAssociationService - ok
21:00:09.0298 0x1c98 DeviceInstall - ok
21:00:09.0345 0x1c98 DevQueryBroker - ok
21:00:09.0361 0x1c98 Dfsc - ok
21:00:09.0439 0x1c98 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:00:09.0861 0x1c98 dg_ssudbus - ok
21:00:09.0954 0x1c98 Dhcp - ok
21:00:10.0048 0x1c98 diagnosticshub.standardcollector.service - ok
21:00:10.0079 0x1c98 DiagTrack - ok
21:00:10.0126 0x1c98 disk - ok
21:00:10.0173 0x1c98 DmEnrollmentSvc - ok
21:00:10.0220 0x1c98 dmvsc - ok
21:00:10.0251 0x1c98 dmwappushservice - ok
21:00:10.0282 0x1c98 Dnscache - ok
21:00:10.0314 0x1c98 dot3svc - ok
21:00:10.0345 0x1c98 DPS - ok
21:00:10.0408 0x1c98 drmkaud - ok
21:00:10.0470 0x1c98 DsmSvc - ok
21:00:10.0486 0x1c98 DsSvc - ok
21:00:10.0517 0x1c98 DXGKrnl - ok
21:00:10.0532 0x1c98 EapHost - ok
21:00:10.0564 0x1c98 ebdrv - ok
21:00:10.0595 0x1c98 EFS - ok
21:00:10.0611 0x1c98 EhStorClass - ok
21:00:10.0657 0x1c98 EhStorTcgDrv - ok
21:00:10.0689 0x1c98 embeddedmode - ok
21:00:10.0704 0x1c98 EntAppSvc - ok
21:00:10.0814 0x1c98 [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc C:\WINDOWS\system32\EscSvc64.exe
21:00:10.0829 0x1c98 EpsonScanSvc - ok
21:00:11.0017 0x1c98 [ A7E8186E04F38E836C19AC147F8B2ED0, 329639595F02060C215A6334FCE1651FB9B9B5679BA9052A487B57265608D162 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
21:00:11.0032 0x1c98 EPSON_PM_RPCV4_05 - ok
21:00:11.0032 0x1c98 ErrDev - ok
21:00:11.0283 0x1c98 [ 8842ED1E87D7662F249B5B63501E693B, A6D71351C2F32295926664875369C0BF93C59541B023884BDAC684E1EA94487A ] ESRV_SVC_QUEENCREEK C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
21:00:11.0361 0x1c98 ESRV_SVC_QUEENCREEK - ok
21:00:11.0595 0x1c98 [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
21:00:11.0657 0x1c98 ETD - ok
21:00:11.0736 0x1c98 [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService C:\Program Files\Elantech\ETDService.exe
21:00:11.0767 0x1c98 ETDService - ok
21:00:11.0829 0x1c98 EventSystem - ok
21:00:11.0861 0x1c98 exfat - ok
21:00:11.0892 0x1c98 fastfat - ok
21:00:11.0908 0x1c98 Fax - ok
21:00:11.0939 0x1c98 fdc - ok
21:00:11.0970 0x1c98 fdPHost - ok
21:00:11.0970 0x1c98 FDResPub - ok
21:00:12.0048 0x1c98 fhsvc - ok
21:00:12.0111 0x1c98 FileCrypt - ok
21:00:12.0126 0x1c98 FileInfo - ok
21:00:12.0142 0x1c98 Filetrace - ok
21:00:12.0157 0x1c98 flpydisk - ok
21:00:12.0173 0x1c98 FltMgr - ok
21:00:12.0204 0x1c98 FontCache - ok
21:00:12.0314 0x1c98 FontCache3.0.0.0 - ok
21:00:12.0329 0x1c98 FrameServer - ok
21:00:12.0345 0x1c98 FsDepends - ok
21:00:12.0361 0x1c98 Fs_Rec - ok
21:00:12.0376 0x1c98 fvevol - ok
21:00:12.0611 0x1c98 [ 0D2843C3C676B852D0B01CEA1E1DAE6C, 2F2751E09725D52008865F08A08F9989BCC4BA07FBC11B3BEF4332DC463CFC63 ] fwlanusb5_nv2 C:\WINDOWS\system32\DRIVERS\fwlanusb5_nv2.sys
21:00:12.0657 0x1c98 fwlanusb5_nv2 - ok
21:00:12.0704 0x1c98 gencounter - ok
21:00:12.0767 0x1c98 genericusbfn - ok
21:00:12.0783 0x1c98 GPIOClx0101 - ok
21:00:12.0814 0x1c98 gpsvc - ok
21:00:12.0861 0x1c98 GpuEnergyDrv - ok
21:00:12.0892 0x1c98 HDAudBus - ok
21:00:12.0939 0x1c98 HidBatt - ok
21:00:12.0970 0x1c98 HidBth - ok
21:00:12.0986 0x1c98 hidi2c - ok
21:00:13.0001 0x1c98 hidinterrupt - ok
21:00:13.0001 0x1c98 HidIr - ok
21:00:13.0064 0x1c98 hidserv - ok
21:00:13.0079 0x1c98 HidUsb - ok
21:00:13.0095 0x1c98 HomeGroupListener - ok
21:00:13.0173 0x1c98 HomeGroupProvider - ok
21:00:13.0236 0x1c98 HpSAMD - ok
21:00:13.0251 0x1c98 HTTP - ok
21:00:13.0298 0x1c98 HvHost - ok
21:00:13.0361 0x1c98 hvservice - ok
21:00:13.0376 0x1c98 hwpolicy - ok
21:00:13.0392 0x1c98 hyperkbd - ok
21:00:13.0423 0x1c98 i8042prt - ok
21:00:13.0454 0x1c98 iagpio - ok
21:00:13.0470 0x1c98 iai2c - ok
21:00:13.0501 0x1c98 iaLPSS2i_GPIO2 - ok
21:00:13.0517 0x1c98 iaLPSS2i_I2C - ok
21:00:13.0548 0x1c98 iaLPSSi_GPIO - ok
21:00:13.0548 0x1c98 iaLPSSi_I2C - ok
21:00:13.0736 0x1c98 [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
21:00:13.0767 0x1c98 iaStorA - ok
21:00:13.0783 0x1c98 iaStorAV - ok
21:00:13.0892 0x1c98 [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:00:13.0907 0x1c98 IAStorDataMgrSvc - ok
21:00:13.0923 0x1c98 iaStorV - ok
21:00:13.0954 0x1c98 ibbus - ok
21:00:14.0001 0x1c98 icssvc - ok
21:00:15.0345 0x1c98 [ 197FC03D62EEBCBCB8866B7EC0E1A6F0, 4197CBDAED113D13256C20FD2058E72C60EB2C28AE60EF6C3B3A0969CD7B2764 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:00:15.0611 0x1c98 igfx - ok
21:00:15.0751 0x1c98 [ 34CB407D6FCAB16C8C1A1C97C72D15AC, 4EBC135F8ECB9756F62C0918CB811420FAC36AAE78667D318B9F4BF01862ECBD ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:00:15.0798 0x1c98 igfxCUIService2.0.0.0 - ok
21:00:15.0829 0x1c98 IKEEXT - ok
21:00:15.0861 0x1c98 IndirectKmd - ok
21:00:15.0908 0x1c98 [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
21:00:15.0954 0x1c98 intaud_WaveExtensible - ok
21:00:16.0079 0x1c98 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:00:16.0111 0x1c98 IntcDAud - ok
21:00:16.0314 0x1c98 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:00:16.0408 0x1c98 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:00:17.0673 0x1c98 Detect skipped due to KSN trusted
21:00:17.0673 0x1c98 Intel(R) Capability Licensing Service Interface - ok
21:00:17.0892 0x1c98 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:00:17.0923 0x1c98 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:00:17.0986 0x1c98 intelide - ok
21:00:18.0017 0x1c98 intelpep - ok
21:00:18.0048 0x1c98 intelppm - ok
21:00:18.0064 0x1c98 iorate - ok
21:00:18.0064 0x1c98 IpFilterDriver - ok
21:00:18.0126 0x1c98 iphlpsvc - ok
21:00:18.0142 0x1c98 IPMIDRV - ok
21:00:18.0158 0x1c98 IPNAT - ok
21:00:18.0173 0x1c98 irda - ok
21:00:18.0173 0x1c98 IRENUM - ok
21:00:18.0189 0x1c98 irmon - ok
21:00:18.0220 0x1c98 isapnp - ok
21:00:18.0251 0x1c98 iScsiPrt - ok
21:00:18.0548 0x1c98 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:00:18.0579 0x1c98 jhi_service - ok
21:00:18.0658 0x1c98 kbdclass - ok
21:00:18.0673 0x1c98 kbdhid - ok
21:00:18.0704 0x1c98 kdnic - ok
21:00:18.0704 0x1c98 KeyIso - ok
21:00:18.0720 0x1c98 KSecDD - ok
21:00:18.0751 0x1c98 KSecPkg - ok
21:00:18.0767 0x1c98 ksthunk - ok
21:00:18.0798 0x1c98 KtmRm - ok
21:00:18.0845 0x1c98 [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\WINDOWS\System32\drivers\L1C63x64.sys
21:00:18.0876 0x1c98 L1C - ok
21:00:18.0892 0x1c98 LanmanServer - ok
21:00:18.0892 0x1c98 LanmanWorkstation - ok
21:00:18.0939 0x1c98 lfsvc - ok
21:00:18.0970 0x1c98 LicenseManager - ok
21:00:18.0970 0x1c98 lltdio - ok
21:00:18.0986 0x1c98 lltdsvc - ok
21:00:19.0017 0x1c98 lmhosts - ok
21:00:19.0236 0x1c98 [ 4799AAD825F79C187FBA948D299386E7, 4E3618CF59B81825CF3E2AEC070CC57E3869BFF7543BB151530F02A3947A22F8 ] LSC.Services.SystemService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
21:00:19.0298 0x1c98 LSC.Services.SystemService - ok
21:00:19.0345 0x1c98 LSI_SAS - ok
21:00:19.0361 0x1c98 LSI_SAS2i - ok
21:00:19.0392 0x1c98 LSI_SAS3i - ok
21:00:19.0408 0x1c98 LSI_SSS - ok
21:00:19.0439 0x1c98 LSM - ok
21:00:19.0439 0x1c98 luafv - ok
21:00:19.0470 0x1c98 MapsBroker - ok
21:00:19.0501 0x1c98 megasas - ok
21:00:19.0564 0x1c98 megasas2i - ok
21:00:19.0579 0x1c98 megasr - ok
21:00:19.0626 0x1c98 [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:00:19.0673 0x1c98 MEIx64 - ok
21:00:19.0736 0x1c98 MessagingService - ok
21:00:19.0767 0x1c98 mlx4_bus - ok
21:00:19.0783 0x1c98 MMCSS - ok
21:00:19.0829 0x1c98 Modem - ok
21:00:19.0876 0x1c98 monitor - ok
21:00:19.0908 0x1c98 mouclass - ok
21:00:19.0908 0x1c98 mouhid - ok
21:00:19.0908 0x1c98 mountmgr - ok
21:00:20.0001 0x1c98 [ 2419641B6E64F4F76D369110969DA77C, 6E3FBCA61089BFFA0B214CD8AFF35E8F85FD3240BBA75B05FA4E98B2453AEF55 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:00:20.0048 0x1c98 MozillaMaintenance - ok
21:00:20.0048 0x1c98 mpsdrv - ok
21:00:20.0064 0x1c98 MpsSvc - ok
21:00:20.0095 0x1c98 MRxDAV - ok
21:00:20.0126 0x1c98 mrxsmb - ok
21:00:20.0142 0x1c98 mrxsmb10 - ok
21:00:20.0158 0x1c98 mrxsmb20 - ok
21:00:20.0189 0x1c98 MsBridge - ok
21:00:20.0204 0x1c98 MSDTC - ok
21:00:20.0220 0x1c98 Msfs - ok
21:00:20.0283 0x1c98 msgpiowin32 - ok
21:00:20.0298 0x1c98 mshidkmdf - ok
21:00:20.0314 0x1c98 mshidumdf - ok
21:00:20.0329 0x1c98 msisadrv - ok
21:00:20.0392 0x1c98 MSiSCSI - ok
21:00:20.0408 0x1c98 msiserver - ok
21:00:20.0423 0x1c98 MSKSSRV - ok
21:00:20.0439 0x1c98 MsLldp - ok
21:00:20.0470 0x1c98 MSPCLOCK - ok
21:00:20.0486 0x1c98 MSPQM - ok
21:00:20.0501 0x1c98 MsRPC - ok
21:00:20.0533 0x1c98 mssmbios - ok
21:00:20.0548 0x1c98 MSTEE - ok
21:00:20.0579 0x1c98 MTConfig - ok
21:00:20.0579 0x1c98 Mup - ok
21:00:20.0595 0x1c98 mvumis - ok
21:00:20.0611 0x1c98 NativeWifiP - ok
21:00:20.0642 0x1c98 NcaSvc - ok
21:00:20.0658 0x1c98 NcbService - ok
21:00:20.0689 0x1c98 NcdAutoSetup - ok
21:00:20.0704 0x1c98 ndfltr - ok
21:00:20.0736 0x1c98 NDIS - ok
21:00:20.0736 0x1c98 NdisCap - ok
21:00:20.0814 0x1c98 NdisImPlatform - ok
21:00:20.0829 0x1c98 NdisTapi - ok
21:00:20.0829 0x1c98 Ndisuio - ok
21:00:20.0845 0x1c98 NdisVirtualBus - ok
21:00:20.0861 0x1c98 NdisWan - ok
21:00:20.0861 0x1c98 ndiswanlegacy - ok
21:00:20.0876 0x1c98 ndproxy - ok
21:00:20.0892 0x1c98 Ndu - ok
21:00:20.0908 0x1c98 NetAdapterCx - ok
21:00:20.0908 0x1c98 NetBIOS - ok
21:00:20.0923 0x1c98 NetBT - ok
21:00:20.0923 0x1c98 Netlogon - ok
21:00:20.0939 0x1c98 Netman - ok
21:00:20.0986 0x1c98 netprofm - ok
21:00:21.0017 0x1c98 NetSetupSvc - ok
21:00:21.0158 0x1c98 NetTcpPortSharing - ok
21:00:21.0204 0x1c98 NgcCtnrSvc - ok
21:00:21.0236 0x1c98 NgcSvc - ok
21:00:21.0361 0x1c98 [ 9B214FF571749C9055EEDFCE52A81F90, F1D0BD4DF34B6F5532B1756E50C6317D63DD71AB577D1F8CBA74A7A225456EB0 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
21:00:21.0408 0x1c98 NitroDriverReadSpool8 - ok
21:00:21.0408 0x1c98 NlaSvc - ok
21:00:22.0220 0x1c98 [ BF15D119A19F8FD8B71F1E22C1BDA579, D24EFD135DB598DF2858AE8CDBEF92B439AE47F2880DD6E45D52ABD1E4FA5394 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
21:00:22.0892 0x1c98 nlsX86cc - ok
21:00:22.0908 0x1c98 Npfs - ok
21:00:22.0954 0x1c98 npsvctrig - ok
21:00:22.0986 0x1c98 nsi - ok
21:00:22.0986 0x1c98 nsiproxy - ok
21:00:23.0001 0x1c98 NTFS - ok
21:00:23.0033 0x1c98 Null - ok
21:00:23.0080 0x1c98 nvraid - ok
21:00:23.0080 0x1c98 nvstor - ok
21:00:23.0142 0x1c98 OneSyncSvc - ok
21:00:23.0298 0x1c98 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:00:23.0329 0x1c98 ose - ok
21:00:23.0345 0x1c98 p2pimsvc - ok
21:00:23.0345 0x1c98 p2psvc - ok
21:00:23.0361 0x1c98 Parport - ok
21:00:23.0376 0x1c98 partmgr - ok
21:00:23.0423 0x1c98 PcaSvc - ok
21:00:23.0439 0x1c98 pci - ok
21:00:23.0470 0x1c98 pciide - ok
21:00:23.0486 0x1c98 pcmcia - ok
21:00:23.0501 0x1c98 pcw - ok
21:00:23.0517 0x1c98 pdc - ok
21:00:23.0533 0x1c98 PEAUTH - ok
21:00:23.0548 0x1c98 percsas2i - ok
21:00:23.0564 0x1c98 percsas3i - ok
21:00:23.0595 0x1c98 PerfHost - ok
21:00:23.0642 0x1c98 PhoneSvc - ok
21:00:23.0689 0x1c98 PimIndexMaintenanceSvc - ok
21:00:23.0736 0x1c98 pla - ok
21:00:23.0736 0x1c98 PlugPlay - ok
21:00:23.0751 0x1c98 PNRPAutoReg - ok
21:00:23.0751 0x1c98 PNRPsvc - ok
21:00:23.0767 0x1c98 PolicyAgent - ok
21:00:23.0767 0x1c98 Power - ok
21:00:23.0798 0x1c98 PptpMiniport - ok
21:00:24.0439 0x1c98 [ 77ABF70C71922873BC160933571B3F83, 7FCFBB4B42E7A92FCF11388CD5B600EA79A7C134F13A8A88CF8DCD3DB96C3F5A ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:00:24.0908 0x1c98 PrintNotify - ok
21:00:24.0955 0x1c98 Processor - ok
21:00:24.0986 0x1c98 ProfSvc - ok
21:00:24.0986 0x1c98 Psched - ok
21:00:25.0017 0x1c98 QWAVE - ok
21:00:25.0048 0x1c98 QWAVEdrv - ok
21:00:25.0080 0x1c98 RasAcd - ok
21:00:25.0158 0x1c98 RasAgileVpn - ok
21:00:25.0189 0x1c98 RasAuto - ok
21:00:25.0220 0x1c98 Rasl2tp - ok
21:00:25.0236 0x1c98 RasMan - ok
21:00:25.0251 0x1c98 RasPppoe - ok
21:00:25.0251 0x1c98 RasSstp - ok
21:00:25.0267 0x1c98 rdbss - ok
21:00:25.0298 0x1c98 rdpbus - ok
21:00:25.0314 0x1c98 RDPDR - ok
21:00:25.0345 0x1c98 RdpVideoMiniport - ok
21:00:25.0345 0x1c98 rdyboost - ok
21:00:25.0392 0x1c98 ReFSv1 - ok
21:00:25.0423 0x1c98 RemoteAccess - ok
21:00:25.0455 0x1c98 RemoteRegistry - ok
21:00:25.0501 0x1c98 RetailDemo - ok
21:00:25.0533 0x1c98 RFCOMM - ok
21:00:25.0736 0x1c98 [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
21:00:25.0767 0x1c98 RichVideo64 - ok
21:00:25.0783 0x1c98 RmSvc - ok
21:00:25.0814 0x1c98 RpcEptMapper - ok
21:00:25.0845 0x1c98 RpcLocator - ok
21:00:25.0861 0x1c98 RpcSs - ok
21:00:25.0876 0x1c98 rspndr - ok
21:00:26.0001 0x1c98 [ 05E8543E0D8C07535944FC0CB15E0DA0, 8E076E7582C95E9251CB03D2F1F7FBA1E31ACAE21E16224C9ACDCC1489165A86 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
21:00:26.0017 0x1c98 RTSUER - ok
21:00:26.0423 0x1c98 [ FF8B926ABA5BDA6562D7106E8A92BE7B, 887007E4D3F90CF6228B21D75E5B89818C18A7F2E2DB66C85039E6ECB5A16A15 ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
21:00:26.0501 0x1c98 rtsuvc - ok
21:00:26.0548 0x1c98 s3cap - ok
21:00:26.0580 0x1c98 SamSs - ok
21:00:26.0580 0x1c98 SAService - ok
21:00:26.0642 0x1c98 sbp2port - ok
21:00:26.0720 0x1c98 SCardSvr - ok
21:00:26.0751 0x1c98 ScDeviceEnum - ok
21:00:26.0798 0x1c98 scfilter - ok
21:00:26.0814 0x1c98 Schedule - ok
21:00:26.0829 0x1c98 scmbus - ok
21:00:26.0876 0x1c98 scmdisk0101 - ok
21:00:26.0923 0x1c98 SCPolicySvc - ok
21:00:26.0955 0x1c98 sdbus - ok
21:00:27.0001 0x1c98 SDRSVC - ok
21:00:27.0048 0x1c98 sdstor - ok
21:00:27.0064 0x1c98 seclogon - ok
21:00:27.0142 0x1c98 [ 07F83829E7429E60298440CD1E601A6A, 9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33 ] semav6msr64 C:\WINDOWS\system32\drivers\semav6msr64.sys
21:00:27.0189 0x1c98 semav6msr64 - ok
21:00:27.0204 0x1c98 SENS - ok
21:00:27.0236 0x1c98 SensorDataService - ok
21:00:27.0267 0x1c98 SensorService - ok
21:00:27.0298 0x1c98 SensrSvc - ok
21:00:27.0314 0x1c98 SerCx - ok
21:00:27.0330 0x1c98 SerCx2 - ok
21:00:27.0345 0x1c98 Serenum - ok
21:00:27.0376 0x1c98 Serial - ok
21:00:27.0408 0x1c98 sermouse - ok
21:00:27.0439 0x1c98 SessionEnv - ok
21:00:27.0454 0x1c98 sfloppy - ok
21:00:27.0501 0x1c98 SharedAccess - ok
21:00:27.0626 0x1c98 ShellHWDetection - ok
21:00:27.0658 0x1c98 shpamsvc - ok
21:00:27.0673 0x1c98 SiSRaid2 - ok
21:00:27.0689 0x1c98 SiSRaid4 - ok
21:00:27.0814 0x1c98 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:00:27.0861 0x1c98 SkypeUpdate - ok
21:00:27.0923 0x1c98 smphost - ok
21:00:27.0986 0x1c98 [ 6CFE5AB2A11DC8FD80B4CE74364C39BC, E271867F4944CFA1E3ED25061C190D00B808198E20153E56D22D63871019F315 ] smsbda C:\WINDOWS\system32\drivers\smsbda.sys
21:00:28.0048 0x1c98 smsbda - ok
21:00:28.0142 0x1c98 SmsRouter - ok
21:00:28.0173 0x1c98 SNMPTRAP - ok
21:00:28.0251 0x1c98 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
21:00:28.0361 0x1c98 Sony PC Companion - detected UnsignedFile.Multi.Generic ( 1 )
21:00:28.0923 0x1c98 Detect skipped due to KSN trusted
21:00:28.0923 0x1c98 Sony PC Companion - ok
21:00:28.0970 0x1c98 spaceport - ok
21:00:28.0986 0x1c98 SpbCx - ok
21:00:29.0017 0x1c98 Spooler - ok
21:00:29.0048 0x1c98 sppsvc - ok
21:00:29.0064 0x1c98 srv - ok
21:00:29.0080 0x1c98 srv2 - ok
21:00:29.0095 0x1c98 srvnet - ok
21:00:29.0189 0x1c98 SSDPSRV - ok
21:00:29.0220 0x1c98 SstpSvc - ok
21:00:29.0314 0x1c98 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:00:29.0392 0x1c98 ssudmdm - ok
21:00:29.0423 0x1c98 StateRepository - ok
21:00:29.0455 0x1c98 stexstor - ok
21:00:29.0517 0x1c98 stisvc - ok
21:00:29.0533 0x1c98 storahci - ok
21:00:29.0580 0x1c98 storflt - ok
21:00:29.0595 0x1c98 stornvme - ok
21:00:29.0642 0x1c98 storqosflt - ok
21:00:29.0673 0x1c98 StorSvc - ok
21:00:29.0689 0x1c98 storufs - ok
21:00:29.0705 0x1c98 storvsc - ok
21:00:29.0830 0x1c98 [ 26B2BB5733F69B0A8306BAC37551F90A, 60F1A0C23727144B53F1C64348907AAD611F991C0A8C9F93AC8194210634420B ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:00:29.0861 0x1c98 SUService - ok
21:00:29.0892 0x1c98 svsvc - ok
21:00:29.0892 0x1c98 swenum - ok
21:00:29.0908 0x1c98 swprv - ok
21:00:29.0955 0x1c98 Synth3dVsc - ok
21:00:29.0986 0x1c98 SysMain - ok
21:00:30.0033 0x1c98 SystemEventsBroker - ok
21:00:30.0189 0x1c98 [ 48D2B8AA8C2F1C3360EC33554EC4E6D2, 0F66A9CBED9E70DA3CED6E009795000D41259AD345E3BD3C2EA2F2969588BB04 ] SystemUsageReportSvc_QUEENCREEK C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
21:00:30.0236 0x1c98 SystemUsageReportSvc_QUEENCREEK - ok
21:00:30.0267 0x1c98 TabletInputService - ok
21:00:30.0267 0x1c98 TapiSrv - ok
21:00:30.0298 0x1c98 Tcpip - ok
21:00:30.0298 0x1c98 Tcpip6 - ok
21:00:30.0345 0x1c98 tcpipreg - ok
21:00:30.0361 0x1c98 tdx - ok
21:00:30.0376 0x1c98 terminpt - ok
21:00:30.0408 0x1c98 TermService - ok
21:00:30.0439 0x1c98 Themes - ok
21:00:30.0455 0x1c98 TieringEngineService - ok
21:00:30.0470 0x1c98 tiledatamodelsvc - ok
21:00:30.0501 0x1c98 TimeBrokerSvc - ok
21:00:30.0517 0x1c98 TPM - ok
21:00:30.0533 0x1c98 TrkWks - ok
21:00:30.0580 0x1c98 TrustedInstaller - ok
21:00:30.0580 0x1c98 tsusbflt - ok
21:00:30.0626 0x1c98 TsUsbGD - ok
21:00:30.0626 0x1c98 tunnel - ok
21:00:30.0658 0x1c98 tzautoupdate - ok
21:00:30.0705 0x1c98 UASPStor - ok
21:00:30.0705 0x1c98 UcmCx0101 - ok
21:00:30.0720 0x1c98 UcmTcpciCx0101 - ok
21:00:30.0720 0x1c98 UcmUcsi - ok
21:00:30.0736 0x1c98 Ucx01000 - ok
21:00:30.0751 0x1c98 UdeCx - ok
21:00:30.0751 0x1c98 udfs - ok
21:00:30.0767 0x1c98 UEFI - ok
21:00:30.0767 0x1c98 Ufx01000 - ok
21:00:30.0783 0x1c98 UfxChipidea - ok
21:00:30.0798 0x1c98 ufxsynopsys - ok
21:00:30.0830 0x1c98 UI0Detect - ok
21:00:30.0861 0x1c98 umbus - ok
21:00:30.0892 0x1c98 UmPass - ok
21:00:30.0908 0x1c98 UmRdpService - ok
21:00:30.0955 0x1c98 UnistoreSvc - ok
21:00:30.0986 0x1c98 upnphost - ok
21:00:31.0001 0x1c98 UrsChipidea - ok
21:00:31.0017 0x1c98 UrsCx01000 - ok
21:00:31.0017 0x1c98 UrsSynopsys - ok
21:00:31.0048 0x1c98 usbccgp - ok
21:00:31.0095 0x1c98 usbcir - ok
21:00:31.0095 0x1c98 usbehci - ok
21:00:31.0111 0x1c98 usbhub - ok
21:00:31.0126 0x1c98 USBHUB3 - ok
21:00:31.0142 0x1c98 usbohci - ok
21:00:31.0142 0x1c98 usbprint - ok
21:00:31.0158 0x1c98 usbser - ok
21:00:31.0189 0x1c98 USBSTOR - ok
21:00:31.0205 0x1c98 usbuhci - ok
21:00:31.0220 0x1c98 USBXHCI - ok
21:00:31.0220 0x1c98 usb_rndisx - ok
21:00:31.0251 0x1c98 UserDataSvc - ok
21:00:31.0267 0x1c98 UserManager - ok
21:00:31.0533 0x1c98 [ 8842ED1E87D7662F249B5B63501E693B, A6D71351C2F32295926664875369C0BF93C59541B023884BDAC684E1EA94487A ] USER_ESRV_SVC_QUEENCREEK C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
21:00:31.0564 0x1c98 USER_ESRV_SVC_QUEENCREEK - ok
21:00:31.0564 0x1c98 UsoSvc - ok
21:00:31.0580 0x1c98 VaultSvc - ok
21:00:31.0580 0x1c98 vdrvroot - ok
21:00:31.0595 0x1c98 vds - ok
21:00:31.0626 0x1c98 VerifierExt - ok
21:00:31.0626 0x1c98 vhdmp - ok
21:00:31.0642 0x1c98 vhf - ok
21:00:31.0642 0x1c98 vmbus - ok
21:00:31.0673 0x1c98 VMBusHID - ok
21:00:31.0673 0x1c98 vmgid - ok
21:00:31.0689 0x1c98 vmicguestinterface - ok
21:00:31.0705 0x1c98 vmicheartbeat - ok
21:00:31.0705 0x1c98 vmickvpexchange - ok
21:00:31.0736 0x1c98 vmicrdv - ok
21:00:31.0751 0x1c98 vmicshutdown - ok
21:00:31.0751 0x1c98 vmictimesync - ok
21:00:31.0751 0x1c98 vmicvmsession - ok
21:00:31.0767 0x1c98 vmicvss - ok
21:00:31.0767 0x1c98 volmgr - ok
21:00:31.0783 0x1c98 volmgrx - ok
21:00:31.0798 0x1c98 volsnap - ok
21:00:31.0814 0x1c98 volume - ok
21:00:31.0845 0x1c98 vpci - ok
21:00:31.0861 0x1c98 vsmraid - ok
21:00:31.0876 0x1c98 VSS - ok
21:00:31.0892 0x1c98 VSTXRAID - ok
21:00:31.0923 0x1c98 vwifibus - ok
21:00:31.0923 0x1c98 vwififlt - ok
21:00:31.0923 0x1c98 vwifimp - ok
21:00:31.0939 0x1c98 W32Time - ok
21:00:31.0955 0x1c98 WacomPen - ok
21:00:32.0001 0x1c98 WalletService - ok
21:00:32.0017 0x1c98 wanarp - ok
21:00:32.0033 0x1c98 wanarpv6 - ok
21:00:32.0080 0x1c98 wbengine - ok
21:00:32.0111 0x1c98 WbioSrvc - ok
21:00:32.0111 0x1c98 wcifs - ok
21:00:32.0142 0x1c98 Wcmsvc - ok
21:00:32.0158 0x1c98 wcncsvc - ok
21:00:32.0173 0x1c98 wcnfs - ok
21:00:32.0173 0x1c98 WdBoot - ok
21:00:32.0205 0x1c98 Wdf01000 - ok
21:00:32.0205 0x1c98 WdFilter - ok
21:00:32.0330 0x1c98 WdiServiceHost - ok
21:00:32.0345 0x1c98 WdiSystemHost - ok
21:00:32.0361 0x1c98 wdiwifi - ok
21:00:32.0376 0x1c98 WdNisDrv - ok
21:00:32.0408 0x1c98 WdNisSvc - ok
21:00:32.0423 0x1c98 WebClient - ok
21:00:32.0439 0x1c98 Wecsvc - ok
21:00:32.0455 0x1c98 WEPHOSTSVC - ok
21:00:32.0501 0x1c98 wercplsupport - ok
21:00:32.0501 0x1c98 WerSvc - ok
21:00:32.0517 0x1c98 WFPLWFS - ok
21:00:32.0517 0x1c98 WiaRpc - ok
21:00:32.0548 0x1c98 WIMMount - ok
21:00:32.0548 0x1c98 WinDefend - ok
21:00:32.0580 0x1c98 WindowsTrustedRT - ok
21:00:32.0595 0x1c98 WindowsTrustedRTProxy - ok
21:00:32.0626 0x1c98 WinHttpAutoProxySvc - ok
21:00:32.0642 0x1c98 WinMad - ok
21:00:32.0798 0x1c98 Winmgmt - ok
21:00:32.0814 0x1c98 WinRM - ok
21:00:32.0861 0x1c98 WINUSB - ok
21:00:32.0876 0x1c98 WinVerbs - ok
21:00:32.0908 0x1c98 wisvc - ok
21:00:32.0955 0x1c98 WlanSvc - ok
21:00:32.0970 0x1c98 wlidsvc - ok
21:00:32.0970 0x1c98 WmiAcpi - ok
21:00:33.0017 0x1c98 wmiApSrv - ok
21:00:33.0064 0x1c98 WMPNetworkSvc - ok
21:00:33.0080 0x1c98 Wof - ok
21:00:33.0111 0x1c98 workfolderssvc - ok
21:00:33.0158 0x1c98 WPDBusEnum - ok
21:00:33.0205 0x1c98 WpdUpFltr - ok
21:00:33.0220 0x1c98 WpnService - ok
21:00:33.0236 0x1c98 WpnUserService - ok
21:00:33.0251 0x1c98 ws2ifsl - ok
21:00:33.0283 0x1c98 wscsvc - ok
21:00:33.0298 0x1c98 WSDPrintDevice - ok
21:00:33.0314 0x1c98 WSDScan - ok
21:00:33.0330 0x1c98 WSearch - ok
21:00:33.0361 0x1c98 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
21:00:33.0705 0x1c98 wsvd - ok
21:00:33.0814 0x1c98 wuauserv - ok
21:00:33.0830 0x1c98 WudfPf - ok
21:00:33.0845 0x1c98 WUDFRd - ok
21:00:33.0876 0x1c98 wudfsvc - ok
21:00:33.0876 0x1c98 WUDFWpdFs - ok
21:00:33.0892 0x1c98 WUDFWpdMtp - ok
21:00:33.0908 0x1c98 WwanSvc - ok
21:00:33.0939 0x1c98 XblAuthManager - ok
21:00:33.0986 0x1c98 XblGameSave - ok
21:00:34.0001 0x1c98 xboxgip - ok
21:00:34.0048 0x1c98 XboxNetApiSvc - ok
21:00:34.0095 0x1c98 xinputhid - ok
21:00:34.0158 0x1c98 ================ Scan global ===============================
21:00:34.0345 0x1c98 [ Global ] - ok
21:00:34.0345 0x1c98 ================ Scan MBR ==================================
21:00:34.0376 0x1c98 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:00:34.0783 0x1c98 \Device\Harddisk0\DR0 - ok
21:00:34.0783 0x1c98 ================ Scan VBR ==================================
21:00:34.0814 0x1c98 [ 2E17CCD49D062E31E0B3A9684E00B350 ] \Device\Harddisk0\DR0\Partition1
21:00:34.0845 0x1c98 \Device\Harddisk0\DR0\Partition1 - ok
21:00:34.0876 0x1c98 [ C3176033020941E2EBB9159D1CDFFBA7 ] \Device\Harddisk0\DR0\Partition2
21:00:34.0892 0x1c98 \Device\Harddisk0\DR0\Partition2 - ok
21:00:34.0908 0x1c98 [ 8BAE10C7C382DC892756A9D0E473039A ] \Device\Harddisk0\DR0\Partition3
21:00:34.0908 0x1c98 \Device\Harddisk0\DR0\Partition3 - ok
21:00:34.0939 0x1c98 [ F5A529530EF5DB5350E971E33C81254D ] \Device\Harddisk0\DR0\Partition4
21:00:34.0939 0x1c98 \Device\Harddisk0\DR0\Partition4 - ok
21:00:34.0955 0x1c98 [ 5122B00C1E0E999E5CF0A458F0650CCD ] \Device\Harddisk0\DR0\Partition5
21:00:34.0970 0x1c98 \Device\Harddisk0\DR0\Partition5 - ok
21:00:35.0001 0x1c98 [ 03AD12C5EF9EE07B720AF1D09B4A77FE ] \Device\Harddisk0\DR0\Partition6
21:00:35.0048 0x1c98 \Device\Harddisk0\DR0\Partition6 - ok
21:00:35.0080 0x1c98 [ 9A20E57ED890E0C7CA48B383F2AD9784 ] \Device\Harddisk0\DR0\Partition7
21:00:35.0126 0x1c98 \Device\Harddisk0\DR0\Partition7 - ok
21:00:35.0126 0x1c98 ================ Scan generic autorun ======================
21:00:35.0298 0x1c98 [ FFBFE1175531CD582D89796835CBB598, 7DC1FEB90AFC08C829001849985C7B20CB782F05CD9C000C6C9D42D3FDB1DDF4 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
21:00:35.0330 0x1c98 cAudioFilterAgent - ok
21:00:35.0658 0x1c98 [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
21:00:35.0705 0x1c98 SmartAudio - ok
21:00:35.0705 0x1c98 ETDCtrl - ok
21:00:37.0751 0x1c98 [ AC2ECBAA39F816944A608926973EFDB7, 9C32F89B255B2690843EA96A331665B27A28E4EF67B16AC6D254FE593146F7D5 ] C:\WINDOWS\RTFTrack.exe
21:00:38.0001 0x1c98 RtsFT - ok
21:00:38.0095 0x1c98 [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
21:00:38.0189 0x1c98 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
21:00:38.0564 0x1c98 Detect skipped due to KSN trusted
21:00:38.0564 0x1c98 IAStorIcon - ok
21:00:38.0673 0x1c98 [ 48EB2BD8D360E9C8D9A71968A477ADBE, 2E9D5D9790EC07279CDA6A213A90D52C764CD9338194C47DBA26C545D65853BA ] C:\WINDOWS\system32\igfxtray.exe
21:00:38.0720 0x1c98 IgfxTray - ok
21:00:41.0642 0x1c98 [ E0AD9F72153A7F55702C3170FDA7876C, 839A8D0B72C3A0530ACC447532CA4CACC19E3C91CEA6B9CBB9498D36DD2DFBE6 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
21:00:42.0095 0x1c98 Energy Manager - ok
21:00:42.0158 0x1c98 [ F0627CE818DA58BAE771DCD4669FA343, 070CE17C9DAC01CC5AE465DFA3FDD8A44ABF97AC8101ED238C96668027B6F10B ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
21:00:42.0158 0x1c98 Lenovo Utility - ok
21:00:42.0439 0x1c98 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\WINDOWS\WindowsMobile\wmdc.exe
21:00:42.0470 0x1c98 Windows Mobile Device Center - ok
21:00:43.0423 0x1c98 [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] C:\Users\Administrator\Desktop\Everything\Everything.exe
21:00:43.0548 0x1c98 Everything - detected UnsignedFile.Multi.Generic ( 1 )
21:00:43.0705 0x1c98 Detect skipped due to KSN trusted
21:00:43.0705 0x1c98 Everything - ok
21:00:43.0830 0x1c98 [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
21:00:43.0861 0x1c98 UpdateP2GShortCut - ok
21:00:44.0080 0x1c98 [ 305C1D680482E937D65D2A43448629A1, EFCA1B8FB5F932276E1CE6679EB155CF643E2B3CCCE36AF07C68C2A82473C7F6 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
21:00:44.0111 0x1c98 FUFAXRCV - ok
21:00:44.0298 0x1c98 [ 92B992307F1BF5F9DE727ACDD5A4CD4A, B6F751A990A90C5346CE5C2B11EEB8A09F582835A63D3921E70E286E45C24475 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
21:00:44.0330 0x1c98 FUFAXSTM - ok
21:00:44.0486 0x1c98 [ 4ABA86D5B0D440F33BDBDBDAEA065C42, 434E035E4748D0E4CEB08E655FF9A1739FF7E0099CCCC42122A24736DE3DE7E3 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
21:00:44.0533 0x1c98 EEventManager - ok
21:00:44.0595 0x1c98 [ 7D440447C6FCDEC9BBB739A048AA90CD, FA39828FD3FE9A1B57E1022B04729E7711C984E131CBE44BF1FAE73EF430D762 ] C:\WINDOWS\tsnp2std.exe
21:00:44.0673 0x1c98 tsnp2std - detected UnsignedFile.Multi.Generic ( 1 )
21:00:44.0830 0x1c98 Detect skipped due to KSN trusted
21:00:44.0830 0x1c98 tsnp2std - ok
21:00:45.0080 0x1c98 [ D9F25B1C673DEEF18A45AD2080DC9A5E, 76C4E520099F0CF3556158B6C154B68E4F954D4CA6A1851FB08979207F482200 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
21:00:45.0095 0x1c98 StartCCC - ok
21:00:45.0330 0x1c98 [ DBD8934E3909B60DA81A91BF53B76901, 29B061C5E05097394B8B9D7C6681783DB02735CE8AAD06BCC03C08617D778039 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
21:00:45.0361 0x1c98 avgnt - ok
21:00:45.0470 0x1c98 [ 2AB57E205B61BCB095168A97B8D2AC4D, 18D9709CED7F02B694405E62ED5BA8EBE737FF59BB2D9EFBF0335C0F3BEE105B ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
21:00:45.0502 0x1c98 Avira SystrayStartTrigger - ok
21:00:46.0111 0x1c98 OneDriveSetup - ok
21:00:46.0111 0x1c98 OneDriveSetup - ok
21:00:47.0595 0x1c98 [ 103C5E01E5705A4BD468CBC902AA8EEF, 7598411CE3BA9C79CF74E64A5691D92ADA8121735495C1AB3B56F9E6CA3B0FB1 ] C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
21:00:47.0986 0x1c98 Vidalia - detected UnsignedFile.Multi.Generic ( 1 )
21:00:48.0252 0x1c98 Vidalia ( UnsignedFile.Multi.Generic ) - warning
21:00:51.0111 0x1c98 [ 3F6B014280D8A98ACC323BB28CA5BCA7, 724FE1E949D57E982B50CC6FBBA8BCB524C42592A39ED60D37042CC2C2E73CAB ] C:\Program Files\CCleaner\CCleaner64.exe
21:00:51.0392 0x1c98 CCleaner Monitoring - ok
21:00:51.0783 0x1c98 [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Manja\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:00:51.0830 0x1c98 OneDrive - ok
21:00:52.0064 0x1c98 [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:00:52.0189 0x1c98 OneDrive - ok
21:00:52.0189 0x1c98 Waiting for KSN requests completion. In queue: 3
21:00:52.0330 0x0650 Object required for P2P: [ 3F6B014280D8A98ACC323BB28CA5BCA7 ] C:\Program Files\CCleaner\CCleaner64.exe
21:00:52.0689 0x0650 Object send P2P result: true
21:00:53.0220 0x1c98 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.25.170 ), 0x41000 ( enabled : updated )
21:00:53.0267 0x1c98 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
21:00:53.0283 0x1c98 Win FW state via NFP2: enabled ( trusted )
21:00:53.0455 0x1c98 ============================================================
21:00:53.0455 0x1c98 Scan finished
21:00:53.0455 0x1c98 ============================================================
21:00:53.0470 0x045c Detected object count: 1
21:00:53.0470 0x045c Actual detected object count: 1
21:01:26.0991 0x045c Vidalia ( UnsignedFile.Multi.Generic ) - skipped by user
21:01:26.0991 0x045c Vidalia ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:53.0290 0x27ac ============================================================
21:02:53.0290 0x27ac Scan started
21:02:53.0290 0x27ac Mode: Manual; SigCheck; TDLFS;
21:02:53.0290 0x27ac ============================================================
21:02:53.0290 0x27ac KSN ping started
21:02:53.0290 0x27ac KSN ping finished: false
21:02:57.0906 0x27ac ================ Scan system memory ========================
21:02:57.0906 0x27ac System memory - ok
21:02:57.0906 0x27ac ================ Scan services =============================
21:02:58.0328 0x27ac 1394ohci - ok
21:02:58.0343 0x27ac 3ware - ok
21:02:58.0375 0x27ac ACPI - ok
21:02:58.0390 0x27ac AcpiDev - ok
21:02:58.0406 0x27ac acpiex - ok
21:02:58.0422 0x27ac acpipagr - ok
21:02:58.0468 0x27ac AcpiPmi - ok
21:02:58.0484 0x27ac acpitime - ok
21:02:58.0531 0x27ac [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
21:02:58.0562 0x27ac ACPIVPC - ok
21:02:58.0640 0x27ac [ 671133C0AC2D8B40B7574F69059653E9, A36CC49A0C829A5C4D6CF273791071213F5FFB57DC7022D523CFB731374FF63C ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:02:58.0672 0x27ac AdobeARMservice - ok
21:02:58.0687 0x27ac ADP80XX - ok
21:02:58.0812 0x27ac [ 0D0E5281784C2C526BA43C2ECD374288, BE4B16E08A96A24BEB904A2216A538340FD91A11E0CAB43BF8788C35DAD2D2B5 ] Afc C:\WINDOWS\syswow64\drivers\Afc.sys
21:02:58.0828 0x27ac Afc - ok
21:02:58.0859 0x27ac AFD - ok
21:02:58.0875 0x27ac ahcache - ok
21:02:58.0906 0x27ac AJRouter - ok
21:02:58.0937 0x27ac ALG - ok
21:02:59.0031 0x27ac [ 0990E6809D6C56C6DA85FE0EF20280EA, CC18608EB12DFB055C3AFCA2BB44FEDEE451F3F8CFEB87141F8EAD53F6BF6DD5 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
21:02:59.0062 0x27ac AMD External Events Utility - ok
21:02:59.0078 0x27ac AmdK8 - ok
21:02:59.0078 0x27ac amdkmdag - ok
21:02:59.0218 0x27ac [ 29C00798F093C2F54628F7C54DA77001, 8C85D9936103E19C60C8DE4DE98EA7F722BD3676911D873007FF2D152A456ED7 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
21:02:59.0250 0x27ac amdkmdap - ok
21:02:59.0297 0x27ac [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
21:02:59.0312 0x27ac amdkmpfd - ok
21:02:59.0328 0x27ac AmdPPM - ok
21:02:59.0359 0x27ac amdsata - ok
21:02:59.0390 0x27ac amdsbs - ok
21:02:59.0390 0x27ac amdxata - ok
21:02:59.0609 0x27ac [ E6CEE7C270AD1CAE17EA910C85211BAE, 1DEB7185CEDC5918C20353C13AA0398D739A318729700F057B13821FF0FF5C97 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
21:02:59.0640 0x27ac AntiVirMailService - ok
21:02:59.0734 0x27ac [ 9658B76971381D9053E48E896256D5EB, 48C763BAF349E663D0E41657779BF5D1106A7C3E7F8C898185DC5D1998C0CDAF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
21:02:59.0765 0x27ac AntiVirSchedulerService - ok
21:02:59.0828 0x27ac [ 9658B76971381D9053E48E896256D5EB, 48C763BAF349E663D0E41657779BF5D1106A7C3E7F8C898185DC5D1998C0CDAF ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
21:02:59.0859 0x27ac AntiVirService - ok
21:03:00.0140 0x27ac [ B62E24EEC8C4B6E8A173CAD069B5033A, 719F7C51D615591E70D549552AC66343526902007480278C0E56AA7E1F406F96 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
21:03:00.0172 0x27ac AntiVirWebService - ok
21:03:00.0203 0x27ac AppID - ok
21:03:00.0219 0x27ac AppIDSvc - ok
21:03:00.0234 0x27ac Appinfo - ok
21:03:00.0265 0x27ac applockerfltr - ok
21:03:00.0297 0x27ac AppReadiness - ok
21:03:00.0328 0x27ac AppXSvc - ok
21:03:00.0375 0x27ac arcsas - ok
21:03:00.0375 0x27ac AsyncMac - ok
21:03:00.0437 0x27ac atapi - ok
21:03:00.0453 0x27ac athr - ok
21:03:00.0500 0x27ac AudioEndpointBuilder - ok
21:03:00.0515 0x27ac Audiosrv - ok
21:03:00.0547 0x27ac [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:03:00.0562 0x27ac avgntflt - ok
21:03:00.0625 0x27ac [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:03:00.0656 0x27ac avipbb - ok
21:03:00.0828 0x27ac [ 586FCB1EEC849C06A8DDDDAB276AF113, E193FA64A86C27B2B7AA43E74A196BCBF79A9644F94C96E84E6CC76A405193B6 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:03:00.0875 0x27ac Avira.ServiceHost - ok
21:03:00.0890 0x27ac [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:03:00.0906 0x27ac avkmgr - ok
21:03:00.0953 0x27ac [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\WINDOWS\system32\drivers\avmeject.sys
21:03:00.0968 0x27ac avmeject - ok
21:03:01.0015 0x27ac [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
21:03:01.0031 0x27ac avnetflt - ok
21:03:01.0078 0x27ac [ D50D54178CA7BF63BD60ABEC8E7772CC, 19EFE0808C2660A22DD69158FEC30F8CB83167D832C3EBE12C99261C6FB79ADF ] avusbflt C:\WINDOWS\system32\Drivers\avusbflt.sys
21:03:01.0109 0x27ac avusbflt - ok
21:03:01.0125 0x27ac AxInstSV - ok
21:03:01.0172 0x27ac b06bdrv - ok
21:03:01.0203 0x27ac BasicDisplay - ok
21:03:01.0218 0x27ac BasicRender - ok
21:03:01.0328 0x27ac [ E68481BE45ADDF4E2A6790BB653610A4, 1F868D19C2CF206CAB36E990E5DC20782DB69FC51944CDFD494A09333E35F026 ] bcbtums C:\WINDOWS\system32\drivers\bcbtums.sys
21:03:01.0359 0x27ac bcbtums - ok
21:03:02.0547 0x27ac [ 85081187E02D743CDC8E2B8728281734, AB1BB7BB4A1C4446754D5A77D4DE25B042AEA95870092FE951C8C4CCDA8FCD15 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
21:03:02.0734 0x27ac BCM43XX - ok
21:03:03.0015 0x27ac [ 02123BE5D4D5CA48E93AC914EC936DC4, 1F5EBE116590726D0F601D487F26C7FC550F62144A0F9A64022E3DC2C940F17E ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe
21:03:03.0093 0x27ac BcmBtRSupport - ok
21:03:03.0140 0x27ac bcmfn - ok
21:03:03.0140 0x27ac bcmfn2 - ok
21:03:03.0890 0x27ac [ 85081187E02D743CDC8E2B8728281734, AB1BB7BB4A1C4446754D5A77D4DE25B042AEA95870092FE951C8C4CCDA8FCD15 ] BCMWL63A C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
21:03:04.0094 0x27ac BCMWL63A - ok
21:03:04.0109 0x27ac BDESVC - ok
21:03:04.0172 0x27ac Beep - ok
21:03:04.0203 0x27ac BFE - ok
21:03:04.0234 0x27ac BITS - ok
21:03:04.0265 0x27ac bowser - ok
21:03:04.0281 0x27ac BrokerInfrastructure - ok
21:03:04.0312 0x27ac Browser - ok
21:03:04.0344 0x27ac BthA2DP - ok
21:03:04.0375 0x27ac BthAvrcpTg - ok
21:03:04.0375 0x27ac BthEnum - ok
21:03:04.0453 0x27ac BthHFAud - ok
21:03:04.0469 0x27ac BthHFEnum - ok
21:03:04.0484 0x27ac bthhfhid - ok
21:03:04.0500 0x27ac BthHFSrv - ok
21:03:04.0531 0x27ac BthLEEnum - ok
21:03:04.0562 0x27ac BTHMODEM - ok
21:03:04.0578 0x27ac BthPan - ok
21:03:04.0578 0x27ac BTHPORT - ok
21:03:04.0594 0x27ac bthserv - ok
21:03:04.0609 0x27ac BTHUSB - ok
21:03:04.0672 0x27ac [ 93995198BCBA40C99994B4CF3ABCE964, 38A9422D9202FC1BA4104186BBA60CE55FD7A7239DB2CDE12B8D727F00F977AF ] btwampfl C:\WINDOWS\system32\DRIVERS\btwampfl.sys
21:03:04.0703 0x27ac btwampfl - ok
21:03:04.0750 0x27ac buttonconverter - ok
21:03:04.0750 0x27ac CapImg - ok
21:03:04.0765 0x27ac cdfs - ok
21:03:04.0797 0x27ac CDPSvc - ok
21:03:04.0797 0x27ac CDPUserSvc - ok
21:03:04.0922 0x27ac cdrom - ok
21:03:04.0969 0x27ac CertPropSvc - ok
21:03:05.0078 0x27ac [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
21:03:05.0094 0x27ac chip1click - detected UnsignedFile.Multi.Generic ( 1 )
21:03:05.0094 0x27ac Detect skipped due to KSN trusted
21:03:05.0094 0x27ac chip1click - ok
21:03:05.0109 0x27ac cht4iscsi - ok
21:03:05.0109 0x27ac cht4vbd - ok
21:03:05.0140 0x27ac circlass - ok
21:03:05.0172 0x27ac CLFS - ok
21:03:05.0578 0x27ac [ 209D07A9F54C2211C4C1E387EC971C97, 02112545E31E617602ED527E9191BD819413FB3732EAD16699E0C5795F8C58B2 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:03:05.0640 0x27ac ClickToRunSvc - ok
21:03:05.0656 0x27ac ClipSVC - ok
21:03:05.0687 0x27ac clreg - ok
21:03:05.0719 0x27ac CmBatt - ok
21:03:05.0750 0x27ac CNG - ok
21:03:05.0781 0x27ac cnghwassist - ok
21:03:05.0937 0x27ac [ A0E8F4630E62D7616F0186B07ED3B66B, 9EF5FCA42FF7ECA59EDE736908D37CF53421EED830FAA8EBBD461CE7939EA09C ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
21:03:05.0984 0x27ac CnxtHdAudService - ok
21:03:06.0062 0x27ac CompositeBus - ok
21:03:06.0078 0x27ac COMSysApp - ok
21:03:06.0094 0x27ac condrv - ok
21:03:06.0125 0x27ac CoreMessagingRegistrar - ok
21:03:06.0328 0x27ac [ 2EF1127FFCB66C5D41A98A734B021FE1, 4587DF6F67BAD40BDC07B9670CF15EBC86337A2B8AFAE73F89827076886F8B1A ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:03:06.0359 0x27ac cphs - ok
21:03:06.0406 0x27ac CryptSvc - ok
21:03:06.0469 0x27ac [ 4E6337DE03F36BCE168110E6B59F6A5B, 2DB940EBBA971B3801E273B80D8CBD975040A8B87908E7E0733E4DBB0EFC2611 ] CxAudMsg C:\WINDOWS\system32\CxAudMsg64.exe
21:03:06.0500 0x27ac CxAudMsg - ok
21:03:06.0515 0x27ac dam - ok
21:03:06.0531 0x27ac DcomLaunch - ok
21:03:06.0578 0x27ac DcpSvc - ok
21:03:06.0625 0x27ac defragsvc - ok
21:03:06.0656 0x27ac DeviceAssociationService - ok
21:03:06.0672 0x27ac DeviceInstall - ok
21:03:06.0734 0x27ac DevQueryBroker - ok
21:03:06.0734 0x27ac Dfsc - ok
21:03:06.0797 0x27ac [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:03:06.0828 0x27ac dg_ssudbus - ok
21:03:06.0875 0x27ac Dhcp - ok
21:03:06.0984 0x27ac diagnosticshub.standardcollector.service - ok
21:03:07.0015 0x27ac DiagTrack - ok
21:03:07.0062 0x27ac disk - ok
21:03:07.0094 0x27ac DmEnrollmentSvc - ok
21:03:07.0140 0x27ac dmvsc - ok
21:03:07.0172 0x27ac dmwappushservice - ok
21:03:07.0219 0x27ac Dnscache - ok
21:03:07.0250 0x27ac dot3svc - ok
21:03:07.0265 0x27ac DPS - ok
21:03:07.0312 0x27ac drmkaud - ok
21:03:07.0344 0x27ac DsmSvc - ok
21:03:07.0375 0x27ac DsSvc - ok
21:03:07.0390 0x27ac DXGKrnl - ok
21:03:07.0406 0x27ac EapHost - ok
21:03:07.0437 0x27ac ebdrv - ok
21:03:07.0469 0x27ac EFS - ok
21:03:07.0500 0x27ac EhStorClass - ok
21:03:07.0515 0x27ac EhStorTcgDrv - ok
21:03:07.0562 0x27ac embeddedmode - ok
21:03:07.0578 0x27ac EntAppSvc - ok
21:03:07.0640 0x27ac [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc C:\WINDOWS\system32\EscSvc64.exe
21:03:07.0672 0x27ac EpsonScanSvc - ok
21:03:07.0765 0x27ac [ A7E8186E04F38E836C19AC147F8B2ED0, 329639595F02060C215A6334FCE1651FB9B9B5679BA9052A487B57265608D162 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
21:03:07.0797 0x27ac EPSON_PM_RPCV4_05 - ok
21:03:07.0797 0x27ac ErrDev - ok
21:03:08.0031 0x27ac [ 8842ED1E87D7662F249B5B63501E693B, A6D71351C2F32295926664875369C0BF93C59541B023884BDAC684E1EA94487A ] ESRV_SVC_QUEENCREEK C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
21:03:08.0062 0x27ac ESRV_SVC_QUEENCREEK - ok
21:03:08.0109 0x27ac [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
21:03:08.0125 0x27ac ETD - ok
21:03:08.0234 0x27ac [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService C:\Program Files\Elantech\ETDService.exe
21:03:08.0265 0x27ac ETDService - ok
21:03:08.0437 0x27ac EventSystem - ok
21:03:08.0469 0x27ac exfat - ok
21:03:08.0484 0x27ac fastfat - ok
21:03:08.0500 0x27ac Fax - ok
21:03:08.0531 0x27ac fdc - ok
21:03:08.0562 0x27ac fdPHost - ok
21:03:08.0562 0x27ac FDResPub - ok
21:03:08.0640 0x27ac fhsvc - ok
21:03:08.0687 0x27ac FileCrypt - ok
21:03:08.0703 0x27ac FileInfo - ok
21:03:08.0703 0x27ac Filetrace - ok
21:03:08.0703 0x27ac flpydisk - ok
21:03:08.0719 0x27ac FltMgr - ok
21:03:08.0781 0x27ac FontCache - ok
21:03:08.0875 0x27ac FontCache3.0.0.0 - ok
21:03:08.0906 0x27ac FrameServer - ok
21:03:08.0906 0x27ac FsDepends - ok
21:03:08.0922 0x27ac Fs_Rec - ok
21:03:08.0969 0x27ac fvevol - ok
21:03:09.0094 0x27ac [ 0D2843C3C676B852D0B01CEA1E1DAE6C, 2F2751E09725D52008865F08A08F9989BCC4BA07FBC11B3BEF4332DC463CFC63 ] fwlanusb5_nv2 C:\WINDOWS\system32\DRIVERS\fwlanusb5_nv2.sys
21:03:09.0125 0x27ac fwlanusb5_nv2 - ok
21:03:09.0187 0x27ac gencounter - ok
21:03:09.0203 0x27ac genericusbfn - ok
21:03:09.0250 0x27ac GPIOClx0101 - ok
21:03:09.0265 0x27ac gpsvc - ok
21:03:09.0312 0x27ac GpuEnergyDrv - ok
21:03:09.0344 0x27ac HDAudBus - ok
21:03:09.0359 0x27ac HidBatt - ok
21:03:09.0375 0x27ac HidBth - ok
21:03:09.0375 0x27ac hidi2c - ok
21:03:09.0390 0x27ac hidinterrupt - ok
21:03:09.0406 0x27ac HidIr - ok
21:03:09.0422 0x27ac hidserv - ok
21:03:09.0453 0x27ac HidUsb - ok
21:03:09.0469 0x27ac HomeGroupListener - ok
21:03:09.0515 0x27ac HomeGroupProvider - ok
21:03:09.0547 0x27ac HpSAMD - ok
21:03:09.0578 0x27ac HTTP - ok
21:03:09.0625 0x27ac HvHost - ok
21:03:09.0687 0x27ac hvservice - ok
21:03:09.0703 0x27ac hwpolicy - ok
21:03:09.0734 0x27ac hyperkbd - ok
21:03:09.0765 0x27ac i8042prt - ok
21:03:09.0812 0x27ac iagpio - ok
21:03:09.0828 0x27ac iai2c - ok
21:03:09.0844 0x27ac iaLPSS2i_GPIO2 - ok
21:03:09.0844 0x27ac iaLPSS2i_I2C - ok
21:03:09.0890 0x27ac iaLPSSi_GPIO - ok
21:03:09.0906 0x27ac iaLPSSi_I2C - ok
21:03:10.0015 0x27ac [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
21:03:10.0062 0x27ac iaStorA - ok
21:03:10.0109 0x27ac iaStorAV - ok
21:03:10.0187 0x27ac [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:03:10.0203 0x27ac IAStorDataMgrSvc - ok
21:03:10.0234 0x27ac iaStorV - ok
21:03:10.0250 0x27ac ibbus - ok
21:03:10.0312 0x27ac icssvc - ok
21:03:11.0242 0x27ac [ 197FC03D62EEBCBCB8866B7EC0E1A6F0, 4197CBDAED113D13256C20FD2058E72C60EB2C28AE60EF6C3B3A0969CD7B2764 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:03:11.0367 0x27ac igfx - ok
21:03:11.0445 0x27ac [ 34CB407D6FCAB16C8C1A1C97C72D15AC, 4EBC135F8ECB9756F62C0918CB811420FAC36AAE78667D318B9F4BF01862ECBD ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:03:11.0477 0x27ac igfxCUIService2.0.0.0 - ok
21:03:11.0492 0x27ac IKEEXT - ok
21:03:11.0524 0x27ac IndirectKmd - ok
21:03:11.0586 0x27ac [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
21:03:11.0602 0x27ac intaud_WaveExtensible - ok
21:03:11.0711 0x27ac [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:03:11.0742 0x27ac IntcDAud - ok
21:03:11.0914 0x27ac [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:03:11.0945 0x27ac Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:03:11.0945 0x27ac Detect skipped due to KSN trusted
21:03:11.0945 0x27ac Intel(R) Capability Licensing Service Interface - ok
21:03:12.0218 0x27ac [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:03:12.0249 0x27ac Intel(R) Capability Licensing Service TCP IP Interface - ok
21:03:12.0296 0x27ac intelide - ok
21:03:12.0327 0x27ac intelpep - ok
21:03:12.0343 0x27ac intelppm - ok
21:03:12.0374 0x27ac iorate - ok
21:03:12.0390 0x27ac IpFilterDriver - ok
21:03:12.0436 0x27ac iphlpsvc - ok
21:03:12.0468 0x27ac IPMIDRV - ok
21:03:12.0468 0x27ac IPNAT - ok
21:03:12.0499 0x27ac irda - ok
21:03:12.0515 0x27ac IRENUM - ok
21:03:12.0536 0x27ac irmon - ok
21:03:12.0552 0x27ac isapnp - ok
21:03:12.0598 0x27ac iScsiPrt - ok
21:03:12.0802 0x27ac [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:03:12.0817 0x27ac jhi_service - ok
21:03:12.0911 0x27ac kbdclass - ok
21:03:12.0958 0x27ac kbdhid - ok
21:03:12.0973 0x27ac kdnic - ok
21:03:12.0989 0x27ac KeyIso - ok
21:03:12.0989 0x27ac KSecDD - ok
21:03:13.0020 0x27ac KSecPkg - ok
21:03:13.0036 0x27ac ksthunk - ok
21:03:13.0067 0x27ac KtmRm - ok
21:03:13.0098 0x27ac [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\WINDOWS\System32\drivers\L1C63x64.sys
21:03:13.0130 0x27ac L1C - ok
21:03:13.0161 0x27ac LanmanServer - ok
21:03:13.0161 0x27ac LanmanWorkstation - ok
21:03:13.0196 0x27ac lfsvc - ok
21:03:13.0226 0x27ac LicenseManager - ok
21:03:13.0226 0x27ac lltdio - ok
21:03:13.0242 0x27ac lltdsvc - ok
21:03:13.0273 0x27ac lmhosts - ok
21:03:13.0476 0x27ac [ 4799AAD825F79C187FBA948D299386E7, 4E3618CF59B81825CF3E2AEC070CC57E3869BFF7543BB151530F02A3947A22F8 ] LSC.Services.SystemService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
21:03:13.0492 0x27ac LSC.Services.SystemService - ok
21:03:13.0570 0x27ac LSI_SAS - ok
21:03:13.0570 0x27ac LSI_SAS2i - ok
21:03:13.0617 0x27ac LSI_SAS3i - ok
21:03:13.0648 0x27ac LSI_SSS - ok
21:03:13.0664 0x27ac LSM - ok
21:03:13.0695 0x27ac luafv - ok
21:03:13.0711 0x27ac MapsBroker - ok
21:03:13.0742 0x27ac megasas - ok
21:03:13.0780 0x27ac megasas2i - ok
21:03:13.0811 0x27ac megasr - ok
21:03:13.0858 0x27ac [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:03:13.0889 0x27ac MEIx64 - ok
21:03:13.0920 0x27ac MessagingService - ok
21:03:13.0967 0x27ac mlx4_bus - ok
21:03:13.0967 0x27ac MMCSS - ok
21:03:13.0998 0x27ac Modem - ok
21:03:14.0030 0x27ac monitor - ok
21:03:14.0030 0x27ac mouclass - ok
21:03:14.0061 0x27ac mouhid - ok
21:03:14.0076 0x27ac mountmgr - ok
21:03:14.0202 0x27ac [ 2419641B6E64F4F76D369110969DA77C, 6E3FBCA61089BFFA0B214CD8AFF35E8F85FD3240BBA75B05FA4E98B2453AEF55 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:03:14.0233 0x27ac MozillaMaintenance - ok
21:03:14.0280 0x27ac mpsdrv - ok
21:03:14.0295 0x27ac MpsSvc - ok
21:03:14.0342 0x27ac MRxDAV - ok
21:03:14.0358 0x27ac mrxsmb - ok
21:03:14.0389 0x27ac mrxsmb10 - ok
21:03:14.0405 0x27ac mrxsmb20 - ok
21:03:14.0436 0x27ac MsBridge - ok
21:03:14.0452 0x27ac MSDTC - ok
21:03:14.0467 0x27ac Msfs - ok
21:03:14.0498 0x27ac msgpiowin32 - ok
21:03:14.0498 0x27ac mshidkmdf - ok
21:03:14.0514 0x27ac mshidumdf - ok
21:03:14.0530 0x27ac msisadrv - ok
21:03:14.0561 0x27ac MSiSCSI - ok
21:03:14.0561 0x27ac msiserver - ok
21:03:14.0592 0x27ac MSKSSRV - ok
21:03:14.0608 0x27ac MsLldp - ok
21:03:14.0623 0x27ac MSPCLOCK - ok
21:03:14.0639 0x27ac MSPQM - ok
21:03:14.0655 0x27ac MsRPC - ok
21:03:14.0655 0x27ac mssmbios - ok
21:03:14.0670 0x27ac MSTEE - ok
21:03:14.0670 0x27ac MTConfig - ok
21:03:14.0670 0x27ac Mup - ok
21:03:14.0670 0x27ac mvumis - ok
21:03:14.0686 0x27ac NativeWifiP - ok
21:03:14.0717 0x27ac NcaSvc - ok
21:03:14.0717 0x27ac NcbService - ok
21:03:14.0717 0x27ac NcdAutoSetup - ok
21:03:14.0733 0x27ac ndfltr - ok
21:03:14.0733 0x27ac NDIS - ok
21:03:14.0733 0x27ac NdisCap - ok
21:03:14.0998 0x27ac NdisImPlatform - ok
21:03:15.0061 0x27ac NdisTapi - ok
21:03:15.0061 0x27ac Ndisuio - ok
21:03:15.0092 0x27ac NdisVirtualBus - ok
21:03:15.0123 0x27ac NdisWan - ok
21:03:15.0123 0x27ac ndiswanlegacy - ok
21:03:15.0139 0x27ac ndproxy - ok
21:03:15.0155 0x27ac Ndu - ok
21:03:15.0155 0x27ac NetAdapterCx - ok
21:03:15.0155 0x27ac NetBIOS - ok
21:03:15.0155 0x27ac NetBT - ok
21:03:15.0170 0x27ac Netlogon - ok
21:03:15.0186 0x27ac Netman - ok
21:03:15.0233 0x27ac netprofm - ok
21:03:15.0295 0x27ac NetSetupSvc - ok
21:03:15.0545 0x27ac NetTcpPortSharing - ok
21:03:15.0577 0x27ac NgcCtnrSvc - ok
21:03:15.0608 0x27ac NgcSvc - ok
21:03:15.0702 0x27ac [ 9B214FF571749C9055EEDFCE52A81F90, F1D0BD4DF34B6F5532B1756E50C6317D63DD71AB577D1F8CBA74A7A225456EB0 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
21:03:15.0717 0x27ac NitroDriverReadSpool8 - ok
21:03:15.0733 0x27ac NlaSvc - ok
21:03:16.0655 0x27ac [ BF15D119A19F8FD8B71F1E22C1BDA579, D24EFD135DB598DF2858AE8CDBEF92B439AE47F2880DD6E45D52ABD1E4FA5394 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
21:03:16.0670 0x27ac nlsX86cc - ok
21:03:16.0702 0x27ac Npfs - ok
21:03:16.0733 0x27ac npsvctrig - ok
21:03:16.0764 0x27ac nsi - ok
21:03:16.0764 0x27ac nsiproxy - ok
21:03:16.0811 0x27ac NTFS - ok
21:03:16.0811 0x27ac Null - ok
21:03:16.0858 0x27ac nvraid - ok
21:03:16.0858 0x27ac nvstor - ok
21:03:16.0920 0x27ac OneSyncSvc - ok
21:03:17.0092 0x27ac [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:03:17.0123 0x27ac ose - ok
21:03:17.0139 0x27ac p2pimsvc - ok
21:03:17.0170 0x27ac p2psvc - ok
21:03:17.0186 0x27ac Parport - ok
21:03:17.0202 0x27ac partmgr - ok
21:03:17.0233 0x27ac PcaSvc - ok
21:03:17.0248 0x27ac pci - ok
21:03:17.0311 0x27ac pciide - ok
21:03:17.0328 0x27ac pcmcia - ok
21:03:17.0328 0x27ac pcw - ok
21:03:17.0360 0x27ac pdc - ok
21:03:17.0375 0x27ac PEAUTH - ok
21:03:17.0391 0x27ac percsas2i - ok
21:03:17.0407 0x27ac percsas3i - ok
21:03:17.0422 0x27ac PerfHost - ok
21:03:17.0453 0x27ac PhoneSvc - ok
21:03:17.0469 0x27ac PimIndexMaintenanceSvc - ok
21:03:17.0519 0x27ac pla - ok
21:03:17.0535 0x27ac PlugPlay - ok
21:03:17.0535 0x27ac PNRPAutoReg - ok
21:03:17.0550 0x27ac PNRPsvc - ok
21:03:17.0566 0x27ac PolicyAgent - ok
21:03:17.0581 0x27ac Power - ok
21:03:17.0597 0x27ac PptpMiniport - ok
21:03:18.0331 0x27ac [ 77ABF70C71922873BC160933571B3F83, 7FCFBB4B42E7A92FCF11388CD5B600EA79A7C134F13A8A88CF8DCD3DB96C3F5A ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:03:18.0425 0x27ac PrintNotify - ok
21:03:18.0472 0x27ac Processor - ok
21:03:18.0503 0x27ac ProfSvc - ok
21:03:18.0519 0x27ac Psched - ok
21:03:18.0534 0x27ac QWAVE - ok
21:03:18.0566 0x27ac QWAVEdrv - ok
21:03:18.0597 0x27ac RasAcd - ok
21:03:18.0628 0x27ac RasAgileVpn - ok
21:03:18.0660 0x27ac RasAuto - ok
21:03:18.0675 0x27ac Rasl2tp - ok
21:03:18.0691 0x27ac RasMan - ok
21:03:18.0706 0x27ac RasPppoe - ok
21:03:18.0722 0x27ac RasSstp - ok
21:03:18.0722 0x27ac rdbss - ok
21:03:18.0769 0x27ac rdpbus - ok
21:03:18.0769 0x27ac RDPDR - ok
21:03:18.0800 0x27ac RdpVideoMiniport - ok
21:03:18.0800 0x27ac rdyboost - ok
21:03:18.0816 0x27ac ReFSv1 - ok
21:03:18.0863 0x27ac RemoteAccess - ok
21:03:18.0878 0x27ac RemoteRegistry - ok
21:03:18.0910 0x27ac RetailDemo - ok
21:03:18.0941 0x27ac RFCOMM - ok
21:03:19.0050 0x27ac [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
21:03:19.0081 0x27ac RichVideo64 - ok
21:03:19.0206 0x27ac RmSvc - ok
21:03:19.0222 0x27ac RpcEptMapper - ok
21:03:19.0253 0x27ac RpcLocator - ok
21:03:19.0253 0x27ac RpcSs - ok
21:03:19.0269 0x27ac rspndr - ok
21:03:19.0391 0x27ac [ 05E8543E0D8C07535944FC0CB15E0DA0, 8E076E7582C95E9251CB03D2F1F7FBA1E31ACAE21E16224C9ACDCC1489165A86 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
21:03:19.0422 0x27ac RTSUER - ok
21:03:19.0672 0x27ac [ FF8B926ABA5BDA6562D7106E8A92BE7B, 887007E4D3F90CF6228B21D75E5B89818C18A7F2E2DB66C85039E6ECB5A16A15 ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
21:03:19.0719 0x27ac rtsuvc - ok
21:03:19.0766 0x27ac s3cap - ok
21:03:19.0797 0x27ac SamSs - ok
21:03:19.0813 0x27ac SAService - ok
21:03:19.0844 0x27ac sbp2port - ok
21:03:19.0906 0x27ac SCardSvr - ok
21:03:19.0969 0x27ac ScDeviceEnum - ok
21:03:20.0016 0x27ac scfilter - ok
21:03:20.0047 0x27ac Schedule - ok
21:03:20.0063 0x27ac scmbus - ok
21:03:20.0078 0x27ac scmdisk0101 - ok
21:03:20.0141 0x27ac SCPolicySvc - ok
21:03:20.0170 0x27ac sdbus - ok
21:03:20.0178 0x27ac SDRSVC - ok
21:03:20.0194 0x27ac sdstor - ok
21:03:20.0209 0x27ac seclogon - ok
21:03:20.0269 0x27ac [ 07F83829E7429E60298440CD1E601A6A, 9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33 ] semav6msr64 C:\WINDOWS\system32\drivers\semav6msr64.sys
21:03:20.0285 0x27ac semav6msr64 - ok
21:03:20.0316 0x27ac SENS - ok
21:03:20.0347 0x27ac SensorDataService - ok
21:03:20.0378 0x27ac SensorService - ok
21:03:20.0410 0x27ac SensrSvc - ok
21:03:20.0425 0x27ac SerCx - ok
21:03:20.0425 0x27ac SerCx2 - ok
21:03:20.0441 0x27ac Serenum - ok
21:03:20.0456 0x27ac Serial - ok
21:03:20.0472 0x27ac sermouse - ok
21:03:20.0503 0x27ac SessionEnv - ok
21:03:20.0503 0x27ac sfloppy - ok
21:03:20.0550 0x27ac SharedAccess - ok
21:03:20.0613 0x27ac ShellHWDetection - ok
21:03:20.0628 0x27ac shpamsvc - ok
21:03:20.0644 0x27ac SiSRaid2 - ok
21:03:20.0660 0x27ac SiSRaid4 - ok
21:03:20.0816 0x27ac [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:03:20.0847 0x27ac SkypeUpdate - ok
21:03:20.0863 0x27ac smphost - ok
21:03:20.0894 0x27ac [ 6CFE5AB2A11DC8FD80B4CE74364C39BC, E271867F4944CFA1E3ED25061C190D00B808198E20153E56D22D63871019F315 ] smsbda C:\WINDOWS\system32\drivers\smsbda.sys
21:03:20.0910 0x27ac smsbda - ok
21:03:20.0957 0x27ac SmsRouter - ok
21:03:20.0988 0x27ac SNMPTRAP - ok
21:03:21.0113 0x27ac [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
21:03:21.0144 0x27ac Sony PC Companion - detected UnsignedFile.Multi.Generic ( 1 )
21:03:21.0144 0x27ac Detect skipped due to KSN trusted
21:03:21.0144 0x27ac Sony PC Companion - ok
21:03:21.0197 0x27ac spaceport - ok
21:03:21.0213 0x27ac SpbCx - ok
21:03:21.0229 0x27ac Spooler - ok
21:03:21.0260 0x27ac sppsvc - ok
21:03:21.0275 0x27ac srv - ok
21:03:21.0291 0x27ac srv2 - ok
21:03:21.0307 0x27ac srvnet - ok
21:03:21.0322 0x27ac SSDPSRV - ok
21:03:21.0338 0x27ac SstpSvc - ok
21:03:21.0416 0x27ac [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:03:21.0447 0x27ac ssudmdm - ok
21:03:21.0479 0x27ac StateRepository - ok
21:03:21.0510 0x27ac stexstor - ok
21:03:21.0557 0x27ac stisvc - ok
21:03:21.0572 0x27ac storahci - ok
21:03:21.0619 0x27ac storflt - ok
21:03:21.0650 0x27ac stornvme - ok
21:03:21.0682 0x27ac storqosflt - ok
21:03:21.0697 0x27ac StorSvc - ok
21:03:21.0713 0x27ac storufs - ok
21:03:21.0728 0x27ac storvsc - ok
21:03:21.0838 0x27ac [ 26B2BB5733F69B0A8306BAC37551F90A, 60F1A0C23727144B53F1C64348907AAD611F991C0A8C9F93AC8194210634420B ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:03:21.0869 0x27ac SUService - ok
21:03:21.0885 0x27ac svsvc - ok
21:03:21.0900 0x27ac swenum - ok
21:03:21.0900 0x27ac swprv - ok
21:03:21.0947 0x27ac Synth3dVsc - ok
21:03:21.0979 0x27ac SysMain - ok
21:03:22.0025 0x27ac SystemEventsBroker - ok
21:03:22.0088 0x27ac [ 48D2B8AA8C2F1C3360EC33554EC4E6D2, 0F66A9CBED9E70DA3CED6E009795000D41259AD345E3BD3C2EA2F2969588BB04 ] SystemUsageReportSvc_QUEENCREEK C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
21:03:22.0103 0x27ac SystemUsageReportSvc_QUEENCREEK - ok
21:03:22.0119 0x27ac TabletInputService - ok
21:03:22.0135 0x27ac TapiSrv - ok
21:03:22.0160 0x27ac Tcpip - ok
21:03:22.0160 0x27ac Tcpip6 - ok
21:03:22.0188 0x27ac tcpipreg - ok
21:03:22.0219 0x27ac tdx - ok
21:03:22.0235 0x27ac terminpt - ok
21:03:22.0266 0x27ac TermService - ok
21:03:22.0313 0x27ac Themes - ok
21:03:22.0360 0x27ac TieringEngineService - ok
21:03:22.0360 0x27ac tiledatamodelsvc - ok
21:03:22.0391 0x27ac TimeBrokerSvc - ok
21:03:22.0422 0x27ac TPM - ok
21:03:22.0438 0x27ac TrkWks - ok
21:03:22.0501 0x27ac TrustedInstaller - ok
21:03:22.0516 0x27ac tsusbflt - ok
21:03:22.0532 0x27ac TsUsbGD - ok
21:03:22.0547 0x27ac tunnel - ok
21:03:22.0579 0x27ac tzautoupdate - ok
21:03:22.0610 0x27ac UASPStor - ok
21:03:22.0641 0x27ac UcmCx0101 - ok
21:03:22.0641 0x27ac UcmTcpciCx0101 - ok
21:03:22.0657 0x27ac UcmUcsi - ok
21:03:22.0672 0x27ac Ucx01000 - ok
21:03:22.0688 0x27ac UdeCx - ok
21:03:22.0704 0x27ac udfs - ok
21:03:22.0721 0x27ac UEFI - ok
21:03:22.0721 0x27ac Ufx01000 - ok
21:03:22.0737 0x27ac UfxChipidea - ok
21:03:22.0768 0x27ac ufxsynopsys - ok
21:03:22.0831 0x27ac UI0Detect - ok
21:03:22.0846 0x27ac umbus - ok
21:03:22.0871 0x27ac UmPass - ok
21:03:22.0899 0x27ac UmRdpService - ok
21:03:22.0931 0x27ac UnistoreSvc - ok
21:03:22.0962 0x27ac upnphost - ok
21:03:23.0009 0x27ac UrsChipidea - ok
21:03:23.0024 0x27ac UrsCx01000 - ok
21:03:23.0040 0x27ac UrsSynopsys - ok
21:03:23.0065 0x27ac usbccgp - ok
21:03:23.0065 0x27ac usbcir - ok
21:03:23.0081 0x27ac usbehci - ok
21:03:23.0096 0x27ac usbhub - ok
21:03:23.0112 0x27ac USBHUB3 - ok
21:03:23.0128 0x27ac usbohci - ok
21:03:23.0143 0x27ac usbprint - ok
21:03:23.0143 0x27ac usbser - ok
21:03:23.0143 0x27ac USBSTOR - ok
21:03:23.0159 0x27ac usbuhci - ok
21:03:23.0180 0x27ac USBXHCI - ok
21:03:23.0180 0x27ac usb_rndisx - ok
21:03:23.0243 0x27ac UserDataSvc - ok
21:03:23.0258 0x27ac UserManager - ok
21:03:23.0540 0x27ac [ 8842ED1E87D7662F249B5B63501E693B, A6D71351C2F32295926664875369C0BF93C59541B023884BDAC684E1EA94487A ] USER_ESRV_SVC_QUEENCREEK C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
21:03:23.0571 0x27ac USER_ESRV_SVC_QUEENCREEK - ok
21:03:23.0603 0x27ac UsoSvc - ok
21:03:23.0603 0x27ac VaultSvc - ok
21:03:23.0603 0x27ac vdrvroot - ok
21:03:23.0634 0x27ac vds - ok
21:03:23.0649 0x27ac VerifierExt - ok
21:03:23.0649 0x27ac vhdmp - ok
21:03:23.0665 0x27ac vhf - ok
21:03:23.0665 0x27ac vmbus - ok
21:03:23.0681 0x27ac VMBusHID - ok
21:03:23.0681 0x27ac vmgid - ok
21:03:23.0712 0x27ac vmicguestinterface - ok
21:03:23.0712 0x27ac vmicheartbeat - ok
21:03:23.0712 0x27ac vmickvpexchange - ok
21:03:23.0745 0x27ac vmicrdv - ok
21:03:23.0760 0x27ac vmicshutdown - ok
21:03:23.0760 0x27ac vmictimesync - ok
21:03:23.0760 0x27ac vmicvmsession - ok
21:03:23.0760 0x27ac vmicvss - ok
21:03:23.0780 0x27ac volmgr - ok
21:03:23.0780 0x27ac volmgrx - ok
21:03:23.0780 0x27ac volsnap - ok
21:03:23.0812 0x27ac volume - ok
21:03:23.0841 0x27ac vpci - ok
21:03:23.0841 0x27ac vsmraid - ok
21:03:23.0857 0x27ac VSS - ok
21:03:23.0873 0x27ac VSTXRAID - ok
21:03:23.0904 0x27ac vwifibus - ok
21:03:23.0904 0x27ac vwififlt - ok
21:03:23.0904 0x27ac vwifimp - ok
21:03:23.0920 0x27ac W32Time - ok
21:03:23.0935 0x27ac WacomPen - ok
21:03:23.0982 0x27ac WalletService - ok
21:03:24.0013 0x27ac wanarp - ok
21:03:24.0013 0x27ac wanarpv6 - ok
21:03:24.0045 0x27ac wbengine - ok
21:03:24.0071 0x27ac WbioSrvc - ok
21:03:24.0077 0x27ac wcifs - ok
21:03:24.0109 0x27ac Wcmsvc - ok
21:03:24.0124 0x27ac wcncsvc - ok
21:03:24.0124 0x27ac wcnfs - ok
21:03:24.0140 0x27ac WdBoot - ok
21:03:24.0140 0x27ac Wdf01000 - ok
21:03:24.0156 0x27ac WdFilter - ok
21:03:24.0171 0x27ac WdiServiceHost - ok
21:03:24.0171 0x27ac WdiSystemHost - ok
21:03:24.0187 0x27ac wdiwifi - ok
21:03:24.0202 0x27ac WdNisDrv - ok
21:03:24.0234 0x27ac WdNisSvc - ok
21:03:24.0249 0x27ac WebClient - ok
21:03:24.0281 0x27ac Wecsvc - ok
21:03:24.0296 0x27ac WEPHOSTSVC - ok
21:03:24.0328 0x27ac wercplsupport - ok
21:03:24.0359 0x27ac WerSvc - ok
21:03:24.0359 0x27ac WFPLWFS - ok
21:03:24.0390 0x27ac WiaRpc - ok
21:03:24.0421 0x27ac WIMMount - ok
21:03:24.0421 0x27ac WinDefend - ok
21:03:24.0468 0x27ac WindowsTrustedRT - ok
21:03:24.0484 0x27ac WindowsTrustedRTProxy - ok
21:03:24.0499 0x27ac WinHttpAutoProxySvc - ok
21:03:24.0515 0x27ac WinMad - ok
21:03:24.0578 0x27ac Winmgmt - ok
21:03:24.0625 0x27ac WinRM - ok
21:03:24.0703 0x27ac WINUSB - ok
21:03:24.0718 0x27ac WinVerbs - ok
21:03:24.0765 0x27ac wisvc - ok
21:03:24.0812 0x27ac WlanSvc - ok
21:03:24.0843 0x27ac wlidsvc - ok
21:03:24.0843 0x27ac WmiAcpi - ok
21:03:24.0877 0x27ac wmiApSrv - ok
21:03:24.0908 0x27ac WMPNetworkSvc - ok
21:03:24.0939 0x27ac Wof - ok
21:03:24.0971 0x27ac workfolderssvc - ok
21:03:25.0017 0x27ac WPDBusEnum - ok
21:03:25.0033 0x27ac WpdUpFltr - ok
21:03:25.0064 0x27ac WpnService - ok
21:03:25.0064 0x27ac WpnUserService - ok
21:03:25.0096 0x27ac ws2ifsl - ok
21:03:25.0127 0x27ac wscsvc - ok
21:03:25.0142 0x27ac WSDPrintDevice - ok
21:03:25.0158 0x27ac WSDScan - ok
21:03:25.0174 0x27ac WSearch - ok
21:03:25.0221 0x27ac [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
21:03:25.0267 0x27ac wsvd - ok
21:03:25.0299 0x27ac wuauserv - ok
21:03:25.0299 0x27ac WudfPf - ok
21:03:25.0314 0x27ac WUDFRd - ok
21:03:25.0330 0x27ac wudfsvc - ok
21:03:25.0330 0x27ac WUDFWpdFs - ok
21:03:25.0330 0x27ac WUDFWpdMtp - ok
21:03:25.0346 0x27ac WwanSvc - ok
21:03:25.0385 0x27ac XblAuthManager - ok
21:03:25.0448 0x27ac XblGameSave - ok
21:03:25.0479 0x27ac xboxgip - ok
21:03:25.0526 0x27ac XboxNetApiSvc - ok
21:03:25.0573 0x27ac xinputhid - ok
21:03:25.0635 0x27ac ================ Scan global ===============================
21:03:25.0729 0x27ac [ Global ] - ok
21:03:25.0729 0x27ac ================ Scan MBR ==================================
21:03:25.0760 0x27ac [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:03:26.0107 0x27ac \Device\Harddisk0\DR0 - ok
21:03:26.0107 0x27ac ================ Scan VBR ==================================
21:03:26.0138 0x27ac [ 2E17CCD49D062E31E0B3A9684E00B350 ] \Device\Harddisk0\DR0\Partition1
21:03:26.0169 0x27ac \Device\Harddisk0\DR0\Partition1 - ok
21:03:26.0200 0x27ac [ C3176033020941E2EBB9159D1CDFFBA7 ] \Device\Harddisk0\DR0\Partition2
21:03:26.0200 0x27ac \Device\Harddisk0\DR0\Partition2 - ok
21:03:26.0232 0x27ac [ 8BAE10C7C382DC892756A9D0E473039A ] \Device\Harddisk0\DR0\Partition3
21:03:26.0232 0x27ac \Device\Harddisk0\DR0\Partition3 - ok
21:03:26.0263 0x27ac [ F5A529530EF5DB5350E971E33C81254D ] \Device\Harddisk0\DR0\Partition4
21:03:26.0263 0x27ac \Device\Harddisk0\DR0\Partition4 - ok
21:03:26.0294 0x27ac [ 5122B00C1E0E999E5CF0A458F0650CCD ] \Device\Harddisk0\DR0\Partition5
21:03:26.0326 0x27ac \Device\Harddisk0\DR0\Partition5 - ok
21:03:26.0372 0x27ac [ 03AD12C5EF9EE07B720AF1D09B4A77FE ] \Device\Harddisk0\DR0\Partition6
21:03:26.0419 0x27ac \Device\Harddisk0\DR0\Partition6 - ok
21:03:26.0466 0x27ac [ 9A20E57ED890E0C7CA48B383F2AD9784 ] \Device\Harddisk0\DR0\Partition7
21:03:26.0513 0x27ac \Device\Harddisk0\DR0\Partition7 - ok
21:03:26.0513 0x27ac ================ Scan generic autorun ======================
21:03:26.0685 0x27ac [ FFBFE1175531CD582D89796835CBB598, 7DC1FEB90AFC08C829001849985C7B20CB782F05CD9C000C6C9D42D3FDB1DDF4 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
21:03:26.0716 0x27ac cAudioFilterAgent - ok
21:03:26.0857 0x27ac [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
21:03:26.0888 0x27ac SmartAudio - ok
21:03:26.0888 0x27ac ETDCtrl - ok
21:03:27.0872 0x27ac [ AC2ECBAA39F816944A608926973EFDB7, 9C32F89B255B2690843EA96A331665B27A28E4EF67B16AC6D254FE593146F7D5 ] C:\WINDOWS\RTFTrack.exe
21:03:28.0029 0x27ac RtsFT - ok
21:03:28.0122 0x27ac [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
21:03:28.0138 0x27ac IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
21:03:28.0138 0x27ac Detect skipped due to KSN trusted
21:03:28.0138 0x27ac IAStorIcon - ok
21:03:28.0216 0x27ac [ 48EB2BD8D360E9C8D9A71968A477ADBE, 2E9D5D9790EC07279CDA6A213A90D52C764CD9338194C47DBA26C545D65853BA ] C:\WINDOWS\system32\igfxtray.exe
21:03:28.0247 0x27ac IgfxTray - ok
21:03:30.0107 0x27ac [ E0AD9F72153A7F55702C3170FDA7876C, 839A8D0B72C3A0530ACC447532CA4CACC19E3C91CEA6B9CBB9498D36DD2DFBE6 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
21:03:30.0373 0x27ac Energy Manager - ok
21:03:30.0435 0x27ac [ F0627CE818DA58BAE771DCD4669FA343, 070CE17C9DAC01CC5AE465DFA3FDD8A44ABF97AC8101ED238C96668027B6F10B ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
21:03:30.0451 0x27ac Lenovo Utility - ok
21:03:30.0529 0x27ac [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\WINDOWS\WindowsMobile\wmdc.exe
21:03:30.0560 0x27ac Windows Mobile Device Center - ok
21:03:30.0837 0x27ac [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] C:\Users\Administrator\Desktop\Everything\Everything.exe
21:03:30.0884 0x27ac Everything - detected UnsignedFile.Multi.Generic ( 1 )
21:03:30.0884 0x27ac Detect skipped due to KSN trusted
21:03:30.0884 0x27ac Everything - ok
21:03:31.0072 0x27ac [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
21:03:31.0103 0x27ac UpdateP2GShortCut - ok
21:03:31.0243 0x27ac [ 305C1D680482E937D65D2A43448629A1, EFCA1B8FB5F932276E1CE6679EB155CF643E2B3CCCE36AF07C68C2A82473C7F6 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
21:03:31.0259 0x27ac FUFAXRCV - ok
21:03:31.0384 0x27ac [ 92B992307F1BF5F9DE727ACDD5A4CD4A, B6F751A990A90C5346CE5C2B11EEB8A09F582835A63D3921E70E286E45C24475 ] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
21:03:31.0400 0x27ac FUFAXSTM - ok
21:03:31.0541 0x27ac [ 4ABA86D5B0D440F33BDBDBDAEA065C42, 434E035E4748D0E4CEB08E655FF9A1739FF7E0099CCCC42122A24736DE3DE7E3 ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
21:03:31.0557 0x27ac EEventManager - ok
21:03:31.0650 0x27ac [ 7D440447C6FCDEC9BBB739A048AA90CD, FA39828FD3FE9A1B57E1022B04729E7711C984E131CBE44BF1FAE73EF430D762 ] C:\WINDOWS\tsnp2std.exe
21:03:31.0681 0x27ac tsnp2std - detected UnsignedFile.Multi.Generic ( 1 )
21:03:31.0681 0x27ac Detect skipped due to KSN trusted
21:03:31.0681 0x27ac tsnp2std - ok
21:03:32.0135 0x27ac [ D9F25B1C673DEEF18A45AD2080DC9A5E, 76C4E520099F0CF3556158B6C154B68E4F954D4CA6A1851FB08979207F482200 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
21:03:32.0182 0x27ac StartCCC - ok
21:03:32.0807 0x27ac [ DBD8934E3909B60DA81A91BF53B76901, 29B061C5E05097394B8B9D7C6681783DB02735CE8AAD06BCC03C08617D778039 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
21:03:32.0838 0x27ac avgnt - ok
21:03:32.0932 0x27ac [ 2AB57E205B61BCB095168A97B8D2AC4D, 18D9709CED7F02B694405E62ED5BA8EBE737FF59BB2D9EFBF0335C0F3BEE105B ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
21:03:32.0947 0x27ac Avira SystrayStartTrigger - ok
21:03:33.0197 0x27ac OneDriveSetup - ok
21:03:33.0197 0x27ac OneDriveSetup - ok
21:03:33.0807 0x27ac [ 103C5E01E5705A4BD468CBC902AA8EEF, 7598411CE3BA9C79CF74E64A5691D92ADA8121735495C1AB3B56F9E6CA3B0FB1 ] C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
21:03:33.0963 0x27ac Vidalia - detected UnsignedFile.Multi.Generic ( 1 )
21:03:33.0963 0x27ac Vidalia ( UnsignedFile.Multi.Generic ) - warning
21:03:36.0713 0x27ac [ 3F6B014280D8A98ACC323BB28CA5BCA7, 724FE1E949D57E982B50CC6FBBA8BCB524C42592A39ED60D37042CC2C2E73CAB ] C:\Program Files\CCleaner\CCleaner64.exe
21:03:36.0885 0x27ac CCleaner Monitoring - ok
21:03:36.0901 0x27ac Object required for P2P: [ 3F6B014280D8A98ACC323BB28CA5BCA7 ] C:\Program Files\CCleaner\CCleaner64.exe
21:03:36.0916 0x27ac Object send P2P result: false
21:03:37.0229 0x27ac [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Manja\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:03:37.0276 0x27ac OneDrive - ok
21:03:37.0527 0x27ac [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:03:37.0559 0x27ac OneDrive - ok
21:03:37.0574 0x27ac AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.25.170 ), 0x41000 ( enabled : updated )
21:03:37.0574 0x27ac AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
21:03:37.0621 0x27ac Win FW state via NFP2: enabled ( trusted )
21:03:37.0621 0x27ac ============================================================
21:03:37.0621 0x27ac Scan finished
21:03:37.0621 0x27ac ============================================================
21:03:37.0637 0x276c Detected object count: 1
21:03:37.0637 0x276c Actual detected object count: 1
21:03:47.0806 0x276c Vidalia ( UnsignedFile.Multi.Generic ) - skipped by user
21:03:47.0806 0x276c Vidalia ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:05:17.0505 0x02c0 Deinitialize success
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 (ACHTUNG: ====> FRSTVersion ist 37 Tage alt und könnte veraltet sein)
durchgeführt von Manja (Administrator) auf LENOVO-PC (21-04-2017 21:06:50)
Gestartet von C:\Users\Manja\Desktop
Geladene Profile: Manja (Verfügbare Profile: Manja & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\Vidalia Relay Bundle\Tor\tor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Lenovo) C:\Users\Manja\AppData\Local\Apps\2.0\H1XBY3NA.MTY\ORDNQXPM.YZE\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9309936 2015-08-30] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [393208 2016-10-07] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-03-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-03-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Everything] => C:\Users\Administrator\Desktop\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-12-22] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [tsnp2std] => C:\WINDOWS\tsnp2std.exe [258048 2007-01-05] (SONIX)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [63432 2017-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\Run: [Vidalia] => C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe [6239727 2013-01-26] ()
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\MountPoints2: {152510a8-0b88-11e7-8381-4a5ab6dfb585} - "F:\AutoRun.exe"
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIVE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKLM\...\Providers\uccs53rf: C:\Program Files (x86)\Grotersp Mapper\local64spl.dll [310784 2017-02-07] ()
ShellExecuteHooks: Kein Name - {B7F52870-EABC-11E6-A3B1-64006A5CFC23} - C:\Users\Manja\AppData\Roaming\Valrythujaent\Faoing.dll [145408 2017-02-07] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2015-10-11]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\TMTV5Monitor.exe (ArcSoft, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a859d951-1702-4c70-843c-1f03b6a5db08}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> DefaultScope {F89CBD86-A9F4-11E4-826F-485AB6DFB586} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {0BB5F216-46AD-4421-8307-71AD5A980D61} URL =
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {F89CBD86-A9F4-11E4-826F-485AB6DFB586} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2024608735-1276328420-4132175576-1001 -> {FF9451C6-C472-4F44-98C3-0A2D6DCACFBE} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 [2017-04-21]
FF Homepage: Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 -> hxxps://www.ixquick.com/do/mypage.pl?prf=71655fbbbc8e4b165b2a6245f3e01481
FF NetworkProxy: Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971 -> type", 0
FF Extension: (Easy Screenshot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\easyscreenshot@mozillaonline.com.xpi [2017-03-05]
FF Extension: (Ghostery) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\firefox@ghostery.com.xpi [2017-03-05]
FF Extension: (HTTPS Everywhere) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\https-everywhere-eff@eff.org.xpi [2017-04-09]
FF Extension: (ProxTube) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\ich@maltegoetz.de.xpi [2017-04-21]
FF Extension: (YouTube mp3) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\info@youtube-mp3.org.xpi [2017-03-05]
FF Extension: (FireShot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2017-03-05]
FF Extension: (FlashGot) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2017-03-05]
FF Extension: (Youtube to MP3 Converter) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{37115292-022c-4500-a5da-95738388073a}.xpi [2017-03-06]
FF Extension: (NoScript) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-03-18]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-03-05]
FF Extension: (Video DownloadHelper) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-03-05]
FF Extension: (Adblock Plus) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-05]
FF Extension: (DownThemAll!) - C:\Users\Manja\AppData\Roaming\Mozilla\Firefox\Profiles\v589m9uz.default-1488680288971\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-03-05]
FF Extension: (Site Deployment Checker) - C:\Program Files\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-22] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-05] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-05] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-13] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-08-17] (Nitro PDF)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2024608735-1276328420-4132175576-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2017-02-06] (Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\firefox.js [2017-02-07]
|
|
21.04.2017, 20:24
| #6 |
| | Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab Teil 2 Code:
ATTFilter ==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487432 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487432 2017-03-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519136 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349096 2017-01-19] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2297104 2015-10-12] (Broadcom Corporation.)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365048 2016-10-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Datei ist nicht signiert]
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-02-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-02-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-02-15] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\WINDOWS\System32\drivers\avmeject.sys [14120 2014-11-21] (AVM Berlin)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-02-15] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [48584 2017-02-15] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2015-10-12] (Broadcom Corporation.)
S3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11245816 2015-07-31] (Broadcom Corp)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11245816 2015-07-31] (Broadcom Corp)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 fwlanusb5_nv2; C:\WINDOWS\system32\DRIVERS\fwlanusb5_nv2.sys [1322824 2014-11-21] (AVM GmbH)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3059440 2015-08-30] (Realtek Semiconductor Corp.)
U5 sbnetsys; C:\Windows\System32\Drivers\sbnetsys.sys [44648 2015-04-17] (NT Kernel Resources)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 smsbda; C:\WINDOWS\system32\drivers\smsbda.sys [89224 2014-04-27] (Siano)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-04-21 20:57 - 2017-04-21 21:05 - 00180284 _____ C:\Users\Manja\Desktop\TDSSKiller.3.1.0.15_21.04.2017_20.57.35_log.txt
2017-04-21 20:32 - 2017-04-21 20:57 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Manja\Desktop\tdsskiller.exe
2017-04-20 07:52 - 2017-04-21 20:54 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-11 00:09 - 2017-04-11 00:09 - 00211765 _____ C:\Users\Manja\Desktop\Fehler.txt
2017-04-10 22:59 - 2017-04-10 22:59 - 00002273 _____ C:\Users\Manja\Desktop\AdwCleaner[C5].txt
2017-04-10 22:52 - 2017-04-10 22:55 - 00045181 _____ C:\Users\Manja\Desktop\Addition.txt
2017-04-10 22:51 - 2017-04-21 21:07 - 00024550 _____ C:\Users\Manja\Desktop\FRST.txt
2017-04-10 22:46 - 2017-04-21 21:06 - 00000000 ____D C:\FRST
2017-04-10 22:36 - 2017-04-10 22:39 - 02424832 _____ (Farbar) C:\Users\Manja\Desktop\FRST64.exe
2017-04-09 22:03 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2017-04-09 22:03 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2017-04-09 20:25 - 2017-04-09 20:38 - 00000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2017-04-09 20:25 - 2017-04-09 20:30 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2017-04-09 20:25 - 2017-04-09 20:25 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2017-04-09 19:51 - 2017-04-09 19:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\NetworkTiles
2017-04-07 22:48 - 2017-04-07 22:48 - 00000064 _____ C:\Users\Administrator\Desktop\Liste.txt
2017-04-07 21:09 - 2017-04-07 21:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IrfanView
2017-04-07 19:23 - 2017-04-07 19:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Nitro
2017-04-07 19:23 - 2017-04-07 19:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\FileOpen
2017-04-07 11:22 - 2017-04-07 01:08 - 00380928 _____ C:\Users\Administrator\Desktop\gmer-2.2.19882.exe
2017-04-07 07:12 - 2017-04-07 07:12 - 00000000 _____ C:\WINDOWS\EEventManager.INI
2017-04-07 07:10 - 2017-04-07 07:10 - 00000126 _____ C:\Users\Administrator\Desktop\suchen.txt
2017-04-07 07:07 - 2017-04-07 07:07 - 00000000 ____D C:\Users\Manja\Desktop\Ordner
2017-04-07 07:04 - 2017-04-11 00:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Everything
2017-04-07 07:04 - 2017-04-07 07:04 - 00000000 ____D C:\Users\Administrator\Desktop\Everything
2017-04-07 07:04 - 2017-04-07 07:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2017-04-07 04:47 - 2017-04-09 22:03 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-04-07 04:47 - 2017-04-07 04:47 - 00004130 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9DEBC851-7D2C-4B48-9E0E-F39BF352DD8A}
2017-04-07 04:22 - 2017-04-07 04:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2017-04-07 04:21 - 2017-04-07 04:21 - 00002458 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ___RD C:\Users\Administrator\OneDrive
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Epson
2017-04-07 04:21 - 2017-04-07 04:21 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ArcSoft
2017-04-07 04:20 - 2017-04-07 04:20 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2017-04-07 04:19 - 2017-04-11 00:15 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2017-04-07 04:19 - 2017-04-09 22:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-04-07 04:19 - 2017-04-07 08:58 - 00000000 ____D C:\Users\Administrator
2017-04-07 04:19 - 2017-04-07 08:56 - 00000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2017-04-07 04:19 - 2017-04-07 04:19 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2017-04-07 04:19 - 2017-04-07 04:19 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI
2017-04-07 04:19 - 2017-02-28 05:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI
2017-04-07 04:19 - 2013-02-04 08:18 - 00000189 _____ C:\Users\Administrator\Desktop\Lenovo Telephony Start Now.url
2017-04-07 01:43 - 2017-04-07 01:43 - 00000000 ____D C:\ProgramData\ATI
2017-04-06 07:01 - 2017-04-07 01:08 - 00380928 _____ C:\Users\Manja\Desktop\gmer-2.2.19882.exe
2017-04-03 21:12 - 2017-04-03 21:12 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2017-04-03 19:42 - 2017-04-03 19:49 - 286261248 _____ C:\Users\Manja\Downloads\gparted-live-0.28.1-1-amd64.iso
2017-04-03 19:42 - 2017-04-03 19:42 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-04-03 19:37 - 2017-04-03 19:39 - 01496584 _____ C:\Users\Manja\Downloads\GParted Live 64 Bit ISO Image - CHIP-Installer.exe
2017-03-31 05:15 - 2017-04-11 00:14 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Everything
2017-03-31 05:15 - 2017-03-31 05:15 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2017-03-31 05:15 - 2017-03-31 05:15 - 00000000 ____D C:\Program Files\Everything
2017-03-31 05:13 - 2017-03-31 05:13 - 00000000 ____D C:\Users\Manja\Documents\Everything_1.3.4.686
2017-03-27 00:37 - 2017-03-27 00:38 - 00412748 _____ C:\WINDOWS\Minidump\032717-28515-01.dmp
2017-03-25 21:04 - 2017-03-25 21:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-03-25 20:45 - 2017-03-27 00:37 - 594119935 _____ C:\WINDOWS\MEMORY.DMP
2017-03-25 20:45 - 2017-03-27 00:37 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-25 20:45 - 2017-03-25 20:47 - 00413052 _____ C:\WINDOWS\Minidump\032517-31109-01.dmp
2017-03-25 07:51 - 2017-04-06 03:30 - 00000437 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-03-25 07:32 - 2017-03-25 07:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2017-03-25 05:22 - 2017-03-25 05:23 - 00000000 ____D C:\Users\Manja\AppData\Local\Deployment
2017-03-25 05:19 - 2017-03-25 05:21 - 00611400 _____ () C:\Users\Manja\Downloads\LSBsetup(1).exe
2017-03-22 21:14 - 2017-03-16 07:17 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-22 21:14 - 2017-03-16 07:17 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-22 21:14 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-22 21:14 - 2017-03-16 06:46 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-22 21:14 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-22 21:14 - 2017-03-16 06:19 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-22 21:14 - 2017-03-16 06:05 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-22 21:14 - 2017-03-16 06:03 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-22 21:05 - 2017-03-22 21:05 - 00000000 ____D C:\Users\Manja\Documents\Epson
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-04-21 21:03 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-21 21:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-21 20:57 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-21 20:56 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Manja\AppData\Roaming\tor
2017-04-21 20:55 - 2016-08-21 20:06 - 00000000 ____D C:\Users\Manja\AppData\Local\Vidalia
2017-04-21 20:55 - 2015-01-13 08:02 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-04-21 20:54 - 2016-02-24 11:28 - 00000000 __SHD C:\Users\Manja\IntelGraphicsProfiles
2017-04-21 20:34 - 2017-02-28 05:24 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-21 20:33 - 2016-11-25 13:06 - 00000000 ____D C:\Users\Manja\AppData\LocalLow\Mozilla
2017-04-21 20:29 - 2016-02-24 11:37 - 00002438 _____ C:\Users\Manja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-21 20:29 - 2016-02-24 11:37 - 00000000 ___RD C:\Users\Manja\OneDrive
2017-04-20 08:01 - 2017-02-28 04:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-20 07:58 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-20 07:51 - 2017-02-28 05:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-11 01:04 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-07 19:23 - 2014-06-03 11:42 - 00000000 ____D C:\ProgramData\tmp
2017-04-07 15:13 - 2017-02-28 05:22 - 02471578 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-07 15:13 - 2016-07-17 00:51 - 01043428 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-07 15:13 - 2016-07-17 00:51 - 00241188 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-07 04:19 - 2014-05-14 01:47 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-06 06:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2017-04-06 04:42 - 2017-03-16 02:48 - 00007600 _____ C:\Users\Manja\AppData\Local\Resmon.ResmonCfg
2017-04-06 00:35 - 2016-08-30 01:10 - 00000000 ____D C:\Users\Manja\AppData\Local\ElevatedDiagnostics
2017-04-03 20:03 - 2014-05-13 18:56 - 00000000 ____D C:\Users\Manja\AppData\Local\Packages
2017-04-01 17:49 - 2017-03-05 03:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-01 17:49 - 2014-05-17 21:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-30 23:06 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-30 23:06 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-27 00:56 - 2017-02-28 05:02 - 00000000 ____D C:\Users\Manja
2017-03-27 00:46 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-26 00:58 - 2017-03-05 03:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-25 08:02 - 2014-05-29 13:06 - 00000000 ____D C:\Users\Manja\AppData\Roaming\Nitro PDF
2017-03-24 00:27 - 2017-02-03 18:19 - 00000000 ____D C:\Users\Manja\Downloads\Intel Components
2017-03-24 00:19 - 2016-10-16 23:55 - 00000000 ____D C:\Users\Manja\Documents\My Albums
2017-03-24 00:19 - 2015-10-11 21:15 - 00000000 ____D C:\Users\Manja\AppData\Roaming\ArcSoft
2017-03-22 21:42 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-22 21:21 - 2016-10-28 17:51 - 00000000 ____D C:\Program Files (x86)\BILDmobil
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-02-08 00:52 - 2017-02-08 00:52 - 1907939 _____ () C:\Users\Manja\AppData\Roaming\Bioflex.tst
2017-03-16 02:48 - 2017-04-06 04:42 - 0007600 _____ () C:\Users\Manja\AppData\Local\Resmon.ResmonCfg
2017-02-28 04:53 - 2017-02-28 04:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-04-09 13:44
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Manja (21-04-2017 21:08:22)
Gestartet von C:\Users\Manja\Desktop
Windows 10 Home Version 1607 (X64) (2017-02-28 03:37:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2024608735-1276328420-4132175576-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2024608735-1276328420-4132175576-503 - Limited - Disabled)
Gast (S-1-5-21-2024608735-1276328420-4132175576-501 - Limited - Disabled)
Manja (S-1-5-21-2024608735-1276328420-4132175576-1001 - Administrator - Enabled) => C:\Users\Manja
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.2.4 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{435CE0C6-084B-7235-D55E-8C6E630D78EA}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcSoft Software Suite (HKLM-x32\...\{4A712D29-DBE3-4381-A331-AF4AE5BEB244}) (Version: - )
ArcSoft TV 5.0 (HKLM-x32\...\{94ED52E0-24A0-4AD8-9BFD-0560CA680A80}) (Version: 5.0.28.218 - ArcSoft, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.172 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{1f8bb480-f5d7-4414-a6ea-28e005509ae4}) (Version: 1.2.81.6390 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.6390 - Avira Operations GmbH & Co. KG) Hidden
Benutzerhandbuch (x32 Version: 1.0.0.17 - Lenovo) Hidden
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.1.18829 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
Energy Manager (x32 Version: 1.0.0.31 - Lenovo) Hidden
Epson Benutzerhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Useg) (Version: - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.62.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-2530 Series (HKLM-x32\...\WF-2530 Series Netg) (Version: - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0045 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4919.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 52.0.2 (x64 de) (HKLM\...\Mozilla Firefox 52.0.2 (x64 de)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla)
Nitro Pro 8 (HKLM\...\{84DAF9F1-513C-49F8-89D2-63CB3F4A7E39}) (Version: 8.5.7.1 - Nitro)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.320.0 - Tracker Software Products Ltd)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0231 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Tor 0.2.4.9-alpha (HKLM-x32\...\Tor) (Version: - )
ultron AG ultron DVB-T Stick (HKLM-x32\...\ultron AG ultron DVB-T Stick) (Version: 4.3.5.7 - ultron AG)
USB2.0 PC Camera (SN9C201&202) (HKLM-x32\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.22.000 - Sonix)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
Vidalia 0.2.21 (HKLM-x32\...\Vidalia) (Version: - )
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows-Treiberpaket - ultron AG (smsbda) MEDIA (04/27/2014 4.3.5.7) (HKLM\...\37842D1EA68B09186EEC8F2AE7AB5BF2FF059EFD) (Version: 04/27/2014 4.3.5.7 - ultron AG)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {007CE586-4B43-4396-BFE2-48C8514C822D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {008A7AF6-95D9-43D8-A75B-1373322D096C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {0AF08785-5B75-4A1D-8B84-44A6BF45F641} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {1130142D-1830-4153-B73C-1581E70F4141} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {1199A92B-5DF3-49A8-A505-D7FEB1C8ECD9} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {144A3231-260C-4785-9393-3D9DD121C367} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {25AB9E8F-02F4-49FE-93DA-D8D24303AC8A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {2B70B99A-C3F8-4818-9ADE-63195674E9BF} - System32\Tasks\{5CCF53E0-6195-7F54-A07D-AE72C1E5B301} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\de0915e3\9a636640.dll" <==== ACHTUNG
Task: {3362DCCF-B0FD-413F-84E4-CD6AFF019356} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {483B62EE-FDC9-404A-ADF8-A68EB03E4578} - System32\Tasks\Grotersp Mapper => C:\Program Files (x86)\Clerbespdremerle\rerjupy.exe
Task: {48FF7396-B258-4F3D-A824-CA9F5E06DBB9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4C18A89B-BCED-4D53-988C-3B9FF2D9D036} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {4C3373A6-B580-4D06-982D-0456F128C31A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {5442CF63-E79F-4E46-9FEA-E831ADA4D657} - \Lenovo\Lenovo Service Bridge\S-1-5-21-2024608735-1276328420-4132175576-1001 -> Keine Datei <==== ACHTUNG
Task: {5997D2F3-C670-4A8F-97AC-0E54F8541177} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5F651B40-E495-40FC-97CC-B769D51E3625} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {5FB14A42-4AF0-4FCF-ACA5-C9AAB1A5AC30} - System32\Tasks\{5B99FE32-EC32-4999-CADC-3708E75AFA31} => C:\ProgramData\{1234AB96-A59F-1C3D-87BC-4DC6AFCEA6B8}\C27A3036-75D1-879D-3EA9-9F8FB2081826.exe <==== ACHTUNG
Task: {5FE19C98-5417-4C21-A91A-205AE70A2CE4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {60B080EC-5184-4AB0-B6BA-4FC6DD8F78B2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {6712DD73-AC71-419E-819B-8BBD8937253F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-16] (Microsoft Corporation)
Task: {69995769-F31F-4B57-B315-12E77BE81A30} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-08-24] (Lenovo)
Task: {7BBB3BD4-C6F6-4E53-88CA-8DF876BA46E0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9A16F10C-3941-40EC-8E53-4D6A0AD6E30A} - \WPD\SqmUpload_S-1-5-21-2024608735-1276328420-4132175576-1001 -> Keine Datei <==== ACHTUNG
Task: {A97D182E-6FD5-4958-B722-8B7AEF57915D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {ABA34A64-4C7A-4B97-A40B-E3FAEC12C771} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {AFF68E91-0BEB-46CA-983A-953F2E6C8006} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {B352E0CE-D6FF-4FC1-9638-7FCBF2C5DA91} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {B8ACA62D-0C89-4170-94AD-D8CA9BA18F3B} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe
Task: {BDB645B7-5705-4CF1-93E9-A218011E3CA0} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [2017-02-06] (Tracker Software Products (Canada) Ltd.)
Task: {C5E1E20C-B993-414C-8950-C242C3BC2BFF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {DC54BA35-E04E-4660-BF9F-072D454DB84E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {EFB1B60A-BE55-495E-B471-04CFE945341B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F3A0743A-9069-41A6-8B85-645E032923B4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {F6B9BC7D-407E-4F6C-B928-EE278BAA6425} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-08-24] ()
Task: {F742BC81-DCCF-42E3-9077-D19C28618FB7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Manja\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {FD53AFDF-952D-40F3-A8F0-158CF45A66A3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {FFB2CA41-85E2-4DDD-93CA-3D0AC3D27C5C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Manja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk -> C:\Users\Manja\Desktop\Ordner\Tor Browser\Browser\firefox.bat (Keine Datei)
Shortcut: C:\Users\Manja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (Keine Datei)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-03-12 03:03 - 2012-04-24 12:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-11-17 23:05 - 2016-11-17 23:05 - 00156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2017-01-29 22:45 - 2017-01-18 17:36 - 00023416 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-02-07 23:24 - 2017-02-07 23:23 - 00145408 _____ () C:\Users\Manja\AppData\Roaming\Valrythujaent\Faoing.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-16 03:32 - 2017-03-04 09:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-07 00:07 - 2016-10-07 00:07 - 00393208 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-02-28 04:35 - 2017-02-28 04:35 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 03:32 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 03:32 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-16 03:32 - 2017-03-04 08:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-16 03:32 - 2017-03-04 08:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-10 22:04 - 2017-04-10 22:08 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 22:04 - 2017-04-10 22:08 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 22:04 - 2017-04-10 22:08 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 22:04 - 2017-04-10 22:08 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2013-01-26 14:02 - 2013-01-26 14:02 - 06239727 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe
2000-01-01 01:00 - 2000-01-01 02:00 - 03096064 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\tor.exe
2017-02-08 04:52 - 2017-02-08 04:52 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-01-15 07:38 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2009-06-23 04:42 - 2009-06-23 04:42 - 00043008 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\libgcc_s_dw2-1.dll
2011-08-24 00:59 - 2011-08-24 00:59 - 00047972 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\mingwm10.dll
2015-10-11 21:15 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uPiApi.dll
2015-10-11 21:15 - 2013-09-02 09:45 - 00016384 _____ () C:\Program Files (x86)\ArcSoft\ArcSoft TV 5.0\uTVMUIEngine.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00719217 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libevent-2-0-5.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00092599 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libssp-0.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00523262 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\libgcc_s_sjlj-1.dll
2017-02-01 23:46 - 2000-01-01 02:00 - 00107520 _____ () C:\Program Files (x86)\Vidalia Relay Bundle\Tor\zlib1.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-02-07 23:23 - 00007503 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2024608735-1276328420-4132175576-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "emsisoft anti-malware"
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "avgnt"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{7FD5A268-6318-48F0-8D91-557CEA5E5BC9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{468F2A13-871E-419E-8131-BDCCD8EC0650}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{959E9D9F-BF07-476F-B6A3-B75BA71E4E26}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{7A5E8E0A-128C-4F5A-9FCD-599D552B2A72}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{C41149A8-34A4-49AF-B780-D8057222A577}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{2537BB56-6DCB-4828-AA2B-4019C03D21B2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{D9852551-C2C2-46AE-8563-737DB5119F16}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AD7A18C9-3CA1-4090-B4DD-D49D6ECFA06B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{ABA2D586-0848-41C9-B75B-94D23CE8B2C1}] => (Allow) %systemroot%\system32\alg.exe
==================== Wiederherstellungspunkte =========================
22-03-2017 21:15:54 Windows Update
30-03-2017 23:04:02 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft Kerneldebugger-Netzwerkadapter
Description: Microsoft Kerneldebugger-Netzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/21/2017 09:08:19 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LENOVO-PC)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe5
Error: (04/21/2017 08:35:18 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Error: (04/21/2017 08:35:07 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Error: (04/20/2017 08:01:10 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Error: (04/20/2017 08:01:06 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Error: (04/20/2017 07:58:40 AM) (Source: chip 1-click download service) (EventID: 0) (User: )
Description: |ERORRS=;(380) error at getOrdersForVersion:Der Remotename konnte nicht aufgelöst werden: 'service.chip-secured-download.de'
;(180) error at GetHttpWebRequest: 1Der Remotename konnte nicht aufgelöst werden: 'api.chip-secured-download.de'
;(480) Could not load new Downlaoder
Error: (04/20/2017 07:51:35 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed
Error: (04/11/2017 12:51:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.OneConnect_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (04/11/2017 12:51:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „E0469640.CameraMan_5grkq8ppsgwt4!App“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (04/11/2017 12:18:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Bei der Aktivierung der App „Microsoft.Getstarted_5.0.13.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (04/21/2017 08:54:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (04/21/2017 08:35:08 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-03-05 02:17:37.039
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 02:13:48.866
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 02:08:50.229
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-03-05 02:07:50.147
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 02:07:50.139
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 02:05:31.368
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-03-05 01:59:37.819
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 01:58:40.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.
Date: 2017-03-05 01:45:29.239
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-03-05 01:16:53.221
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 5832.46 MB
Summe virtueller Speicher: 17832.27 MB
Verfügbarer virtueller Speicher: 15484.86 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:891.53 GB) (Free:834.09 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.2 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 401F9FD4)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
28.04.2017, 20:15
| #7 |
| /// TB-Ausbilder | Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab Servus, FRST bitte erneut ausführen, die verwendete Version ist veraltet. |
|
02.05.2017, 15:08
| #8 |
| /// TB-Ausbilder | Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. Profilnachricht inklusive Link zum Thema an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Ordner vom Desktop verschwunden - PC zeitweise langsam, WLAN bricht immer wieder ab |
| 100%, antivirus, ausgelastet, blockiert, converter, dateien unsichtbar, desktop, dringend, festplatte, firefox, home, homepage, hängt, langsam, mozilla, mp3, problem, prozesse, realtek, registry, scan, schädling, software, system, taskmanager, windows, windowsapps |
Hybrid-Darstellung
