Trojaner verändert Farbeinstellungen von Windows 10 & Mozilla

AZEdeluxe · 27.04.2017, 09:08

Hallo zusammen,

bin neu hier und hoffe ich mach alles richtig. Falls nicht, jetzt schon mal sry dafür.

Der Laptop meines Schwiegervaters hat meiner Meinung nach einen Virus/Trojaner, kenne die Unterschiede leider nicht.

Nachdem er seinen Rechner neu hochgefahren hatte, war auf einmal alles Schwarz. Hintergundbild weg, Menüleise von Windows usw. und die Farben in grellen Tönen eingestellt. (siehe Bilder, Hintergrundbild wurde nachträglich wieder hergestellt von Ihm)

Wenn ich die Farben über Windows ändern möchte geht das nicht. (blockiert bzw. auch nur dunkle Farben zur Auswahl)

Darauf hin habe ich HijackThis verwendet und eine Maleware Software (name vergessen). Über die Maleware Software habe ich einen Browser Trojaner entfernt, der eine unseriöse Suchmaschine als Startseite festgelegt hat (glaube das Ding hieß searchfly). Ich vermute, dass er sich auch darüber dann den Trojaner geholt hat.
Hijack hat leider nichts finden können.

Wenn ich das Problem Google: "Windows schwarz", Bildschirm schwarze Farben, Trojaner Schwarzes Windows, Windows Farben verändert, etc... komme ich hautsächlich zu Themen die entweder mit kaputten Grafikkarten oder den Settings von Windows zutun haben.

Einige Einträge unter anderm auch hier im Forum habe ich gefunden, diese beschreiben aber einen etwas anderen Sachverhalt und sind auch schon recht alt (2013).

Wenn mir jemand helfen könnte wäre das super. Möchte irgendwie das Drama Format C vermeiden. Bzgl. Rechner kann ich erst am Wochenende wieder genaueres sagen, da wir erst dann wieder bei den Schwiegereltern sind.

Danke schon mal

M-K-D-B · 28.04.2017, 20:30

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

AZEdeluxe · 30.04.2017, 20:16

Hallo,

danke für die Hilfe.
Hier die Codes von FRST

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-04-2017
durchgeführt von Wolf-Rüdiger Kaiser (30-04-2017 21:04:45)
Gestartet von D:\
Windows 10 Pro Version 1607 (X64) (2016-10-14 13:26:24)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4246772196-3469511708-1303041041-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4246772196-3469511708-1303041041-503 - Limited - Disabled)
Gast (S-1-5-21-4246772196-3469511708-1303041041-501 - Limited - Disabled)
Wolf-Rüdiger Kaiser (S-1-5-21-4246772196-3469511708-1303041041-1001 - Administrator - Enabled) => C:\Users\Wolf-Rüdiger Kaiser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HP Officejet 5740 series - Grundlegende Software für das Gerät (HKLM\...\{4029319E-A53E-4FAA-A2FA-D0091D85EB17}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{4D139017-971D-45CF-B94E-26C4DC93A814}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM-x32\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Photo Creations (HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\HP Photo Creations) (Version: 1.0.0.22032 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.4.14.41 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.6.14.19 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.7.17 - SunplusIT)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.15.132.1 - Intel Security)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4256 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{1A51AA9E-D4BC-4318-9419-B55EA4C95B3C}) (Version: 17.1.1525.1443 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{475ea806-cb2a-455b-bb1b-9f99342b2fe2}) (Version: 19.40.0 - Intel Corporation)
Lenovo Anzeige am Bildschirm (Version: 8.85.03 - Lenovo) Hidden
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Mouse Suite (HKLM\...\MouseSuite98) (Version: 6.74 - Lenovo)
Lenovo Power Management Driver (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.016.00 - Lenovo)
Lenovo Settings - Power (x32 Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{DB529F41-7844-4FD9-B660-CE829E59A71E}) (Version: 3.1.002.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.076.00 - Lenovo)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.523.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.127 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional 2013 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 15.0.4919.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA WMI 2.22.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.22.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
PC Cleaner v5.0 (HKLM-x32\...\PC Cleaner_is1) (Version: 5.0 - PC HelpSoft)
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
PowerDVD Create 10 (x32 Version: 10.0.1.3222 - CyberLink Corp.) Hidden
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21288 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7756 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Studie zur Verbesserung von HP Officejet Pro 8100 Produkten (HKLM\...\{B1153774-BFFE-4D42-AC2C-6503DBE96EBA}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
SuperEasy Driver Updater v.1.1.1 (HKLM-x32\...\{039BC111-D60F-A6FF-85F4-7992EA886B8D}_is1) (Version: 1.1.1 - SuperEasy Software GmbH & Co. KG)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
ThinkPad Settings Dependency (Version: 3.0.0.12 - Lenovo) Hidden
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 10.1.506.2015 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC Updater (HKLM-x32\...\VLC Updater) (Version: 1.0 - VLC Updater) <==== ACHTUNG
WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.4514 - CyberLink Corp.)
WaveEditor (x32 Version: 1.0.1.4514 - CyberLink Corp.) Hidden
Windows Driver Package - Lenovo 1.67.10.15 (06/22/2015 1.67.10.15) (HKLM\...\116858BC299A848A634E4FC927990093F81F608D) (Version: 06/22/2015 1.67.10.15 - Lenovo)
Windows Driver Package - Realtek Semiconduct Corp. (RTSPER) MTD  (05/29/2015 10.0.10125.21277) (HKLM\...\4E55DAEF56C7E4B0BFE2CA2C3C55718B1DB7B3B9) (Version: 05/29/2015 10.0.10125.21277 - Realtek Semiconduct Corp.)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/29/2015 6.0.1.7572) (HKLM\...\FB7FCBF0F17BC6F027BA3449CC8B02C4445C5565) (Version: 07/29/2015 6.0.1.7572 - Realtek Semiconductor Corp.)
Windows Driver Package - Synaptics (SmbDrv) System  (07/24/2015 19.0.17.2) (HKLM\...\D46201570EE858381BA5A517C517317159E0F49A) (Version: 07/24/2015 19.0.17.2 - Synaptics)
Windows Driver Package - Synaptics (SynTP) Mouse  (07/24/2015 19.0.17.2) (HKLM\...\BCACBD4A2C3424D2C4AB53EE766C3F38399CEB15) (Version: 07/24/2015 19.0.17.2 - Synaptics)
Windows Driver Package - Synaptics FP Sensors (WUDFRd) Biometric  (07/28/2015 4.5.317.0) (HKLM\...\FD3941EBC31C6FC067D7184B5EB55011CBFBB255) (Version: 07/28/2015 4.5.317.0 - Synaptics FP Sensors)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => K (Der Dateneintrag hat 10 mehr Zeichen).

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {028926CC-E32D-4E90-B678-6E4938464203} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-04] (Realtek Semiconductor)
Task: {0B2CBFBC-9760-45F1-81CA-8C72ED40A105} - System32\Tasks\PC Cleaner Schedule => C:\Program Files (x86)\PC Cleaner\PCCSchedule.exe [2017-03-03] (PCHelp Soft)
Task: {0B689A78-7C07-4BE3-88CE-E9B7250EDCA3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-03-04] (Realtek Semiconductor)
Task: {0BC77D93-3558-4C5B-B63E-41B74770186C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {0F3B0329-DBF4-46D7-9B41-EC6130BFBFFB} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-02-22] (McAfee, Inc.)
Task: {144FE919-0373-478F-AC4B-CFC9559987F4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {1AA9BA18-4A13-461B-A4FB-DA63CC78A8C6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ab328426-eb1e-4401-abe3-f4a0298eac8f => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {2699E22C-0EE9-4190-94DD-44280FF29846} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe [2014-07-17] (SuperEasy Software)
Task: {2DE3565E-359C-49C4-941F-F66C6E969EFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {3C1BDD8C-1BFE-43EA-BC9F-536B1280FB18} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {3CDB3236-8FFA-4191-8FFE-468ECAE4B5FA} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {4019354F-1837-41D7-8520-881E2B6A9806} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {42BC0D5F-439B-4187-8B8F-4A74FD42E6DB} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {45AB6103-DC1C-4571-83E4-C2979A22FD24} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {47764D1F-4889-4ADF-AD8D-8841CC266371} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {4EE240C3-5FB2-4130-8E9C-F410FE81C3A8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6001092b-0b1d-435e-aa26-92d529425b17 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {4F8BFC3F-B939-4DEA-AF5A-EB5544F8E98B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {532A43DE-EC74-4667-B66F-EFC2CAAB7D29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {556EBB6A-3B54-4781-A37E-886D5A605F24} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {5C902D20-42CB-48E4-93DF-D2AE9AAD20FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {6433F0DC-FEDC-4405-AEB1-55CF98BEC4DB} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {71847799-6E31-4EB4-89A2-8216FC9BFD09} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {7382A6BF-6231-4F2F-8790-D3894F8B908F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {8841BA53-ED44-4561-97E3-84E9D2899FEF} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-12-12] (Lenovo)
Task: {88A93ABA-4D26-4F26-92A8-3DE528891C6D} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2013-03-06] (CyberLink)
Task: {895C28AC-5202-43A2-BB2D-F26D47425B8B} - System32\Tasks\HP AR Program Upload - 1519524a51754b0ca6862317aac6f33dc9fcbb5ccdd0431cbc623d8730f62132 => C:\Program Files\HP\HP Officejet 5740 series\bin\HPRewards.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {89C39F4D-78CF-4A9B-987E-4C1F245D35DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-10] (Google Inc.)
Task: {8BF4B716-1339-4C72-BCEA-C59C0C06AAA4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {91F81EB8-3173-4580-B73E-C4A735D73AEA} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe [2011-09-23] ()
Task: {92319297-CDE1-4F46-9682-241C7B00D468} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-09-05] (Lenovo)
Task: {A09126BB-9091-4FF2-9A24-EF0C1E4BFD16} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-09-05] ()
Task: {A484AE41-608B-4F43-B925-BD11DE33A10E} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {AC6989B4-6240-4DC8-B355-5789A02F7E26} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-04] (Realtek Semiconductor)
Task: {B3953A3B-2857-4F97-A552-294AB4DECB88} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-09-05] (Lenovo)
Task: {BB00BBD9-CD60-4BEC-A089-5B9DF779B5EE} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {CB5DD811-584F-4A1C-A153-87A5F825DC90} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {D77795CE-9876-442F-B012-D36993589AA5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {DAE4DE1D-7C2B-4AB2-B85A-BA5AF454C81C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-10] (Google Inc.)
Task: {E606A7CA-5197-4D7A-825B-9C76B332297E} - System32\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {ED135A3E-3BD5-48CF-A89D-BD0DA38FFA46} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {F4829AAB-883E-4D06-B708-44E1A9F6AA89} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {F8834439-7C63-4F46-BA3E-2D0BFDA6C611} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {F91F895D-842B-4F83-90FC-1BF6C940C060} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe 
Task: {FBE37EDA-0728-48DB-A0BC-B22066AC65D8} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FC6C60A7-5351-4859-AB9A-0AB23B0BCAD6} - System32\Tasks\HPCustParticipation HP Officejet Pro 8100 => C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPCustPartic.exe [2012-11-01] (Hewlett-Packard Co.)
Task: {FEBE0154-8ABF-4588-97BB-79C02DCA56C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-13] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-12-03 11:22 - 2015-07-23 06:02 - 03164816 _____ () C:\Windows\system32\nvwmi64.exe
2015-12-12 07:09 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-12-12 09:51 - 2015-07-09 12:17 - 00184088 _____ () C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-14 15:19 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-03 11:22 - 2015-07-23 06:02 - 03164816 _____ () C:\WINDOWS\system32\nvwmi64.exe
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-14 16:13 - 2016-10-14 16:13 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 17:04 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 17:05 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 17:05 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 17:05 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-14 19:55 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-14 19:55 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-14 19:55 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-24 19:34 - 2017-02-20 08:03 - 00213880 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-12-12 09:51 - 2015-07-09 12:42 - 00026248 _____ () C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
2015-12-12 09:51 - 2015-07-09 12:17 - 00233240 _____ () C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelElvDm.exe
2017-04-04 10:38 - 2017-04-04 10:39 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-04-04 10:38 - 2017-04-04 10:39 - 22723584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-04-04 10:38 - 2017-04-04 10:39 - 00448512 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-04-04 10:38 - 2017-04-04 10:39 - 05427200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 17:40 - 2016-06-03 17:41 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-04-04 10:38 - 2017-04-04 10:39 - 00435712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-04-04 10:38 - 2017-04-04 10:39 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 11:51 - 2016-03-04 11:52 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-04-26 10:01 - 2017-04-26 10:02 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-26 10:01 - 2017-04-26 10:02 - 00190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-26 10:01 - 2017-04-26 10:02 - 43011072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-26 10:01 - 2017-04-26 10:02 - 02451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-15 17:05 - 2017-03-04 08:04 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2015-07-07 03:36 - 2015-07-07 03:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-12-03 11:22 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-06 22:49 - 2013-03-06 22:49 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2013-03-06 22:52 - 2013-03-06 22:52 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2017-04-21 22:59 - 00000846 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Control Panel\Desktop\\Wallpaper -> c:\users\wolf-rüdiger kaiser\pictures\saved pictures\amg-gt-r-2016.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9FBB39AE-BF3A-4269-BD52-B60C2C3B454C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{51320BEB-B5E9-42C3-A11A-5FFE7B50E7E6}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{45C88AE5-9C5A-47E1-AD93-C5AA0AE7F010}] => (Allow) LPort=5357
FirewallRules: [{F84EDD41-9A7A-4074-A25C-7812F714CB13}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{FBC5A9BD-1AF4-4E65-9D06-7989366B19AF}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{3C6C58E2-47B0-47A0-A864-60FC4F516D31}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{544E7F3B-DDFB-4EF0-86DD-24944D11CA1F}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{F6B3A693-8755-4B34-BA19-0C3CF00A9650}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{76F158F5-32A8-48D9-8A4D-8407EE077CA8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{BFEC2B77-FA42-4DA8-B71B-B30C73D851E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{00F18B3C-1FF5-4B76-B829-70C31011AC3B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D734CB3C-A80D-4579-8C67-6858B87144B8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{1823F631-9C64-4DEB-B501-DBA5F4074B07}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\DeviceSetup.exe
FirewallRules: [{48A75FEB-005C-4563-8F07-2F886E3397F8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicator.exe
FirewallRules: [{C9CD3A2D-A07B-4FAC-ADEF-721799332653}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{29DA1674-E7CD-4614-88D0-AB83E76E2C2C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B90772F-ED79-4FF9-BB53-FBDEA448B6FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E036E14D-8142-4FEB-8B42-886D6D531E82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8E29FBCE-76E9-435F-A1F4-54B4B18266F7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

==================== Wiederherstellungspunkte =========================

13-04-2017 15:06:03 Windows Update
20-04-2017 17:30:25 Geplanter Prüfpunkt
30-04-2017 02:28:45 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/30/2017 08:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x22c8
Startzeit der fehlerhaften Anwendung: 0x01d2c1dd5df0eef2
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: c0c7829b-ae97-4d2b-9c62-54a81e0abfc6
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 05:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x2f04
Startzeit der fehlerhaften Anwendung: 0x01d2c1c84065b7b6
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 81ef94cc-806c-4d62-82fd-d92ee390f32f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 04:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x3e10
Startzeit der fehlerhaften Anwendung: 0x01d2c1bfdea238f4
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: b11be380-94e1-4842-8184-00fff898a094
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 03:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x740
Startzeit der fehlerhaften Anwendung: 0x01d2c1b77cdd92b9
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 57e80623-9476-465e-8b40-6248ce6f7f54
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 02:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x3790
Startzeit der fehlerhaften Anwendung: 0x01d2c1af1b17ec0d
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 92753d9d-0605-41fc-87b1-4073d9fb599c
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 01:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x1adc
Startzeit der fehlerhaften Anwendung: 0x01d2c1a6b9543aba
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: e29429f5-4126-4213-83de-7e9d0f9f369c
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 12:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x14d0
Startzeit der fehlerhaften Anwendung: 0x01d2c19e57915918
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: fd0bb725-bb5c-4b2b-8079-d9cca40a7bee
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 11:41:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x3120
Startzeit der fehlerhaften Anwendung: 0x01d2c195f5cb0d36
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 708380ea-19f8-4e09-ac55-e5fc2738ccd5
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 10:41:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x2c30
Startzeit der fehlerhaften Anwendung: 0x01d2c18d94067de2
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: d5dbd975-1b13-47ed-aa0b-fed24dd8ae37
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 09:41:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x193c
Startzeit der fehlerhaften Anwendung: 0x01d2c18532420d9d
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 5c06e446-3c81-4890-ae2a-e948b51081da
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (04/30/2017 06:36:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 06:19:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (04/30/2017 03:59:07 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR17 gefunden.

Error: (04/30/2017 02:21:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (04/28/2017 10:55:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/28/2017 10:14:39 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR16 gefunden.

Error: (04/27/2017 05:32:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/27/2017 05:15:52 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.131
registriert werden. Der Computer mit IP-Adresse 192.168.2.145 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (04/27/2017 05:10:42 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.131
registriert werden. Der Computer mit IP-Adresse 192.168.2.145 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (04/27/2017 05:05:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.131
registriert werden. Der Computer mit IP-Adresse 192.168.2.137 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8071 MB
Verfügbarer physikalischer RAM: 4778.29 MB
Summe virtueller Speicher: 9351 MB
Verfügbarer virtueller Speicher: 6032.93 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:475.69 GB) (Free:335.04 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: () (Removable) (Total:0.97 GB) (Free:0.21 GB) FAT
Drive e: (INTENSO) (Fixed) (Total:931.28 GB) (Free:797.7 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D0A5E542)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 96109550)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 991.5 MB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=991 MB) - (Type=04)

==================== Ende von Addition.txt ============================

AZEdeluxe · 30.04.2017, 20:17

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-04-2017
durchgeführt von Wolf-Rüdiger Kaiser (Administrator) auf THINKPAD-WRK-1 (30-04-2017 21:03:55)
Gestartet von D:\
Geladene Profile: Wolf-Rüdiger Kaiser (Verfügbare Profile: Wolf-Rüdiger Kaiser)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McT9340.tmp
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Windows\System32\nvwmi64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(PCHelp Soft) C:\Program Files (x86)\PC Cleaner\PCCSchedule.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\PELMICED.EXE
() C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelElvDm.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.662.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [Daemon for Mouse Suite] => C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [94856 2015-07-09] (Primax Electronics Ltd.)
HKLM\...\Run: [Mouse Suite 98 Daemon] => ICO.EXE
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-07] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\Run: [VLC Updater] => C:\Program Files (x86)\VLC Updater\vlc-updater.exe [360352 2016-10-07] () <===== ACHTUNG
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [371928 2016-07-17] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-04-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk [2017-04-22]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7c13c597-4095-4868-817b-a99e0f2a9cc3}: [DhcpNameServer] 172.168.127.2
Tcpip\..\Interfaces\{c5c6b6ce-1ee9-4b8e-a7df-9bff4e4d28c4}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001 -> DefaultScope {A2043012-86C9-4532-ABDE-49779FFC6F18} URL = 
SearchScopes: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001 -> {A2043012-86C9-4532-ABDE-49779FFC6F18} URL = 
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14] (Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14] (Intel Security)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14] (Intel Security)
DPF: HKLM-x32 {A6616B31-4860-41E2-98E3-CA7649AF172F} file:///D:/launch.ocx
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-28] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: j38j7yiu.default
FF ProfilePath: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Mozilla\Firefox\Profiles\j38j7yiu.default [2017-04-30]
FF Homepage: Mozilla\Firefox\Profiles\j38j7yiu.default -> google.de/
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-14]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-29] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-12-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4246772196-3469511708-1303041041-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)

Chrome: 
=======
CHR Profile: C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default [2017-04-21]
CHR Extension: (Google Präsentationen) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-11]
CHR Extension: (Google Docs) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-15]
CHR Extension: (Google Drive) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-11]
CHR Extension: (YouTube) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-15]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-11]
CHR Extension: (Google Mail) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-11]
CHR Extension: (Chrome Media Router) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-18]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-18]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0216541493019156mcinstcleanup; C:\WINDOWS\TEMP\021654~1.EXE [1030904 2017-02-09] (McAfee, Inc.)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-07-29] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-04-25] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-07] (Intel Corporation)
R2 Lenovo Instant On; C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe [3125328 2017-02-01] (Lenovo Group Limited)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-09-05] (Lenovo)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-04-18] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [994312 2017-03-13] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe [404376 2017-03-20] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1344472 2017-02-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2017-01-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [385112 2017-01-18] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343792 2017-01-18] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1551512 2017-02-26] (McAfee, Inc.)
R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3164816 2015-07-23] ()
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 PelService; C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe [184088 2015-07-09] () [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-14] (Microsoft Corporation)
S3 SSSvc; C:\Program Files (x86)\SmartSense\SSSvc.exe [119512 2015-07-23] (Lenovo)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996736 2017-04-12] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16160 2017-04-12] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86776 2017-04-12] (McAfee, Inc.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88464 2017-01-20] (McAfee, Inc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [530928 2015-07-13] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [253696 2017-01-13] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-04-21] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-04-21] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487184 2017-01-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366328 2017-01-20] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2017-01-23] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518704 2017-01-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [923640 2017-01-20] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498648 2017-01-19] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109320 2017-01-19] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110256 2017-01-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2017-01-20] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7621376 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 pelbtm; C:\WINDOWS\system32\DRIVERS\pelbtm.sys [16384 2012-06-19] (Primax Electronics Ltd.)
R1 pelmoubt; C:\WINDOWS\system32\DRIVERS\pelmoubt.sys [22528 2012-06-19] (Primax Electronics Ltd.)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-01-13] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-10-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [700008 2015-11-19] (Sunplus)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-30 21:03 - 2017-04-30 21:03 - 00000000 ____D C:\FRST
2017-04-25 16:54 - 2017-04-25 16:54 - 00257856 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2017-04-21 22:56 - 2017-04-21 22:56 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-04-21 22:48 - 2017-04-21 22:48 - 01496584 _____ C:\Users\Wolf-Rüdiger Kaiser\Downloads\HijackThis - CHIP-Installer.exe
2017-04-21 17:51 - 2017-04-21 17:52 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-21 17:51 - 2017-04-21 17:51 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-21 17:51 - 2017-04-21 17:51 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-21 17:50 - 2017-04-21 17:50 - 55566792 _____ (Malwarebytes ) C:\Users\Wolf-Rüdiger Kaiser\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-04-20 14:43 - 2017-04-20 14:43 - 02388520 _____ (SpeedCat Inc. ) C:\Users\Wolf-Rüdiger Kaiser\Downloads\speedcat.setup.exe
2017-04-20 14:12 - 2017-04-21 22:51 - 00000000 ____D C:\Program Files (x86)\PC Cleaner
2017-04-20 14:12 - 2017-04-21 14:12 - 00003404 _____ C:\WINDOWS\System32\Tasks\PC Cleaner Schedule
2017-04-20 14:12 - 2017-04-20 14:12 - 00001106 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\PC Cleaner.lnk
2017-04-20 14:12 - 2017-04-20 14:12 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\Documents\PC Cleaner
2017-04-20 14:12 - 2017-04-20 14:12 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\PC Cleaner
2017-04-20 14:12 - 2017-04-20 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner
2017-04-20 14:11 - 2017-04-20 14:12 - 05054768 _____ (PC HelpSoft ) C:\Users\Wolf-Rüdiger Kaiser\Downloads\pc-cleaner-5038.exe
2017-04-15 10:39 - 2017-04-15 10:39 - 00042803 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\Umsatzdetails_Konto543155600_EUR_15-04-2017_1032.pdf
2017-04-14 20:07 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-14 20:07 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-14 20:07 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-14 20:07 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-14 20:07 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-14 20:07 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-14 20:07 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-14 20:07 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-14 20:07 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-14 20:07 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-14 20:07 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-14 20:07 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-14 20:07 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-14 20:07 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-14 20:07 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-14 20:07 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-14 20:07 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-14 20:07 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-14 20:06 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-14 20:06 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-14 20:06 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-14 20:06 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-14 20:06 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-14 20:06 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-14 20:06 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-14 20:06 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-14 20:06 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-14 20:06 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-14 20:06 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-14 20:06 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-14 20:06 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-14 20:06 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-14 20:06 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-14 20:06 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-14 20:06 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-14 20:06 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-14 20:06 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-14 20:06 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-14 20:06 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-14 20:06 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-14 20:06 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-14 20:06 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-14 20:06 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-14 20:06 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-14 20:06 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-14 20:06 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-14 20:06 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-14 20:06 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-14 20:06 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-14 20:06 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-14 20:06 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-14 20:06 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-14 20:06 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-14 20:06 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-14 20:06 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-14 20:06 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-14 20:06 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-14 20:06 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-14 20:06 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-14 20:06 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-14 20:06 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-14 20:06 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-14 20:06 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-14 20:06 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-14 20:06 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-14 20:06 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-14 20:06 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-14 20:06 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-14 20:06 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-14 20:06 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-14 20:06 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-14 20:06 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-14 20:06 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-14 20:06 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-14 20:06 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-14 20:06 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-14 20:06 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-14 20:06 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-14 20:06 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-14 20:06 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-14 19:59 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-14 19:59 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-14 19:59 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-14 19:59 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-14 19:59 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-14 19:59 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-14 19:59 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-14 19:59 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-14 19:58 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-14 19:58 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-14 19:58 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-14 19:58 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-14 19:57 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-14 19:57 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-14 19:57 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-14 19:57 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-14 19:57 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-14 19:57 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-14 19:57 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-14 19:57 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-14 19:57 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-14 19:57 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-14 19:57 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-14 19:57 - 2017-03-28 07:41 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-04-14 19:57 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-14 19:57 - 2017-03-28 07:41 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-04-14 19:57 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-14 19:57 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-14 19:57 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-14 19:57 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-14 19:57 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-14 19:57 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-14 19:57 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-14 19:57 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-14 19:57 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-14 19:57 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-14 19:57 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-14 19:57 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-14 19:57 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-14 19:57 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-14 19:57 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-14 19:57 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-14 19:57 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-14 19:57 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-14 19:57 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-14 19:57 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-14 19:57 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-14 19:57 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-14 19:57 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-14 19:57 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-14 19:57 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-14 19:57 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-14 19:57 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-14 19:57 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-14 19:57 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-14 19:57 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-14 19:57 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-14 19:57 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-14 19:57 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-14 19:57 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-14 19:57 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-14 19:57 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-14 19:57 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-14 19:57 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-14 19:57 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-14 19:57 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-14 19:57 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-14 19:57 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-14 19:57 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-14 19:57 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-14 19:57 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-14 19:57 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-14 19:57 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-14 19:57 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-14 19:57 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-14 19:57 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-14 19:57 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-14 19:57 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-14 19:57 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-14 19:56 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-14 19:56 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-14 19:56 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-14 19:56 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-14 19:56 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-14 19:56 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-14 19:56 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-14 19:56 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-14 19:56 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-14 19:56 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-14 19:56 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-14 19:56 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-14 19:56 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-14 19:56 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-14 19:56 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-14 19:56 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-14 19:56 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-14 19:56 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-14 19:56 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-14 19:56 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-14 19:56 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-14 19:56 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-14 19:56 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-14 19:56 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-14 19:56 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-14 19:56 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-14 19:56 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-14 19:56 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-14 19:56 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-14 19:56 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-14 19:56 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-14 19:56 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-14 19:56 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-14 19:56 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-14 19:56 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-14 19:56 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-14 19:56 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-14 19:56 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-14 19:56 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-14 19:56 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-14 19:56 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-14 19:56 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-14 19:56 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-14 19:56 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-14 19:56 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-14 19:56 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-14 19:56 - 2017-03-28 07:04 - 00119808 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-14 19:55 - 2017-03-28 08:26 - 00754528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-04-14 19:55 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-14 19:55 - 2017-03-28 08:26 - 00573280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-14 19:55 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-14 19:55 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-14 19:55 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-14 19:55 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-14 19:55 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-14 19:55 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-14 19:55 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-14 19:55 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-14 19:55 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-14 19:55 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-14 19:55 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-14 19:55 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-14 19:55 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-14 19:55 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-14 19:55 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-14 19:55 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-14 19:55 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-14 19:55 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-14 19:55 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-14 19:55 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-14 19:55 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-14 19:55 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-14 19:55 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-14 19:55 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-14 19:55 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-14 19:55 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-14 19:55 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-14 19:55 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-14 19:55 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-14 19:55 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-14 19:55 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-14 19:55 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-14 19:55 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-14 19:55 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-14 19:55 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-14 19:55 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-14 19:55 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-14 19:55 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-14 19:55 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-14 19:55 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-14 19:55 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-14 19:55 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-14 19:55 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-14 19:55 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-14 19:55 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-14 19:55 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-14 19:55 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-13 10:57 - 2017-04-13 10:57 - 00000000 ____D C:\Program Files (x86)\Cisco
2017-04-12 13:53 - 2017-04-12 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-04-06 15:06 - 2017-04-06 15:06 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\LocalLow\Temp
2017-04-06 12:39 - 2017-04-06 12:39 - 00108129 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\H-65-2017 neu.pdf
2017-04-06 12:36 - 2017-04-06 12:36 - 00619124 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\OR-158-04-04-1.pdf
2017-04-03 17:28 - 2017-04-04 17:12 - 00010354 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\Gewicht.xlsx
2017-04-03 10:37 - 2017-04-03 10:37 - 00190814 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\158- Ostermond-Schlaraffiade.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-04-30 20:55 - 2016-10-14 15:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-30 20:30 - 2016-11-24 11:04 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\LocalLow\Mozilla
2017-04-30 20:25 - 2015-12-17 17:07 - 00000000 ____D C:\Rechnungen
2017-04-30 20:15 - 2016-10-14 15:25 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-04-30 20:13 - 2016-11-23 17:02 - 00025043 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-04-30 15:07 - 2016-11-28 10:29 - 00004222 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-04-30 14:50 - 2016-11-27 18:22 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B30343C5-81AC-4AE9-A5AE-3A4494A229EE}
2017-04-30 02:14 - 2017-03-27 10:45 - 00003366 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser
2017-04-30 02:14 - 2017-03-27 10:44 - 00000418 _____ C:\WINDOWS\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser.job
2017-04-30 02:11 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-28 10:15 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-28 10:12 - 2016-10-14 15:25 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 10:12 - 2016-10-14 15:25 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 00:56 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-25 10:51 - 2017-02-20 19:57 - 00001249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-04-25 10:51 - 2017-02-20 19:57 - 00001235 _____ C:\Users\Public\Desktop\True Key.lnk
2017-04-25 10:51 - 2017-02-20 19:47 - 00000000 ____D C:\Program Files\TrueKey
2017-04-24 09:32 - 2016-03-18 16:18 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-04-22 21:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-22 21:13 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-22 11:24 - 2016-10-14 15:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-22 11:24 - 2015-12-11 01:01 - 00000000 __SHD C:\Users\Wolf-Rüdiger Kaiser\IntelGraphicsProfiles
2017-04-21 22:58 - 2016-07-17 00:51 - 00788360 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-21 22:58 - 2016-07-17 00:51 - 00169712 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-21 22:58 - 2015-07-16 17:54 - 02001606 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-21 22:56 - 2015-12-12 07:24 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Downloaded Installations
2017-04-21 22:53 - 2016-10-14 15:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-21 22:53 - 2016-10-14 15:20 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser
2017-04-21 22:53 - 2016-10-14 15:18 - 00000000 ____D C:\ProgramData\Synaptics
2017-04-21 22:53 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-20 10:42 - 2016-11-18 16:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-20 10:42 - 2015-12-12 05:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-20 00:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-18 23:15 - 2016-12-17 18:08 - 00003316 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-18 23:15 - 2015-12-11 01:04 - 00002436 _____ C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-18 23:15 - 2015-12-11 01:04 - 00000000 ___RD C:\Users\Wolf-Rüdiger Kaiser\OneDrive
2017-04-18 10:27 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-18 10:27 - 2015-12-12 07:09 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-04-17 18:18 - 2016-02-24 15:34 - 00000000 ____D C:\Fritz.Rapp
2017-04-16 20:29 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-16 20:28 - 2016-10-14 15:17 - 00355048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-16 20:28 - 2015-07-16 17:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-16 20:27 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-16 20:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-16 17:29 - 2016-10-16 20:27 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\vlc
2017-04-13 15:08 - 2015-12-12 08:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-13 15:06 - 2015-12-12 08:24 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-13 10:57 - 2016-12-29 10:06 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-04-13 10:57 - 2015-12-03 11:19 - 00000000 ____D C:\ProgramData\Intel
2017-04-13 10:57 - 2015-12-03 11:19 - 00000000 ____D C:\Program Files (x86)\Intel
2017-04-13 10:56 - 2016-10-14 15:18 - 00000000 ____D C:\Program Files\Intel
2017-04-13 10:56 - 2015-12-03 10:39 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-12 14:23 - 2016-10-14 15:25 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-12 14:23 - 2015-12-17 18:38 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-12 13:53 - 2016-01-07 00:21 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-04-12 13:53 - 2016-01-01 17:06 - 00002016 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-04-11 13:36 - 2016-10-14 15:25 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-04-11 13:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-11 13:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-10 11:47 - 2015-12-03 11:22 - 00000000 ____D C:\ProgramData\McAfee
2017-04-10 10:51 - 2015-12-11 01:01 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Packages
2017-04-06 10:05 - 2016-04-10 19:51 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-06 10:05 - 2016-04-10 19:51 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-01 20:52 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-01 20:52 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-17 02:08 - 2015-12-17 02:08 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-10-14 15:18 - 2016-10-14 15:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Program Files (x86)\VLC Updater\vlc-updater.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-26 10:08

==================== Ende von FRST.txt ============================

AZEdeluxe · 30.04.2017, 20:20

TDSSKiller hat keine rotkits gefunden. Protokoll ist hier:

Teil 1

Code:

ATTFilter

21:08:10.0993 0x32e0  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:08:10.0993 0x32e0  UEFI system
21:08:47.0722 0x32e0  ============================================================
21:08:47.0722 0x32e0  Current date / time: 2017/04/30 21:08:47.0722
21:08:47.0722 0x32e0  SystemInfo:
21:08:47.0722 0x32e0  
21:08:47.0722 0x32e0  OS Version: 10.0.14393 ServicePack: 0.0
21:08:47.0722 0x32e0  Product type: Workstation
21:08:47.0722 0x32e0  ComputerName: THINKPAD-WRK-1
21:08:47.0722 0x32e0  UserName: Wolf-Rüdiger Kaiser
21:08:47.0722 0x32e0  Windows directory: C:\WINDOWS
21:08:47.0722 0x32e0  System windows directory: C:\WINDOWS
21:08:47.0722 0x32e0  Running under WOW64
21:08:47.0722 0x32e0  Processor architecture: Intel x64
21:08:47.0722 0x32e0  Number of processors: 4
21:08:47.0722 0x32e0  Page size: 0x1000
21:08:47.0722 0x32e0  Boot type: Normal boot
21:08:47.0722 0x32e0  CodeIntegrityOptions = 0x00000001
21:08:47.0722 0x32e0  ============================================================
21:08:47.0847 0x32e0  KLMD registered as C:\WINDOWS\system32\drivers\52082972.sys
21:08:47.0847 0x32e0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1066, osProperties = 0x19
21:08:48.0035 0x32e0  System UUID: {390D711A-A09A-F59D-6D0E-10F97791677C}
21:08:48.0550 0x32e0  Drive \Device\Harddisk0\DR0 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:08:48.0550 0x32e0  Drive \Device\Harddisk1\DR18 - Size: 0xE8E0DB5E00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:08:50.0916 0x32e0  Drive \Device\Harddisk2\DR19 - Size: 0x3DF80000 ( 0.97 Gb ), SectorSize: 0x200, Cylinders: 0x7E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:08:50.0916 0x32e0  ============================================================
21:08:50.0916 0x32e0  \Device\Harddisk0\DR0:
21:08:50.0916 0x32e0  GPT partitions:
21:08:50.0916 0x32e0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {BDA7AEA8-61C6-47FF-BA45-2BDF44C7D253}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
21:08:50.0916 0x32e0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {25AAAA40-7642-4192-A5C9-BF8CE6274558}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
21:08:50.0916 0x32e0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C2875017-323B-4096-9772-9825AAC65837}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x3B762800
21:08:50.0916 0x32e0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3AB2DC98-1F17-4EB4-AC76-3CF31A7B3B20}, Name: Basic data partition, StartLBA 0x3B7ED000, BlocksNum 0x1F4000
21:08:50.0916 0x32e0  MBR partitions:
21:08:50.0916 0x32e0  \Device\Harddisk1\DR18:
21:08:50.0916 0x32e0  MBR partitions:
21:08:50.0916 0x32e0  \Device\Harddisk1\DR18\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x747051C1
21:08:50.0916 0x32e0  \Device\Harddisk2\DR19:
21:08:50.0916 0x32e0  MBR partitions:
21:08:50.0916 0x32e0  \Device\Harddisk2\DR19\Partition1: MBR, Type 0x4, StartLBA 0x20, BlocksNum 0x1EFBE0
21:08:50.0916 0x32e0  ============================================================
21:08:50.0932 0x32e0  C: <-> \Device\Harddisk0\DR0\Partition3
21:08:50.0932 0x32e0  E: <-> \Device\Harddisk1\DR18\Partition1
21:08:50.0932 0x32e0  ============================================================
21:08:50.0932 0x32e0  Initialize success
21:08:50.0932 0x32e0  ============================================================
21:09:53.0657 0x223c  ============================================================
21:09:53.0657 0x223c  Scan started
21:09:53.0657 0x223c  Mode: Manual; SigCheck; TDLFS; 
21:09:53.0657 0x223c  ============================================================
21:09:53.0657 0x223c  KSN ping started
21:09:53.0829 0x223c  KSN ping finished: true
21:09:54.0423 0x223c  ================ Scan system memory ========================
21:09:54.0423 0x223c  System memory - ok
21:09:54.0423 0x223c  ================ Scan services =============================
21:09:54.0454 0x223c  0216541493019156mcinstcleanup - ok
21:09:54.0470 0x223c  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
21:09:54.0516 0x223c  1394ohci - ok
21:09:54.0548 0x223c  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
21:09:54.0563 0x223c  3ware - ok
21:09:54.0579 0x223c  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
21:09:54.0595 0x223c  ACPI - ok
21:09:54.0610 0x223c  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
21:09:54.0626 0x223c  AcpiDev - ok
21:09:54.0626 0x223c  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
21:09:54.0642 0x223c  acpiex - ok
21:09:54.0642 0x223c  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
21:09:54.0657 0x223c  acpipagr - ok
21:09:54.0657 0x223c  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
21:09:54.0673 0x223c  AcpiPmi - ok
21:09:54.0673 0x223c  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
21:09:54.0704 0x223c  acpitime - ok
21:09:54.0704 0x223c  [ 671133C0AC2D8B40B7574F69059653E9, A36CC49A0C829A5C4D6CF273791071213F5FFB57DC7022D523CFB731374FF63C ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:09:54.0720 0x223c  AdobeARMservice - ok
21:09:54.0735 0x223c  [ BE62B286791F715E430FB022C1707BBA, 7EDFF71EFB65AA895270BD83B16F390F53D98C438ADA23E780CE6200CA0449F1 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:09:54.0751 0x223c  AdobeFlashPlayerUpdateSvc - ok
21:09:54.0782 0x223c  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:09:54.0813 0x223c  ADP80XX - ok
21:09:54.0829 0x223c  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
21:09:54.0860 0x223c  AFD - ok
21:09:54.0876 0x223c  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:09:54.0891 0x223c  ahcache - ok
21:09:54.0891 0x223c  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
21:09:54.0907 0x223c  AJRouter - ok
21:09:54.0907 0x223c  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
21:09:54.0938 0x223c  ALG - ok
21:09:54.0938 0x223c  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
21:09:54.0954 0x223c  AmdK8 - ok
21:09:54.0970 0x223c  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
21:09:54.0985 0x223c  AmdPPM - ok
21:09:55.0001 0x223c  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
21:09:55.0001 0x223c  amdsata - ok
21:09:55.0016 0x223c  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
21:09:55.0032 0x223c  amdsbs - ok
21:09:55.0032 0x223c  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
21:09:55.0048 0x223c  amdxata - ok
21:09:55.0063 0x223c  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
21:09:55.0079 0x223c  AppID - ok
21:09:55.0079 0x223c  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
21:09:55.0095 0x223c  AppIDSvc - ok
21:09:55.0110 0x223c  [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
21:09:55.0126 0x223c  Appinfo - ok
21:09:55.0126 0x223c  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
21:09:55.0141 0x223c  applockerfltr - ok
21:09:55.0157 0x223c  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
21:09:55.0173 0x223c  AppMgmt - ok
21:09:55.0188 0x223c  [ 32155E028491267CF2DB6085A0B7E359, 562831841293E4849CD01992DECE39B9B3C0835DCD352994CA2E2FE1C76A7CB3 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
21:09:55.0220 0x223c  AppReadiness - ok
21:09:55.0235 0x223c  [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
21:09:55.0267 0x223c  AppVClient - ok
21:09:55.0282 0x223c  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
21:09:55.0282 0x223c  AppvStrm - ok
21:09:55.0298 0x223c  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
21:09:55.0313 0x223c  AppvVemgr - ok
21:09:55.0313 0x223c  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
21:09:55.0329 0x223c  AppvVfs - ok
21:09:55.0376 0x223c  [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
21:09:55.0454 0x223c  AppXSvc - ok
21:09:55.0454 0x223c  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
21:09:55.0470 0x223c  arcsas - ok
21:09:55.0470 0x223c  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
21:09:55.0485 0x223c  AsyncMac - ok
21:09:55.0501 0x223c  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
21:09:55.0501 0x223c  atapi - ok
21:09:55.0517 0x223c  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:09:55.0532 0x223c  AudioEndpointBuilder - ok
21:09:55.0563 0x223c  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
21:09:55.0595 0x223c  Audiosrv - ok
21:09:55.0610 0x223c  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
21:09:55.0626 0x223c  AxInstSV - ok
21:09:55.0642 0x223c  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
21:09:55.0657 0x223c  b06bdrv - ok
21:09:55.0673 0x223c  [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:09:55.0688 0x223c  BasicDisplay - ok
21:09:55.0688 0x223c  [ 2E78B31C90766FD086D2B766528E9AEA, D0D9ED8AD90E3D400DA4231AB313B4B2869930DADC3034D6FCDEA000E424F843 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
21:09:55.0704 0x223c  BasicRender - ok
21:09:55.0704 0x223c  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
21:09:55.0720 0x223c  bcmfn - ok
21:09:55.0720 0x223c  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
21:09:55.0735 0x223c  bcmfn2 - ok
21:09:55.0751 0x223c  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
21:09:55.0782 0x223c  BDESVC - ok
21:09:55.0782 0x223c  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:09:55.0798 0x223c  Beep - ok
21:09:55.0813 0x223c  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
21:09:55.0845 0x223c  BFE - ok
21:09:55.0876 0x223c  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
21:09:55.0907 0x223c  BITS - ok
21:09:55.0923 0x223c  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
21:09:55.0938 0x223c  bowser - ok
21:09:55.0954 0x223c  [ 6A15C5140B6F7D9479A32276AC2BA108, 0A8C6DB88148C6DB61226DD2FF816BDF3FED9E7A60EF17CCA17FA7D9EEC01C71 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:09:55.0985 0x223c  BrokerInfrastructure - ok
21:09:56.0001 0x223c  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
21:09:56.0017 0x223c  Browser - ok
21:09:56.0017 0x223c  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:09:56.0032 0x223c  BthAvrcpTg - ok
21:09:56.0048 0x223c  [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
21:09:56.0063 0x223c  BthEnum - ok
21:09:56.0063 0x223c  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
21:09:56.0079 0x223c  BthHFEnum - ok
21:09:56.0079 0x223c  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
21:09:56.0095 0x223c  bthhfhid - ok
21:09:56.0110 0x223c  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
21:09:56.0142 0x223c  BthHFSrv - ok
21:09:56.0142 0x223c  [ 0AB691736D4D4029444AF62DE59CFD37, C1C22EFBF67331B87AB261BBF9813009257437BA02F728EC2DFA1A49ECC5FABF ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
21:09:56.0157 0x223c  BthLEEnum - ok
21:09:56.0173 0x223c  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
21:09:56.0188 0x223c  BTHMODEM - ok
21:09:56.0188 0x223c  [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
21:09:56.0220 0x223c  BthPan - ok
21:09:56.0235 0x223c  [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
21:09:56.0282 0x223c  BTHPORT - ok
21:09:56.0282 0x223c  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
21:09:56.0298 0x223c  bthserv - ok
21:09:56.0313 0x223c  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
21:09:56.0329 0x223c  BTHUSB - ok
21:09:56.0329 0x223c  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
21:09:56.0345 0x223c  buttonconverter - ok
21:09:56.0360 0x223c  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
21:09:56.0376 0x223c  CapImg - ok
21:09:56.0376 0x223c  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:09:56.0407 0x223c  cdfs - ok
21:09:56.0407 0x223c  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
21:09:56.0438 0x223c  CDPSvc - ok
21:09:56.0454 0x223c  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
21:09:56.0470 0x223c  CDPUserSvc - ok
21:09:56.0485 0x223c  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
21:09:56.0501 0x223c  cdrom - ok
21:09:56.0501 0x223c  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
21:09:56.0532 0x223c  CertPropSvc - ok
21:09:56.0532 0x223c  [ 515FAA4CABCBB83347205119E57868C8, 8E008E87E4DD223E1F4262C08E65439D6C02894F69A1A7DD07530044A0B6CE16 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
21:09:56.0548 0x223c  cfwids - ok
21:09:56.0548 0x223c  [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
21:09:56.0563 0x223c  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
21:09:56.0751 0x223c  Detect skipped due to KSN trusted
21:09:56.0751 0x223c  chip1click - ok
21:09:56.0782 0x223c  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
21:09:56.0813 0x223c  cht4iscsi - ok
21:09:56.0860 0x223c  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
21:09:56.0907 0x223c  cht4vbd - ok
21:09:56.0923 0x223c  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
21:09:56.0938 0x223c  circlass - ok
21:09:56.0938 0x223c  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
21:09:56.0954 0x223c  CLFS - ok
21:09:57.0017 0x223c  [ 209D07A9F54C2211C4C1E387EC971C97, 02112545E31E617602ED527E9191BD819413FB3732EAD16699E0C5795F8C58B2 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
21:09:57.0079 0x223c  ClickToRunSvc - ok
21:09:57.0126 0x223c  [ 85F31D4986E81CF3E78A5E2442C8F7AF, B6E6233D63A2C3E7AF0A9BBB62799159BF96C0F0EEBBC9B523BD227CC7A746B3 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
21:09:57.0173 0x223c  ClientAnalyticsService - ok
21:09:57.0188 0x223c  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
21:09:57.0220 0x223c  ClipSVC - ok
21:09:57.0220 0x223c  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
21:09:57.0235 0x223c  clreg - ok
21:09:57.0251 0x223c  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
21:09:57.0267 0x223c  CmBatt - ok
21:09:57.0282 0x223c  [ 4289C913D7E2FE963ABB096AA99CB1F7, 49D9008C5E18F62751D2312CE4F49DFBC04ACBBFDD950F0437F35AC21318041B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
21:09:57.0298 0x223c  CNG - ok
21:09:57.0313 0x223c  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
21:09:57.0313 0x223c  cnghwassist - ok
21:09:57.0329 0x223c  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
21:09:57.0345 0x223c  CompositeBus - ok
21:09:57.0345 0x223c  COMSysApp - ok
21:09:57.0360 0x223c  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
21:09:57.0376 0x223c  condrv - ok
21:09:57.0392 0x223c  [ 9E3B10C490D860F3ED8F61FD0FD5B828, A21CB206A09053C7D9C94F2B71F53A40B3810D02A70C3D6AA0B48676BA5753BD ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
21:09:57.0407 0x223c  CoreMessagingRegistrar - ok
21:09:57.0438 0x223c  [ CFFF490F6615A17E2F73FC830F2B1E13, BCBC19445056E553219414438BA9DE6778E26DD66AA5BAE217474140EEB1DFD0 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:09:57.0454 0x223c  cphs - ok
21:09:57.0470 0x223c  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
21:09:57.0485 0x223c  CryptSvc - ok
21:09:57.0501 0x223c  [ EC2EA2F6C6D23315C20B4829F00D0440, BF1F47C3485E9112FB64F582DFA4679455203574F82A5ADB222BDA1FED1601E6 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
21:09:57.0517 0x223c  CSC - ok
21:09:57.0532 0x223c  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
21:09:57.0563 0x223c  CscService - ok
21:09:57.0579 0x223c  [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam             C:\WINDOWS\system32\drivers\dam.sys
21:09:57.0595 0x223c  dam - ok
21:09:57.0610 0x223c  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:09:57.0657 0x223c  DcomLaunch - ok
21:09:57.0657 0x223c  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
21:09:57.0688 0x223c  DcpSvc - ok
21:09:57.0704 0x223c  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
21:09:57.0735 0x223c  defragsvc - ok
21:09:57.0751 0x223c  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:09:57.0767 0x223c  DeviceAssociationService - ok
21:09:57.0782 0x223c  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
21:09:57.0798 0x223c  DeviceInstall - ok
21:09:57.0813 0x223c  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
21:09:57.0813 0x223c  DevQueryBroker - ok
21:09:57.0829 0x223c  [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
21:09:57.0845 0x223c  Dfsc - ok
21:09:57.0860 0x223c  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
21:09:57.0876 0x223c  Dhcp - ok
21:09:57.0892 0x223c  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
21:09:57.0907 0x223c  diagnosticshub.standardcollector.service - ok
21:09:57.0938 0x223c  [ EE32B36EA7CBD9BBA26B137C84943E23, BD5DDA2DEAF2D2CF6B24AED81C3EDBFECF6402A7B6A5D49FEDF334FF03CACB86 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
21:09:58.0017 0x223c  DiagTrack - ok
21:09:58.0017 0x223c  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
21:09:58.0032 0x223c  disk - ok
21:09:58.0048 0x223c  [ A1D7F926ABE7895D18467FF9A5EE7FC7, 2922C92D31EA50A126594967D325B21936432D1BB9C941416989B6848DF890E2 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
21:09:58.0063 0x223c  DmEnrollmentSvc - ok
21:09:58.0079 0x223c  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
21:09:58.0079 0x223c  dmvsc - ok
21:09:58.0095 0x223c  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
21:09:58.0110 0x223c  dmwappushservice - ok
21:09:58.0126 0x223c  [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:09:58.0142 0x223c  Dnscache - ok
21:09:58.0157 0x223c  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:09:58.0173 0x223c  dot3svc - ok
21:09:58.0173 0x223c  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
21:09:58.0188 0x223c  DPS - ok
21:09:58.0204 0x223c  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
21:09:58.0204 0x223c  drmkaud - ok
21:09:58.0220 0x223c  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
21:09:58.0235 0x223c  DsmSvc - ok
21:09:58.0251 0x223c  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
21:09:58.0267 0x223c  DsSvc - ok
21:09:58.0298 0x223c  [ 2DD9CF863320D5EDEA3ED9B8ED280BB0, CC35571FBA2E6E617CF93F778351ED3B3EA16F0B301C5433E94AD328E6EEA0FF ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:09:58.0360 0x223c  DXGKrnl - ok
21:09:58.0376 0x223c  [ 43272EB461C0905269520104D6A061BE, 0C756B8873BD7D95DEF7D49330892D31EE73CCB5C3C6DD26F1CBA37D55F4F62B ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
21:09:58.0392 0x223c  e1dexpress - ok
21:09:58.0407 0x223c  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:09:58.0423 0x223c  EapHost - ok
21:09:58.0485 0x223c  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
21:09:58.0563 0x223c  ebdrv - ok
21:09:58.0579 0x223c  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
21:09:58.0579 0x223c  EFS - ok
21:09:58.0595 0x223c  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
21:09:58.0595 0x223c  EhStorClass - ok
21:09:58.0610 0x223c  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:09:58.0626 0x223c  EhStorTcgDrv - ok
21:09:58.0626 0x223c  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
21:09:58.0642 0x223c  embeddedmode - ok
21:09:58.0657 0x223c  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
21:09:58.0673 0x223c  EntAppSvc - ok
21:09:58.0688 0x223c  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
21:09:58.0688 0x223c  ErrDev - ok
21:09:58.0720 0x223c  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
21:09:58.0735 0x223c  EventSystem - ok
21:09:58.0751 0x223c  [ 30FBA772B6963ADA4DE738FC8977611B, A8D3BFA43CE547765CDB475BC88E7153DA4A4215CC577EDFF8DA0AC1B025F654 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:09:58.0767 0x223c  EvtEng - ok
21:09:58.0782 0x223c  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
21:09:58.0798 0x223c  exfat - ok
21:09:58.0813 0x223c  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
21:09:58.0829 0x223c  fastfat - ok
21:09:58.0845 0x223c  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
21:09:58.0876 0x223c  Fax - ok
21:09:58.0892 0x223c  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
21:09:58.0907 0x223c  fdc - ok
21:09:58.0907 0x223c  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
21:09:58.0923 0x223c  fdPHost - ok
21:09:58.0923 0x223c  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
21:09:58.0954 0x223c  FDResPub - ok
21:09:58.0954 0x223c  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
21:09:58.0970 0x223c  fhsvc - ok
21:09:58.0985 0x223c  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
21:09:58.0985 0x223c  FileCrypt - ok
21:09:59.0001 0x223c  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
21:09:59.0017 0x223c  FileInfo - ok
21:09:59.0017 0x223c  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
21:09:59.0032 0x223c  Filetrace - ok
21:09:59.0048 0x223c  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
21:09:59.0048 0x223c  flpydisk - ok
21:09:59.0063 0x223c  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:09:59.0079 0x223c  FltMgr - ok
21:09:59.0126 0x223c  [ 2E193D24CE8460A9C703D0F193192BEF, CD95928BC240D556DFEA265A09A655FFE157A36D2230CD10BBAD4CA15CB98412 ] FontCache       C:\WINDOWS\system32\FntCache.dll
21:09:59.0173 0x223c  FontCache - ok
21:09:59.0188 0x223c  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:09:59.0204 0x223c  FontCache3.0.0.0 - ok
21:09:59.0220 0x223c  [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
21:09:59.0251 0x223c  FrameServer - ok
21:09:59.0251 0x223c  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
21:09:59.0267 0x223c  FsDepends - ok
21:09:59.0267 0x223c  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:09:59.0282 0x223c  Fs_Rec - ok
21:09:59.0298 0x223c  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:09:59.0329 0x223c  fvevol - ok
21:09:59.0329 0x223c  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
21:09:59.0345 0x223c  gencounter - ok
21:09:59.0345 0x223c  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
21:09:59.0360 0x223c  genericusbfn - ok
21:09:59.0376 0x223c  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:09:59.0392 0x223c  GPIOClx0101 - ok
21:09:59.0423 0x223c  [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
21:09:59.0470 0x223c  gpsvc - ok
21:09:59.0470 0x223c  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
21:09:59.0485 0x223c  GpuEnergyDrv - ok
21:09:59.0501 0x223c  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:09:59.0501 0x223c  gupdate - ok
21:09:59.0517 0x223c  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:09:59.0517 0x223c  gupdatem - ok
21:09:59.0532 0x223c  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
21:09:59.0548 0x223c  HDAudBus - ok
21:09:59.0548 0x223c  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
21:09:59.0563 0x223c  HidBatt - ok
21:09:59.0563 0x223c  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
21:09:59.0579 0x223c  HidBth - ok
21:09:59.0579 0x223c  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
21:09:59.0595 0x223c  hidi2c - ok
21:09:59.0610 0x223c  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
21:09:59.0610 0x223c  hidinterrupt - ok
21:09:59.0626 0x223c  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
21:09:59.0642 0x223c  HidIr - ok
21:09:59.0642 0x223c  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
21:09:59.0657 0x223c  hidserv - ok
21:09:59.0657 0x223c  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
21:09:59.0673 0x223c  HidUsb - ok
21:09:59.0688 0x223c  [ 7829E439EBDDDB0FEFD6DEBCEE6B09AD, FF6BB82CE0C21513E407FF465C768805CF202A7B4040140A944A0413875BEC37 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
21:09:59.0704 0x223c  HipShieldK - ok
21:09:59.0704 0x223c  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:09:59.0720 0x223c  HomeGroupListener - ok
21:09:59.0735 0x223c  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:09:59.0767 0x223c  HomeGroupProvider - ok
21:09:59.0782 0x223c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:09:59.0798 0x223c  HomeNetSvc - ok
21:09:59.0813 0x223c  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
21:09:59.0829 0x223c  HpSAMD - ok
21:09:59.0829 0x223c  [ 91ADA2CF99A0C28A231763E033FD6F98, 80F6ABD22D018EBF5AC3FD5BEE941962B29B1517EACE0C7730C00D7DE17CEFAC ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
21:09:59.0845 0x223c  HPSupportSolutionsFrameworkService - ok
21:09:59.0860 0x223c  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
21:09:59.0892 0x223c  HTTP - ok
21:09:59.0907 0x223c  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
21:09:59.0923 0x223c  HvHost - ok
21:09:59.0923 0x223c  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
21:09:59.0938 0x223c  hvservice - ok
21:09:59.0938 0x223c  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
21:09:59.0954 0x223c  hwpolicy - ok
21:09:59.0954 0x223c  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
21:09:59.0970 0x223c  hyperkbd - ok
21:09:59.0970 0x223c  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
21:09:59.0985 0x223c  i8042prt - ok
21:10:00.0001 0x223c  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
21:10:00.0017 0x223c  iagpio - ok
21:10:00.0017 0x223c  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
21:10:00.0032 0x223c  iai2c - ok
21:10:00.0048 0x223c  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
21:10:00.0063 0x223c  iaLPSS2i_GPIO2 - ok
21:10:00.0063 0x223c  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
21:10:00.0079 0x223c  iaLPSS2i_I2C - ok
21:10:00.0079 0x223c  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:10:00.0095 0x223c  iaLPSSi_GPIO - ok
21:10:00.0095 0x223c  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:10:00.0110 0x223c  iaLPSSi_I2C - ok
21:10:00.0142 0x223c  [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
21:10:00.0173 0x223c  iaStorA - ok
21:10:00.0188 0x223c  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
21:10:00.0220 0x223c  iaStorAV - ok
21:10:00.0235 0x223c  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
21:10:00.0251 0x223c  iaStorV - ok
21:10:00.0267 0x223c  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
21:10:00.0282 0x223c  ibbus - ok
21:10:00.0298 0x223c  [ 053DFE4E6324B828C16CB6F5B9F20790, 17347896126DE49C570D2AC025F2A4BB8250B67ECD6A6D31B80EBD9423799F0B ] IBMPMDRV        C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
21:10:00.0298 0x223c  IBMPMDRV - ok
21:10:00.0313 0x223c  [ D84EF85ED4F2044784A44C211A27D065, FA18EA57507353DC3DB18F840F0499D7874AC055E3190E4D76DB9AA1021FC674 ] IBMPMSVC        C:\WINDOWS\system32\ibmpmsvc.exe
21:10:00.0313 0x223c  IBMPMSVC - ok
21:10:00.0313 0x223c  ibtsiva - ok
21:10:00.0329 0x223c  [ 8A89BCB5CEA759E552C6A663E176E2CB, DFDC44AD43C21259AD939D4D1852B9AE57FDC4741E8E64CEB0BD13FA2629C026 ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
21:10:00.0345 0x223c  ibtusb - ok
21:10:00.0345 0x223c  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
21:10:00.0376 0x223c  icssvc - ok
21:10:00.0470 0x223c  [ 6FFC445E0D38C3C880125F2C201C9BC6, 488A427239B55394359751FCB8CBAEA8E2AE1CB2AE03C04590E7B8C80EF3F709 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:10:00.0610 0x223c  igfx - ok
21:10:00.0626 0x223c  [ 5ED1C5B5238B085643D8C4C59E0D3CF1, 3E7580B2A8B47EAC250030420251FE2A34C4B8D2B7C4D0536E64E197CA42F7CB ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:10:00.0642 0x223c  igfxCUIService2.0.0.0 - ok
21:10:00.0673 0x223c  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
21:10:00.0704 0x223c  IKEEXT - ok
21:10:00.0720 0x223c  [ FAA36F3AA6737D85636D835273729805, 6CB5877EBC4AF1E44C39028CA6E0D296481221CF1AB3661AB82549BBC0BE22F0 ] ImControllerService C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
21:10:00.0720 0x223c  ImControllerService - ok
21:10:00.0720 0x223c  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
21:10:00.0735 0x223c  IndirectKmd - ok
21:10:00.0751 0x223c  InstallerService - ok
21:10:00.0829 0x223c  [ 7BEEEA8EE522F23365D76C1373DE2279, AF300943982387165EF475DB4950D0DDF50B37FD73B83995783A1A9E751ACF45 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:10:00.0923 0x223c  IntcAzAudAddService - ok
21:10:00.0954 0x223c  [ 42777B7BE4946135578E5C3BC1D2E4AD, CE4FF334238D0A98139676420E770A42DC0F5567F49D618B56CD55417F556D05 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:10:00.0970 0x223c  IntcDAud - ok
21:10:00.0985 0x223c  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:10:01.0017 0x223c  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:10:01.0017 0x223c  [ 72586E6D6DD4144D0C4CBD9D2653BBED, 3EE3CBB98D7A2CEEC92A86D5D2F49733BB1FD42F45CDE8973B71022E57093BBA ] IntelHSWPcc     C:\WINDOWS\system32\drivers\IntelPcc.sys
21:10:01.0032 0x223c  IntelHSWPcc - ok
21:10:01.0032 0x223c  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
21:10:01.0048 0x223c  intelide - ok
21:10:01.0048 0x223c  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
21:10:01.0063 0x223c  intelpep - ok
21:10:01.0063 0x223c  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
21:10:01.0095 0x223c  intelppm - ok
21:10:01.0095 0x223c  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
21:10:01.0110 0x223c  iorate - ok
21:10:01.0110 0x223c  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:10:01.0126 0x223c  IpFilterDriver - ok
21:10:01.0142 0x223c  [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
21:10:01.0188 0x223c  iphlpsvc - ok
21:10:01.0188 0x223c  [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:10:01.0204 0x223c  IPMIDRV - ok
21:10:01.0220 0x223c  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
21:10:01.0235 0x223c  IPNAT - ok
21:10:01.0235 0x223c  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
21:10:01.0251 0x223c  irda - ok
21:10:01.0267 0x223c  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
21:10:01.0282 0x223c  IRENUM - ok
21:10:01.0282 0x223c  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
21:10:01.0298 0x223c  irmon - ok
21:10:01.0298 0x223c  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
21:10:01.0313 0x223c  isapnp - ok
21:10:01.0313 0x223c  [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
21:10:01.0329 0x223c  iScsiPrt - ok
21:10:01.0345 0x223c  [ 832F7C2747F04D1294AEF46A2CE5B63B, ABAECEFCAD9B526C3D98681A874966B924EB99AF61CDFAC6D5E767BE2FAF6CFA ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:10:01.0360 0x223c  jhi_service - ok
21:10:01.0360 0x223c  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
21:10:01.0376 0x223c  kbdclass - ok
21:10:01.0376 0x223c  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
21:10:01.0392 0x223c  kbdhid - ok
21:10:01.0392 0x223c  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
21:10:01.0407 0x223c  kdnic - ok
21:10:01.0423 0x223c  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
21:10:01.0423 0x223c  KeyIso - ok
21:10:01.0438 0x223c  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
21:10:01.0454 0x223c  KSecDD - ok
21:10:01.0454 0x223c  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:10:01.0470 0x223c  KSecPkg - ok
21:10:01.0470 0x223c  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
21:10:01.0485 0x223c  ksthunk - ok
21:10:01.0501 0x223c  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
21:10:01.0532 0x223c  KtmRm - ok
21:10:01.0548 0x223c  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
21:10:01.0563 0x223c  LanmanServer - ok
21:10:01.0579 0x223c  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:10:01.0595 0x223c  LanmanWorkstation - ok
21:10:01.0657 0x223c  [ D33A44F6591075DB9B03807CF7DE9E0A, C14639CE2D7AAD1985F58CFB50C5AA525855CBC8A389D81EE555F5229438C694 ] Lenovo Instant On C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
21:10:01.0720 0x223c  Lenovo Instant On - ok
21:10:01.0735 0x223c  [ C8A237FF3FD137C30B9B1FF60078A3D2, FBAFA27AC680DAABB5D3A9C1E8CF2E4FFD97020E0848CB8D4D78E8D5CE8F5111 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
21:10:01.0735 0x223c  LENOVO.MICMUTE - ok
21:10:01.0735 0x223c  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
21:10:01.0751 0x223c  lfsvc - ok
21:10:01.0767 0x223c  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
21:10:01.0782 0x223c  LicenseManager - ok
21:10:01.0782 0x223c  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
21:10:01.0798 0x223c  lltdio - ok
21:10:01.0813 0x223c  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
21:10:01.0829 0x223c  lltdsvc - ok
21:10:01.0829 0x223c  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
21:10:01.0845 0x223c  lmhosts - ok
21:10:01.0860 0x223c  [ 76BC5705E1F838E32451ECF14518B1C8, 3F664723DCF6C07BDB3287184175F60DD7B4A85B0480800ECBE065730E2DA5F5 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:10:01.0876 0x223c  LMS - ok
21:10:01.0892 0x223c  [ 67569B50D28182AE1B21C46815CE58D0, 8332604147643BB151DB035F97A611B0D935DA6778266D9913BC945D5789EF87 ] LPlatSvc        C:\WINDOWS\system32\LPlatSvc.exe
21:10:01.0907 0x223c  LPlatSvc - ok
21:10:01.0923 0x223c  [ 2D2075DDCEA5DFF7F30EB3C1470F84E8, 24E0C7B9A7D85E5A0AE1993973A76920F2363612115E716F5EBF7E83DEBEB79F ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
21:10:01.0938 0x223c  LSCWinService - ok
21:10:01.0938 0x223c  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
21:10:01.0954 0x223c  LSI_SAS - ok
21:10:01.0970 0x223c  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
21:10:01.0970 0x223c  LSI_SAS2i - ok
21:10:01.0985 0x223c  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
21:10:01.0985 0x223c  LSI_SAS3i - ok
21:10:02.0001 0x223c  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
21:10:02.0017 0x223c  LSI_SSS - ok
21:10:02.0032 0x223c  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\WINDOWS\System32\lsm.dll
21:10:02.0063 0x223c  LSM - ok
21:10:02.0063 0x223c  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
21:10:02.0095 0x223c  luafv - ok
21:10:02.0095 0x223c  [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
21:10:02.0110 0x223c  MapsBroker - ok
21:10:02.0110 0x223c  [ BDE2FC7213C0897524C1357BAAE30239, 1E1AB68145107429217E07A662477C86406E0188BE9F01CAC416AC13054D1A5E ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:10:02.0126 0x223c  MBAMSwissArmy - ok
21:10:02.0142 0x223c  [ D6067E2128F6AE309F9F39EE69DE85A0, 9D172FF4CA5AED9FB7CAE8E75151A25AC34251202C4ECF563535C0DD2500AC3A ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
21:10:02.0142 0x223c  MBAMWebProtection - ok
21:10:02.0157 0x223c  [ 0382A6E46EA4C79B25005E6597159C27, 0587839138301092C12323A7CF9E3E0A9BB1FBB0AAA97409145D0BCA77F89749 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
21:10:02.0157 0x223c  McAfee SiteAdvisor Service - ok
21:10:02.0188 0x223c  [ 11D9A803DE0F825C59F3D4F17BD73A6E, FCD675CEE0B0CFFDF1A60251E1D753F7DB08223DCFCC107765EED7163FF2CFBD ] McAPExe         C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
21:10:02.0220 0x223c  McAPExe - ok
21:10:02.0235 0x223c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:10:02.0251 0x223c  McBootDelayStartSvc - ok
21:10:02.0267 0x223c  [ 2DEA4C70C15EE67CE0C297459350A0C0, 3FA172D80E0C6C1F3360B66BFA88305DE210BF54ED87CA48605539FC0679B2D8 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe
21:10:02.0282 0x223c  McComponentHostService - ok
21:10:02.0313 0x223c  [ 01B9FF6FA5F8605AE92695C1393CD833, A89709A51FE311CBACE1BFC28492C101E7F2D613481248F815D3FA0DB6900C29 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe
21:10:02.0376 0x223c  mccspsvc - ok
21:10:02.0392 0x223c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:10:02.0407 0x223c  McMPFSvc - ok
21:10:02.0423 0x223c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:10:02.0454 0x223c  McNaiAnn - ok
21:10:02.0470 0x223c  [ D4AD64832DF34E2C7916088D75B20152, F74E1049EB9ACD8BFDCB88669781E4655B4555E4F699BA57CD641F9058E6A139 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
21:10:02.0501 0x223c  McODS - ok
21:10:02.0517 0x223c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:10:02.0548 0x223c  mcpltsvc - ok
21:10:02.0563 0x223c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:10:02.0579 0x223c  McProxy - ok
21:10:02.0579 0x223c  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
21:10:02.0595 0x223c  megasas - ok
21:10:02.0595 0x223c  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
21:10:02.0610 0x223c  megasas2i - ok
21:10:02.0626 0x223c  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
21:10:02.0642 0x223c  megasr - ok
21:10:02.0657 0x223c  [ C0CBCF18B6F105109566E837461333B7, B2B89D57C1373C6EF4E8C7C4B5AE40AA5596C0B672DB753AC42AC87D56433964 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
21:10:02.0673 0x223c  MEIx64 - ok
21:10:02.0673 0x223c  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
21:10:02.0688 0x223c  MessagingService - ok
21:10:02.0704 0x223c  [ 5FBBB352A34904A4A374C3EB62A09F15, 6EBA43181E8EBAE8A82145CDA17434903B720BA73F9D4297FB28F96C122E40B8 ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
21:10:02.0720 0x223c  mfeaack - ok
21:10:02.0735 0x223c  [ D65406A780E64B5E6C48A06C8F2439A6, 3AA3BB5A3EA5798BE2DBDC3B3355F4F9F04CEC565F834DD8FB6A419A2DDAC53A ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
21:10:02.0751 0x223c  mfeavfk - ok
21:10:02.0751 0x223c  [ F64C5922E34CD0C786F7C8117A023F13, FCB51448366EB9E896205086F04A98479D94D2586D84D680241F123CB2653005 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
21:10:02.0767 0x223c  mfeelamk - ok
21:10:02.0782 0x223c  [ 4EAFB984E9533263B7D2F0C20DA822C1, EE60B94B632690FF9CFC423C7F0D28EE2EAB375430F7E59EBDB12D415763F6FB ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:10:02.0782 0x223c  mfefire - ok
21:10:02.0798 0x223c  [ 6ABC14D586E9DCCFF37988D0EC6B1345, DC40223FEF0CD2D1F5EB1CA6D67E8C889FCDC8AB2EE44508BD2C51070A50CA71 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
21:10:02.0813 0x223c  mfefirek - ok
21:10:02.0845 0x223c  [ 37914975BD1A752161A6A68D6755BD98, A05BC57CD14520862AFE77C79AB6642EA6E442B8DFB8D1626FF238FEF6FFFFA5 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
21:10:02.0860 0x223c  mfehidk - ok
21:10:02.0876 0x223c  [ 39B7315698B6F19BC14F2D538EF72981, E94663052849F0A6593C17F5412F1FC21174C225173866B335E534DB4539A8A2 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
21:10:02.0892 0x223c  mfemms - ok
21:10:02.0907 0x223c  [ 4306C4FA3551B1E6725B07BD4EF6EC02, 9B3DE12CDFA2FB33D39B08346279052D150B489B2696A9C4A637983A7F45EA11 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
21:10:02.0907 0x223c  mfencbdc - ok
21:10:02.0923 0x223c  [ 79404EA7FFB82C9426A06CC97DE8E83B, E1BAA3B92A5C91DA7B6E6BCB02EC8DA23F5AEB52C8BCA9052323B7462B7BD6DB ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
21:10:02.0938 0x223c  mfencrk - ok
21:10:02.0938 0x223c  [ 3A2C7251E0F4992AFA2E7636F045B723, 722FE227A18106673FA7E78B1F7B42285F7E016EEBDF75983C842A53DDEF62CC ] mfeplk          C:\WINDOWS\system32\drivers\mfeplk.sys
21:10:02.0938 0x223c  mfeplk - ok
21:10:02.0954 0x223c  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
21:10:02.0954 0x223c  mfesapsn - ok
21:10:02.0970 0x223c  [ 43DB4E36146D076EBD7B864162C8C242, 3A84F17D3FCC9D3E481032A452D0984668AE286FCD9379A4204C1AD048A4BA6A ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
21:10:02.0985 0x223c  mfevtp - ok
21:10:03.0001 0x223c  [ 0143C30546864E43EB507AFBF2DC9E58, E09C4CFE0364805C522D355900FF7BDA1A6FFF5EDCAB094DA52AC9D90FB5D826 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
21:10:03.0001 0x223c  mfewfpk - ok
21:10:03.0032 0x223c  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
21:10:03.0048 0x223c  mlx4_bus - ok
21:10:03.0063 0x223c  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS

AZEdeluxe · 30.04.2017, 20:21

Teil 2

Code:

ATTFilter

C:\WINDOWS\system32\drivers\mmcss.sys
21:10:03.0079 0x223c  MMCSS - ok
21:10:03.0079 0x223c  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\WINDOWS\system32\drivers\modem.sys
21:10:03.0095 0x223c  Modem - ok
21:10:03.0126 0x223c  [ DB131FDDEE1C581E9926C6E24485F9EC, F1AAA3DF7DB458F05B96358C0E30DAA456F3E92D085E68D81A4E0302E4D900FA ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
21:10:03.0173 0x223c  ModuleCoreService - ok
21:10:03.0173 0x223c  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
21:10:03.0188 0x223c  monitor - ok
21:10:03.0204 0x223c  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
21:10:03.0204 0x223c  mouclass - ok
21:10:03.0220 0x223c  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
21:10:03.0235 0x223c  mouhid - ok
21:10:03.0235 0x223c  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
21:10:03.0251 0x223c  mountmgr - ok
21:10:03.0267 0x223c  [ 4235B16E8C2E277EECB9BFD4579C428E, BCACE6E4D61E5C8A3BA417A361121A5B2F2B3D6E103B005C3F5738D4915B5FF4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:10:03.0267 0x223c  MozillaMaintenance - ok
21:10:03.0282 0x223c  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
21:10:03.0298 0x223c  mpsdrv - ok
21:10:03.0313 0x223c  [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
21:10:03.0345 0x223c  MpsSvc - ok
21:10:03.0360 0x223c  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
21:10:03.0376 0x223c  MRxDAV - ok
21:10:03.0392 0x223c  [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:10:03.0407 0x223c  mrxsmb - ok
21:10:03.0423 0x223c  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:10:03.0438 0x223c  mrxsmb10 - ok
21:10:03.0454 0x223c  [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:10:03.0470 0x223c  mrxsmb20 - ok
21:10:03.0470 0x223c  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
21:10:03.0485 0x223c  MsBridge - ok
21:10:03.0485 0x223c  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
21:10:03.0517 0x223c  MSDTC - ok
21:10:03.0517 0x223c  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:10:03.0532 0x223c  Msfs - ok
21:10:03.0532 0x223c  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:10:03.0548 0x223c  msgpiowin32 - ok
21:10:03.0548 0x223c  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:10:03.0563 0x223c  mshidkmdf - ok
21:10:03.0579 0x223c  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
21:10:03.0595 0x223c  mshidumdf - ok
21:10:03.0595 0x223c  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
21:10:03.0610 0x223c  msisadrv - ok
21:10:03.0610 0x223c  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
21:10:03.0626 0x223c  MSiSCSI - ok
21:10:03.0626 0x223c  msiserver - ok
21:10:03.0657 0x223c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:10:03.0673 0x223c  MSK80Service - ok
21:10:03.0673 0x223c  [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
21:10:03.0688 0x223c  MSKSSRV - ok
21:10:03.0704 0x223c  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
21:10:03.0720 0x223c  MsLldp - ok
21:10:03.0720 0x223c  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
21:10:03.0735 0x223c  MSPCLOCK - ok
21:10:03.0735 0x223c  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
21:10:03.0767 0x223c  MSPQM - ok
21:10:03.0782 0x223c  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
21:10:03.0798 0x223c  MsRPC - ok
21:10:03.0813 0x223c  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
21:10:03.0829 0x223c  MsSecFlt - ok
21:10:03.0829 0x223c  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
21:10:03.0845 0x223c  mssmbios - ok
21:10:03.0845 0x223c  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
21:10:03.0860 0x223c  MSTEE - ok
21:10:03.0860 0x223c  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
21:10:03.0892 0x223c  MTConfig - ok
21:10:03.0892 0x223c  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
21:10:03.0907 0x223c  Mup - ok
21:10:03.0907 0x223c  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
21:10:03.0923 0x223c  mvumis - ok
21:10:03.0938 0x223c  [ BC7747F959BBA12C1ACD1BD483B9DC91, 81562A3CCF35A770A0562A576834A34E16AC730C061038A544768439E4B29102 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:10:03.0938 0x223c  MyWiFiDHCPDNS - ok
21:10:03.0970 0x223c  [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:10:03.0985 0x223c  NativeWifiP - ok
21:10:04.0001 0x223c  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
21:10:04.0017 0x223c  NcaSvc - ok
21:10:04.0032 0x223c  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
21:10:04.0048 0x223c  NcbService - ok
21:10:04.0063 0x223c  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
21:10:04.0095 0x223c  NcdAutoSetup - ok
21:10:04.0095 0x223c  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
21:10:04.0110 0x223c  ndfltr - ok
21:10:04.0142 0x223c  [ 63560E6BC9BCA978A6B72DF65F7A8930, 278AAB22ED6001E7E336EFC027073EDA727A3D333FF2576D087C92F8E6D768B2 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
21:10:04.0173 0x223c  NDIS - ok
21:10:04.0173 0x223c  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
21:10:04.0188 0x223c  NdisCap - ok
21:10:04.0204 0x223c  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
21:10:04.0220 0x223c  NdisImPlatform - ok
21:10:04.0220 0x223c  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:10:04.0235 0x223c  NdisTapi - ok
21:10:04.0251 0x223c  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
21:10:04.0267 0x223c  Ndisuio - ok
21:10:04.0267 0x223c  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:10:04.0282 0x223c  NdisVirtualBus - ok
21:10:04.0298 0x223c  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
21:10:04.0313 0x223c  NdisWan - ok
21:10:04.0329 0x223c  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:10:04.0360 0x223c  ndiswanlegacy - ok
21:10:04.0360 0x223c  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
21:10:04.0376 0x223c  ndproxy - ok
21:10:04.0392 0x223c  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
21:10:04.0407 0x223c  Ndu - ok
21:10:04.0423 0x223c  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
21:10:04.0438 0x223c  NetAdapterCx - ok
21:10:04.0438 0x223c  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
21:10:04.0454 0x223c  NetBIOS - ok
21:10:04.0470 0x223c  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:10:04.0485 0x223c  NetBT - ok
21:10:04.0485 0x223c  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:10:04.0501 0x223c  Netlogon - ok
21:10:04.0517 0x223c  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
21:10:04.0532 0x223c  Netman - ok
21:10:04.0548 0x223c  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
21:10:04.0579 0x223c  netprofm - ok
21:10:04.0579 0x223c  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
21:10:04.0610 0x223c  NetSetupSvc - ok
21:10:04.0610 0x223c  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:10:04.0626 0x223c  NetTcpPortSharing - ok
21:10:04.0688 0x223c  [ 0F76FA3A3F8D169B1CA6F54DC7561CD5, F6C49E5D4F627FD539670DFCBC20C69F627A90CBA473873640D4DD378EE34ED5 ] NETwNe64        C:\WINDOWS\System32\drivers\NETwew01.sys
21:10:04.0751 0x223c  NETwNe64 - ok
21:10:04.0876 0x223c  [ BE245E11B7046D89F3E28086F006B0F7, D16C3230B88F35F4644D528A7D578BD69556A4FAC0D46F05306D2007D5DA5586 ] Netwtw04        C:\WINDOWS\System32\drivers\Netwtw04.sys
21:10:05.0017 0x223c  Netwtw04 - ok
21:10:05.0048 0x223c  [ E79E364AF827EB1F141BE000ABB8727D, 96218EB8B7C9E0F614AB9EAEAEC41BD4DB0E9EFE5C1D87EC749B9CB71653CEB1 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
21:10:05.0079 0x223c  NgcCtnrSvc - ok
21:10:05.0110 0x223c  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
21:10:05.0142 0x223c  NgcSvc - ok
21:10:05.0157 0x223c  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
21:10:05.0173 0x223c  NlaSvc - ok
21:10:05.0189 0x223c  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:10:05.0204 0x223c  Npfs - ok
21:10:05.0204 0x223c  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
21:10:05.0220 0x223c  npsvctrig - ok
21:10:05.0220 0x223c  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
21:10:05.0235 0x223c  nsi - ok
21:10:05.0235 0x223c  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
21:10:05.0251 0x223c  nsiproxy - ok
21:10:05.0298 0x223c  [ 98BBD81DC481E9D58EEB31C81EBDEFF5, 28FAAFCB90721C557C37D18533681C274428BC97AB3C3AAFCC75212074E9F2CA ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
21:10:05.0360 0x223c  NTFS - ok
21:10:05.0376 0x223c  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:10:05.0376 0x223c  Null - ok
21:10:05.0610 0x223c  [ 60328FA27CB565D708CACAC8206037FB, 6D3A4B1B593428CA9F6EB2607C3F5A60DFEB92F4F437956FD916DF6B3B8E27FD ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys
21:10:05.0860 0x223c  nvlddmkm - ok
21:10:05.0876 0x223c  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
21:10:05.0892 0x223c  nvraid - ok
21:10:05.0907 0x223c  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
21:10:05.0923 0x223c  nvstor - ok
21:10:05.0939 0x223c  [ 85397430F424516BF8300FAAEF929366, 2EDF41407C7483AC8E4703BC0A13F764563E4B00D6923FD4678E6E361AC14D6B ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
21:10:05.0985 0x223c  nvsvc - ok
21:10:06.0032 0x223c  [ 6FC08E86B58F2F0B3CBBF2341EDC6761, 2038CDD1617B7563C0C542C7D95CD8A410E14B02BAB5993A857F22FCEA11F2F2 ] NVWMI           C:\Windows\system32\nvwmi64.exe
21:10:06.0095 0x223c  NVWMI - ok
21:10:06.0110 0x223c  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
21:10:06.0126 0x223c  OneSyncSvc - ok
21:10:06.0142 0x223c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:10:06.0157 0x223c  ose - ok
21:10:06.0173 0x223c  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
21:10:06.0189 0x223c  p2pimsvc - ok
21:10:06.0204 0x223c  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
21:10:06.0235 0x223c  p2psvc - ok
21:10:06.0235 0x223c  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
21:10:06.0251 0x223c  Parport - ok
21:10:06.0267 0x223c  [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
21:10:06.0267 0x223c  partmgr - ok
21:10:06.0282 0x223c  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
21:10:06.0314 0x223c  PcaSvc - ok
21:10:06.0314 0x223c  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci             C:\WINDOWS\system32\drivers\pci.sys
21:10:06.0345 0x223c  pci - ok
21:10:06.0345 0x223c  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
21:10:06.0360 0x223c  pciide - ok
21:10:06.0360 0x223c  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
21:10:06.0376 0x223c  pcmcia - ok
21:10:06.0376 0x223c  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
21:10:06.0392 0x223c  pcw - ok
21:10:06.0392 0x223c  [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
21:10:06.0407 0x223c  pdc - ok
21:10:06.0423 0x223c  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
21:10:06.0470 0x223c  PEAUTH - ok
21:10:06.0532 0x223c  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
21:10:06.0595 0x223c  PeerDistSvc - ok
21:10:06.0610 0x223c  [ 028362370BEEBADACC881E3D4956E236, D641E431F8B41218E92C0F02A3FE9897B09E116AC8222DC0E7C4994BC0CEEA2F ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
21:10:06.0642 0x223c  PEFService - ok
21:10:06.0657 0x223c  [ F82E16FF000D9A514A71AE5A2C19BB86, E90E664DD04913FFAA6E49D5703C316DFCBEC030C59112B1623F564BAE415F4D ] pelbtm          C:\WINDOWS\system32\DRIVERS\pelbtm.sys
21:10:06.0673 0x223c  pelbtm - ok
21:10:06.0673 0x223c  [ 26B7929870C50506D76BC2A7523B3F2F, 4560613909272BB8E89A598063E2E8A28CB0250F303DE5C881C4E704A3EBA1BB ] pelmoubt        C:\WINDOWS\system32\DRIVERS\pelmoubt.sys
21:10:06.0689 0x223c  pelmoubt - ok
21:10:06.0689 0x223c  [ DE071E03E7E0506B2DAB0738E632F04E, DB34F44251DCE7CD5A479551E03B8EB1C8202F5C1749AEB834E4B959877C4852 ] PelService      C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
21:10:06.0704 0x223c  PelService - detected UnsignedFile.Multi.Generic ( 1 )
21:10:06.0892 0x223c  Detect skipped due to KSN trusted
21:10:06.0892 0x223c  PelService - ok
21:10:06.0907 0x223c  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
21:10:06.0954 0x223c  percsas2i - ok
21:10:06.0970 0x223c  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
21:10:06.0985 0x223c  percsas3i - ok
21:10:07.0001 0x223c  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
21:10:07.0017 0x223c  PerfHost - ok
21:10:07.0048 0x223c  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
21:10:07.0079 0x223c  PhoneSvc - ok
21:10:07.0095 0x223c  [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
21:10:07.0110 0x223c  PimIndexMaintenanceSvc - ok
21:10:07.0142 0x223c  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
21:10:07.0189 0x223c  pla - ok
21:10:07.0204 0x223c  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
21:10:07.0220 0x223c  PlugPlay - ok
21:10:07.0235 0x223c  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
21:10:07.0251 0x223c  PNRPAutoReg - ok
21:10:07.0251 0x223c  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
21:10:07.0282 0x223c  PNRPsvc - ok
21:10:07.0298 0x223c  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
21:10:07.0314 0x223c  PolicyAgent - ok
21:10:07.0329 0x223c  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
21:10:07.0345 0x223c  Power - ok
21:10:07.0360 0x223c  [ C7A04AB4D94E1A1A1EFC2559E75AA649, 0325BAB7BC760D6018491CCD68BF26C5E8A502124A1144FB528B4684090AA881 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
21:10:07.0360 0x223c  Power Manager DBC Service - ok
21:10:07.0376 0x223c  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
21:10:07.0392 0x223c  PptpMiniport - ok
21:10:07.0454 0x223c  [ 12ECCDB0C865A8CB805BABAD5A54EF41, B6E709C692EDDC2308A6944DE1ABA13155FC52905DC572C0008BCC97B3889771 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:10:07.0548 0x223c  PrintNotify - ok
21:10:07.0579 0x223c  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
21:10:07.0579 0x223c  Processor - ok
21:10:07.0595 0x223c  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
21:10:07.0626 0x223c  ProfSvc - ok
21:10:07.0626 0x223c  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
21:10:07.0642 0x223c  Psched - ok
21:10:07.0657 0x223c  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
21:10:07.0673 0x223c  QWAVE - ok
21:10:07.0673 0x223c  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
21:10:07.0689 0x223c  QWAVEdrv - ok
21:10:07.0704 0x223c  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:10:07.0704 0x223c  RasAcd - ok
21:10:07.0720 0x223c  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
21:10:07.0735 0x223c  RasAgileVpn - ok
21:10:07.0735 0x223c  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:10:07.0751 0x223c  RasAuto - ok
21:10:07.0767 0x223c  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
21:10:07.0782 0x223c  Rasl2tp - ok
21:10:07.0798 0x223c  [ 989DBF4805124A31610947E502501696, BCB73879AEC0588D0BFAB915D1F6EB637333A24D2030ED6572B3A3C03865AE93 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:10:07.0829 0x223c  RasMan - ok
21:10:07.0845 0x223c  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:10:07.0860 0x223c  RasPppoe - ok
21:10:07.0860 0x223c  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
21:10:07.0876 0x223c  RasSstp - ok
21:10:07.0892 0x223c  [ 6132B142C5A1FA4C05F06FE43DE5E55E, CCF64C9A778501635B8B5E20BB617D39D0298329FD6911DC125FC8B31FEFEDE1 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:10:07.0907 0x223c  rdbss - ok
21:10:07.0923 0x223c  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
21:10:07.0939 0x223c  rdpbus - ok
21:10:07.0939 0x223c  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
21:10:07.0970 0x223c  RDPDR - ok
21:10:07.0970 0x223c  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:10:07.0985 0x223c  RdpVideoMiniport - ok
21:10:08.0001 0x223c  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
21:10:08.0017 0x223c  rdyboost - ok
21:10:08.0032 0x223c  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
21:10:08.0064 0x223c  ReFSv1 - ok
21:10:08.0079 0x223c  [ F08ACE6EF11929E95C624D76E2CFD676, 81A1B4AF6BC1ACFBE16192FAEF55435C4791E49383E765C881B40F1984A3654A ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:10:08.0079 0x223c  RegSrvc - ok
21:10:08.0095 0x223c  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:10:08.0126 0x223c  RemoteAccess - ok
21:10:08.0126 0x223c  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:10:08.0157 0x223c  RemoteRegistry - ok
21:10:08.0173 0x223c  [ 62EC862859B3C6F2B7815466DF24207A, 90A108CB4E58102498F8554D2789C1F3AE505350F640F083373DD07736076554 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
21:10:08.0204 0x223c  RetailDemo - ok
21:10:08.0204 0x223c  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
21:10:08.0220 0x223c  RFCOMM - ok
21:10:08.0235 0x223c  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
21:10:08.0251 0x223c  RmSvc - ok
21:10:08.0251 0x223c  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
21:10:08.0267 0x223c  RpcEptMapper - ok
21:10:08.0282 0x223c  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:10:08.0298 0x223c  RpcLocator - ok
21:10:08.0314 0x223c  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:10:08.0345 0x223c  RpcSs - ok
21:10:08.0360 0x223c  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
21:10:08.0376 0x223c  rspndr - ok
21:10:08.0392 0x223c  [ 390594592126D5EBE0C98C0A3094096E, 2E64DBC294F8DA9059A1BF2917D6DA687FB886257DA6889835F305EDDA1DF3D8 ] RTSPER          C:\WINDOWS\system32\DRIVERS\RtsPer.sys
21:10:08.0407 0x223c  RTSPER - ok
21:10:08.0423 0x223c  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
21:10:08.0423 0x223c  s3cap - ok
21:10:08.0439 0x223c  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:10:08.0439 0x223c  SamSs - ok
21:10:08.0454 0x223c  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
21:10:08.0470 0x223c  sbp2port - ok
21:10:08.0470 0x223c  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
21:10:08.0501 0x223c  SCardSvr - ok
21:10:08.0501 0x223c  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
21:10:08.0517 0x223c  ScDeviceEnum - ok
21:10:08.0532 0x223c  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:10:08.0548 0x223c  scfilter - ok
21:10:08.0564 0x223c  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:10:08.0610 0x223c  Schedule - ok
21:10:08.0610 0x223c  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
21:10:08.0626 0x223c  scmbus - ok
21:10:08.0642 0x223c  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
21:10:08.0657 0x223c  scmdisk0101 - ok
21:10:08.0657 0x223c  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
21:10:08.0673 0x223c  SCPolicySvc - ok
21:10:08.0689 0x223c  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
21:10:08.0704 0x223c  sdbus - ok
21:10:08.0720 0x223c  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
21:10:08.0735 0x223c  SDRSVC - ok
21:10:08.0735 0x223c  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
21:10:08.0751 0x223c  sdstor - ok
21:10:08.0751 0x223c  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
21:10:08.0767 0x223c  seclogon - ok
21:10:08.0782 0x223c  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
21:10:08.0782 0x223c  SENS - ok
21:10:08.0798 0x223c  Sense - ok
21:10:08.0814 0x223c  [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
21:10:08.0876 0x223c  SensorDataService - ok
21:10:08.0876 0x223c  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
21:10:08.0907 0x223c  SensorService - ok
21:10:08.0923 0x223c  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
21:10:08.0939 0x223c  SensrSvc - ok
21:10:08.0954 0x223c  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
21:10:08.0970 0x223c  SerCx - ok
21:10:08.0970 0x223c  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
21:10:08.0985 0x223c  SerCx2 - ok
21:10:09.0001 0x223c  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
21:10:09.0001 0x223c  Serenum - ok
21:10:09.0017 0x223c  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
21:10:09.0032 0x223c  Serial - ok
21:10:09.0032 0x223c  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
21:10:09.0048 0x223c  sermouse - ok
21:10:09.0064 0x223c  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
21:10:09.0079 0x223c  SessionEnv - ok
21:10:09.0095 0x223c  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
21:10:09.0110 0x223c  sfloppy - ok
21:10:09.0126 0x223c  [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:10:09.0142 0x223c  SharedAccess - ok
21:10:09.0157 0x223c  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:10:09.0204 0x223c  ShellHWDetection - ok
21:10:09.0204 0x223c  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
21:10:09.0220 0x223c  shpamsvc - ok
21:10:09.0235 0x223c  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:10:09.0251 0x223c  SiSRaid2 - ok
21:10:09.0251 0x223c  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
21:10:09.0267 0x223c  SiSRaid4 - ok
21:10:09.0267 0x223c  [ C4C7316E98CFBC3F0CDAEE6968D7B9DC, 176AF4E9866E4FBB01DAB80A72BA0FE1A9AF6C55B3BF30032F5EB2F8D25EF5F3 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
21:10:09.0282 0x223c  SmbDrvI - ok
21:10:09.0282 0x223c  [ A02AFDFB748D0A638A09DC4B5E47B240, E14BFA930A2F04012144B475DA9A565431F804DF0BA2B7595C43BB48EFBA4883 ] SMIDriver       C:\WINDOWS\system32\DRIVERS\smi.sys
21:10:09.0298 0x223c  SMIDriver - ok
21:10:09.0298 0x223c  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
21:10:09.0314 0x223c  smphost - ok
21:10:09.0329 0x223c  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
21:10:09.0360 0x223c  SmsRouter - ok
21:10:09.0376 0x223c  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
21:10:09.0392 0x223c  SNMPTRAP - ok
21:10:09.0407 0x223c  [ 8BDB9E47D84144110F05AB757E630374, 8A49004895B8AD17C877AA8E7B6A0F14936BDDCBB88F0E5FB880DD0D816AEAB4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
21:10:09.0423 0x223c  spaceport - ok
21:10:09.0423 0x223c  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
21:10:09.0439 0x223c  SpbCx - ok
21:10:09.0454 0x223c  [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
21:10:09.0501 0x223c  Spooler - ok
21:10:09.0595 0x223c  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
21:10:09.0720 0x223c  sppsvc - ok
21:10:09.0751 0x223c  [ E9D2B247A1F945C3EBA571CFD25F1BA1, BD24DF02E1CE782E62BDEF6177B962AA25CAE711FF28BF6701C20AD6F4F49576 ] SPUVCbv         C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys
21:10:09.0782 0x223c  SPUVCbv - ok
21:10:09.0782 0x223c  [ FD3C05C412BE1C9FA477AD9CF9B2AADB, 19BEF5B3A0DAF8227200C2294547A497021F0B2558211345BFFFD13678522592 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:10:09.0814 0x223c  srv - ok
21:10:09.0829 0x223c  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
21:10:09.0860 0x223c  srv2 - ok
21:10:09.0876 0x223c  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:10:09.0892 0x223c  srvnet - ok
21:10:09.0892 0x223c  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:10:09.0923 0x223c  SSDPSRV - ok
21:10:09.0923 0x223c  [ 102EF9C0773427CA793EBBA93A825496, D3EA40338862F5809244D24D509BD9BFB673381922E9CEC23AA9AE0C2E6E8993 ] SSSvc           C:\Program Files (x86)\SmartSense\SSSvc.exe
21:10:09.0939 0x223c  SSSvc - ok
21:10:09.0939 0x223c  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
21:10:09.0954 0x223c  SstpSvc - ok
21:10:10.0032 0x223c  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
21:10:10.0157 0x223c  StateRepository - ok
21:10:10.0157 0x223c  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
21:10:10.0173 0x223c  stexstor - ok
21:10:10.0173 0x223c  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
21:10:10.0189 0x223c  StillCam - ok
21:10:10.0204 0x223c  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
21:10:10.0251 0x223c  stisvc - ok
21:10:10.0251 0x223c  [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
21:10:10.0267 0x223c  storahci - ok
21:10:10.0267 0x223c  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
21:10:10.0282 0x223c  storflt - ok
21:10:10.0298 0x223c  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
21:10:10.0298 0x223c  stornvme - ok
21:10:10.0314 0x223c  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
21:10:10.0314 0x223c  storqosflt - ok
21:10:10.0329 0x223c  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
21:10:10.0360 0x223c  StorSvc - ok
21:10:10.0360 0x223c  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
21:10:10.0376 0x223c  storufs - ok
21:10:10.0376 0x223c  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
21:10:10.0392 0x223c  storvsc - ok
21:10:10.0392 0x223c  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
21:10:10.0407 0x223c  svsvc - ok
21:10:10.0423 0x223c  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
21:10:10.0423 0x223c  swenum - ok
21:10:10.0439 0x223c  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
21:10:10.0470 0x223c  swprv - ok
21:10:10.0470 0x223c  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
21:10:10.0485 0x223c  Synth3dVsc - ok
21:10:10.0501 0x223c  [ 6F02CE00CF9B10E134FA659F9D1353E8, 26616F8CCA9E67066EC02B477BE838023AB1307D7D7DA26ED14C065E0F4AA5B2 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:10:10.0517 0x223c  SynTP - ok
21:10:10.0532 0x223c  [ 6CDAAEB36655B8963081C0E11BBBEE02, 3766074C780B95CA54A40FF075C08DEC3A46CECF42C1E047F3FA78C27783ED73 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
21:10:10.0548 0x223c  SynTPEnhService - ok
21:10:10.0564 0x223c  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
21:10:10.0610 0x223c  SysMain - ok
21:10:10.0626 0x223c  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:10:10.0642 0x223c  SystemEventsBroker - ok
21:10:10.0657 0x223c  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:10:10.0673 0x223c  TabletInputService - ok
21:10:10.0689 0x223c  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:10:10.0704 0x223c  TapiSrv - ok
21:10:10.0751 0x223c  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
21:10:10.0814 0x223c  Tcpip - ok
21:10:10.0860 0x223c  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
21:10:10.0923 0x223c  Tcpip6 - ok
21:10:10.0939 0x223c  [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
21:10:10.0954 0x223c  tcpipreg - ok
21:10:10.0954 0x223c  [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
21:10:10.0970 0x223c  tdx - ok
21:10:10.0970 0x223c  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
21:10:10.0985 0x223c  terminpt - ok
21:10:11.0001 0x223c  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
21:10:11.0048 0x223c  TermService - ok
21:10:11.0048 0x223c  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
21:10:11.0079 0x223c  Themes - ok
21:10:11.0079 0x223c  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
21:10:11.0110 0x223c  TieringEngineService - ok
21:10:11.0126 0x223c  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
21:10:11.0157 0x223c  tiledatamodelsvc - ok
21:10:11.0173 0x223c  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
21:10:11.0189 0x223c  TimeBrokerSvc - ok
21:10:11.0204 0x223c  [ D0257ACADEF049358FBFB2ADE6F14A47, 07DDF944AD395C2412F4C5FB01056671EC2246A284D00BE9B3541DD0BEE60451 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
21:10:11.0204 0x223c  TPHKLOAD - ok
21:10:11.0220 0x223c  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
21:10:11.0235 0x223c  TPM - ok
21:10:11.0235 0x223c  [ 8ECC5302575EA6A27B04F5C258CE963F, E8B11D4D4F6790C2BD73909BD9C9C2BD37E74DD133D353770D957D1A0007FA0F ] TPPWRIF         C:\WINDOWS\system32\drivers\Tppwr64v.sys
21:10:11.0251 0x223c  TPPWRIF - ok
21:10:11.0251 0x223c  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
21:10:11.0282 0x223c  TrkWks - ok
21:10:11.0298 0x223c  [ 46241B8294603FF8BBF6044254FD06EF, 1D2EDCC8221B998C45734E059DA3637259F35803F499CE76C61629845139DFC1 ] TrueKey         C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
21:10:11.0329 0x223c  TrueKey - ok
21:10:11.0329 0x223c  [ C4F4CF2E6AB074886861C80ED38A4AC5, 1B995B9CD5E7570398932B0DC67AB169C3551C415D8B55FC3431DB3EA037A627 ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
21:10:11.0345 0x223c  TrueKeyScheduler - ok
21:10:11.0345 0x223c  [ 6C5509D6E39941C0C7E8F45C2C52AAA6, 24C94E176A6919BFE3D0B13EE44BD1CB7E50A45BA6C7787D9981F1509DFB2066 ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
21:10:11.0345 0x223c  TrueKeyServiceHelper - ok
21:10:11.0360 0x223c  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:10:11.0376 0x223c  TrustedInstaller - ok
21:10:11.0376 0x223c  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
21:10:11.0392 0x223c  tsusbflt - ok
21:10:11.0407 0x223c  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:10:11.0423 0x223c  TsUsbGD - ok
21:10:11.0423 0x223c  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
21:10:11.0439 0x223c  tsusbhub - ok
21:10:11.0454 0x223c  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
21:10:11.0470 0x223c  tunnel - ok
21:10:11.0470 0x223c  [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
21:10:11.0485 0x223c  tzautoupdate - ok
21:10:11.0501 0x223c  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
21:10:11.0517 0x223c  UASPStor - ok
21:10:11.0517 0x223c  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
21:10:11.0532 0x223c  UcmCx0101 - ok
21:10:11.0532 0x223c  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
21:10:11.0564 0x223c  UcmTcpciCx0101 - ok
21:10:11.0564 0x223c  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
21:10:11.0579 0x223c  UcmUcsi - ok
21:10:11.0579 0x223c  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
21:10:11.0595 0x223c  Ucx01000 - ok
21:10:11.0610 0x223c  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
21:10:11.0626 0x223c  UdeCx - ok
21:10:11.0642 0x223c  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
21:10:11.0657 0x223c  udfs - ok
21:10:11.0673 0x223c  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
21:10:11.0673 0x223c  UEFI - ok
21:10:11.0689 0x223c  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
21:10:11.0689 0x223c  UevAgentDriver - ok
21:10:11.0720 0x223c  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
21:10:11.0767 0x223c  UevAgentService - ok
21:10:11.0782 0x223c  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
21:10:11.0798 0x223c  Ufx01000 - ok
21:10:11.0798 0x223c  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
21:10:11.0814 0x223c  UfxChipidea - ok
21:10:11.0814 0x223c  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
21:10:11.0829 0x223c  ufxsynopsys - ok
21:10:11.0845 0x223c  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
21:10:11.0860 0x223c  UI0Detect - ok
21:10:11.0860 0x223c  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
21:10:11.0876 0x223c  umbus - ok
21:10:11.0892 0x223c  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
21:10:11.0892 0x223c  UmPass - ok
21:10:11.0907 0x223c  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
21:10:11.0923 0x223c  UmRdpService - ok
21:10:11.0954 0x223c  [ 4B956444AF2A352366CF59C3A4A87C64, B5FFAF5908DCF78DDA27EA1ABF2AFDD2BDD43FFC0259D847A7107B1597E22BD6 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
21:10:12.0001 0x223c  UnistoreSvc - ok
21:10:12.0017 0x223c  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:10:12.0048 0x223c  upnphost - ok
21:10:12.0048 0x223c  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
21:10:12.0064 0x223c  UrsChipidea - ok
21:10:12.0079 0x223c  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
21:10:12.0079 0x223c  UrsCx01000 - ok
21:10:12.0095 0x223c  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
21:10:12.0095 0x223c  UrsSynopsys - ok
21:10:12.0110 0x223c  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
21:10:12.0126 0x223c  usbccgp - ok
21:10:12.0126 0x223c  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
21:10:12.0142 0x223c  usbcir - ok
21:10:12.0142 0x223c  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
21:10:12.0157 0x223c  usbehci - ok
21:10:12.0173 0x223c  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
21:10:12.0189 0x223c  usbhub - ok
21:10:12.0204 0x223c  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
21:10:12.0235 0x223c  USBHUB3 - ok
21:10:12.0235 0x223c  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
21:10:12.0251 0x223c  usbohci - ok
21:10:12.0251 0x223c  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
21:10:12.0267 0x223c  usbprint - ok
21:10:12.0282 0x223c  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
21:10:12.0298 0x223c  usbser - ok
21:10:12.0298 0x223c  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:10:12.0314 0x223c  USBSTOR - ok
21:10:12.0329 0x223c  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
21:10:12.0329 0x223c  usbuhci - ok
21:10:12.0345 0x223c  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:10:12.0360 0x223c  USBXHCI - ok
21:10:12.0392 0x223c  [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
21:10:12.0439 0x223c  UserDataSvc - ok
21:10:12.0470 0x223c  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
21:10:12.0517 0x223c  UserManager - ok
21:10:12.0532 0x223c  [ B0116A4304D08362EE75948BA38B76EA, 1175CA5F9281BA15ED35AFE94F13AE9080595CB16CF5B4B8C843CD22703F26D1 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
21:10:12.0564 0x223c  UsoSvc - ok
21:10:12.0564 0x223c  [ D46604714C0BE35D0298514B2E4A7B34, 3EEFF41D198C92CC4CD8974C6575839D89A2139B64C8B08D10FB516660A2F7BD ] valWBFPolicyService C:\WINDOWS\system32\valWBFPolicyService.exe
21:10:12.0579 0x223c  valWBFPolicyService - ok
21:10:12.0579 0x223c  [ 151F02D8A7E5CB7765E7C2BA5B0AD1D4, B7A3D233046510FEC6866020490B14B3A544BFC82A14D457FBD6D821E20635D5 ] valWbioSyncSvc  C:\WINDOWS\system32\valWbioSyncSvc.exe
21:10:12.0595 0x223c  valWbioSyncSvc - ok
21:10:12.0610 0x223c  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
21:10:12.0610 0x223c  VaultSvc - ok
21:10:12.0626 0x223c  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
21:10:12.0626 0x223c  vdrvroot - ok
21:10:12.0642 0x223c  [ 2C5D96D0BB7EDEF9F2F8966A31007CCE, A8FB02E9E1B8ED5F2026534360C229DA7FC11BA209DE9C3222C65D0A9652FD3C ] vds             C:\WINDOWS\System32\vds.exe
21:10:12.0673 0x223c  vds - ok
21:10:12.0689 0x223c  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
21:10:12.0704 0x223c  VerifierExt - ok
21:10:12.0720 0x223c  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
21:10:12.0751 0x223c  vhdmp - ok
21:10:12.0751 0x223c  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
21:10:12.0767 0x223c  vhf - ok
21:10:12.0782 0x223c  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
21:10:12.0782 0x223c  vmbus - ok
21:10:12.0798 0x223c  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
21:10:12.0814 0x223c  VMBusHID - ok
21:10:12.0814 0x223c  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
21:10:12.0829 0x223c  vmgid - ok
21:10:12.0845 0x223c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
21:10:12.0860 0x223c  vmicguestinterface - ok
21:10:12.0876 0x223c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
21:10:12.0907 0x223c  vmicheartbeat - ok
21:10:12.0907 0x223c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
21:10:12.0939 0x223c  vmickvpexchange - ok
21:10:12.0939 0x223c  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
21:10:12.0970 0x223c  vmicrdv - ok
21:10:12.0970 0x223c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
21:10:13.0001 0x223c  vmicshutdown - ok
21:10:13.0001 0x223c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
21:10:13.0032 0x223c  vmictimesync - ok
21:10:13.0032 0x223c  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
21:10:13.0064 0x223c  vmicvmsession - ok
21:10:13.0064 0x223c  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
21:10:13.0095 0x223c  vmicvss - ok
21:10:13.0095 0x223c  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
21:10:13.0111 0x223c  volmgr - ok
21:10:13.0111 0x223c  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
21:10:13.0142 0x223c  volmgrx - ok
21:10:13.0142 0x223c  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
21:10:13.0173 0x223c  volsnap - ok
21:10:13.0173 0x223c  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
21:10:13.0189 0x223c  volume - ok
21:10:13.0189 0x223c  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
21:10:13.0204 0x223c  vpci - ok
21:10:13.0220 0x223c  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
21:10:13.0235 0x223c  vsmraid - ok
21:10:13.0251 0x223c  [ 6DBB20053A67EFE5D8114CE93D12BEB3, B48997FADA4A600FEBFE36B249684E9CAF01570BAD36ED1FC9DA99F2D100638E ] VSS             C:\WINDOWS\system32\vssvc.exe
21:10:13.0314 0x223c  VSS - ok
21:10:13.0329 0x223c  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
21:10:13.0345 0x223c  VSTXRAID - ok
21:10:13.0345 0x223c  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
21:10:13.0360 0x223c  vwifibus - ok
21:10:13.0360 0x223c  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
21:10:13.0376 0x223c  vwififlt - ok
21:10:13.0392 0x223c  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
21:10:13.0392 0x223c  vwifimp - ok
21:10:13.0407 0x223c  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
21:10:13.0439 0x223c  W32Time - ok
21:10:13.0454 0x223c  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
21:10:13.0470 0x223c  WacomPen - ok
21:10:13.0485 0x223c  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
21:10:13.0501 0x223c  WalletService - ok
21:10:13.0517 0x223c  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:10:13.0532 0x223c  wanarp - ok
21:10:13.0548 0x223c  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:10:13.0564 0x223c  wanarpv6 - ok
21:10:13.0595 0x223c  [ 68CC5E83B6F220F5BD7B5BC394917505, 24A793E1293608D1D1DB9396627DBF5FE66C9EFD1D49CCCD832CF1762B4E0E7D ] wbengine        C:\WINDOWS\system32\wbengine.exe
21:10:13.0657 0x223c  wbengine - ok
21:10:13.0673 0x223c  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
21:10:13.0720 0x223c  WbioSrvc - ok
21:10:13.0720 0x223c  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
21:10:13.0735 0x223c  wcifs - ok
21:10:13.0751 0x223c  [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
21:10:13.0782 0x223c  Wcmsvc - ok
21:10:13.0798 0x223c  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
21:10:13.0829 0x223c  wcncsvc - ok
21:10:13.0829 0x223c  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
21:10:13.0845 0x223c  wcnfs - ok
21:10:13.0860 0x223c  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
21:10:13.0860 0x223c  WdBoot - ok
21:10:13.0892 0x223c  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
21:10:13.0907 0x223c  Wdf01000 - ok
21:10:13.0923 0x223c  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
21:10:13.0939 0x223c  WdFilter - ok
21:10:13.0954 0x223c  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
21:10:13.0970 0x223c  WdiServiceHost - ok
21:10:13.0970 0x223c  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
21:10:14.0001 0x223c  WdiSystemHost - ok
21:10:14.0017 0x223c  [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
21:10:14.0048 0x223c  wdiwifi - ok
21:10:14.0048 0x223c  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:10:14.0064 0x223c  WdNisDrv - ok
21:10:14.0064 0x223c  WdNisSvc - ok
21:10:14.0079 0x223c  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:10:14.0095 0x223c  WebClient - ok
21:10:14.0110 0x223c  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
21:10:14.0126 0x223c  Wecsvc - ok
21:10:14.0142 0x223c  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
21:10:14.0157 0x223c  WEPHOSTSVC - ok
21:10:14.0173 0x223c  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
21:10:14.0189 0x223c  wercplsupport - ok
21:10:14.0204 0x223c  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
21:10:14.0220 0x223c  WerSvc - ok
21:10:14.0220 0x223c  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
21:10:14.0236 0x223c  WFPLWFS - ok
21:10:14.0251 0x223c  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
21:10:14.0267 0x223c  WiaRpc - ok
21:10:14.0267 0x223c  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
21:10:14.0282 0x223c  WIMMount - ok
21:10:14.0282 0x223c  WinDefend - ok
21:10:14.0298 0x223c  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
21:10:14.0298 0x223c  WindowsTrustedRT - ok
21:10:14.0314 0x223c  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
21:10:14.0314 0x223c  WindowsTrustedRTProxy - ok
21:10:14.0345 0x223c  [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:10:14.0376 0x223c  WinHttpAutoProxySvc - ok
21:10:14.0376 0x223c  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
21:10:14.0392 0x223c  WinMad - ok
21:10:14.0407 0x223c  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:10:14.0423 0x223c  Winmgmt - ok
21:10:14.0470 0x223c  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
21:10:14.0564 0x223c  WinRM - ok
21:10:14.0579 0x223c  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
21:10:14.0579 0x223c  WINUSB - ok
21:10:14.0595 0x223c  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
21:10:14.0611 0x223c  WinVerbs - ok
21:10:14.0626 0x223c  [ EC80E34789681E01D3F1508EC2E13CB3, 584A043D7C58B71B8577A0B7F14BFFEFD6111B7167EE580E6E3EF395BA4059D2 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
21:10:14.0642 0x223c  wisvc - ok
21:10:14.0689 0x223c  [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
21:10:14.0767 0x223c  WlanSvc - ok
21:10:14.0814 0x223c  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
21:10:14.0876 0x223c  wlidsvc - ok
21:10:14.0892 0x223c  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
21:10:14.0907 0x223c  WmiAcpi - ok
21:10:14.0907 0x223c  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:10:14.0923 0x223c  wmiApSrv - ok
21:10:14.0939 0x223c  WMPNetworkSvc - ok
21:10:14.0939 0x223c  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
21:10:14.0954 0x223c  Wof - ok
21:10:15.0001 0x223c  [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
21:10:15.0064 0x223c  workfolderssvc - ok
21:10:15.0079 0x223c  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
21:10:15.0095 0x223c  WPDBusEnum - ok
21:10:15.0095 0x223c  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:10:15.0111 0x223c  WpdUpFltr - ok
21:10:15.0126 0x223c  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
21:10:15.0142 0x223c  WpnService - ok
21:10:15.0142 0x223c  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
21:10:15.0157 0x223c  WpnUserService - ok
21:10:15.0173 0x223c  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:10:15.0189 0x223c  ws2ifsl - ok
21:10:15.0189 0x223c  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
21:10:15.0204 0x223c  wscsvc - ok
21:10:15.0220 0x223c  WSearch - ok
21:10:15.0267 0x223c  [ FC02797FC7910AC4F4A1D366D3584171, 868075A94239086D38C946B9B7F33CA53A17AF91BC442C145C39B30DFA62F36F ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
21:10:15.0329 0x223c  wuauserv - ok
21:10:15.0345 0x223c  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
21:10:15.0361 0x223c  WudfPf - ok
21:10:15.0376 0x223c  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:10:15.0392 0x223c  WUDFRd - ok
21:10:15.0392 0x223c  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
21:10:15.0407 0x223c  wudfsvc - ok
21:10:15.0423 0x223c  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:10:15.0439 0x223c  WUDFWpdFs - ok
21:10:15.0454 0x223c  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:10:15.0486 0x223c  WUDFWpdMtp - ok
21:10:15.0501 0x223c  [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
21:10:15.0548 0x223c  WwanSvc - ok
21:10:15.0579 0x223c  [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
21:10:15.0611 0x223c  XblAuthManager - ok
21:10:15.0642 0x223c  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
21:10:15.0689 0x223c  XblGameSave - ok
21:10:15.0704 0x223c  [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
21:10:15.0736 0x223c  xboxgip - ok
21:10:15.0751 0x223c  [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
21:10:15.0798 0x223c  XboxNetApiSvc - ok
21:10:15.0798 0x223c  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
21:10:15.0814 0x223c  xinputhid - ok
21:10:15.0892 0x223c  [ D071942124D71F26546B8B11774EB867, 2496760FFB97D5CEB2AF5D91490DDE630C0BD723F0C7488BCC7247490F11FF34 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:10:15.0970 0x223c  ZeroConfigService - ok
21:10:15.0970 0x223c  ================ Scan global ===============================
21:10:15.0986 0x223c  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
21:10:15.0986 0x223c  [ 0690445DD89A6498945E0FECC1689A45, ED11E144FCEDED7EF8ABEFC0B558312047AA7A2F37BFECEC14D5A44179130F70 ] C:\WINDOWS\system32\winsrv.dll
21:10:16.0001 0x223c  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
21:10:16.0001 0x223c  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
21:10:16.0017 0x223c  [ Global ] - ok
21:10:16.0017 0x223c  ================ Scan MBR ==================================
21:10:16.0017 0x223c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:10:16.0032 0x223c  \Device\Harddisk0\DR0 - ok
21:10:18.0391 0x223c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR18
21:10:18.0641 0x223c  \Device\Harddisk1\DR18 - ok
21:10:18.0709 0x223c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR19
21:10:18.0819 0x223c  \Device\Harddisk2\DR19 - ok
21:10:18.0819 0x223c  ================ Scan VBR ==================================
21:10:18.0834 0x223c  [ B357130C511E3E17009F280720F5B06D ] \Device\Harddisk0\DR0\Partition1
21:10:18.0834 0x223c  \Device\Harddisk0\DR0\Partition1 - ok
21:10:18.0834 0x223c  [ 5C55F69837D722577E02BA0796293D65 ] \Device\Harddisk0\DR0\Partition2
21:10:18.0834 0x223c  \Device\Harddisk0\DR0\Partition2 - ok
21:10:18.0850 0x223c  [ 3BA6F4C357647B2B20BA03390ED127D4 ] \Device\Harddisk0\DR0\Partition3
21:10:18.0865 0x223c  \Device\Harddisk0\DR0\Partition3 - ok
21:10:18.0881 0x223c  [ FA62EBB5BCD21BB3EB32652A180358B4 ] \Device\Harddisk0\DR0\Partition4
21:10:18.0881 0x223c  \Device\Harddisk0\DR0\Partition4 - ok
21:10:18.0881 0x223c  [ 98BE4E5FCBC0647E804AE74A1AAEF0AC ] \Device\Harddisk1\DR18\Partition1
21:10:18.0881 0x223c  \Device\Harddisk1\DR18\Partition1 - ok
21:10:18.0897 0x223c  [ 1B62F9CA47D67D472FFB77A0855E5F69 ] \Device\Harddisk2\DR19\Partition1
21:10:18.0897 0x223c  \Device\Harddisk2\DR19\Partition1 - ok
21:10:18.0897 0x223c  ================ Scan generic autorun ======================
21:10:18.0959 0x223c  [ 2DC2C370F785AD5B2717A205238B03E2, 50D002FF269741855986179D4B9D5A820C04E881B624AFEF0B76E80A68930F3D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:10:19.0006 0x223c  NvBackend - ok
21:10:19.0022 0x223c  [ DA1315067B1AC3FDBA379DC0F61F4AC3, B77EF5D833C8D372A2742A366BB62F6405BE9A6D571AF8938AC7E8C1DE3E16A3 ] C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE
21:10:19.0022 0x223c  Daemon for Mouse Suite - ok
21:10:19.0022 0x223c  Mouse Suite 98 Daemon - ok
21:10:19.0037 0x223c  [ D176870973EAE8BA430B8AE8078F11AD, DEC8510EC92C8BAB1B8C885E85413825D99E1A32090EC84D07041ADEA830C7CC ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
21:10:19.0037 0x223c  IMSS - ok
21:10:19.0053 0x223c  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
21:10:19.0053 0x223c  HP Software Update - ok
21:10:19.0256 0x223c  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:10:19.0412 0x223c  OneDriveSetup - ok
21:10:19.0569 0x223c  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:10:19.0725 0x223c  OneDriveSetup - ok
21:10:19.0772 0x223c  [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:10:19.0803 0x223c  OneDrive - ok
21:10:19.0865 0x223c  [ 7EB63F65BEE6FA0B12F763B4C5DEFB83, A36AC5C6C3E0B99AFDC90EADE99EF637ACD4CFC7AF628615FBC383F8CA07268A ] C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
21:10:19.0944 0x223c  HP Officejet 5740 series (NET) - ok
21:10:19.0944 0x223c  [ 20E6A936DB2681EEE38E2A8091EEE808, BB8CC926C1CF90469D19630E755A452092DFDE8855B76E6E1A367085FC216AB0 ] C:\Program Files (x86)\VLC Updater\vlc-updater.exe
21:10:19.0975 0x223c  VLC Updater - ok
21:10:19.0975 0x223c  Waiting for KSN requests completion. In queue: 9
21:10:21.0006 0x223c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1066 ), 0x60100 ( disabled : updated )
21:10:21.0022 0x223c  AV detected via SS2: McAfee VirusScan, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.4.0.0 ), 0x51000 ( enabled : updated )
21:10:21.0022 0x223c  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.4.0.0 ), 0x51010 ( enabled )
21:10:21.0194 0x223c  ============================================================
21:10:21.0194 0x223c  Scan finished
21:10:21.0194 0x223c  ============================================================
21:10:21.0209 0x1fe4  Detected object count: 0
21:10:21.0209 0x1fe4  Actual detected object count: 0

M-K-D-B · 01.05.2017, 10:23

Servus,

ich bitte um Beachtung meiner Hinweise, insbesondere Punkt 6.

AZEdeluxe · 01.05.2017, 12:30

hier nochmal die log files im code
diesmal vom desktop als admin ausgeführt:

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-04-2017
durchgeführt von Wolf-Rüdiger Kaiser (Administrator) auf THINKPAD-WRK-1 (01-05-2017 13:27:29)
Gestartet von C:\Users\Wolf-Rüdiger Kaiser\Desktop
Geladene Profile: Wolf-Rüdiger Kaiser (Verfügbare Profile: Wolf-Rüdiger Kaiser)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McT9340.tmp
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Windows\System32\nvwmi64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(PCHelp Soft) C:\Program Files (x86)\PC Cleaner\PCCSchedule.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\PELMICED.EXE
() C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelElvDm.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [Daemon for Mouse Suite] => C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [94856 2015-07-09] (Primax Electronics Ltd.)
HKLM\...\Run: [Mouse Suite 98 Daemon] => ICO.EXE
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-07] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\Run: [VLC Updater] => C:\Program Files (x86)\VLC Updater\vlc-updater.exe [360352 2016-10-07] () <===== ACHTUNG
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [371928 2016-07-17] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-05-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk [2017-05-01]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7c13c597-4095-4868-817b-a99e0f2a9cc3}: [DhcpNameServer] 172.168.127.2
Tcpip\..\Interfaces\{c5c6b6ce-1ee9-4b8e-a7df-9bff4e4d28c4}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001 -> DefaultScope {A2043012-86C9-4532-ABDE-49779FFC6F18} URL = 
SearchScopes: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001 -> {A2043012-86C9-4532-ABDE-49779FFC6F18} URL = 
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14] (Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14] (Intel Security)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14] (Intel Security)
DPF: HKLM-x32 {A6616B31-4860-41E2-98E3-CA7649AF172F} file:///D:/launch.ocx
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-28] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: j38j7yiu.default
FF ProfilePath: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Mozilla\Firefox\Profiles\j38j7yiu.default [2017-05-01]
FF Homepage: Mozilla\Firefox\Profiles\j38j7yiu.default -> google.de/
FF Extension: (Shield Recipe Client) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Mozilla\Firefox\Profiles\j38j7yiu.default\features\{f56d0d30-e9a8-4433-92e3-77f59e66a33f}\shield-recipe-client@mozilla.org.xpi [2017-05-01]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-14]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-29] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-12-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4246772196-3469511708-1303041041-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)

Chrome: 
=======
CHR Profile: C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default [2017-04-21]
CHR Extension: (Google Präsentationen) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-11]
CHR Extension: (Google Docs) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-15]
CHR Extension: (Google Drive) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-11]
CHR Extension: (YouTube) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-15]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-11]
CHR Extension: (Google Mail) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-11]
CHR Extension: (Chrome Media Router) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-18]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-18]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0216541493019156mcinstcleanup; C:\WINDOWS\TEMP\021654~1.EXE [1030904 2017-02-09] (McAfee, Inc.)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-07-29] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-04-25] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-07] (Intel Corporation)
R2 Lenovo Instant On; C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe [3125328 2017-02-01] (Lenovo Group Limited)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-09-05] (Lenovo)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-04-18] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [994312 2017-03-13] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.551\McCHSvc.exe [404376 2017-04-18] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1344472 2017-02-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2017-01-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [385112 2017-01-18] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343792 2017-01-18] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1551512 2017-02-26] (McAfee, Inc.)
R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3164816 2015-07-23] ()
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 PelService; C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe [184088 2015-07-09] () [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-14] (Microsoft Corporation)
S3 SSSvc; C:\Program Files (x86)\SmartSense\SSSvc.exe [119512 2015-07-23] (Lenovo)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996736 2017-04-12] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16160 2017-04-12] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86776 2017-04-12] (McAfee, Inc.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88464 2017-01-20] (McAfee, Inc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [530928 2015-07-13] (Intel Corporation)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [253696 2017-01-13] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-04-21] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-04-21] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487184 2017-01-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366328 2017-01-20] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2017-01-23] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518704 2017-01-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [923640 2017-01-20] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498648 2017-01-19] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109320 2017-01-19] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110256 2017-01-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2017-01-20] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7621376 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 pelbtm; C:\WINDOWS\system32\DRIVERS\pelbtm.sys [16384 2012-06-19] (Primax Electronics Ltd.)
R1 pelmoubt; C:\WINDOWS\system32\DRIVERS\pelmoubt.sys [22528 2012-06-19] (Primax Electronics Ltd.)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-01-13] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-10-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [700008 2015-11-19] (Sunplus)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-01 13:27 - 2017-04-30 20:51 - 02428928 _____ (Farbar) C:\Users\Wolf-Rüdiger Kaiser\Desktop\FRST64.exe
2017-05-01 10:13 - 2017-05-01 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-05-01 10:13 - 2017-05-01 10:13 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2017-04-30 21:08 - 2017-04-30 21:10 - 00289428 _____ C:\TDSSKiller.3.1.0.15_30.04.2017_21.08.10_log.txt
2017-04-30 21:08 - 2017-04-30 21:08 - 00263448 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\52082972.sys
2017-04-30 21:08 - 2017-04-30 20:52 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Wolf-Rüdiger Kaiser\Desktop\tdsskiller.exe
2017-04-30 21:06 - 2017-05-01 13:27 - 00026877 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\FRST.txt
2017-04-30 21:03 - 2017-05-01 13:27 - 00000000 ____D C:\FRST
2017-04-25 16:54 - 2017-04-25 16:54 - 00257856 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2017-04-21 22:56 - 2017-04-21 22:56 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-04-21 22:48 - 2017-04-21 22:48 - 01496584 _____ C:\Users\Wolf-Rüdiger Kaiser\Downloads\HijackThis - CHIP-Installer.exe
2017-04-21 17:51 - 2017-04-21 17:52 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-21 17:51 - 2017-04-21 17:51 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-21 17:51 - 2017-04-21 17:51 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-21 17:50 - 2017-04-21 17:50 - 55566792 _____ (Malwarebytes ) C:\Users\Wolf-Rüdiger Kaiser\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-04-20 14:43 - 2017-04-20 14:43 - 02388520 _____ (SpeedCat Inc. ) C:\Users\Wolf-Rüdiger Kaiser\Downloads\speedcat.setup.exe
2017-04-20 14:12 - 2017-04-21 22:51 - 00000000 ____D C:\Program Files (x86)\PC Cleaner
2017-04-20 14:12 - 2017-04-21 14:12 - 00003404 _____ C:\WINDOWS\System32\Tasks\PC Cleaner Schedule
2017-04-20 14:12 - 2017-04-20 14:12 - 00001106 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\PC Cleaner.lnk
2017-04-20 14:12 - 2017-04-20 14:12 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\Documents\PC Cleaner
2017-04-20 14:12 - 2017-04-20 14:12 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\PC Cleaner
2017-04-20 14:12 - 2017-04-20 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner
2017-04-20 14:11 - 2017-04-20 14:12 - 05054768 _____ (PC HelpSoft ) C:\Users\Wolf-Rüdiger Kaiser\Downloads\pc-cleaner-5038.exe
2017-04-15 10:39 - 2017-04-15 10:39 - 00042803 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\Umsatzdetails_Konto543155600_EUR_15-04-2017_1032.pdf
2017-04-14 20:07 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-14 20:07 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-14 20:07 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-14 20:07 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-14 20:07 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-14 20:07 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-14 20:07 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-14 20:07 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-14 20:07 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-14 20:07 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-14 20:07 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-14 20:07 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-14 20:07 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-14 20:07 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-14 20:07 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-14 20:07 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-14 20:07 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-14 20:07 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-14 20:06 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-14 20:06 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-14 20:06 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-14 20:06 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-14 20:06 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-14 20:06 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-14 20:06 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-14 20:06 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-14 20:06 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-14 20:06 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-14 20:06 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-14 20:06 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-14 20:06 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-14 20:06 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-14 20:06 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-14 20:06 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-14 20:06 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-14 20:06 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-14 20:06 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-14 20:06 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-14 20:06 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-14 20:06 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-14 20:06 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-14 20:06 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-14 20:06 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-14 20:06 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-14 20:06 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-14 20:06 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-14 20:06 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-14 20:06 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-14 20:06 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-14 20:06 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-14 20:06 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-14 20:06 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-14 20:06 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-14 20:06 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-14 20:06 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-14 20:06 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-14 20:06 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-14 20:06 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-14 20:06 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-14 20:06 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-14 20:06 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-14 20:06 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-14 20:06 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-14 20:06 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-14 20:06 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-14 20:06 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-14 20:06 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-14 20:06 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-14 20:06 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-14 20:06 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-14 20:06 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-14 20:06 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-14 20:06 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-14 20:06 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-14 20:06 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-14 20:06 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-14 20:06 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-14 20:06 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-14 20:06 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-14 20:06 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-14 19:59 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-14 19:59 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-14 19:59 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-14 19:59 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-14 19:59 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-14 19:59 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-14 19:59 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-14 19:59 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-14 19:58 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-14 19:58 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-14 19:58 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-14 19:58 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-14 19:57 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-14 19:57 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-14 19:57 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-14 19:57 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-14 19:57 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-14 19:57 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-14 19:57 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-14 19:57 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-14 19:57 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-14 19:57 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-14 19:57 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-14 19:57 - 2017-03-28 07:41 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-04-14 19:57 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-14 19:57 - 2017-03-28 07:41 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-04-14 19:57 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-14 19:57 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-14 19:57 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-14 19:57 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-14 19:57 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-14 19:57 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-14 19:57 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-14 19:57 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-14 19:57 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-14 19:57 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-14 19:57 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-14 19:57 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-14 19:57 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-14 19:57 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-14 19:57 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-14 19:57 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-14 19:57 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-14 19:57 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-14 19:57 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-14 19:57 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-14 19:57 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-14 19:57 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-14 19:57 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-14 19:57 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-14 19:57 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-14 19:57 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-14 19:57 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-14 19:57 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-14 19:57 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-14 19:57 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-14 19:57 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-14 19:57 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-14 19:57 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-14 19:57 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-14 19:57 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-14 19:57 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-14 19:57 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-14 19:57 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-14 19:57 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-14 19:57 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-14 19:57 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-14 19:57 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-14 19:57 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-14 19:57 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-14 19:57 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-14 19:57 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-14 19:57 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-14 19:57 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-14 19:57 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-14 19:57 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-14 19:57 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-14 19:57 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-14 19:57 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-14 19:56 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-14 19:56 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-14 19:56 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-14 19:56 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-14 19:56 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-14 19:56 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-14 19:56 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-14 19:56 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-14 19:56 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-14 19:56 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-14 19:56 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-14 19:56 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-14 19:56 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-14 19:56 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-14 19:56 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-14 19:56 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-14 19:56 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-14 19:56 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-14 19:56 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-14 19:56 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-14 19:56 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-14 19:56 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-14 19:56 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-14 19:56 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-14 19:56 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-14 19:56 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-14 19:56 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-14 19:56 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-14 19:56 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-14 19:56 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-14 19:56 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-14 19:56 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-14 19:56 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-14 19:56 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-14 19:56 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-14 19:56 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-14 19:56 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-14 19:56 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-14 19:56 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-14 19:56 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-14 19:56 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-14 19:56 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-14 19:56 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-14 19:56 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-14 19:56 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-14 19:56 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-14 19:56 - 2017-03-28 07:04 - 00119808 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-14 19:55 - 2017-03-28 08:26 - 00754528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-04-14 19:55 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-14 19:55 - 2017-03-28 08:26 - 00573280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-14 19:55 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-14 19:55 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-14 19:55 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-14 19:55 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-14 19:55 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-14 19:55 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-14 19:55 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-14 19:55 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-14 19:55 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-14 19:55 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-14 19:55 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-14 19:55 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-14 19:55 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-14 19:55 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-14 19:55 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-14 19:55 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-14 19:55 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-14 19:55 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-14 19:55 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-14 19:55 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-14 19:55 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-14 19:55 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-14 19:55 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-14 19:55 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-14 19:55 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-14 19:55 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-14 19:55 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-14 19:55 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-14 19:55 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-14 19:55 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-14 19:55 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-14 19:55 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-14 19:55 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-14 19:55 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-14 19:55 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-14 19:55 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-14 19:55 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-14 19:55 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-14 19:55 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-14 19:55 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-14 19:55 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-14 19:55 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-14 19:55 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-14 19:55 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-14 19:55 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-14 19:55 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-14 19:55 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-13 10:57 - 2017-04-13 10:57 - 00000000 ____D C:\Program Files (x86)\Cisco
2017-04-06 15:06 - 2017-04-06 15:06 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\LocalLow\Temp
2017-04-06 12:39 - 2017-04-06 12:39 - 00108129 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\H-65-2017 neu.pdf
2017-04-06 12:36 - 2017-04-06 12:36 - 00619124 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\OR-158-04-04-1.pdf
2017-04-03 17:28 - 2017-04-04 17:12 - 00010354 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\Gewicht.xlsx
2017-04-03 10:37 - 2017-04-03 10:37 - 00190814 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\158- Ostermond-Schlaraffiade.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-01 13:15 - 2016-11-24 11:04 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\LocalLow\Mozilla
2017-05-01 13:06 - 2016-10-14 15:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-01 10:15 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-01 10:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-01 10:14 - 2016-11-27 18:22 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B30343C5-81AC-4AE9-A5AE-3A4494A229EE}
2017-05-01 10:14 - 2016-10-14 15:25 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-05-01 10:13 - 2016-01-07 00:21 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-05-01 10:13 - 2016-01-01 17:06 - 00002016 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-05-01 10:12 - 2016-11-23 17:02 - 00025939 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-05-01 10:11 - 2016-10-14 15:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-01 10:11 - 2015-12-11 01:01 - 00000000 __SHD C:\Users\Wolf-Rüdiger Kaiser\IntelGraphicsProfiles
2017-04-30 20:25 - 2015-12-17 17:07 - 00000000 ____D C:\Rechnungen
2017-04-30 15:07 - 2016-11-28 10:29 - 00004222 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-04-30 02:14 - 2017-03-27 10:45 - 00003366 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser
2017-04-30 02:14 - 2017-03-27 10:44 - 00000418 _____ C:\WINDOWS\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser.job
2017-04-28 10:12 - 2016-10-14 15:25 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 10:12 - 2016-10-14 15:25 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 00:56 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-25 10:51 - 2017-02-20 19:57 - 00001249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-04-25 10:51 - 2017-02-20 19:57 - 00001235 _____ C:\Users\Public\Desktop\True Key.lnk
2017-04-25 10:51 - 2017-02-20 19:47 - 00000000 ____D C:\Program Files\TrueKey
2017-04-24 09:32 - 2016-03-18 16:18 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-04-22 21:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-22 21:13 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-21 22:58 - 2016-07-17 00:51 - 00788360 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-21 22:58 - 2016-07-17 00:51 - 00169712 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-21 22:58 - 2015-07-16 17:54 - 02001606 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-21 22:56 - 2015-12-12 07:24 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Downloaded Installations
2017-04-21 22:53 - 2016-10-14 15:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-21 22:53 - 2016-10-14 15:20 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser
2017-04-21 22:53 - 2016-10-14 15:18 - 00000000 ____D C:\ProgramData\Synaptics
2017-04-21 22:53 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-20 10:42 - 2016-11-18 16:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-20 10:42 - 2015-12-12 05:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-20 00:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-18 23:15 - 2016-12-17 18:08 - 00003316 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-18 23:15 - 2015-12-11 01:04 - 00002436 _____ C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-18 23:15 - 2015-12-11 01:04 - 00000000 ___RD C:\Users\Wolf-Rüdiger Kaiser\OneDrive
2017-04-18 10:27 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-18 10:27 - 2015-12-12 07:09 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-04-17 18:18 - 2016-02-24 15:34 - 00000000 ____D C:\Fritz.Rapp
2017-04-16 20:29 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-16 20:28 - 2016-10-14 15:17 - 00355048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-16 20:28 - 2015-07-16 17:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-16 20:27 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-16 20:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-16 17:29 - 2016-10-16 20:27 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\vlc
2017-04-13 15:08 - 2015-12-12 08:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-13 15:06 - 2015-12-12 08:24 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-13 10:57 - 2016-12-29 10:06 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-04-13 10:57 - 2015-12-03 11:19 - 00000000 ____D C:\ProgramData\Intel
2017-04-13 10:57 - 2015-12-03 11:19 - 00000000 ____D C:\Program Files (x86)\Intel
2017-04-13 10:56 - 2016-10-14 15:18 - 00000000 ____D C:\Program Files\Intel
2017-04-13 10:56 - 2015-12-03 10:39 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-12 14:23 - 2016-10-14 15:25 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-12 14:23 - 2015-12-17 18:38 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-11 13:36 - 2016-10-14 15:25 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-04-11 13:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-11 13:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-10 11:47 - 2015-12-03 11:22 - 00000000 ____D C:\ProgramData\McAfee
2017-04-10 10:51 - 2015-12-11 01:01 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Packages
2017-04-06 10:05 - 2016-04-10 19:51 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-06 10:05 - 2016-04-10 19:51 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-01 20:52 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-01 20:52 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-17 02:08 - 2015-12-17 02:08 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-10-14 15:18 - 2016-10-14 15:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Program Files (x86)\VLC Updater\vlc-updater.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-26 10:08

==================== Ende von FRST.txt ============================

AZEdeluxe · 01.05.2017, 12:32

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-04-2017
durchgeführt von Wolf-Rüdiger Kaiser (01-05-2017 13:27:59)
Gestartet von C:\Users\Wolf-Rüdiger Kaiser\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-14 13:26:24)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4246772196-3469511708-1303041041-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4246772196-3469511708-1303041041-503 - Limited - Disabled)
Gast (S-1-5-21-4246772196-3469511708-1303041041-501 - Limited - Disabled)
Wolf-Rüdiger Kaiser (S-1-5-21-4246772196-3469511708-1303041041-1001 - Administrator - Enabled) => C:\Users\Wolf-Rüdiger Kaiser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HP Officejet 5740 series - Grundlegende Software für das Gerät (HKLM\...\{4029319E-A53E-4FAA-A2FA-D0091D85EB17}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{4D139017-971D-45CF-B94E-26C4DC93A814}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM-x32\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Photo Creations (HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\HP Photo Creations) (Version: 1.0.0.22032 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.4.14.41 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.6.14.19 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.7.17 - SunplusIT)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.15.132.1 - Intel Security)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4256 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{1A51AA9E-D4BC-4318-9419-B55EA4C95B3C}) (Version: 17.1.1525.1443 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{475ea806-cb2a-455b-bb1b-9f99342b2fe2}) (Version: 19.40.0 - Intel Corporation)
Lenovo Anzeige am Bildschirm (Version: 8.85.03 - Lenovo) Hidden
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Mouse Suite (HKLM\...\MouseSuite98) (Version: 6.74 - Lenovo)
Lenovo Power Management Driver (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.016.00 - Lenovo)
Lenovo Settings - Power (x32 Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{DB529F41-7844-4FD9-B660-CE829E59A71E}) (Version: 3.1.002.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.076.00 - Lenovo)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.551.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.127 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional 2013 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 15.0.4919.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA WMI 2.22.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.22.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
PC Cleaner v5.0 (HKLM-x32\...\PC Cleaner_is1) (Version: 5.0 - PC HelpSoft)
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
PowerDVD Create 10 (x32 Version: 10.0.1.3222 - CyberLink Corp.) Hidden
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21288 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7756 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Studie zur Verbesserung von HP Officejet Pro 8100 Produkten (HKLM\...\{B1153774-BFFE-4D42-AC2C-6503DBE96EBA}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
SuperEasy Driver Updater v.1.1.1 (HKLM-x32\...\{039BC111-D60F-A6FF-85F4-7992EA886B8D}_is1) (Version: 1.1.1 - SuperEasy Software GmbH & Co. KG)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
ThinkPad Settings Dependency (Version: 3.0.0.12 - Lenovo) Hidden
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 10.1.506.2015 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC Updater (HKLM-x32\...\VLC Updater) (Version: 1.0 - VLC Updater) <==== ACHTUNG
WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.4514 - CyberLink Corp.)
WaveEditor (x32 Version: 1.0.1.4514 - CyberLink Corp.) Hidden
Windows Driver Package - Lenovo 1.67.10.15 (06/22/2015 1.67.10.15) (HKLM\...\116858BC299A848A634E4FC927990093F81F608D) (Version: 06/22/2015 1.67.10.15 - Lenovo)
Windows Driver Package - Realtek Semiconduct Corp. (RTSPER) MTD  (05/29/2015 10.0.10125.21277) (HKLM\...\4E55DAEF56C7E4B0BFE2CA2C3C55718B1DB7B3B9) (Version: 05/29/2015 10.0.10125.21277 - Realtek Semiconduct Corp.)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/29/2015 6.0.1.7572) (HKLM\...\FB7FCBF0F17BC6F027BA3449CC8B02C4445C5565) (Version: 07/29/2015 6.0.1.7572 - Realtek Semiconductor Corp.)
Windows Driver Package - Synaptics (SmbDrv) System  (07/24/2015 19.0.17.2) (HKLM\...\D46201570EE858381BA5A517C517317159E0F49A) (Version: 07/24/2015 19.0.17.2 - Synaptics)
Windows Driver Package - Synaptics (SynTP) Mouse  (07/24/2015 19.0.17.2) (HKLM\...\BCACBD4A2C3424D2C4AB53EE766C3F38399CEB15) (Version: 07/24/2015 19.0.17.2 - Synaptics)
Windows Driver Package - Synaptics FP Sensors (WUDFRd) Biometric  (07/28/2015 4.5.317.0) (HKLM\...\FD3941EBC31C6FC067D7184B5EB55011CBFBB255) (Version: 07/28/2015 4.5.317.0 - Synaptics FP Sensors)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => K (Der Dateneintrag hat 10 mehr Zeichen).

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {028926CC-E32D-4E90-B678-6E4938464203} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-04] (Realtek Semiconductor)
Task: {0B2CBFBC-9760-45F1-81CA-8C72ED40A105} - System32\Tasks\PC Cleaner Schedule => C:\Program Files (x86)\PC Cleaner\PCCSchedule.exe [2017-03-03] (PCHelp Soft)
Task: {0B689A78-7C07-4BE3-88CE-E9B7250EDCA3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-03-04] (Realtek Semiconductor)
Task: {0BC43B32-D283-4C88-BC22-D545918B3E18} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {0BC77D93-3558-4C5B-B63E-41B74770186C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {0F3B0329-DBF4-46D7-9B41-EC6130BFBFFB} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-02-22] (McAfee, Inc.)
Task: {144FE919-0373-478F-AC4B-CFC9559987F4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {2699E22C-0EE9-4190-94DD-44280FF29846} - System32\Tasks\SuperEasyDriverUpdater_UPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe [2014-07-17] (SuperEasy Software)
Task: {27C5989A-24A8-420C-ADD0-8218CDE574E0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d4acd1ca-6919-401f-914e-51352b10f752 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {2DE3565E-359C-49C4-941F-F66C6E969EFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {3C1BDD8C-1BFE-43EA-BC9F-536B1280FB18} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {3CDB3236-8FFA-4191-8FFE-468ECAE4B5FA} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {4019354F-1837-41D7-8520-881E2B6A9806} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {45AB6103-DC1C-4571-83E4-C2979A22FD24} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {47764D1F-4889-4ADF-AD8D-8841CC266371} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {4F8BFC3F-B939-4DEA-AF5A-EB5544F8E98B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {532A43DE-EC74-4667-B66F-EFC2CAAB7D29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {556EBB6A-3B54-4781-A37E-886D5A605F24} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {5C902D20-42CB-48E4-93DF-D2AE9AAD20FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {6433F0DC-FEDC-4405-AEB1-55CF98BEC4DB} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {71847799-6E31-4EB4-89A2-8216FC9BFD09} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {7382A6BF-6231-4F2F-8790-D3894F8B908F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {8841BA53-ED44-4561-97E3-84E9D2899FEF} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-12-12] (Lenovo)
Task: {88A93ABA-4D26-4F26-92A8-3DE528891C6D} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2013-03-06] (CyberLink)
Task: {895C28AC-5202-43A2-BB2D-F26D47425B8B} - System32\Tasks\HP AR Program Upload - 1519524a51754b0ca6862317aac6f33dc9fcbb5ccdd0431cbc623d8730f62132 => C:\Program Files\HP\HP Officejet 5740 series\bin\HPRewards.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {89C39F4D-78CF-4A9B-987E-4C1F245D35DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-10] (Google Inc.)
Task: {8BF4B716-1339-4C72-BCEA-C59C0C06AAA4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {91F81EB8-3173-4580-B73E-C4A735D73AEA} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe [2011-09-23] ()
Task: {92319297-CDE1-4F46-9682-241C7B00D468} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-09-05] (Lenovo)
Task: {9F826DC1-C50A-47C6-BA5D-484616E19049} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9049ac9b-936e-4d7e-aa7a-302ef9c47fa7 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {A09126BB-9091-4FF2-9A24-EF0C1E4BFD16} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-09-05] ()
Task: {A484AE41-608B-4F43-B925-BD11DE33A10E} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {AC6989B4-6240-4DC8-B355-5789A02F7E26} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-04] (Realtek Semiconductor)
Task: {B3953A3B-2857-4F97-A552-294AB4DECB88} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-09-05] (Lenovo)
Task: {BB00BBD9-CD60-4BEC-A089-5B9DF779B5EE} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {CB5DD811-584F-4A1C-A153-87A5F825DC90} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {D77795CE-9876-442F-B012-D36993589AA5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {DAE4DE1D-7C2B-4AB2-B85A-BA5AF454C81C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-10] (Google Inc.)
Task: {E606A7CA-5197-4D7A-825B-9C76B332297E} - System32\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {ED135A3E-3BD5-48CF-A89D-BD0DA38FFA46} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {F4829AAB-883E-4D06-B708-44E1A9F6AA89} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {F8834439-7C63-4F46-BA3E-2D0BFDA6C611} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {F91F895D-842B-4F83-90FC-1BF6C940C060} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe 
Task: {FBE37EDA-0728-48DB-A0BC-B22066AC65D8} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FC6C60A7-5351-4859-AB9A-0AB23B0BCAD6} - System32\Tasks\HPCustParticipation HP Officejet Pro 8100 => C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPCustPartic.exe [2012-11-01] (Hewlett-Packard Co.)
Task: {FEBE0154-8ABF-4588-97BB-79C02DCA56C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-13] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\SuperEasyDriverUpdater_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-12-03 11:22 - 2015-07-23 06:02 - 03164816 _____ () C:\Windows\system32\nvwmi64.exe
2015-12-12 07:09 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-12-12 09:51 - 2015-07-09 12:17 - 00184088 _____ () C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-14 15:19 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-03 11:22 - 2015-07-23 06:02 - 03164816 _____ () C:\WINDOWS\system32\nvwmi64.exe
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-14 16:13 - 2016-10-14 16:13 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 17:04 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 17:05 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 17:05 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 17:05 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-14 19:55 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-14 19:55 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-14 19:55 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-24 19:34 - 2017-02-20 08:03 - 00213880 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-12-12 09:51 - 2015-07-09 12:42 - 00026248 _____ () C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
2015-12-12 09:51 - 2015-07-09 12:17 - 00233240 _____ () C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelElvDm.exe
2017-04-04 10:38 - 2017-04-04 10:39 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-04-04 10:38 - 2017-04-04 10:39 - 22723584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-04-04 10:38 - 2017-04-04 10:39 - 00448512 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-04-04 10:38 - 2017-04-04 10:39 - 05427200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 17:40 - 2016-06-03 17:41 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-04-04 10:38 - 2017-04-04 10:39 - 00435712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-04-04 10:38 - 2017-04-04 10:39 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 11:51 - 2016-03-04 11:52 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-05-01 10:15 - 2017-05-01 10:15 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-01 10:15 - 2017-05-01 10:15 - 00190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-01 10:15 - 2017-05-01 10:15 - 43012096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-01 10:15 - 2017-05-01 10:15 - 02451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\skypert.dll
2015-07-07 03:36 - 2015-07-07 03:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-12-03 11:22 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-06 22:49 - 2013-03-06 22:49 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2013-03-06 22:52 - 2013-03-06 22:52 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2017-05-01 10:13 - 00000875 _____ C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Control Panel\Desktop\\Wallpaper -> c:\users\wolf-rüdiger kaiser\pictures\saved pictures\amg-gt-r-2016.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9FBB39AE-BF3A-4269-BD52-B60C2C3B454C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{51320BEB-B5E9-42C3-A11A-5FFE7B50E7E6}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{45C88AE5-9C5A-47E1-AD93-C5AA0AE7F010}] => (Allow) LPort=5357
FirewallRules: [{F84EDD41-9A7A-4074-A25C-7812F714CB13}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{FBC5A9BD-1AF4-4E65-9D06-7989366B19AF}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{3C6C58E2-47B0-47A0-A864-60FC4F516D31}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{544E7F3B-DDFB-4EF0-86DD-24944D11CA1F}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{F6B3A693-8755-4B34-BA19-0C3CF00A9650}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{76F158F5-32A8-48D9-8A4D-8407EE077CA8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{BFEC2B77-FA42-4DA8-B71B-B30C73D851E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{00F18B3C-1FF5-4B76-B829-70C31011AC3B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D734CB3C-A80D-4579-8C67-6858B87144B8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{1823F631-9C64-4DEB-B501-DBA5F4074B07}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\DeviceSetup.exe
FirewallRules: [{48A75FEB-005C-4563-8F07-2F886E3397F8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicator.exe
FirewallRules: [{C9CD3A2D-A07B-4FAC-ADEF-721799332653}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{29DA1674-E7CD-4614-88D0-AB83E76E2C2C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B90772F-ED79-4FF9-BB53-FBDEA448B6FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E036E14D-8142-4FEB-8B42-886D6D531E82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8E29FBCE-76E9-435F-A1F4-54B4B18266F7}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

==================== Wiederherstellungspunkte =========================

13-04-2017 15:06:03 Windows Update
20-04-2017 17:30:25 Geplanter Prüfpunkt
30-04-2017 02:28:45 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/30/2017 08:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x22c8
Startzeit der fehlerhaften Anwendung: 0x01d2c1dd5df0eef2
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: c0c7829b-ae97-4d2b-9c62-54a81e0abfc6
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 05:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x2f04
Startzeit der fehlerhaften Anwendung: 0x01d2c1c84065b7b6
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 81ef94cc-806c-4d62-82fd-d92ee390f32f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 04:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x3e10
Startzeit der fehlerhaften Anwendung: 0x01d2c1bfdea238f4
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: b11be380-94e1-4842-8184-00fff898a094
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 03:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x740
Startzeit der fehlerhaften Anwendung: 0x01d2c1b77cdd92b9
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 57e80623-9476-465e-8b40-6248ce6f7f54
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 02:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x3790
Startzeit der fehlerhaften Anwendung: 0x01d2c1af1b17ec0d
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 92753d9d-0605-41fc-87b1-4073d9fb599c
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 01:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x1adc
Startzeit der fehlerhaften Anwendung: 0x01d2c1a6b9543aba
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: e29429f5-4126-4213-83de-7e9d0f9f369c
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 12:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x14d0
Startzeit der fehlerhaften Anwendung: 0x01d2c19e57915918
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: fd0bb725-bb5c-4b2b-8079-d9cca40a7bee
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 11:41:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x3120
Startzeit der fehlerhaften Anwendung: 0x01d2c195f5cb0d36
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 708380ea-19f8-4e09-ac55-e5fc2738ccd5
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 10:41:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x2c30
Startzeit der fehlerhaften Anwendung: 0x01d2c18d94067de2
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: d5dbd975-1b13-47ed-aa0b-fed24dd8ae37
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 09:41:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x193c
Startzeit der fehlerhaften Anwendung: 0x01d2c18532420d9d
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 5c06e446-3c81-4890-ae2a-e948b51081da
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (05/01/2017 01:21:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (05/01/2017 01:06:36 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: Ein doppelter Name wurde im TCP-Netzwerk entdeckt. Die IP-Adresse des Computers,
der die Meldung gesendet hat, steht in den Daten. Verwenden Sie NBTSTAT -n an
der Eingabeaufforderung, um den doppelten Namen zu bestimmen.

Error: (05/01/2017 10:32:55 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/01/2017 10:11:46 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/01/2017 10:11:46 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/01/2017 10:11:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_60800c1" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (04/30/2017 09:28:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 09:11:18 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR19 gefunden.

Error: (04/30/2017 06:36:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (04/30/2017 06:19:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8071 MB
Verfügbarer physikalischer RAM: 4970.28 MB
Summe virtueller Speicher: 9351 MB
Verfügbarer virtueller Speicher: 6153.73 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:475.69 GB) (Free:335.03 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: () (Removable) (Total:0.97 GB) (Free:0.21 GB) FAT
Drive e: (INTENSO) (Fixed) (Total:931.28 GB) (Free:797.7 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D0A5E542)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 96109550)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 991.5 MB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=991 MB) - (Type=04)

==================== Ende von Addition.txt ============================

TDSSKiller teil 1

Code:

ATTFilter

13:29:08.0313 0x2860  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
13:29:08.0313 0x2860  UEFI system
13:29:11.0281 0x2860  ============================================================
13:29:11.0281 0x2860  Current date / time: 2017/05/01 13:29:11.0281
13:29:11.0281 0x2860  SystemInfo:
13:29:11.0281 0x2860  
13:29:11.0281 0x2860  OS Version: 10.0.14393 ServicePack: 0.0
13:29:11.0281 0x2860  Product type: Workstation
13:29:11.0281 0x2860  ComputerName: THINKPAD-WRK-1
13:29:11.0281 0x2860  UserName: Wolf-Rüdiger Kaiser
13:29:11.0281 0x2860  Windows directory: C:\WINDOWS
13:29:11.0281 0x2860  System windows directory: C:\WINDOWS
13:29:11.0281 0x2860  Running under WOW64
13:29:11.0281 0x2860  Processor architecture: Intel x64
13:29:11.0281 0x2860  Number of processors: 4
13:29:11.0281 0x2860  Page size: 0x1000
13:29:11.0281 0x2860  Boot type: Normal boot
13:29:11.0281 0x2860  CodeIntegrityOptions = 0x00000001
13:29:11.0281 0x2860  ============================================================
13:29:11.0297 0x2860  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1066, osProperties = 0x19
13:29:12.0563 0x2860  System UUID: {390D711A-A09A-F59D-6D0E-10F97791677C}
13:29:13.0078 0x2860  Drive \Device\Harddisk0\DR0 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:29:13.0078 0x2860  Drive \Device\Harddisk1\DR20 - Size: 0xE8E0DB5E00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:29:13.0078 0x2860  Drive \Device\Harddisk2\DR21 - Size: 0x3DF80000 ( 0.97 Gb ), SectorSize: 0x200, Cylinders: 0x7E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:29:13.0078 0x2860  ============================================================
13:29:13.0078 0x2860  \Device\Harddisk0\DR0:
13:29:13.0078 0x2860  GPT partitions:
13:29:13.0078 0x2860  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {BDA7AEA8-61C6-47FF-BA45-2BDF44C7D253}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
13:29:13.0078 0x2860  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {25AAAA40-7642-4192-A5C9-BF8CE6274558}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
13:29:13.0078 0x2860  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C2875017-323B-4096-9772-9825AAC65837}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x3B762800
13:29:13.0078 0x2860  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3AB2DC98-1F17-4EB4-AC76-3CF31A7B3B20}, Name: Basic data partition, StartLBA 0x3B7ED000, BlocksNum 0x1F4000
13:29:13.0078 0x2860  MBR partitions:
13:29:13.0078 0x2860  \Device\Harddisk1\DR20:
13:29:13.0078 0x2860  MBR partitions:
13:29:13.0078 0x2860  \Device\Harddisk1\DR20\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x747051C1
13:29:13.0078 0x2860  \Device\Harddisk2\DR21:
13:29:13.0078 0x2860  MBR partitions:
13:29:13.0078 0x2860  \Device\Harddisk2\DR21\Partition1: MBR, Type 0x4, StartLBA 0x20, BlocksNum 0x1EFBE0
13:29:13.0078 0x2860  ============================================================
13:29:13.0094 0x2860  C: <-> \Device\Harddisk0\DR0\Partition3
13:29:13.0375 0x2860  E: <-> \Device\Harddisk1\DR20\Partition1
13:29:13.0375 0x2860  ============================================================
13:29:13.0375 0x2860  Initialize success
13:29:13.0375 0x2860  ============================================================
13:29:20.0718 0x19f0  ============================================================
13:29:20.0718 0x19f0  Scan started
13:29:20.0718 0x19f0  Mode: Manual; SigCheck; TDLFS; 
13:29:20.0718 0x19f0  ============================================================
13:29:20.0718 0x19f0  KSN ping started
13:29:20.0827 0x19f0  KSN ping finished: true
13:29:21.0233 0x19f0  ================ Scan system memory ========================
13:29:21.0233 0x19f0  System memory - ok
13:29:21.0233 0x19f0  ================ Scan services =============================
13:29:21.0249 0x19f0  0216541493019156mcinstcleanup - ok
13:29:21.0280 0x19f0  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
13:29:21.0327 0x19f0  1394ohci - ok
13:29:21.0327 0x19f0  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
13:29:21.0343 0x19f0  3ware - ok
13:29:21.0358 0x19f0  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
13:29:21.0390 0x19f0  ACPI - ok
13:29:21.0390 0x19f0  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
13:29:21.0405 0x19f0  AcpiDev - ok
13:29:21.0421 0x19f0  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
13:29:21.0421 0x19f0  acpiex - ok
13:29:21.0436 0x19f0  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
13:29:21.0436 0x19f0  acpipagr - ok
13:29:21.0452 0x19f0  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
13:29:21.0468 0x19f0  AcpiPmi - ok
13:29:21.0468 0x19f0  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
13:29:21.0483 0x19f0  acpitime - ok
13:29:21.0483 0x19f0  [ 671133C0AC2D8B40B7574F69059653E9, A36CC49A0C829A5C4D6CF273791071213F5FFB57DC7022D523CFB731374FF63C ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:29:21.0499 0x19f0  AdobeARMservice - ok
13:29:21.0515 0x19f0  [ BE62B286791F715E430FB022C1707BBA, 7EDFF71EFB65AA895270BD83B16F390F53D98C438ADA23E780CE6200CA0449F1 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:29:21.0530 0x19f0  AdobeFlashPlayerUpdateSvc - ok
13:29:21.0561 0x19f0  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:29:21.0593 0x19f0  ADP80XX - ok
13:29:21.0608 0x19f0  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\WINDOWS\system32\drivers\afd.sys
13:29:21.0624 0x19f0  AFD - ok
13:29:21.0640 0x19f0  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:29:21.0655 0x19f0  ahcache - ok
13:29:21.0671 0x19f0  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
13:29:21.0671 0x19f0  AJRouter - ok
13:29:21.0686 0x19f0  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
13:29:21.0702 0x19f0  ALG - ok
13:29:21.0702 0x19f0  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
13:29:21.0718 0x19f0  AmdK8 - ok
13:29:21.0733 0x19f0  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
13:29:21.0749 0x19f0  AmdPPM - ok
13:29:21.0749 0x19f0  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
13:29:21.0765 0x19f0  amdsata - ok
13:29:21.0780 0x19f0  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
13:29:21.0796 0x19f0  amdsbs - ok
13:29:21.0796 0x19f0  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
13:29:21.0811 0x19f0  amdxata - ok
13:29:21.0811 0x19f0  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
13:29:21.0827 0x19f0  AppID - ok
13:29:21.0843 0x19f0  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
13:29:21.0858 0x19f0  AppIDSvc - ok
13:29:21.0858 0x19f0  [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
13:29:21.0874 0x19f0  Appinfo - ok
13:29:21.0874 0x19f0  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
13:29:21.0905 0x19f0  applockerfltr - ok
13:29:21.0905 0x19f0  [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
13:29:21.0921 0x19f0  AppMgmt - ok
13:29:21.0937 0x19f0  [ 32155E028491267CF2DB6085A0B7E359, 562831841293E4849CD01992DECE39B9B3C0835DCD352994CA2E2FE1C76A7CB3 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
13:29:21.0968 0x19f0  AppReadiness - ok
13:29:21.0983 0x19f0  [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
13:29:22.0015 0x19f0  AppVClient - ok
13:29:22.0015 0x19f0  [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
13:29:22.0030 0x19f0  AppvStrm - ok
13:29:22.0046 0x19f0  [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
13:29:22.0062 0x19f0  AppvVemgr - ok
13:29:22.0062 0x19f0  [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
13:29:22.0077 0x19f0  AppvVfs - ok
13:29:22.0124 0x19f0  [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
13:29:22.0187 0x19f0  AppXSvc - ok
13:29:22.0202 0x19f0  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
13:29:22.0202 0x19f0  arcsas - ok
13:29:22.0218 0x19f0  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
13:29:22.0233 0x19f0  AsyncMac - ok
13:29:22.0233 0x19f0  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
13:29:22.0233 0x19f0  atapi - ok
13:29:22.0249 0x19f0  [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:29:22.0280 0x19f0  AudioEndpointBuilder - ok
13:29:22.0296 0x19f0  [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
13:29:22.0327 0x19f0  Audiosrv - ok
13:29:22.0343 0x19f0  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
13:29:22.0358 0x19f0  AxInstSV - ok
13:29:22.0374 0x19f0  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
13:29:22.0405 0x19f0  b06bdrv - ok
13:29:22.0405 0x19f0  [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:29:22.0421 0x19f0  BasicDisplay - ok
13:29:22.0421 0x19f0  [ 2E78B31C90766FD086D2B766528E9AEA, D0D9ED8AD90E3D400DA4231AB313B4B2869930DADC3034D6FCDEA000E424F843 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
13:29:22.0437 0x19f0  BasicRender - ok
13:29:22.0437 0x19f0  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
13:29:22.0452 0x19f0  bcmfn - ok
13:29:22.0468 0x19f0  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
13:29:22.0468 0x19f0  bcmfn2 - ok
13:29:22.0483 0x19f0  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
13:29:22.0499 0x19f0  BDESVC - ok
13:29:22.0515 0x19f0  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
13:29:22.0530 0x19f0  Beep - ok
13:29:22.0546 0x19f0  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
13:29:22.0577 0x19f0  BFE - ok
13:29:22.0608 0x19f0  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\WINDOWS\System32\qmgr.dll
13:29:22.0640 0x19f0  BITS - ok
13:29:22.0655 0x19f0  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
13:29:22.0671 0x19f0  bowser - ok
13:29:22.0687 0x19f0  [ 6A15C5140B6F7D9479A32276AC2BA108, 0A8C6DB88148C6DB61226DD2FF816BDF3FED9E7A60EF17CCA17FA7D9EEC01C71 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:29:22.0718 0x19f0  BrokerInfrastructure - ok
13:29:22.0718 0x19f0  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
13:29:22.0733 0x19f0  Browser - ok
13:29:22.0749 0x19f0  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:29:22.0765 0x19f0  BthAvrcpTg - ok
13:29:22.0765 0x19f0  [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
13:29:22.0780 0x19f0  BthEnum - ok
13:29:22.0780 0x19f0  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
13:29:22.0796 0x19f0  BthHFEnum - ok
13:29:22.0812 0x19f0  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
13:29:22.0827 0x19f0  bthhfhid - ok
13:29:22.0827 0x19f0  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
13:29:22.0858 0x19f0  BthHFSrv - ok
13:29:22.0858 0x19f0  [ 0AB691736D4D4029444AF62DE59CFD37, C1C22EFBF67331B87AB261BBF9813009257437BA02F728EC2DFA1A49ECC5FABF ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
13:29:22.0874 0x19f0  BthLEEnum - ok
13:29:22.0890 0x19f0  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
13:29:22.0905 0x19f0  BTHMODEM - ok
13:29:22.0905 0x19f0  [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
13:29:22.0921 0x19f0  BthPan - ok
13:29:22.0952 0x19f0  [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
13:29:22.0983 0x19f0  BTHPORT - ok
13:29:22.0999 0x19f0  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
13:29:23.0015 0x19f0  bthserv - ok
13:29:23.0015 0x19f0  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
13:29:23.0030 0x19f0  BTHUSB - ok
13:29:23.0046 0x19f0  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
13:29:23.0062 0x19f0  buttonconverter - ok
13:29:23.0062 0x19f0  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
13:29:23.0077 0x19f0  CapImg - ok
13:29:23.0077 0x19f0  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:29:23.0093 0x19f0  cdfs - ok
13:29:23.0108 0x19f0  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
13:29:23.0140 0x19f0  CDPSvc - ok
13:29:23.0140 0x19f0  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
13:29:23.0155 0x19f0  CDPUserSvc - ok
13:29:23.0171 0x19f0  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
13:29:23.0187 0x19f0  cdrom - ok
13:29:23.0202 0x19f0  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
13:29:23.0218 0x19f0  CertPropSvc - ok
13:29:23.0218 0x19f0  [ 515FAA4CABCBB83347205119E57868C8, 8E008E87E4DD223E1F4262C08E65439D6C02894F69A1A7DD07530044A0B6CE16 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
13:29:23.0233 0x19f0  cfwids - ok
13:29:23.0233 0x19f0  [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
13:29:23.0249 0x19f0  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
13:29:23.0983 0x19f0  Detect skipped due to KSN trusted
13:29:23.0983 0x19f0  chip1click - ok
13:29:24.0015 0x19f0  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
13:29:24.0046 0x19f0  cht4iscsi - ok
13:29:24.0077 0x19f0  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
13:29:24.0140 0x19f0  cht4vbd - ok
13:29:24.0140 0x19f0  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
13:29:24.0155 0x19f0  circlass - ok
13:29:24.0171 0x19f0  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
13:29:24.0187 0x19f0  CLFS - ok
13:29:24.0249 0x19f0  [ 209D07A9F54C2211C4C1E387EC971C97, 02112545E31E617602ED527E9191BD819413FB3732EAD16699E0C5795F8C58B2 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
13:29:24.0312 0x19f0  ClickToRunSvc - ok
13:29:24.0343 0x19f0  [ 85F31D4986E81CF3E78A5E2442C8F7AF, B6E6233D63A2C3E7AF0A9BBB62799159BF96C0F0EEBBC9B523BD227CC7A746B3 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
13:29:24.0390 0x19f0  ClientAnalyticsService - ok
13:29:24.0405 0x19f0  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
13:29:24.0437 0x19f0  ClipSVC - ok
13:29:24.0437 0x19f0  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
13:29:24.0452 0x19f0  clreg - ok
13:29:24.0468 0x19f0  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
13:29:24.0483 0x19f0  CmBatt - ok
13:29:24.0499 0x19f0  [ 4289C913D7E2FE963ABB096AA99CB1F7, 49D9008C5E18F62751D2312CE4F49DFBC04ACBBFDD950F0437F35AC21318041B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
13:29:24.0515 0x19f0  CNG - ok
13:29:24.0530 0x19f0  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
13:29:24.0530 0x19f0  cnghwassist - ok
13:29:24.0546 0x19f0  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
13:29:24.0562 0x19f0  CompositeBus - ok
13:29:24.0562 0x19f0  COMSysApp - ok
13:29:24.0577 0x19f0  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
13:29:24.0577 0x19f0  condrv - ok
13:29:24.0593 0x19f0  [ 9E3B10C490D860F3ED8F61FD0FD5B828, A21CB206A09053C7D9C94F2B71F53A40B3810D02A70C3D6AA0B48676BA5753BD ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
13:29:24.0624 0x19f0  CoreMessagingRegistrar - ok
13:29:24.0655 0x19f0  [ CFFF490F6615A17E2F73FC830F2B1E13, BCBC19445056E553219414438BA9DE6778E26DD66AA5BAE217474140EEB1DFD0 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
13:29:24.0671 0x19f0  cphs - ok
13:29:24.0671 0x19f0  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
13:29:24.0687 0x19f0  CryptSvc - ok
13:29:24.0702 0x19f0  [ EC2EA2F6C6D23315C20B4829F00D0440, BF1F47C3485E9112FB64F582DFA4679455203574F82A5ADB222BDA1FED1601E6 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
13:29:24.0733 0x19f0  CSC - ok
13:29:24.0749 0x19f0  [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService      C:\WINDOWS\System32\cscsvc.dll
13:29:24.0780 0x19f0  CscService - ok
13:29:24.0780 0x19f0  [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam             C:\WINDOWS\system32\drivers\dam.sys
13:29:24.0796 0x19f0  dam - ok
13:29:24.0812 0x19f0  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
13:29:24.0858 0x19f0  DcomLaunch - ok
13:29:24.0874 0x19f0  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
13:29:24.0890 0x19f0  DcpSvc - ok
13:29:24.0905 0x19f0  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
13:29:24.0921 0x19f0  defragsvc - ok
13:29:24.0937 0x19f0  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:29:24.0968 0x19f0  DeviceAssociationService - ok
13:29:24.0968 0x19f0  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
13:29:24.0999 0x19f0  DeviceInstall - ok
13:29:24.0999 0x19f0  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
13:29:25.0015 0x19f0  DevQueryBroker - ok
13:29:25.0015 0x19f0  [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
13:29:25.0046 0x19f0  Dfsc - ok
13:29:25.0046 0x19f0  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
13:29:25.0077 0x19f0  Dhcp - ok
13:29:25.0077 0x19f0  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
13:29:25.0093 0x19f0  diagnosticshub.standardcollector.service - ok
13:29:25.0140 0x19f0  [ EE32B36EA7CBD9BBA26B137C84943E23, BD5DDA2DEAF2D2CF6B24AED81C3EDBFECF6402A7B6A5D49FEDF334FF03CACB86 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
13:29:25.0202 0x19f0  DiagTrack - ok
13:29:25.0202 0x19f0  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
13:29:25.0218 0x19f0  disk - ok
13:29:25.0233 0x19f0  [ A1D7F926ABE7895D18467FF9A5EE7FC7, 2922C92D31EA50A126594967D325B21936432D1BB9C941416989B6848DF890E2 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
13:29:25.0249 0x19f0  DmEnrollmentSvc - ok
13:29:25.0265 0x19f0  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
13:29:25.0280 0x19f0  dmvsc - ok
13:29:25.0280 0x19f0  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
13:29:25.0296 0x19f0  dmwappushservice - ok
13:29:25.0312 0x19f0  [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
13:29:25.0327 0x19f0  Dnscache - ok
13:29:25.0343 0x19f0  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
13:29:25.0358 0x19f0  dot3svc - ok
13:29:25.0358 0x19f0  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
13:29:25.0374 0x19f0  DPS - ok
13:29:25.0390 0x19f0  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
13:29:25.0390 0x19f0  drmkaud - ok
13:29:25.0405 0x19f0  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
13:29:25.0421 0x19f0  DsmSvc - ok
13:29:25.0437 0x19f0  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
13:29:25.0452 0x19f0  DsSvc - ok
13:29:25.0483 0x19f0  [ 2DD9CF863320D5EDEA3ED9B8ED280BB0, CC35571FBA2E6E617CF93F778351ED3B3EA16F0B301C5433E94AD328E6EEA0FF ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:29:25.0546 0x19f0  DXGKrnl - ok
13:29:25.0562 0x19f0  [ 43272EB461C0905269520104D6A061BE, 0C756B8873BD7D95DEF7D49330892D31EE73CCB5C3C6DD26F1CBA37D55F4F62B ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
13:29:25.0593 0x19f0  e1dexpress - ok
13:29:25.0593 0x19f0  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
13:29:25.0624 0x19f0  EapHost - ok
13:29:25.0671 0x19f0  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
13:29:25.0749 0x19f0  ebdrv - ok
13:29:25.0765 0x19f0  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\WINDOWS\System32\lsass.exe
13:29:25.0780 0x19f0  EFS - ok
13:29:25.0780 0x19f0  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
13:29:25.0796 0x19f0  EhStorClass - ok
13:29:25.0796 0x19f0  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:29:25.0812 0x19f0  EhStorTcgDrv - ok
13:29:25.0827 0x19f0  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
13:29:25.0843 0x19f0  embeddedmode - ok
13:29:25.0843 0x19f0  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
13:29:25.0874 0x19f0  EntAppSvc - ok
13:29:25.0874 0x19f0  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
13:29:25.0890 0x19f0  ErrDev - ok
13:29:25.0905 0x19f0  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
13:29:25.0921 0x19f0  EventSystem - ok
13:29:25.0937 0x19f0  [ 30FBA772B6963ADA4DE738FC8977611B, A8D3BFA43CE547765CDB475BC88E7153DA4A4215CC577EDFF8DA0AC1B025F654 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:29:25.0968 0x19f0  EvtEng - ok
13:29:25.0968 0x19f0  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
13:29:25.0999 0x19f0  exfat - ok
13:29:25.0999 0x19f0  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
13:29:26.0015 0x19f0  fastfat - ok
13:29:26.0030 0x19f0  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
13:29:26.0062 0x19f0  Fax - ok
13:29:26.0077 0x19f0  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
13:29:26.0077 0x19f0  fdc - ok
13:29:26.0093 0x19f0  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
13:29:26.0108 0x19f0  fdPHost - ok
13:29:26.0108 0x19f0  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
13:29:26.0124 0x19f0  FDResPub - ok
13:29:26.0140 0x19f0  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
13:29:26.0155 0x19f0  fhsvc - ok
13:29:26.0155 0x19f0  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
13:29:26.0171 0x19f0  FileCrypt - ok
13:29:26.0171 0x19f0  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
13:29:26.0187 0x19f0  FileInfo - ok
13:29:26.0202 0x19f0  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
13:29:26.0218 0x19f0  Filetrace - ok
13:29:26.0218 0x19f0  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
13:29:26.0233 0x19f0  flpydisk - ok
13:29:26.0249 0x19f0  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
13:29:26.0265 0x19f0  FltMgr - ok
13:29:26.0296 0x19f0  [ 2E193D24CE8460A9C703D0F193192BEF, CD95928BC240D556DFEA265A09A655FFE157A36D2230CD10BBAD4CA15CB98412 ] FontCache       C:\WINDOWS\system32\FntCache.dll
13:29:26.0374 0x19f0  FontCache - ok
13:29:26.0374 0x19f0  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:29:26.0390 0x19f0  FontCache3.0.0.0 - ok
13:29:26.0405 0x19f0  [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
13:29:26.0437 0x19f0  FrameServer - ok
13:29:26.0452 0x19f0  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
13:29:26.0468 0x19f0  FsDepends - ok
13:29:26.0468 0x19f0  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:29:26.0483 0x19f0  Fs_Rec - ok
13:29:26.0499 0x19f0  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:29:26.0515 0x19f0  fvevol - ok
13:29:26.0530 0x19f0  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
13:29:26.0530 0x19f0  gencounter - ok
13:29:26.0546 0x19f0  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
13:29:26.0546 0x19f0  genericusbfn - ok
13:29:26.0562 0x19f0  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:29:26.0577 0x19f0  GPIOClx0101 - ok
13:29:26.0593 0x19f0  [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
13:29:26.0655 0x19f0  gpsvc - ok
13:29:26.0655 0x19f0  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
13:29:26.0671 0x19f0  GpuEnergyDrv - ok
13:29:26.0671 0x19f0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:29:26.0687 0x19f0  gupdate - ok
13:29:26.0687 0x19f0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:29:26.0702 0x19f0  gupdatem - ok
13:29:26.0702 0x19f0  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
13:29:26.0718 0x19f0  HDAudBus - ok
13:29:26.0733 0x19f0  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
13:29:26.0749 0x19f0  HidBatt - ok
13:29:26.0749 0x19f0  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
13:29:26.0765 0x19f0  HidBth - ok
13:29:26.0780 0x19f0  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
13:29:26.0796 0x19f0  hidi2c - ok
13:29:26.0796 0x19f0  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
13:29:26.0812 0x19f0  hidinterrupt - ok
13:29:26.0812 0x19f0  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
13:29:26.0827 0x19f0  HidIr - ok
13:29:26.0843 0x19f0  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
13:29:26.0858 0x19f0  hidserv - ok
13:29:26.0858 0x19f0  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
13:29:26.0874 0x19f0  HidUsb - ok
13:29:26.0874 0x19f0  [ 7829E439EBDDDB0FEFD6DEBCEE6B09AD, FF6BB82CE0C21513E407FF465C768805CF202A7B4040140A944A0413875BEC37 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
13:29:26.0890 0x19f0  HipShieldK - ok
13:29:26.0890 0x19f0  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:29:26.0921 0x19f0  HomeGroupListener - ok
13:29:26.0937 0x19f0  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:29:26.0952 0x19f0  HomeGroupProvider - ok
13:29:26.0968 0x19f0  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:29:26.0999 0x19f0  HomeNetSvc - ok
13:29:26.0999 0x19f0  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
13:29:27.0015 0x19f0  HpSAMD - ok
13:29:27.0015 0x19f0  [ 91ADA2CF99A0C28A231763E033FD6F98, 80F6ABD22D018EBF5AC3FD5BEE941962B29B1517EACE0C7730C00D7DE17CEFAC ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
13:29:27.0030 0x19f0  HPSupportSolutionsFrameworkService - ok
13:29:27.0062 0x19f0  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
13:29:27.0093 0x19f0  HTTP - ok
13:29:27.0093 0x19f0  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
13:29:27.0108 0x19f0  HvHost - ok
13:29:27.0124 0x19f0  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
13:29:27.0124 0x19f0  hvservice - ok
13:29:27.0140 0x19f0  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
13:29:27.0140 0x19f0  hwpolicy - ok
13:29:27.0155 0x19f0  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
13:29:27.0155 0x19f0  hyperkbd - ok
13:29:27.0171 0x19f0  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
13:29:27.0187 0x19f0  i8042prt - ok
13:29:27.0187 0x19f0  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
13:29:27.0202 0x19f0  iagpio - ok
13:29:27.0202 0x19f0  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
13:29:27.0233 0x19f0  iai2c - ok
13:29:27.0233 0x19f0  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
13:29:27.0249 0x19f0  iaLPSS2i_GPIO2 - ok
13:29:27.0249 0x19f0  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
13:29:27.0265 0x19f0  iaLPSS2i_I2C - ok
13:29:27.0265 0x19f0  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:29:27.0280 0x19f0  iaLPSSi_GPIO - ok
13:29:27.0280 0x19f0  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:29:27.0296 0x19f0  iaLPSSi_I2C - ok
13:29:27.0327 0x19f0  [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
13:29:27.0374 0x19f0  iaStorA - ok
13:29:27.0390 0x19f0  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
13:29:27.0405 0x19f0  iaStorAV - ok
13:29:27.0421 0x19f0  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
13:29:27.0437 0x19f0  iaStorV - ok
13:29:27.0452 0x19f0  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
13:29:27.0468 0x19f0  ibbus - ok
13:29:27.0483 0x19f0  [ 053DFE4E6324B828C16CB6F5B9F20790, 17347896126DE49C570D2AC025F2A4BB8250B67ECD6A6D31B80EBD9423799F0B ] IBMPMDRV        C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
13:29:27.0483 0x19f0  IBMPMDRV - ok
13:29:27.0499 0x19f0  [ D84EF85ED4F2044784A44C211A27D065, FA18EA57507353DC3DB18F840F0499D7874AC055E3190E4D76DB9AA1021FC674 ] IBMPMSVC        C:\WINDOWS\system32\ibmpmsvc.exe
13:29:27.0499 0x19f0  IBMPMSVC - ok
13:29:27.0515 0x19f0  ibtsiva - ok
13:29:27.0515 0x19f0  [ 8A89BCB5CEA759E552C6A663E176E2CB, DFDC44AD43C21259AD939D4D1852B9AE57FDC4741E8E64CEB0BD13FA2629C026 ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
13:29:27.0530 0x19f0  ibtusb - ok
13:29:27.0546 0x19f0  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
13:29:27.0562 0x19f0  icssvc - ok
13:29:27.0671 0x19f0  [ 6FFC445E0D38C3C880125F2C201C9BC6, 488A427239B55394359751FCB8CBAEA8E2AE1CB2AE03C04590E7B8C80EF3F709 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
13:29:27.0796 0x19f0  igfx - ok
13:29:27.0812 0x19f0  [ 5ED1C5B5238B085643D8C4C59E0D3CF1, 3E7580B2A8B47EAC250030420251FE2A34C4B8D2B7C4D0536E64E197CA42F7CB ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
13:29:27.0827 0x19f0  igfxCUIService2.0.0.0 - ok
13:29:27.0843 0x19f0  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
13:29:27.0890 0x19f0  IKEEXT - ok
13:29:27.0890 0x19f0  [ FAA36F3AA6737D85636D835273729805, 6CB5877EBC4AF1E44C39028CA6E0D296481221CF1AB3661AB82549BBC0BE22F0 ] ImControllerService C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
13:29:27.0905 0x19f0  ImControllerService - ok
13:29:27.0905 0x19f0  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
13:29:27.0921 0x19f0  IndirectKmd - ok
13:29:27.0921 0x19f0  InstallerService - ok
13:29:28.0015 0x19f0  [ 7BEEEA8EE522F23365D76C1373DE2279, AF300943982387165EF475DB4950D0DDF50B37FD73B83995783A1A9E751ACF45 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:29:28.0108 0x19f0  IntcAzAudAddService - ok
13:29:28.0124 0x19f0  [ 42777B7BE4946135578E5C3BC1D2E4AD, CE4FF334238D0A98139676420E770A42DC0F5567F49D618B56CD55417F556D05 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
13:29:28.0155 0x19f0  IntcDAud - ok
13:29:28.0171 0x19f0  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
13:29:28.0187 0x19f0  Intel(R) Capability Licensing Service TCP IP Interface - ok
13:29:28.0202 0x19f0  [ 72586E6D6DD4144D0C4CBD9D2653BBED, 3EE3CBB98D7A2CEEC92A86D5D2F49733BB1FD42F45CDE8973B71022E57093BBA ] IntelHSWPcc     C:\WINDOWS\system32\drivers\IntelPcc.sys
13:29:28.0202 0x19f0  IntelHSWPcc - ok
13:29:28.0218 0x19f0  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
13:29:28.0218 0x19f0  intelide - ok
13:29:28.0233 0x19f0  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
13:29:28.0233 0x19f0  intelpep - ok
13:29:28.0249 0x19f0  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
13:29:28.0265 0x19f0  intelppm - ok
13:29:28.0265 0x19f0  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
13:29:28.0280 0x19f0  iorate - ok
13:29:28.0280 0x19f0  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:29:28.0296 0x19f0  IpFilterDriver - ok
13:29:28.0327 0x19f0  [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
13:29:28.0358 0x19f0  iphlpsvc - ok
13:29:28.0374 0x19f0  [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:29:28.0390 0x19f0  IPMIDRV - ok
13:29:28.0390 0x19f0  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
13:29:28.0421 0x19f0  IPNAT - ok
13:29:28.0421 0x19f0  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
13:29:28.0437 0x19f0  irda - ok
13:29:28.0437 0x19f0  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
13:29:28.0468 0x19f0  IRENUM - ok
13:29:28.0468 0x19f0  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
13:29:28.0483 0x19f0  irmon - ok
13:29:28.0483 0x19f0  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
13:29:28.0499 0x19f0  isapnp - ok
13:29:28.0515 0x19f0  [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
13:29:28.0530 0x19f0  iScsiPrt - ok
13:29:28.0546 0x19f0  [ 832F7C2747F04D1294AEF46A2CE5B63B, ABAECEFCAD9B526C3D98681A874966B924EB99AF61CDFAC6D5E767BE2FAF6CFA ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:29:28.0546 0x19f0  jhi_service - ok
13:29:28.0562 0x19f0  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
13:29:28.0562 0x19f0  kbdclass - ok
13:29:28.0577 0x19f0  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
13:29:28.0593 0x19f0  kbdhid - ok
13:29:28.0593 0x19f0  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
13:29:28.0608 0x19f0  kdnic - ok
13:29:28.0608 0x19f0  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\WINDOWS\system32\lsass.exe
13:29:28.0624 0x19f0  KeyIso - ok
13:29:28.0640 0x19f0  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
13:29:28.0655 0x19f0  KSecDD - ok
13:29:28.0655 0x19f0  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:29:28.0671 0x19f0  KSecPkg - ok
13:29:28.0671 0x19f0  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
13:29:28.0687 0x19f0  ksthunk - ok
13:29:28.0702 0x19f0  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
13:29:28.0733 0x19f0  KtmRm - ok
13:29:28.0733 0x19f0  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
13:29:28.0765 0x19f0  LanmanServer - ok
13:29:28.0780 0x19f0  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:29:28.0796 0x19f0  LanmanWorkstation - ok
13:29:28.0858 0x19f0  [ D33A44F6591075DB9B03807CF7DE9E0A, C14639CE2D7AAD1985F58CFB50C5AA525855CBC8A389D81EE555F5229438C694 ] Lenovo Instant On C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
13:29:28.0921 0x19f0  Lenovo Instant On - ok
13:29:28.0921 0x19f0  [ C8A237FF3FD137C30B9B1FF60078A3D2, FBAFA27AC680DAABB5D3A9C1E8CF2E4FFD97020E0848CB8D4D78E8D5CE8F5111 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
13:29:28.0937 0x19f0  LENOVO.MICMUTE - ok
13:29:28.0937 0x19f0  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
13:29:28.0952 0x19f0  lfsvc - ok
13:29:28.0952 0x19f0  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
13:29:28.0983 0x19f0  LicenseManager - ok
13:29:28.0983 0x19f0  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
13:29:28.0999 0x19f0  lltdio - ok
13:29:29.0015 0x19f0  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
13:29:29.0030 0x19f0  lltdsvc - ok
13:29:29.0030 0x19f0  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
13:29:29.0046 0x19f0  lmhosts - ok
13:29:29.0062 0x19f0  [ 76BC5705E1F838E32451ECF14518B1C8, 3F664723DCF6C07BDB3287184175F60DD7B4A85B0480800ECBE065730E2DA5F5 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:29:29.0077 0x19f0  LMS - ok
13:29:29.0093 0x19f0  [ 67569B50D28182AE1B21C46815CE58D0, 8332604147643BB151DB035F97A611B0D935DA6778266D9913BC945D5789EF87 ] LPlatSvc        C:\WINDOWS\system32\LPlatSvc.exe
13:29:29.0108 0x19f0  LPlatSvc - ok
13:29:29.0124 0x19f0  [ 2D2075DDCEA5DFF7F30EB3C1470F84E8, 24E0C7B9A7D85E5A0AE1993973A76920F2363612115E716F5EBF7E83DEBEB79F ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
13:29:29.0140 0x19f0  LSCWinService - ok
13:29:29.0140 0x19f0  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
13:29:29.0155 0x19f0  LSI_SAS - ok
13:29:29.0171 0x19f0  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
13:29:29.0171 0x19f0  LSI_SAS2i - ok
13:29:29.0187 0x19f0  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
13:29:29.0187 0x19f0  LSI_SAS3i - ok
13:29:29.0202 0x19f0  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
13:29:29.0218 0x19f0  LSI_SSS - ok
13:29:29.0233 0x19f0  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\WINDOWS\System32\lsm.dll
13:29:29.0265 0x19f0  LSM - ok
13:29:29.0265 0x19f0  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
13:29:29.0280 0x19f0  luafv - ok
13:29:29.0296 0x19f0  [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
13:29:29.0312 0x19f0  MapsBroker - ok
13:29:29.0312 0x19f0  [ BDE2FC7213C0897524C1357BAAE30239, 1E1AB68145107429217E07A662477C86406E0188BE9F01CAC416AC13054D1A5E ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:29:29.0327 0x19f0  MBAMSwissArmy - ok
13:29:29.0343 0x19f0  [ D6067E2128F6AE309F9F39EE69DE85A0, 9D172FF4CA5AED9FB7CAE8E75151A25AC34251202C4ECF563535C0DD2500AC3A ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
13:29:29.0343 0x19f0  MBAMWebProtection - ok
13:29:29.0358 0x19f0  [ 0382A6E46EA4C79B25005E6597159C27, 0587839138301092C12323A7CF9E3E0A9BB1FBB0AAA97409145D0BCA77F89749 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
13:29:29.0374 0x19f0  McAfee SiteAdvisor Service - ok
13:29:29.0390 0x19f0  [ 11D9A803DE0F825C59F3D4F17BD73A6E, FCD675CEE0B0CFFDF1A60251E1D753F7DB08223DCFCC107765EED7163FF2CFBD ] McAPExe         C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
13:29:29.0421 0x19f0  McAPExe - ok
13:29:29.0437 0x19f0  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:29:29.0452 0x19f0  McBootDelayStartSvc - ok
13:29:29.0468 0x19f0  [ 9CC3CA0D8C99F88642446ECD563ECCF5, 7EA997737291F69A1F26D1EEAAED107099484246657AB48135C32020DBE6EE12 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.551\McCHSvc.exe
13:29:29.0483 0x19f0  McComponentHostService - ok
13:29:29.0515 0x19f0  [ 01B9FF6FA5F8605AE92695C1393CD833, A89709A51FE311CBACE1BFC28492C101E7F2D613481248F815D3FA0DB6900C29 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe
13:29:29.0562 0x19f0  mccspsvc - ok
13:29:29.0577 0x19f0  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:29:29.0608 0x19f0  McMPFSvc - ok
13:29:29.0624 0x19f0  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:29:29.0640 0x19f0  McNaiAnn - ok
13:29:29.0671 0x19f0  [ D4AD64832DF34E2C7916088D75B20152, F74E1049EB9ACD8BFDCB88669781E4655B4555E4F699BA57CD641F9058E6A139 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
13:29:29.0702 0x19f0  McODS - ok
13:29:29.0718 0x19f0  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:29:29.0733 0x19f0  mcpltsvc - ok
13:29:29.0749 0x19f0  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:29:29.0765 0x19f0  McProxy - ok
13:29:29.0780 0x19f0  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
13:29:29.0780 0x19f0  megasas - ok
13:29:29.0796 0x19f0  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
13:29:29.0796 0x19f0  megasas2i - ok
13:29:29.0812 0x19f0  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
13:29:29.0843 0x19f0  megasr - ok
13:29:29.0843 0x19f0  [ C0CBCF18B6F105109566E837461333B7, B2B89D57C1373C6EF4E8C7C4B5AE40AA5596C0B672DB753AC42AC87D56433964 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
13:29:29.0858 0x19f0  MEIx64 - ok
13:29:29.0874 0x19f0  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
13:29:29.0890 0x19f0  MessagingService - ok
13:29:29.0905 0x19f0  [ 5FBBB352A34904A4A374C3EB62A09F15, 6EBA43181E8EBAE8A82145CDA17434903B720BA73F9D4297FB28F96C122E40B8 ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
13:29:29.0921 0x19f0  mfeaack - ok
13:29:29.0937 0x19f0  [ D65406A780E64B5E6C48A06C8F2439A6, 3AA3BB5A3EA5798BE2DBDC3B3355F4F9F04CEC565F834DD8FB6A419A2DDAC53A ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
13:29:29.0952 0x19f0  mfeavfk - ok
13:29:29.0952 0x19f0  [ F64C5922E34CD0C786F7C8117A023F13, FCB51448366EB9E896205086F04A98479D94D2586D84D680241F123CB2653005 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
13:29:29.0968 0x19f0  mfeelamk - ok
13:29:29.0968 0x19f0  [ 4EAFB984E9533263B7D2F0C20DA822C1, EE60B94B632690FF9CFC423C7F0D28EE2EAB375430F7E59EBDB12D415763F6FB ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
13:29:29.0983 0x19f0  mfefire - ok
13:29:29.0999 0x19f0  [ 6ABC14D586E9DCCFF37988D0EC6B1345, DC40223FEF0CD2D1F5EB1CA6D67E8C889FCDC8AB2EE44508BD2C51070A50CA71 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
13:29:30.0015 0x19f0  mfefirek - ok
13:29:30.0030 0x19f0  [ 37914975BD1A752161A6A68D6755BD98, A05BC57CD14520862AFE77C79AB6642EA6E442B8DFB8D1626FF238FEF6FFFFA5 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
13:29:30.0062 0x19f0  mfehidk - ok
13:29:30.0077 0x19f0  [ 39B7315698B6F19BC14F2D538EF72981, E94663052849F0A6593C17F5412F1FC21174C225173866B335E534DB4539A8A2 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
13:29:30.0093 0x19f0  mfemms - ok
13:29:30.0093 0x19f0  [ 4306C4FA3551B1E6725B07BD4EF6EC02, 9B3DE12CDFA2FB33D39B08346279052D150B489B2696A9C4A637983A7F45EA11 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
13:29:30.0124 0x19f0  mfencbdc - ok
13:29:30.0124 0x19f0  [ 79404EA7FFB82C9426A06CC97DE8E83B, E1BAA3B92A5C91DA7B6E6BCB02EC8DA23F5AEB52C8BCA9052323B7462B7BD6DB ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
13:29:30.0140 0x19f0  mfencrk - ok
13:29:30.0140 0x19f0  [ 3A2C7251E0F4992AFA2E7636F045B723, 722FE227A18106673FA7E78B1F7B42285F7E016EEBDF75983C842A53DDEF62CC ] mfeplk          C:\WINDOWS\system32\drivers\mfeplk.sys
13:29:30.0155 0x19f0  mfeplk - ok
13:29:30.0155 0x19f0  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
13:29:30.0171 0x19f0  mfesapsn - ok
13:29:30.0171 0x19f0  [ 43DB4E36146D076EBD7B864162C8C242, 3A84F17D3FCC9D3E481032A452D0984668AE286FCD9379A4204C1AD048A4BA6A ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
13:29:30.0187 0x19f0  mfevtp - ok
13:29:30.0202 0x19f0  [ 0143C30546864E43EB507AFBF2DC9E58, E09C4CFE0364805C522D355900FF7BDA1A6FFF5EDCAB094DA52AC9D90FB5D826 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
13:29:30.0202 0x19f0  mfewfpk - ok
13:29:30.0233 0x19f0  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
13:29:30.0249 0x19f0  mlx4_bus - ok
13:29:30.0265 0x19f0  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS

AZEdeluxe · 01.05.2017, 12:34

TDSSKILLER Teil 2

Code:

ATTFilter

C:\WINDOWS\system32\drivers\mmcss.sys
13:29:30.0280 0x19f0  MMCSS - ok
13:29:30.0280 0x19f0  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\WINDOWS\system32\drivers\modem.sys
13:29:30.0296 0x19f0  Modem - ok
13:29:30.0327 0x19f0  [ DB131FDDEE1C581E9926C6E24485F9EC, F1AAA3DF7DB458F05B96358C0E30DAA456F3E92D085E68D81A4E0302E4D900FA ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
13:29:30.0358 0x19f0  ModuleCoreService - ok
13:29:30.0374 0x19f0  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
13:29:30.0390 0x19f0  monitor - ok
13:29:30.0390 0x19f0  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
13:29:30.0405 0x19f0  mouclass - ok
13:29:30.0405 0x19f0  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
13:29:30.0421 0x19f0  mouhid - ok
13:29:30.0421 0x19f0  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
13:29:30.0437 0x19f0  mountmgr - ok
13:29:30.0437 0x19f0  [ 4235B16E8C2E277EECB9BFD4579C428E, BCACE6E4D61E5C8A3BA417A361121A5B2F2B3D6E103B005C3F5738D4915B5FF4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:29:30.0452 0x19f0  MozillaMaintenance - ok
13:29:30.0452 0x19f0  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
13:29:30.0468 0x19f0  mpsdrv - ok
13:29:30.0499 0x19f0  [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
13:29:30.0530 0x19f0  MpsSvc - ok
13:29:30.0546 0x19f0  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
13:29:30.0562 0x19f0  MRxDAV - ok
13:29:30.0562 0x19f0  [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:29:30.0593 0x19f0  mrxsmb - ok
13:29:30.0593 0x19f0  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:29:30.0608 0x19f0  mrxsmb10 - ok
13:29:30.0624 0x19f0  [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:29:30.0640 0x19f0  mrxsmb20 - ok
13:29:30.0640 0x19f0  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
13:29:30.0655 0x19f0  MsBridge - ok
13:29:30.0671 0x19f0  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
13:29:30.0687 0x19f0  MSDTC - ok
13:29:30.0687 0x19f0  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
13:29:30.0702 0x19f0  Msfs - ok
13:29:30.0718 0x19f0  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:29:30.0718 0x19f0  msgpiowin32 - ok
13:29:30.0733 0x19f0  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:29:30.0749 0x19f0  mshidkmdf - ok
13:29:30.0749 0x19f0  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
13:29:30.0765 0x19f0  mshidumdf - ok
13:29:30.0765 0x19f0  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
13:29:30.0780 0x19f0  msisadrv - ok
13:29:30.0780 0x19f0  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
13:29:30.0796 0x19f0  MSiSCSI - ok
13:29:30.0812 0x19f0  msiserver - ok
13:29:30.0827 0x19f0  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
13:29:30.0843 0x19f0  MSK80Service - ok
13:29:30.0843 0x19f0  [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
13:29:30.0858 0x19f0  MSKSSRV - ok
13:29:30.0874 0x19f0  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
13:29:30.0890 0x19f0  MsLldp - ok
13:29:30.0890 0x19f0  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
13:29:30.0921 0x19f0  MSPCLOCK - ok
13:29:30.0921 0x19f0  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
13:29:30.0937 0x19f0  MSPQM - ok
13:29:30.0952 0x19f0  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
13:29:30.0968 0x19f0  MsRPC - ok
13:29:30.0983 0x19f0  [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
13:29:30.0983 0x19f0  MsSecFlt - ok
13:29:30.0999 0x19f0  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
13:29:30.0999 0x19f0  mssmbios - ok
13:29:31.0015 0x19f0  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
13:29:31.0030 0x19f0  MSTEE - ok
13:29:31.0030 0x19f0  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
13:29:31.0046 0x19f0  MTConfig - ok
13:29:31.0062 0x19f0  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
13:29:31.0077 0x19f0  Mup - ok
13:29:31.0077 0x19f0  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
13:29:31.0093 0x19f0  mvumis - ok
13:29:31.0108 0x19f0  [ BC7747F959BBA12C1ACD1BD483B9DC91, 81562A3CCF35A770A0562A576834A34E16AC730C061038A544768439E4B29102 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
13:29:31.0124 0x19f0  MyWiFiDHCPDNS - ok
13:29:31.0140 0x19f0  [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:29:31.0171 0x19f0  NativeWifiP - ok
13:29:31.0171 0x19f0  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
13:29:31.0187 0x19f0  NcaSvc - ok
13:29:31.0202 0x19f0  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
13:29:31.0218 0x19f0  NcbService - ok
13:29:31.0233 0x19f0  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
13:29:31.0249 0x19f0  NcdAutoSetup - ok
13:29:31.0265 0x19f0  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
13:29:31.0265 0x19f0  ndfltr - ok
13:29:31.0296 0x19f0  [ 63560E6BC9BCA978A6B72DF65F7A8930, 278AAB22ED6001E7E336EFC027073EDA727A3D333FF2576D087C92F8E6D768B2 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
13:29:31.0327 0x19f0  NDIS - ok
13:29:31.0343 0x19f0  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
13:29:31.0343 0x19f0  NdisCap - ok
13:29:31.0359 0x19f0  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
13:29:31.0374 0x19f0  NdisImPlatform - ok
13:29:31.0374 0x19f0  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:29:31.0405 0x19f0  NdisTapi - ok
13:29:31.0405 0x19f0  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
13:29:31.0421 0x19f0  Ndisuio - ok
13:29:31.0421 0x19f0  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:29:31.0437 0x19f0  NdisVirtualBus - ok
13:29:31.0452 0x19f0  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
13:29:31.0468 0x19f0  NdisWan - ok
13:29:31.0483 0x19f0  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:29:31.0499 0x19f0  ndiswanlegacy - ok
13:29:31.0515 0x19f0  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
13:29:31.0530 0x19f0  ndproxy - ok
13:29:31.0530 0x19f0  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
13:29:31.0562 0x19f0  Ndu - ok
13:29:31.0562 0x19f0  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
13:29:31.0577 0x19f0  NetAdapterCx - ok
13:29:31.0577 0x19f0  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
13:29:31.0593 0x19f0  NetBIOS - ok
13:29:31.0609 0x19f0  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
13:29:31.0640 0x19f0  NetBT - ok
13:29:31.0640 0x19f0  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\WINDOWS\system32\lsass.exe
13:29:31.0655 0x19f0  Netlogon - ok
13:29:31.0671 0x19f0  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
13:29:31.0687 0x19f0  Netman - ok
13:29:31.0702 0x19f0  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
13:29:31.0734 0x19f0  netprofm - ok
13:29:31.0749 0x19f0  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
13:29:31.0765 0x19f0  NetSetupSvc - ok
13:29:31.0780 0x19f0  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:29:31.0796 0x19f0  NetTcpPortSharing - ok
13:29:31.0859 0x19f0  [ 0F76FA3A3F8D169B1CA6F54DC7561CD5, F6C49E5D4F627FD539670DFCBC20C69F627A90CBA473873640D4DD378EE34ED5 ] NETwNe64        C:\WINDOWS\System32\drivers\NETwew01.sys
13:29:31.0921 0x19f0  NETwNe64 - ok
13:29:32.0046 0x19f0  [ BE245E11B7046D89F3E28086F006B0F7, D16C3230B88F35F4644D528A7D578BD69556A4FAC0D46F05306D2007D5DA5586 ] Netwtw04        C:\WINDOWS\System32\drivers\Netwtw04.sys
13:29:32.0187 0x19f0  Netwtw04 - ok
13:29:32.0218 0x19f0  [ E79E364AF827EB1F141BE000ABB8727D, 96218EB8B7C9E0F614AB9EAEAEC41BD4DB0E9EFE5C1D87EC749B9CB71653CEB1 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
13:29:32.0249 0x19f0  NgcCtnrSvc - ok
13:29:32.0265 0x19f0  [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
13:29:32.0312 0x19f0  NgcSvc - ok
13:29:32.0327 0x19f0  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
13:29:32.0343 0x19f0  NlaSvc - ok
13:29:32.0343 0x19f0  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
13:29:32.0374 0x19f0  Npfs - ok
13:29:32.0374 0x19f0  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
13:29:32.0390 0x19f0  npsvctrig - ok
13:29:32.0390 0x19f0  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
13:29:32.0405 0x19f0  nsi - ok
13:29:32.0405 0x19f0  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
13:29:32.0421 0x19f0  nsiproxy - ok
13:29:32.0468 0x19f0  [ 98BBD81DC481E9D58EEB31C81EBDEFF5, 28FAAFCB90721C557C37D18533681C274428BC97AB3C3AAFCC75212074E9F2CA ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
13:29:32.0530 0x19f0  NTFS - ok
13:29:32.0530 0x19f0  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
13:29:32.0546 0x19f0  Null - ok
13:29:32.0796 0x19f0  [ 60328FA27CB565D708CACAC8206037FB, 6D3A4B1B593428CA9F6EB2607C3F5A60DFEB92F4F437956FD916DF6B3B8E27FD ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys
13:29:33.0030 0x19f0  nvlddmkm - ok
13:29:33.0062 0x19f0  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
13:29:33.0077 0x19f0  nvraid - ok
13:29:33.0077 0x19f0  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
13:29:33.0093 0x19f0  nvstor - ok
13:29:33.0124 0x19f0  [ 85397430F424516BF8300FAAEF929366, 2EDF41407C7483AC8E4703BC0A13F764563E4B00D6923FD4678E6E361AC14D6B ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
13:29:33.0171 0x19f0  nvsvc - ok
13:29:33.0218 0x19f0  [ 6FC08E86B58F2F0B3CBBF2341EDC6761, 2038CDD1617B7563C0C542C7D95CD8A410E14B02BAB5993A857F22FCEA11F2F2 ] NVWMI           C:\Windows\system32\nvwmi64.exe
13:29:33.0280 0x19f0  NVWMI - ok
13:29:33.0296 0x19f0  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
13:29:33.0312 0x19f0  OneSyncSvc - ok
13:29:33.0327 0x19f0  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:29:33.0343 0x19f0  ose - ok
13:29:33.0343 0x19f0  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
13:29:33.0374 0x19f0  p2pimsvc - ok
13:29:33.0390 0x19f0  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
13:29:33.0405 0x19f0  p2psvc - ok
13:29:33.0421 0x19f0  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
13:29:33.0437 0x19f0  Parport - ok
13:29:33.0437 0x19f0  [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
13:29:33.0452 0x19f0  partmgr - ok
13:29:33.0468 0x19f0  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
13:29:33.0484 0x19f0  PcaSvc - ok
13:29:33.0499 0x19f0  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci             C:\WINDOWS\system32\drivers\pci.sys
13:29:33.0515 0x19f0  pci - ok
13:29:33.0530 0x19f0  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
13:29:33.0530 0x19f0  pciide - ok
13:29:33.0546 0x19f0  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
13:29:33.0562 0x19f0  pcmcia - ok
13:29:33.0577 0x19f0  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
13:29:33.0593 0x19f0  pcw - ok
13:29:33.0593 0x19f0  [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
13:29:33.0609 0x19f0  pdc - ok
13:29:33.0624 0x19f0  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
13:29:33.0671 0x19f0  PEAUTH - ok
13:29:33.0702 0x19f0  [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
13:29:33.0765 0x19f0  PeerDistSvc - ok
13:29:33.0796 0x19f0  [ 028362370BEEBADACC881E3D4956E236, D641E431F8B41218E92C0F02A3FE9897B09E116AC8222DC0E7C4994BC0CEEA2F ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
13:29:33.0827 0x19f0  PEFService - ok
13:29:33.0827 0x19f0  [ F82E16FF000D9A514A71AE5A2C19BB86, E90E664DD04913FFAA6E49D5703C316DFCBEC030C59112B1623F564BAE415F4D ] pelbtm          C:\WINDOWS\system32\DRIVERS\pelbtm.sys
13:29:33.0843 0x19f0  pelbtm - ok
13:29:33.0843 0x19f0  [ 26B7929870C50506D76BC2A7523B3F2F, 4560613909272BB8E89A598063E2E8A28CB0250F303DE5C881C4E704A3EBA1BB ] pelmoubt        C:\WINDOWS\system32\DRIVERS\pelmoubt.sys
13:29:33.0874 0x19f0  pelmoubt - ok
13:29:33.0874 0x19f0  [ DE071E03E7E0506B2DAB0738E632F04E, DB34F44251DCE7CD5A479551E03B8EB1C8202F5C1749AEB834E4B959877C4852 ] PelService      C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
13:29:33.0890 0x19f0  PelService - detected UnsignedFile.Multi.Generic ( 1 )
13:29:33.0999 0x19f0  Detect skipped due to KSN trusted
13:29:33.0999 0x19f0  PelService - ok
13:29:34.0015 0x19f0  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
13:29:34.0046 0x19f0  percsas2i - ok
13:29:34.0062 0x19f0  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
13:29:34.0077 0x19f0  percsas3i - ok
13:29:34.0093 0x19f0  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
13:29:34.0109 0x19f0  PerfHost - ok
13:29:34.0140 0x19f0  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
13:29:34.0171 0x19f0  PhoneSvc - ok
13:29:34.0187 0x19f0  [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
13:29:34.0202 0x19f0  PimIndexMaintenanceSvc - ok
13:29:34.0234 0x19f0  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
13:29:34.0280 0x19f0  pla - ok
13:29:34.0296 0x19f0  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
13:29:34.0312 0x19f0  PlugPlay - ok
13:29:34.0327 0x19f0  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
13:29:34.0343 0x19f0  PNRPAutoReg - ok
13:29:34.0359 0x19f0  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
13:29:34.0374 0x19f0  PNRPsvc - ok
13:29:34.0390 0x19f0  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
13:29:34.0421 0x19f0  PolicyAgent - ok
13:29:34.0421 0x19f0  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
13:29:34.0437 0x19f0  Power - ok
13:29:34.0452 0x19f0  [ C7A04AB4D94E1A1A1EFC2559E75AA649, 0325BAB7BC760D6018491CCD68BF26C5E8A502124A1144FB528B4684090AA881 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
13:29:34.0452 0x19f0  Power Manager DBC Service - ok
13:29:34.0468 0x19f0  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
13:29:34.0484 0x19f0  PptpMiniport - ok
13:29:34.0546 0x19f0  [ 12ECCDB0C865A8CB805BABAD5A54EF41, B6E709C692EDDC2308A6944DE1ABA13155FC52905DC572C0008BCC97B3889771 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:29:34.0640 0x19f0  PrintNotify - ok
13:29:34.0655 0x19f0  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
13:29:34.0671 0x19f0  Processor - ok
13:29:34.0671 0x19f0  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
13:29:34.0702 0x19f0  ProfSvc - ok
13:29:34.0702 0x19f0  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
13:29:34.0718 0x19f0  Psched - ok
13:29:34.0734 0x19f0  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
13:29:34.0749 0x19f0  QWAVE - ok
13:29:34.0749 0x19f0  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
13:29:34.0765 0x19f0  QWAVEdrv - ok
13:29:34.0780 0x19f0  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:29:34.0780 0x19f0  RasAcd - ok
13:29:34.0796 0x19f0  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
13:29:34.0812 0x19f0  RasAgileVpn - ok
13:29:34.0812 0x19f0  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
13:29:34.0827 0x19f0  RasAuto - ok
13:29:34.0843 0x19f0  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
13:29:34.0859 0x19f0  Rasl2tp - ok
13:29:34.0874 0x19f0  [ 989DBF4805124A31610947E502501696, BCB73879AEC0588D0BFAB915D1F6EB637333A24D2030ED6572B3A3C03865AE93 ] RasMan          C:\WINDOWS\System32\rasmans.dll
13:29:34.0905 0x19f0  RasMan - ok
13:29:34.0921 0x19f0  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:29:34.0937 0x19f0  RasPppoe - ok
13:29:34.0937 0x19f0  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
13:29:34.0968 0x19f0  RasSstp - ok
13:29:34.0968 0x19f0  [ 6132B142C5A1FA4C05F06FE43DE5E55E, CCF64C9A778501635B8B5E20BB617D39D0298329FD6911DC125FC8B31FEFEDE1 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:29:34.0999 0x19f0  rdbss - ok
13:29:34.0999 0x19f0  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
13:29:35.0015 0x19f0  rdpbus - ok
13:29:35.0015 0x19f0  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
13:29:35.0030 0x19f0  RDPDR - ok
13:29:35.0046 0x19f0  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:29:35.0062 0x19f0  RdpVideoMiniport - ok
13:29:35.0062 0x19f0  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
13:29:35.0077 0x19f0  rdyboost - ok
13:29:35.0109 0x19f0  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
13:29:35.0124 0x19f0  ReFSv1 - ok
13:29:35.0140 0x19f0  [ F08ACE6EF11929E95C624D76E2CFD676, 81A1B4AF6BC1ACFBE16192FAEF55435C4791E49383E765C881B40F1984A3654A ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:29:35.0155 0x19f0  RegSrvc - ok
13:29:35.0171 0x19f0  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
13:29:35.0187 0x19f0  RemoteAccess - ok
13:29:35.0202 0x19f0  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
13:29:35.0218 0x19f0  RemoteRegistry - ok
13:29:35.0234 0x19f0  [ 62EC862859B3C6F2B7815466DF24207A, 90A108CB4E58102498F8554D2789C1F3AE505350F640F083373DD07736076554 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
13:29:35.0265 0x19f0  RetailDemo - ok
13:29:35.0280 0x19f0  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
13:29:35.0296 0x19f0  RFCOMM - ok
13:29:35.0312 0x19f0  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
13:29:35.0327 0x19f0  RmSvc - ok
13:29:35.0327 0x19f0  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
13:29:35.0343 0x19f0  RpcEptMapper - ok
13:29:35.0343 0x19f0  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
13:29:35.0359 0x19f0  RpcLocator - ok
13:29:35.0374 0x19f0  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
13:29:35.0421 0x19f0  RpcSs - ok
13:29:35.0437 0x19f0  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
13:29:35.0452 0x19f0  rspndr - ok
13:29:35.0468 0x19f0  [ 390594592126D5EBE0C98C0A3094096E, 2E64DBC294F8DA9059A1BF2917D6DA687FB886257DA6889835F305EDDA1DF3D8 ] RTSPER          C:\WINDOWS\system32\DRIVERS\RtsPer.sys
13:29:35.0484 0x19f0  RTSPER - ok
13:29:35.0484 0x19f0  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
13:29:35.0499 0x19f0  s3cap - ok
13:29:35.0515 0x19f0  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe
13:29:35.0515 0x19f0  SamSs - ok
13:29:35.0530 0x19f0  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
13:29:35.0546 0x19f0  sbp2port - ok
13:29:35.0546 0x19f0  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
13:29:35.0562 0x19f0  SCardSvr - ok
13:29:35.0577 0x19f0  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
13:29:35.0593 0x19f0  ScDeviceEnum - ok
13:29:35.0593 0x19f0  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:29:35.0609 0x19f0  scfilter - ok
13:29:35.0640 0x19f0  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
13:29:35.0671 0x19f0  Schedule - ok
13:29:35.0687 0x19f0  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
13:29:35.0702 0x19f0  scmbus - ok
13:29:35.0702 0x19f0  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
13:29:35.0718 0x19f0  scmdisk0101 - ok
13:29:35.0734 0x19f0  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
13:29:35.0749 0x19f0  SCPolicySvc - ok
13:29:35.0765 0x19f0  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
13:29:35.0780 0x19f0  sdbus - ok
13:29:35.0780 0x19f0  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
13:29:35.0812 0x19f0  SDRSVC - ok
13:29:35.0812 0x19f0  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
13:29:35.0827 0x19f0  sdstor - ok
13:29:35.0827 0x19f0  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
13:29:35.0843 0x19f0  seclogon - ok
13:29:35.0843 0x19f0  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll
13:29:35.0874 0x19f0  SENS - ok
13:29:35.0874 0x19f0  Sense - ok
13:29:35.0905 0x19f0  [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
13:29:35.0968 0x19f0  SensorDataService - ok
13:29:35.0984 0x19f0  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll
13:29:35.0999 0x19f0  SensorService - ok
13:29:36.0015 0x19f0  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
13:29:36.0030 0x19f0  SensrSvc - ok
13:29:36.0046 0x19f0  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
13:29:36.0046 0x19f0  SerCx - ok
13:29:36.0062 0x19f0  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
13:29:36.0077 0x19f0  SerCx2 - ok
13:29:36.0077 0x19f0  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
13:29:36.0093 0x19f0  Serenum - ok
13:29:36.0093 0x19f0  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
13:29:36.0124 0x19f0  Serial - ok
13:29:36.0124 0x19f0  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
13:29:36.0140 0x19f0  sermouse - ok
13:29:36.0155 0x19f0  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
13:29:36.0187 0x19f0  SessionEnv - ok
13:29:36.0187 0x19f0  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
13:29:36.0202 0x19f0  sfloppy - ok
13:29:36.0218 0x19f0  [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
13:29:36.0234 0x19f0  SharedAccess - ok
13:29:36.0265 0x19f0  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:29:36.0296 0x19f0  ShellHWDetection - ok
13:29:36.0296 0x19f0  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
13:29:36.0327 0x19f0  shpamsvc - ok
13:29:36.0327 0x19f0  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:29:36.0343 0x19f0  SiSRaid2 - ok
13:29:36.0343 0x19f0  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
13:29:36.0359 0x19f0  SiSRaid4 - ok
13:29:36.0359 0x19f0  [ C4C7316E98CFBC3F0CDAEE6968D7B9DC, 176AF4E9866E4FBB01DAB80A72BA0FE1A9AF6C55B3BF30032F5EB2F8D25EF5F3 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
13:29:36.0374 0x19f0  SmbDrvI - ok
13:29:36.0374 0x19f0  [ A02AFDFB748D0A638A09DC4B5E47B240, E14BFA930A2F04012144B475DA9A565431F804DF0BA2B7595C43BB48EFBA4883 ] SMIDriver       C:\WINDOWS\system32\DRIVERS\smi.sys
13:29:36.0390 0x19f0  SMIDriver - ok
13:29:36.0390 0x19f0  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll
13:29:36.0405 0x19f0  smphost - ok
13:29:36.0421 0x19f0  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
13:29:36.0452 0x19f0  SmsRouter - ok
13:29:36.0468 0x19f0  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
13:29:36.0468 0x19f0  SNMPTRAP - ok
13:29:36.0484 0x19f0  [ 8BDB9E47D84144110F05AB757E630374, 8A49004895B8AD17C877AA8E7B6A0F14936BDDCBB88F0E5FB880DD0D816AEAB4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
13:29:36.0515 0x19f0  spaceport - ok
13:29:36.0515 0x19f0  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
13:29:36.0530 0x19f0  SpbCx - ok
13:29:36.0546 0x19f0  [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
13:29:36.0577 0x19f0  Spooler - ok
13:29:36.0671 0x19f0  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
13:29:36.0796 0x19f0  sppsvc - ok
13:29:36.0827 0x19f0  [ E9D2B247A1F945C3EBA571CFD25F1BA1, BD24DF02E1CE782E62BDEF6177B962AA25CAE711FF28BF6701C20AD6F4F49576 ] SPUVCbv         C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys
13:29:36.0859 0x19f0  SPUVCbv - ok
13:29:36.0874 0x19f0  [ FD3C05C412BE1C9FA477AD9CF9B2AADB, 19BEF5B3A0DAF8227200C2294547A497021F0B2558211345BFFFD13678522592 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
13:29:36.0890 0x19f0  srv - ok
13:29:36.0905 0x19f0  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
13:29:36.0952 0x19f0  srv2 - ok
13:29:36.0952 0x19f0  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:29:36.0984 0x19f0  srvnet - ok
13:29:36.0984 0x19f0  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
13:29:37.0015 0x19f0  SSDPSRV - ok
13:29:37.0015 0x19f0  [ 102EF9C0773427CA793EBBA93A825496, D3EA40338862F5809244D24D509BD9BFB673381922E9CEC23AA9AE0C2E6E8993 ] SSSvc           C:\Program Files (x86)\SmartSense\SSSvc.exe
13:29:37.0030 0x19f0  SSSvc - ok
13:29:37.0030 0x19f0  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
13:29:37.0046 0x19f0  SstpSvc - ok
13:29:37.0124 0x19f0  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
13:29:37.0249 0x19f0  StateRepository - ok
13:29:37.0265 0x19f0  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
13:29:37.0280 0x19f0  stexstor - ok
13:29:37.0280 0x19f0  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
13:29:37.0296 0x19f0  StillCam - ok
13:29:37.0312 0x19f0  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
13:29:37.0343 0x19f0  stisvc - ok
13:29:37.0359 0x19f0  [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
13:29:37.0374 0x19f0  storahci - ok
13:29:37.0374 0x19f0  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
13:29:37.0390 0x19f0  storflt - ok
13:29:37.0390 0x19f0  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
13:29:37.0405 0x19f0  stornvme - ok
13:29:37.0405 0x19f0  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
13:29:37.0421 0x19f0  storqosflt - ok
13:29:37.0437 0x19f0  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
13:29:37.0468 0x19f0  StorSvc - ok
13:29:37.0468 0x19f0  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
13:29:37.0484 0x19f0  storufs - ok
13:29:37.0484 0x19f0  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
13:29:37.0499 0x19f0  storvsc - ok
13:29:37.0499 0x19f0  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
13:29:37.0515 0x19f0  svsvc - ok
13:29:37.0515 0x19f0  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
13:29:37.0530 0x19f0  swenum - ok
13:29:37.0546 0x19f0  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
13:29:37.0577 0x19f0  swprv - ok
13:29:37.0577 0x19f0  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
13:29:37.0593 0x19f0  Synth3dVsc - ok
13:29:37.0609 0x19f0  [ 6F02CE00CF9B10E134FA659F9D1353E8, 26616F8CCA9E67066EC02B477BE838023AB1307D7D7DA26ED14C065E0F4AA5B2 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
13:29:37.0624 0x19f0  SynTP - ok
13:29:37.0640 0x19f0  [ 6CDAAEB36655B8963081C0E11BBBEE02, 3766074C780B95CA54A40FF075C08DEC3A46CECF42C1E047F3FA78C27783ED73 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
13:29:37.0655 0x19f0  SynTPEnhService - ok
13:29:37.0671 0x19f0  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
13:29:37.0718 0x19f0  SysMain - ok
13:29:37.0734 0x19f0  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:29:37.0749 0x19f0  SystemEventsBroker - ok
13:29:37.0765 0x19f0  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:29:37.0780 0x19f0  TabletInputService - ok
13:29:37.0796 0x19f0  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
13:29:37.0812 0x19f0  TapiSrv - ok
13:29:37.0859 0x19f0  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
13:29:37.0921 0x19f0  Tcpip - ok
13:29:37.0968 0x19f0  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
13:29:38.0030 0x19f0  Tcpip6 - ok
13:29:38.0046 0x19f0  [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
13:29:38.0046 0x19f0  tcpipreg - ok
13:29:38.0062 0x19f0  [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
13:29:38.0077 0x19f0  tdx - ok
13:29:38.0077 0x19f0  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
13:29:38.0093 0x19f0  terminpt - ok
13:29:38.0109 0x19f0  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
13:29:38.0155 0x19f0  TermService - ok
13:29:38.0155 0x19f0  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
13:29:38.0187 0x19f0  Themes - ok
13:29:38.0202 0x19f0  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
13:29:38.0218 0x19f0  TieringEngineService - ok
13:29:38.0234 0x19f0  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:29:38.0265 0x19f0  tiledatamodelsvc - ok
13:29:38.0280 0x19f0  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
13:29:38.0296 0x19f0  TimeBrokerSvc - ok
13:29:38.0312 0x19f0  [ D0257ACADEF049358FBFB2ADE6F14A47, 07DDF944AD395C2412F4C5FB01056671EC2246A284D00BE9B3541DD0BEE60451 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
13:29:38.0312 0x19f0  TPHKLOAD - ok
13:29:38.0327 0x19f0  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
13:29:38.0343 0x19f0  TPM - ok
13:29:38.0343 0x19f0  [ 8ECC5302575EA6A27B04F5C258CE963F, E8B11D4D4F6790C2BD73909BD9C9C2BD37E74DD133D353770D957D1A0007FA0F ] TPPWRIF         C:\WINDOWS\system32\drivers\Tppwr64v.sys
13:29:38.0343 0x19f0  TPPWRIF - ok
13:29:38.0359 0x19f0  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
13:29:38.0374 0x19f0  TrkWks - ok
13:29:38.0390 0x19f0  [ 46241B8294603FF8BBF6044254FD06EF, 1D2EDCC8221B998C45734E059DA3637259F35803F499CE76C61629845139DFC1 ] TrueKey         C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
13:29:38.0421 0x19f0  TrueKey - ok
13:29:38.0421 0x19f0  [ C4F4CF2E6AB074886861C80ED38A4AC5, 1B995B9CD5E7570398932B0DC67AB169C3551C415D8B55FC3431DB3EA037A627 ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
13:29:38.0437 0x19f0  TrueKeyScheduler - ok
13:29:38.0437 0x19f0  [ 6C5509D6E39941C0C7E8F45C2C52AAA6, 24C94E176A6919BFE3D0B13EE44BD1CB7E50A45BA6C7787D9981F1509DFB2066 ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
13:29:38.0452 0x19f0  TrueKeyServiceHelper - ok
13:29:38.0452 0x19f0  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:29:38.0468 0x19f0  TrustedInstaller - ok
13:29:38.0484 0x19f0  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
13:29:38.0499 0x19f0  tsusbflt - ok
13:29:38.0499 0x19f0  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:29:38.0515 0x19f0  TsUsbGD - ok
13:29:38.0515 0x19f0  [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
13:29:38.0530 0x19f0  tsusbhub - ok
13:29:38.0546 0x19f0  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
13:29:38.0562 0x19f0  tunnel - ok
13:29:38.0562 0x19f0  [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
13:29:38.0577 0x19f0  tzautoupdate - ok
13:29:38.0593 0x19f0  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
13:29:38.0593 0x19f0  UASPStor - ok
13:29:38.0609 0x19f0  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
13:29:38.0624 0x19f0  UcmCx0101 - ok
13:29:38.0640 0x19f0  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
13:29:38.0655 0x19f0  UcmTcpciCx0101 - ok
13:29:38.0655 0x19f0  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
13:29:38.0671 0x19f0  UcmUcsi - ok
13:29:38.0687 0x19f0  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
13:29:38.0687 0x19f0  Ucx01000 - ok
13:29:38.0702 0x19f0  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
13:29:38.0718 0x19f0  UdeCx - ok
13:29:38.0718 0x19f0  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
13:29:38.0749 0x19f0  udfs - ok
13:29:38.0749 0x19f0  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
13:29:38.0765 0x19f0  UEFI - ok
13:29:38.0765 0x19f0  [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
13:29:38.0780 0x19f0  UevAgentDriver - ok
13:29:38.0812 0x19f0  [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
13:29:38.0859 0x19f0  UevAgentService - ok
13:29:38.0859 0x19f0  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
13:29:38.0874 0x19f0  Ufx01000 - ok
13:29:38.0890 0x19f0  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
13:29:38.0905 0x19f0  UfxChipidea - ok
13:29:38.0905 0x19f0  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
13:29:38.0921 0x19f0  ufxsynopsys - ok
13:29:38.0921 0x19f0  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
13:29:38.0952 0x19f0  UI0Detect - ok
13:29:38.0952 0x19f0  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
13:29:38.0968 0x19f0  umbus - ok
13:29:38.0968 0x19f0  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
13:29:38.0984 0x19f0  UmPass - ok
13:29:38.0999 0x19f0  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
13:29:39.0015 0x19f0  UmRdpService - ok
13:29:39.0046 0x19f0  [ 4B956444AF2A352366CF59C3A4A87C64, B5FFAF5908DCF78DDA27EA1ABF2AFDD2BDD43FFC0259D847A7107B1597E22BD6 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
13:29:39.0093 0x19f0  UnistoreSvc - ok
13:29:39.0109 0x19f0  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
13:29:39.0140 0x19f0  upnphost - ok
13:29:39.0140 0x19f0  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
13:29:39.0155 0x19f0  UrsChipidea - ok
13:29:39.0155 0x19f0  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
13:29:39.0171 0x19f0  UrsCx01000 - ok
13:29:39.0171 0x19f0  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
13:29:39.0187 0x19f0  UrsSynopsys - ok
13:29:39.0202 0x19f0  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
13:29:39.0202 0x19f0  usbccgp - ok
13:29:39.0218 0x19f0  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
13:29:39.0234 0x19f0  usbcir - ok
13:29:39.0234 0x19f0  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
13:29:39.0249 0x19f0  usbehci - ok
13:29:39.0265 0x19f0  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
13:29:39.0280 0x19f0  usbhub - ok
13:29:39.0296 0x19f0  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
13:29:39.0327 0x19f0  USBHUB3 - ok
13:29:39.0327 0x19f0  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
13:29:39.0343 0x19f0  usbohci - ok
13:29:39.0343 0x19f0  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
13:29:39.0359 0x19f0  usbprint - ok
13:29:39.0359 0x19f0  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
13:29:39.0374 0x19f0  usbser - ok
13:29:39.0390 0x19f0  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:29:39.0405 0x19f0  USBSTOR - ok
13:29:39.0405 0x19f0  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
13:29:39.0421 0x19f0  usbuhci - ok
13:29:39.0437 0x19f0  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:29:39.0452 0x19f0  USBXHCI - ok
13:29:39.0484 0x19f0  [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
13:29:39.0546 0x19f0  UserDataSvc - ok
13:29:39.0562 0x19f0  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll
13:29:39.0609 0x19f0  UserManager - ok
13:29:39.0624 0x19f0  [ B0116A4304D08362EE75948BA38B76EA, 1175CA5F9281BA15ED35AFE94F13AE9080595CB16CF5B4B8C843CD22703F26D1 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
13:29:39.0655 0x19f0  UsoSvc - ok
13:29:39.0655 0x19f0  [ D46604714C0BE35D0298514B2E4A7B34, 3EEFF41D198C92CC4CD8974C6575839D89A2139B64C8B08D10FB516660A2F7BD ] valWBFPolicyService C:\WINDOWS\system32\valWBFPolicyService.exe
13:29:39.0671 0x19f0  valWBFPolicyService - ok
13:29:39.0687 0x19f0  [ 151F02D8A7E5CB7765E7C2BA5B0AD1D4, B7A3D233046510FEC6866020490B14B3A544BFC82A14D457FBD6D821E20635D5 ] valWbioSyncSvc  C:\WINDOWS\system32\valWbioSyncSvc.exe
13:29:39.0702 0x19f0  valWbioSyncSvc - ok
13:29:39.0702 0x19f0  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
13:29:39.0718 0x19f0  VaultSvc - ok
13:29:39.0718 0x19f0  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
13:29:39.0734 0x19f0  vdrvroot - ok
13:29:39.0749 0x19f0  [ 2C5D96D0BB7EDEF9F2F8966A31007CCE, A8FB02E9E1B8ED5F2026534360C229DA7FC11BA209DE9C3222C65D0A9652FD3C ] vds             C:\WINDOWS\System32\vds.exe
13:29:39.0780 0x19f0  vds - ok
13:29:39.0796 0x19f0  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
13:29:39.0796 0x19f0  VerifierExt - ok
13:29:39.0812 0x19f0  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
13:29:39.0843 0x19f0  vhdmp - ok
13:29:39.0859 0x19f0  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
13:29:39.0859 0x19f0  vhf - ok
13:29:39.0874 0x19f0  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
13:29:39.0874 0x19f0  vmbus - ok
13:29:39.0890 0x19f0  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
13:29:39.0890 0x19f0  VMBusHID - ok
13:29:39.0905 0x19f0  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
13:29:39.0921 0x19f0  vmgid - ok
13:29:39.0921 0x19f0  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
13:29:39.0952 0x19f0  vmicguestinterface - ok
13:29:39.0952 0x19f0  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
13:29:39.0968 0x19f0  vmicheartbeat - ok
13:29:39.0984 0x19f0  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
13:29:39.0999 0x19f0  vmickvpexchange - ok
13:29:40.0015 0x19f0  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
13:29:40.0030 0x19f0  vmicrdv - ok
13:29:40.0046 0x19f0  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
13:29:40.0062 0x19f0  vmicshutdown - ok
13:29:40.0077 0x19f0  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
13:29:40.0093 0x19f0  vmictimesync - ok
13:29:40.0109 0x19f0  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
13:29:40.0140 0x19f0  vmicvmsession - ok
13:29:40.0140 0x19f0  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
13:29:40.0171 0x19f0  vmicvss - ok
13:29:40.0171 0x19f0  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
13:29:40.0187 0x19f0  volmgr - ok
13:29:40.0202 0x19f0  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
13:29:40.0218 0x19f0  volmgrx - ok
13:29:40.0234 0x19f0  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
13:29:40.0249 0x19f0  volsnap - ok
13:29:40.0249 0x19f0  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
13:29:40.0265 0x19f0  volume - ok
13:29:40.0265 0x19f0  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
13:29:40.0281 0x19f0  vpci - ok
13:29:40.0296 0x19f0  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
13:29:40.0296 0x19f0  vsmraid - ok
13:29:40.0327 0x19f0  [ 6DBB20053A67EFE5D8114CE93D12BEB3, B48997FADA4A600FEBFE36B249684E9CAF01570BAD36ED1FC9DA99F2D100638E ] VSS             C:\WINDOWS\system32\vssvc.exe
13:29:40.0390 0x19f0  VSS - ok
13:29:40.0390 0x19f0  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
13:29:40.0421 0x19f0  VSTXRAID - ok
13:29:40.0421 0x19f0  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
13:29:40.0437 0x19f0  vwifibus - ok
13:29:40.0452 0x19f0  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
13:29:40.0468 0x19f0  vwififlt - ok
13:29:40.0468 0x19f0  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
13:29:40.0484 0x19f0  vwifimp - ok
13:29:40.0499 0x19f0  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
13:29:40.0530 0x19f0  W32Time - ok
13:29:40.0530 0x19f0  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
13:29:40.0546 0x19f0  WacomPen - ok
13:29:40.0562 0x19f0  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
13:29:40.0593 0x19f0  WalletService - ok
13:29:40.0593 0x19f0  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:29:40.0624 0x19f0  wanarp - ok
13:29:40.0624 0x19f0  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:29:40.0640 0x19f0  wanarpv6 - ok
13:29:40.0671 0x19f0  [ 68CC5E83B6F220F5BD7B5BC394917505, 24A793E1293608D1D1DB9396627DBF5FE66C9EFD1D49CCCD832CF1762B4E0E7D ] wbengine        C:\WINDOWS\system32\wbengine.exe
13:29:40.0734 0x19f0  wbengine - ok
13:29:40.0765 0x19f0  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
13:29:40.0796 0x19f0  WbioSrvc - ok
13:29:40.0812 0x19f0  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
13:29:40.0812 0x19f0  wcifs - ok
13:29:40.0827 0x19f0  [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
13:29:40.0874 0x19f0  Wcmsvc - ok
13:29:40.0874 0x19f0  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
13:29:40.0905 0x19f0  wcncsvc - ok
13:29:40.0905 0x19f0  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
13:29:40.0921 0x19f0  wcnfs - ok
13:29:40.0937 0x19f0  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
13:29:40.0937 0x19f0  WdBoot - ok
13:29:40.0968 0x19f0  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
13:29:40.0984 0x19f0  Wdf01000 - ok
13:29:40.0999 0x19f0  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
13:29:41.0015 0x19f0  WdFilter - ok
13:29:41.0031 0x19f0  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
13:29:41.0046 0x19f0  WdiServiceHost - ok
13:29:41.0046 0x19f0  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
13:29:41.0062 0x19f0  WdiSystemHost - ok
13:29:41.0077 0x19f0  [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
13:29:41.0109 0x19f0  wdiwifi - ok
13:29:41.0124 0x19f0  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:29:41.0140 0x19f0  WdNisDrv - ok
13:29:41.0140 0x19f0  WdNisSvc - ok
13:29:41.0156 0x19f0  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
13:29:41.0171 0x19f0  WebClient - ok
13:29:41.0187 0x19f0  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
13:29:41.0218 0x19f0  Wecsvc - ok
13:29:41.0218 0x19f0  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
13:29:41.0234 0x19f0  WEPHOSTSVC - ok
13:29:41.0234 0x19f0  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
13:29:41.0265 0x19f0  wercplsupport - ok
13:29:41.0265 0x19f0  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
13:29:41.0281 0x19f0  WerSvc - ok
13:29:41.0296 0x19f0  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
13:29:41.0312 0x19f0  WFPLWFS - ok
13:29:41.0312 0x19f0  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
13:29:41.0327 0x19f0  WiaRpc - ok
13:29:41.0343 0x19f0  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
13:29:41.0359 0x19f0  WIMMount - ok
13:29:41.0359 0x19f0  WinDefend - ok
13:29:41.0374 0x19f0  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
13:29:41.0374 0x19f0  WindowsTrustedRT - ok
13:29:41.0390 0x19f0  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
13:29:41.0390 0x19f0  WindowsTrustedRTProxy - ok
13:29:41.0421 0x19f0  [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:29:41.0452 0x19f0  WinHttpAutoProxySvc - ok
13:29:41.0452 0x19f0  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
13:29:41.0468 0x19f0  WinMad - ok
13:29:41.0484 0x19f0  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
13:29:41.0499 0x19f0  Winmgmt - ok
13:29:41.0546 0x19f0  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
13:29:41.0640 0x19f0  WinRM - ok
13:29:41.0640 0x19f0  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
13:29:41.0656 0x19f0  WINUSB - ok
13:29:41.0656 0x19f0  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
13:29:41.0671 0x19f0  WinVerbs - ok
13:29:41.0687 0x19f0  [ EC80E34789681E01D3F1508EC2E13CB3, 584A043D7C58B71B8577A0B7F14BFFEFD6111B7167EE580E6E3EF395BA4059D2 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
13:29:41.0718 0x19f0  wisvc - ok
13:29:41.0765 0x19f0  [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
13:29:41.0843 0x19f0  WlanSvc - ok
13:29:41.0890 0x19f0  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
13:29:41.0952 0x19f0  wlidsvc - ok
13:29:41.0968 0x19f0  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
13:29:41.0968 0x19f0  WmiAcpi - ok
13:29:41.0984 0x19f0  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:29:41.0999 0x19f0  wmiApSrv - ok
13:29:42.0015 0x19f0  WMPNetworkSvc - ok
13:29:42.0015 0x19f0  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
13:29:42.0031 0x19f0  Wof - ok
13:29:42.0077 0x19f0  [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
13:29:42.0140 0x19f0  workfolderssvc - ok
13:29:42.0140 0x19f0  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
13:29:42.0156 0x19f0  WPDBusEnum - ok
13:29:42.0171 0x19f0  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:29:42.0171 0x19f0  WpdUpFltr - ok
13:29:42.0187 0x19f0  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
13:29:42.0202 0x19f0  WpnService - ok
13:29:42.0218 0x19f0  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
13:29:42.0218 0x19f0  WpnUserService - ok
13:29:42.0234 0x19f0  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:29:42.0249 0x19f0  ws2ifsl - ok
13:29:42.0249 0x19f0  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
13:29:42.0281 0x19f0  wscsvc - ok
13:29:42.0281 0x19f0  WSearch - ok
13:29:42.0327 0x19f0  [ FC02797FC7910AC4F4A1D366D3584171, 868075A94239086D38C946B9B7F33CA53A17AF91BC442C145C39B30DFA62F36F ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
13:29:42.0406 0x19f0  wuauserv - ok
13:29:42.0406 0x19f0  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
13:29:42.0421 0x19f0  WudfPf - ok
13:29:42.0437 0x19f0  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:29:42.0452 0x19f0  WUDFRd - ok
13:29:42.0452 0x19f0  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
13:29:42.0468 0x19f0  wudfsvc - ok
13:29:42.0484 0x19f0  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:29:42.0499 0x19f0  WUDFWpdFs - ok
13:29:42.0515 0x19f0  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:29:42.0546 0x19f0  WUDFWpdMtp - ok
13:29:42.0562 0x19f0  [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
13:29:42.0624 0x19f0  WwanSvc - ok
13:29:42.0640 0x19f0  [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
13:29:42.0687 0x19f0  XblAuthManager - ok
13:29:42.0718 0x19f0  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
13:29:42.0765 0x19f0  XblGameSave - ok
13:29:42.0781 0x19f0  [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
13:29:42.0796 0x19f0  xboxgip - ok
13:29:42.0827 0x19f0  [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
13:29:42.0859 0x19f0  XboxNetApiSvc - ok
13:29:42.0874 0x19f0  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
13:29:42.0890 0x19f0  xinputhid - ok
13:29:42.0952 0x19f0  [ D071942124D71F26546B8B11774EB867, 2496760FFB97D5CEB2AF5D91490DDE630C0BD723F0C7488BCC7247490F11FF34 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
13:29:43.0031 0x19f0  ZeroConfigService - ok
13:29:43.0031 0x19f0  ================ Scan global ===============================
13:29:43.0046 0x19f0  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
13:29:43.0046 0x19f0  [ 0690445DD89A6498945E0FECC1689A45, ED11E144FCEDED7EF8ABEFC0B558312047AA7A2F37BFECEC14D5A44179130F70 ] C:\WINDOWS\system32\winsrv.dll
13:29:43.0062 0x19f0  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
13:29:43.0062 0x19f0  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
13:29:43.0077 0x19f0  [ Global ] - ok
13:29:43.0077 0x19f0  ================ Scan MBR ==================================
13:29:43.0077 0x19f0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:29:43.0093 0x19f0  \Device\Harddisk0\DR0 - ok
13:29:43.0109 0x19f0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR20
13:29:43.0624 0x19f0  \Device\Harddisk1\DR20 - ok
13:29:43.0624 0x19f0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR21
13:29:43.0734 0x19f0  \Device\Harddisk2\DR21 - ok
13:29:43.0734 0x19f0  ================ Scan VBR ==================================
13:29:43.0749 0x19f0  [ 68595EA82D9CD197908F170AA6CA8549 ] \Device\Harddisk0\DR0\Partition1
13:29:43.0749 0x19f0  \Device\Harddisk0\DR0\Partition1 - ok
13:29:43.0749 0x19f0  [ 5C55F69837D722577E02BA0796293D65 ] \Device\Harddisk0\DR0\Partition2
13:29:43.0749 0x19f0  \Device\Harddisk0\DR0\Partition2 - ok
13:29:43.0765 0x19f0  [ 3BA6F4C357647B2B20BA03390ED127D4 ] \Device\Harddisk0\DR0\Partition3
13:29:43.0765 0x19f0  \Device\Harddisk0\DR0\Partition3 - ok
13:29:43.0765 0x19f0  [ FA62EBB5BCD21BB3EB32652A180358B4 ] \Device\Harddisk0\DR0\Partition4
13:29:43.0765 0x19f0  \Device\Harddisk0\DR0\Partition4 - ok
13:29:43.0796 0x19f0  [ 98BE4E5FCBC0647E804AE74A1AAEF0AC ] \Device\Harddisk1\DR20\Partition1
13:29:43.0796 0x19f0  \Device\Harddisk1\DR20\Partition1 - ok
13:29:43.0796 0x19f0  [ 1B62F9CA47D67D472FFB77A0855E5F69 ] \Device\Harddisk2\DR21\Partition1
13:29:43.0796 0x19f0  \Device\Harddisk2\DR21\Partition1 - ok
13:29:43.0796 0x19f0  ================ Scan generic autorun ======================
13:29:43.0859 0x19f0  [ 2DC2C370F785AD5B2717A205238B03E2, 50D002FF269741855986179D4B9D5A820C04E881B624AFEF0B76E80A68930F3D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
13:29:43.0921 0x19f0  NvBackend - ok
13:29:43.0921 0x19f0  [ DA1315067B1AC3FDBA379DC0F61F4AC3, B77EF5D833C8D372A2742A366BB62F6405BE9A6D571AF8938AC7E8C1DE3E16A3 ] C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE
13:29:43.0921 0x19f0  Daemon for Mouse Suite - ok
13:29:43.0937 0x19f0  Mouse Suite 98 Daemon - ok
13:29:43.0937 0x19f0  [ D176870973EAE8BA430B8AE8078F11AD, DEC8510EC92C8BAB1B8C885E85413825D99E1A32090EC84D07041ADEA830C7CC ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
13:29:43.0952 0x19f0  IMSS - ok
13:29:43.0952 0x19f0  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
13:29:43.0952 0x19f0  HP Software Update - ok
13:29:44.0124 0x19f0  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:29:44.0296 0x19f0  OneDriveSetup - ok
13:29:44.0452 0x19f0  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:29:44.0609 0x19f0  OneDriveSetup - ok
13:29:44.0656 0x19f0  [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:29:44.0702 0x19f0  OneDrive - ok
13:29:44.0765 0x19f0  [ 7EB63F65BEE6FA0B12F763B4C5DEFB83, A36AC5C6C3E0B99AFDC90EADE99EF637ACD4CFC7AF628615FBC383F8CA07268A ] C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
13:29:44.0827 0x19f0  HP Officejet 5740 series (NET) - ok
13:29:44.0843 0x19f0  [ 20E6A936DB2681EEE38E2A8091EEE808, BB8CC926C1CF90469D19630E755A452092DFDE8855B76E6E1A367085FC216AB0 ] C:\Program Files (x86)\VLC Updater\vlc-updater.exe
13:29:44.0843 0x19f0  VLC Updater - ok
13:29:44.0859 0x19f0  Waiting for KSN requests completion. In queue: 278
13:29:45.0906 0x19f0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1066 ), 0x60100 ( disabled : updated )
13:29:45.0906 0x19f0  AV detected via SS2: McAfee VirusScan, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.4.0.0 ), 0x51000 ( enabled : updated )
13:29:45.0906 0x19f0  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.4.0.0 ), 0x51010 ( enabled )
13:29:46.0093 0x19f0  ============================================================
13:29:46.0093 0x19f0  Scan finished
13:29:46.0093 0x19f0  ============================================================
13:29:46.0109 0x3f0c  Detected object count: 0
13:29:46.0109 0x3f0c  Actual detected object count: 0

Hoffe jetzt passt alles. KDSSKILLer musste ich in zwei Teile splitten, da es sonst zu grpß ist für ein post.

Beste Grüße

M-K-D-B · 01.05.2017, 13:32

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

AZEdeluxe · 01.05.2017, 14:21

Hier die Adware datei

Code:

ATTFilter

# AdwCleaner v6.046 - Bericht erstellt am 01/05/2017 um 14:57:43
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-04-29.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Wolf-Rüdiger Kaiser - THINKPAD-WRK-1
# Gestartet von : C:\Users\Wolf-Rüdiger Kaiser\Desktop\adwcleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\PC Cleaner
[-] Ordner gelöscht: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\SuperEasy Software
[-] Ordner gelöscht: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC UPDATER
[-] Ordner gelöscht: C:\Users\Wolf-Rüdiger Kaiser\Documents\PC Cleaner
[-] Ordner gelöscht: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Mozilla\Firefox\Profiles\j38j7yiu.default\FromDocToPDF_65
[-] Ordner gelöscht: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Mozilla\Firefox\Profiles\j38j7yiu.default\FlightSearch_fo
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperEasy Software
[-] Ordner gelöscht: C:\Program Files (x86)\PC Cleaner
[-] Ordner gelöscht: C:\Program Files (x86)\SuperEasy Software
[-] Ordner gelöscht: C:\Program Files (x86)\VLC UPDATER
[-] Ordner gelöscht: C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Temp\DMR


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\Wolf-Rüdiger Kaiser\Desktop\PC Cleaner.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: PC Cleaner Schedule
[-] Aufgabe gelöscht: SuperEasyDriverUpdater_UPDATES


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\PC Cleaner
[-] Schlüssel gelöscht: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\SuperEasy Software
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PC Cleaner
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SuperEasy Software
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SuperEasy Software
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{039BC111-D60F-A6FF-85F4-7992EA886B8D}_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Cleaner_is1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VLC Updater
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PC Cleaner
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SuperEasy Software
[-] Daten  wiederhergestellt: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] 
[-] Daten  wiederhergestellt: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] 
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] 
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] 
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] 
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] 
[-] Wert gelöscht: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Windows\CurrentVersion\Run [VLC Updater]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [VLC Updater]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [VLC Updater]


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "extensions.toolbar.mindspark.hp.enabled" -  false
[-] Firefox Einstellungen bereinigt: "extensions.toolbar.mindspark.lastInstalled" -  "flightsearchapp@mindspark.com"


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4397 Bytes] - [01/05/2017 14:57:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [4542 Bytes] - [01/05/2017 14:56:58]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4543 Bytes] ##########

hier nochmal adeware als admin ausgeführt

Code:

ATTFilter

# AdwCleaner v6.046 - Bericht erstellt am 01/05/2017 um 15:12:27
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-04-29.1 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Wolf-Rüdiger Kaiser - THINKPAD-WRK-1
# Gestartet von : C:\Users\Wolf-Rüdiger Kaiser\Desktop\adwcleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4642 Bytes] - [01/05/2017 14:57:43]
C:\AdwCleaner\AdwCleaner[C2].txt - [1108 Bytes] - [01/05/2017 15:12:27]
C:\AdwCleaner\AdwCleaner[S0].txt - [4542 Bytes] - [01/05/2017 14:56:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [1519 Bytes] - [01/05/2017 15:11:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1327 Bytes] ##########

hier mbam

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 01.05.17
Scan-Zeit: 15:03
Protokolldatei: MBAM.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.1843
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: THINKPAD-WRK-1\Wolf-R\u00c3\u00bcdiger Kaiser

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 378395
Abgelaufene Zeit: 2 Min., 29 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 4
Adware.ChinAd, C:\Users\Wolf-R\u00c3\u00bcdiger Kaiser\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\6706c2b55493c5749541ac3b5e7c2faa, In Quarantäne, [1096], [375557],1.0.1843
Adware.ChinAd, C:\Users\Wolf-R\u00c3\u00bcdiger Kaiser\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1, In Quarantäne, [1096], [375557],1.0.1843
Adware.ChinAd, C:\Users\Wolf-R\u00c3\u00bcdiger Kaiser\AppData\Local\Temp\DMR\Downloads, In Quarantäne, [1096], [375557],1.0.1843
Adware.ChinAd, C:\USERS\WOLF-R\u00c3\u00bcDIGER KAISER\APPDATA\LOCAL\TEMP\DMR, In Quarantäne, [1096], [375557],1.0.1843

Datei: 6
PUP.Optional.Carambis, C:\USERS\PUBLIC\DESKTOP\DRIVER UPDATER.LNK, In Quarantäne, [1911], [351666],1.0.1843
PUP.Optional.DownloadSponsor, C:\USERS\WOLF-R\u00c3\u00bcDIGER KAISER\APPDATA\LOCAL\TEMP\DMR\DMR_72.EXE, In Quarantäne, [498], [373684],1.0.1843
Adware.ChinAd, C:\USERS\WOLF-R\u00c3\u00bcDIGER KAISER\APPDATA\LOCAL\TEMP\DMR\RAOHIJIYAGZMRYAQ.DAT, In Quarantäne, [1096], [375557],1.0.1843
Adware.ChinAd, C:\Users\Wolf-R\u00c3\u00bcdiger Kaiser\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\6706c2b55493c5749541ac3b5e7c2faa\mb3-setup-13595.13595-3.0.6.1469-10103.exe, In Quarantäne, [1096], [375557],1.0.1843
PUP.Optional.SpeedingUpMyPC, C:\USERS\WOLF-R\u00c3\u00bcDIGER KAISER\DOWNLOADS\PC-CLEANER-5038.EXE, In Quarantäne, [874], [125828],1.0.1843
PUP.Optional.PCSpeedCat, C:\USERS\WOLF-R\u00c3\u00bcDIGER KAISER\DOWNLOADS\SPEEDCAT.SETUP.EXE, In Quarantäne, [439], [336653],1.0.1843

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

hier nochmal mbam als admin

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 01.05.17
Scan-Zeit: 15:14
Protokolldatei: MABM admin.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.1843
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: THINKPAD-WRK-1\Wolf-R\u00c3\u00bcdiger Kaiser

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 378406
Abgelaufene Zeit: 2 Min., 35 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

und hier nach ausführung der programme nochmal die FRST und addition

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-04-2017
durchgeführt von Wolf-Rüdiger Kaiser (Administrator) auf THINKPAD-WRK-1 (01-05-2017 15:17:33)
Gestartet von C:\Users\Wolf-Rüdiger Kaiser\Desktop
Geladene Profile: Wolf-Rüdiger Kaiser (Verfügbare Profile: Wolf-Rüdiger Kaiser)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPNetworkCommunicatorCom.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Mouse Suite\PELMICED.EXE
() C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelElvDm.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [Daemon for Mouse Suite] => C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [94856 2015-07-09] (Primax Electronics Ltd.)
HKLM\...\Run: [Mouse Suite 98 Daemon] => ICO.EXE
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-07] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\Run: [HP Officejet 5740 series (NET)] => C:\Program Files\HP\HP Officejet 5740 series\Bin\ScanToPCActivationApp.exe [3483656 2014-08-22] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [371928 2016-07-17] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-05-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk [2017-05-01]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8100 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7c13c597-4095-4868-817b-a99e0f2a9cc3}: [DhcpNameServer] 172.168.127.2
Tcpip\..\Interfaces\{c5c6b6ce-1ee9-4b8e-a7df-9bff4e4d28c4}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001 -> DefaultScope {A2043012-86C9-4532-ABDE-49779FFC6F18} URL = 
SearchScopes: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001 -> {A2043012-86C9-4532-ABDE-49779FFC6F18} URL = 
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14] (Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14] (Intel Security)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14] (Intel Security)
DPF: HKLM-x32 {A6616B31-4860-41E2-98E3-CA7649AF172F} file:///D:/launch.ocx
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-04-18] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-28] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: j38j7yiu.default
FF ProfilePath: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Mozilla\Firefox\Profiles\j38j7yiu.default [2017-05-01]
FF Homepage: Mozilla\Firefox\Profiles\j38j7yiu.default -> google.de/
FF Extension: (Shield Recipe Client) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Mozilla\Firefox\Profiles\j38j7yiu.default\features\{f56d0d30-e9a8-4433-92e3-77f59e66a33f}\shield-recipe-client@mozilla.org.xpi [2017-05-01]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-14]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-29] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-28] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-12-16] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4246772196-3469511708-1303041041-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)

Chrome: 
=======
CHR Profile: C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default [2017-04-21]
CHR Extension: (Google Präsentationen) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-11]
CHR Extension: (Google Docs) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-15]
CHR Extension: (Google Drive) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-11]
CHR Extension: (YouTube) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-15]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-11]
CHR Extension: (Google Mail) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-11]
CHR Extension: (Chrome Media Router) - C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-18]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-18]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-07-29] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-04-25] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-07] (Intel Corporation)
R2 Lenovo Instant On; C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe [3125328 2017-02-01] (Lenovo Group Limited)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-09-05] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188264 2017-04-18] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [994312 2017-03-13] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.551\McCHSvc.exe [404376 2017-04-18] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1344472 2017-02-24] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2017-01-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [385112 2017-01-18] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [343792 2017-01-18] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1551512 2017-02-26] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3164816 2015-07-23] ()
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 PelService; C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe [184088 2015-07-09] () [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-14] (Microsoft Corporation)
S3 SSSvc; C:\Program Files (x86)\SmartSense\SSSvc.exe [119512 2015-07-23] (Lenovo)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996736 2017-04-12] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16160 2017-04-12] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86776 2017-04-12] (McAfee, Inc.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88464 2017-01-20] (McAfee, Inc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [530928 2015-07-13] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] ()
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [253696 2017-01-13] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-05-01] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-05-01] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-01] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-01] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-05-01] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487184 2017-01-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366328 2017-01-20] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2017-01-23] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518704 2017-01-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [923640 2017-01-20] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498648 2017-01-19] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109320 2017-01-19] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110256 2017-01-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2017-01-20] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7621376 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_7abb66182eb8ed83\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 pelbtm; C:\WINDOWS\system32\DRIVERS\pelbtm.sys [16384 2012-06-19] (Primax Electronics Ltd.)
R1 pelmoubt; C:\WINDOWS\system32\DRIVERS\pelmoubt.sys [22528 2012-06-19] (Primax Electronics Ltd.)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-01-13] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-10-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [700008 2015-11-19] (Sunplus)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-01 15:17 - 2017-05-01 15:17 - 00001272 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\MABM admin.txt
2017-05-01 15:13 - 2017-05-01 15:13 - 00001409 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\AdwCleaner[C2].txt
2017-05-01 15:07 - 2017-05-01 15:07 - 00002727 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\MBAM.txt
2017-05-01 15:02 - 2017-05-01 15:13 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-01 15:02 - 2017-05-01 15:13 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-01 15:02 - 2017-05-01 15:02 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-01 15:02 - 2017-05-01 15:02 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-01 15:02 - 2017-05-01 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-01 15:02 - 2017-05-01 15:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-01 15:02 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-01 14:59 - 2017-05-01 14:59 - 00004645 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\AdwCleaner[C0].txt
2017-05-01 14:52 - 2017-05-01 15:12 - 00000000 ____D C:\AdwCleaner
2017-05-01 14:51 - 2017-05-01 14:51 - 04102600 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\adwcleaner_6.046.exe
2017-05-01 13:30 - 2017-05-01 13:30 - 00144632 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\tdsskiller.txt
2017-05-01 13:29 - 2017-05-01 13:30 - 00289354 _____ C:\TDSSKiller.3.1.0.15_01.05.2017_13.29.08_log.txt
2017-05-01 13:27 - 2017-05-01 13:28 - 00046187 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\Addition.txt
2017-05-01 13:27 - 2017-04-30 20:51 - 02428928 _____ (Farbar) C:\Users\Wolf-Rüdiger Kaiser\Desktop\FRST64.exe
2017-05-01 10:13 - 2017-05-01 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-05-01 10:13 - 2017-05-01 10:13 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2017-04-30 21:08 - 2017-04-30 21:10 - 00289428 _____ C:\TDSSKiller.3.1.0.15_30.04.2017_21.08.10_log.txt
2017-04-30 21:08 - 2017-04-30 20:52 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Wolf-Rüdiger Kaiser\Desktop\tdsskiller.exe
2017-04-30 21:06 - 2017-05-01 15:17 - 00027192 _____ C:\Users\Wolf-Rüdiger Kaiser\Desktop\FRST.txt
2017-04-30 21:03 - 2017-05-01 15:17 - 00000000 ____D C:\FRST
2017-04-25 16:54 - 2017-04-25 16:54 - 00257856 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2017-04-21 22:56 - 2017-04-21 22:56 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-04-21 22:48 - 2017-04-21 22:48 - 01496584 _____ C:\Users\Wolf-Rüdiger Kaiser\Downloads\HijackThis - CHIP-Installer.exe
2017-04-21 17:51 - 2017-05-01 15:13 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-21 17:51 - 2017-05-01 15:13 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-21 17:51 - 2017-04-21 17:51 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-21 17:50 - 2017-04-21 17:50 - 55566792 _____ (Malwarebytes ) C:\Users\Wolf-Rüdiger Kaiser\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-04-15 10:39 - 2017-04-15 10:39 - 00042803 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\Umsatzdetails_Konto543155600_EUR_15-04-2017_1032.pdf
2017-04-14 20:07 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-14 20:07 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-14 20:07 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-14 20:07 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-14 20:07 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-14 20:07 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-14 20:07 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-14 20:07 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-14 20:07 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-14 20:07 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-14 20:07 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-14 20:07 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-14 20:07 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-14 20:07 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-14 20:07 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-14 20:07 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-14 20:07 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-14 20:07 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-14 20:06 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-14 20:06 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-14 20:06 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-14 20:06 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-14 20:06 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-14 20:06 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-14 20:06 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-14 20:06 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-14 20:06 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-14 20:06 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-14 20:06 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-14 20:06 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-14 20:06 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-14 20:06 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-14 20:06 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-14 20:06 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-14 20:06 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-14 20:06 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-14 20:06 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-14 20:06 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-14 20:06 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-14 20:06 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-14 20:06 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-14 20:06 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-14 20:06 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-14 20:06 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-14 20:06 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-14 20:06 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-14 20:06 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-14 20:06 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-14 20:06 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-14 20:06 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-14 20:06 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-14 20:06 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-14 20:06 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-14 20:06 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-14 20:06 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-14 20:06 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-14 20:06 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-14 20:06 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-14 20:06 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-14 20:06 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-14 20:06 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-14 20:06 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-14 20:06 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-14 20:06 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-14 20:06 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-14 20:06 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-14 20:06 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-14 20:06 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-14 20:06 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-14 20:06 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-14 20:06 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-14 20:06 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-14 20:06 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-14 20:06 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-14 20:06 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-14 20:06 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-14 20:06 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-14 20:06 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-14 20:06 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-14 20:06 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-14 20:06 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-14 20:06 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-14 20:06 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-14 20:06 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-14 20:06 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-14 20:06 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-14 20:06 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-14 20:06 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-14 20:06 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-14 20:06 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-14 20:06 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-14 20:06 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-14 20:06 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-14 20:06 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-14 20:06 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-14 20:06 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-14 20:06 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-14 20:06 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-14 20:06 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-14 19:59 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-14 19:59 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-14 19:59 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-14 19:59 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-14 19:59 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-14 19:59 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-14 19:59 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-14 19:59 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-14 19:59 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-14 19:58 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-14 19:58 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-14 19:58 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-14 19:58 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-14 19:57 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-14 19:57 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-14 19:57 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-14 19:57 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-14 19:57 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-14 19:57 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-14 19:57 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-14 19:57 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-14 19:57 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-14 19:57 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-14 19:57 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-14 19:57 - 2017-03-28 07:41 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-04-14 19:57 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-14 19:57 - 2017-03-28 07:41 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-04-14 19:57 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-14 19:57 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-14 19:57 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-14 19:57 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-14 19:57 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-14 19:57 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-14 19:57 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-14 19:57 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-14 19:57 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-14 19:57 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-14 19:57 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-14 19:57 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-14 19:57 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-14 19:57 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-14 19:57 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-14 19:57 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-14 19:57 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-14 19:57 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-14 19:57 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-14 19:57 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-14 19:57 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-14 19:57 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-14 19:57 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-14 19:57 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-14 19:57 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-14 19:57 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-14 19:57 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-14 19:57 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-14 19:57 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-14 19:57 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-14 19:57 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-14 19:57 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-14 19:57 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-14 19:57 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-14 19:57 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-14 19:57 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-14 19:57 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-14 19:57 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-14 19:57 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-14 19:57 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-14 19:57 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-14 19:57 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-14 19:57 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-14 19:57 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-14 19:57 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-14 19:57 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-14 19:57 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-14 19:57 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-14 19:57 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-14 19:57 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-14 19:57 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-14 19:57 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-14 19:57 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-14 19:57 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-14 19:57 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-14 19:57 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-14 19:57 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-14 19:56 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-14 19:56 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-14 19:56 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-14 19:56 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-14 19:56 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-14 19:56 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-14 19:56 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-14 19:56 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-14 19:56 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-14 19:56 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-14 19:56 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-14 19:56 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-14 19:56 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-14 19:56 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-14 19:56 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-14 19:56 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-14 19:56 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-14 19:56 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-14 19:56 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-14 19:56 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-14 19:56 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-14 19:56 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-14 19:56 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-14 19:56 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-14 19:56 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-14 19:56 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-14 19:56 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-14 19:56 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-14 19:56 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-14 19:56 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-14 19:56 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-14 19:56 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-14 19:56 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-14 19:56 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-14 19:56 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-14 19:56 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-14 19:56 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-14 19:56 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-14 19:56 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-14 19:56 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-14 19:56 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-14 19:56 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-04-14 19:56 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-14 19:56 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-14 19:56 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-14 19:56 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-14 19:56 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-14 19:56 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-14 19:56 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-14 19:56 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-14 19:56 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-14 19:56 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-14 19:56 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-14 19:56 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-14 19:56 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-14 19:56 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-14 19:56 - 2017-03-28 07:04 - 00119808 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-14 19:55 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-14 19:55 - 2017-03-28 08:26 - 00754528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-04-14 19:55 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-14 19:55 - 2017-03-28 08:26 - 00573280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-14 19:55 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-14 19:55 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-14 19:55 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-14 19:55 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-14 19:55 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-14 19:55 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-14 19:55 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-14 19:55 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-14 19:55 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-14 19:55 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-14 19:55 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-14 19:55 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-14 19:55 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-14 19:55 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-14 19:55 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-14 19:55 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-14 19:55 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-14 19:55 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-14 19:55 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-14 19:55 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-14 19:55 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-14 19:55 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-14 19:55 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-14 19:55 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-14 19:55 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-14 19:55 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-14 19:55 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-14 19:55 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-14 19:55 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-14 19:55 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-14 19:55 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-14 19:55 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-14 19:55 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-14 19:55 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-14 19:55 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-14 19:55 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-14 19:55 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-14 19:55 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-14 19:55 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-14 19:55 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-14 19:55 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-14 19:55 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-14 19:55 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-14 19:55 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-14 19:55 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-14 19:55 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-14 19:55 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-14 19:55 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-14 19:55 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-14 19:55 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-13 10:57 - 2017-04-13 10:57 - 00000000 ____D C:\Program Files (x86)\Cisco
2017-04-06 15:06 - 2017-04-06 15:06 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\LocalLow\Temp
2017-04-06 12:39 - 2017-04-06 12:39 - 00108129 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\H-65-2017 neu.pdf
2017-04-06 12:36 - 2017-04-06 12:36 - 00619124 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\OR-158-04-04-1.pdf
2017-04-03 17:28 - 2017-04-04 17:12 - 00010354 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\Gewicht.xlsx
2017-04-03 10:37 - 2017-04-03 10:37 - 00190814 _____ C:\Users\Wolf-Rüdiger Kaiser\Documents\158- Ostermond-Schlaraffiade.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-01 15:14 - 2016-11-23 17:02 - 00028627 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-05-01 15:13 - 2016-10-14 15:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-01 15:13 - 2016-10-14 15:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-01 15:13 - 2016-10-14 15:18 - 00000000 ____D C:\ProgramData\Synaptics
2017-05-01 15:13 - 2015-12-11 01:01 - 00000000 __SHD C:\Users\Wolf-Rüdiger Kaiser\IntelGraphicsProfiles
2017-05-01 15:12 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-01 15:11 - 2016-07-17 00:51 - 00822244 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-01 15:11 - 2016-07-17 00:51 - 00179184 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-01 15:11 - 2015-07-16 17:54 - 02063866 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-01 14:59 - 2016-11-24 11:04 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\LocalLow\Mozilla
2017-05-01 14:58 - 2017-03-27 10:44 - 00000418 _____ C:\WINDOWS\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser.job
2017-05-01 14:58 - 2017-02-20 19:47 - 00000000 ____D C:\Program Files\TrueKey
2017-05-01 14:58 - 2016-03-18 16:18 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-05-01 14:49 - 2016-10-14 15:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-01 10:15 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-01 10:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-01 10:14 - 2016-11-27 18:22 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B30343C5-81AC-4AE9-A5AE-3A4494A229EE}
2017-05-01 10:14 - 2016-10-14 15:25 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-05-01 10:13 - 2016-01-07 00:21 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-05-01 10:13 - 2016-01-01 17:06 - 00002016 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-04-30 20:25 - 2015-12-17 17:07 - 00000000 ____D C:\Rechnungen
2017-04-30 02:14 - 2017-03-27 10:45 - 00003366 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser
2017-04-28 10:12 - 2016-10-14 15:25 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 10:12 - 2016-10-14 15:25 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-27 00:56 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-25 10:51 - 2017-02-20 19:57 - 00001249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-04-25 10:51 - 2017-02-20 19:57 - 00001235 _____ C:\Users\Public\Desktop\True Key.lnk
2017-04-22 21:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-04-22 21:13 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-21 22:56 - 2015-12-12 07:24 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Downloaded Installations
2017-04-21 22:53 - 2016-10-14 15:20 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser
2017-04-20 10:42 - 2016-11-18 16:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-20 10:42 - 2015-12-12 05:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-20 00:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-18 23:15 - 2016-12-17 18:08 - 00003316 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-18 23:15 - 2015-12-11 01:04 - 00002436 _____ C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-18 23:15 - 2015-12-11 01:04 - 00000000 ___RD C:\Users\Wolf-Rüdiger Kaiser\OneDrive
2017-04-18 10:27 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-18 10:27 - 2015-12-12 07:09 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-04-17 18:18 - 2016-02-24 15:34 - 00000000 ____D C:\Fritz.Rapp
2017-04-16 20:29 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-16 20:28 - 2016-10-14 15:17 - 00355048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-16 20:28 - 2015-07-16 17:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-16 20:27 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-16 20:27 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-16 20:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-04-16 17:29 - 2016-10-16 20:27 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\vlc
2017-04-13 15:08 - 2015-12-12 08:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-13 15:06 - 2015-12-12 08:24 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-13 10:57 - 2016-12-29 10:06 - 00000000 ____D C:\Program Files\Common Files\Intel
2017-04-13 10:57 - 2015-12-03 11:19 - 00000000 ____D C:\ProgramData\Intel
2017-04-13 10:57 - 2015-12-03 11:19 - 00000000 ____D C:\Program Files (x86)\Intel
2017-04-13 10:56 - 2016-10-14 15:18 - 00000000 ____D C:\Program Files\Intel
2017-04-13 10:56 - 2015-12-03 10:39 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-12 14:23 - 2016-10-14 15:25 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-12 14:23 - 2015-12-17 18:38 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-11 13:36 - 2016-10-14 15:25 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-04-11 13:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-11 13:36 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-10 11:47 - 2015-12-03 11:22 - 00000000 ____D C:\ProgramData\McAfee
2017-04-10 10:51 - 2015-12-11 01:01 - 00000000 ____D C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Packages
2017-04-06 10:05 - 2016-04-10 19:51 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-06 10:05 - 2016-04-10 19:51 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-01 20:52 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-01 20:52 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-17 02:08 - 2015-12-17 02:08 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-10-14 15:18 - 2016-10-14 15:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-04-26 10:08

==================== Ende von FRST.txt ============================

AZEdeluxe · 01.05.2017, 14:22

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-04-2017
durchgeführt von Wolf-Rüdiger Kaiser (01-05-2017 15:18:12)
Gestartet von C:\Users\Wolf-Rüdiger Kaiser\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-14 13:26:24)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4246772196-3469511708-1303041041-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4246772196-3469511708-1303041041-503 - Limited - Disabled)
Gast (S-1-5-21-4246772196-3469511708-1303041041-501 - Limited - Disabled)
Wolf-Rüdiger Kaiser (S-1-5-21-4246772196-3469511708-1303041041-1001 - Administrator - Enabled) => C:\Users\Wolf-Rüdiger Kaiser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HP Officejet 5740 series - Grundlegende Software für das Gerät (HKLM\...\{4029319E-A53E-4FAA-A2FA-D0091D85EB17}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{4D139017-971D-45CF-B94E-26C4DC93A814}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM-x32\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Photo Creations (HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\HP Photo Creations) (Version: 1.0.0.22032 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.4.14.41 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.6.14.19 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.7.17 - SunplusIT)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.15.132.1 - Intel Security)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4256 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{1A51AA9E-D4BC-4318-9419-B55EA4C95B3C}) (Version: 17.1.1525.1443 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{475ea806-cb2a-455b-bb1b-9f99342b2fe2}) (Version: 19.40.0 - Intel Corporation)
Lenovo Anzeige am Bildschirm (Version: 8.85.03 - Lenovo) Hidden
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Mouse Suite (HKLM\...\MouseSuite98) (Version: 6.74 - Lenovo)
Lenovo Power Management Driver (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.016.00 - Lenovo)
Lenovo Settings - Power (x32 Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{DB529F41-7844-4FD9-B660-CE829E59A71E}) (Version: 3.1.002.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.076.00 - Lenovo)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.551.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.127 - McAfee, Inc.)
Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional 2013 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 15.0.4919.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA WMI 2.22.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.22.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.)
PowerDVD Create 10 (x32 Version: 10.0.1.3222 - CyberLink Corp.) Hidden
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21288 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7756 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Studie zur Verbesserung von HP Officejet Pro 8100 Produkten (HKLM\...\{B1153774-BFFE-4D42-AC2C-6503DBE96EBA}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
ThinkPad Settings Dependency (Version: 3.0.0.12 - Lenovo) Hidden
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 10.1.506.2015 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.4514 - CyberLink Corp.)
WaveEditor (x32 Version: 1.0.1.4514 - CyberLink Corp.) Hidden
Windows Driver Package - Lenovo 1.67.10.15 (06/22/2015 1.67.10.15) (HKLM\...\116858BC299A848A634E4FC927990093F81F608D) (Version: 06/22/2015 1.67.10.15 - Lenovo)
Windows Driver Package - Realtek Semiconduct Corp. (RTSPER) MTD  (05/29/2015 10.0.10125.21277) (HKLM\...\4E55DAEF56C7E4B0BFE2CA2C3C55718B1DB7B3B9) (Version: 05/29/2015 10.0.10125.21277 - Realtek Semiconduct Corp.)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/29/2015 6.0.1.7572) (HKLM\...\FB7FCBF0F17BC6F027BA3449CC8B02C4445C5565) (Version: 07/29/2015 6.0.1.7572 - Realtek Semiconductor Corp.)
Windows Driver Package - Synaptics (SmbDrv) System  (07/24/2015 19.0.17.2) (HKLM\...\D46201570EE858381BA5A517C517317159E0F49A) (Version: 07/24/2015 19.0.17.2 - Synaptics)
Windows Driver Package - Synaptics (SynTP) Mouse  (07/24/2015 19.0.17.2) (HKLM\...\BCACBD4A2C3424D2C4AB53EE766C3F38399CEB15) (Version: 07/24/2015 19.0.17.2 - Synaptics)
Windows Driver Package - Synaptics FP Sensors (WUDFRd) Biometric  (07/28/2015 4.5.317.0) (HKLM\...\FD3941EBC31C6FC067D7184B5EB55011CBFBB255) (Version: 07/28/2015 4.5.317.0 - Synaptics FP Sensors)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => K (Der Dateneintrag hat 10 mehr Zeichen).

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {028926CC-E32D-4E90-B678-6E4938464203} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-04] (Realtek Semiconductor)
Task: {07E4A923-2BE4-40B3-A40F-6E87A90F5A6B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {0B689A78-7C07-4BE3-88CE-E9B7250EDCA3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-03-04] (Realtek Semiconductor)
Task: {0BC43B32-D283-4C88-BC22-D545918B3E18} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-06] (McAfee, Inc.)
Task: {0BC77D93-3558-4C5B-B63E-41B74770186C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {0F3B0329-DBF4-46D7-9B41-EC6130BFBFFB} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-02-22] (McAfee, Inc.)
Task: {144FE919-0373-478F-AC4B-CFC9559987F4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {27C5989A-24A8-420C-ADD0-8218CDE574E0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d4acd1ca-6919-401f-914e-51352b10f752 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {2DE3565E-359C-49C4-941F-F66C6E969EFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {3C1BDD8C-1BFE-43EA-BC9F-536B1280FB18} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {3CDB3236-8FFA-4191-8FFE-468ECAE4B5FA} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {4019354F-1837-41D7-8520-881E2B6A9806} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {45AB6103-DC1C-4571-83E4-C2979A22FD24} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {47764D1F-4889-4ADF-AD8D-8841CC266371} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {4F8BFC3F-B939-4DEA-AF5A-EB5544F8E98B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {532A43DE-EC74-4667-B66F-EFC2CAAB7D29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {556EBB6A-3B54-4781-A37E-886D5A605F24} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {5C902D20-42CB-48E4-93DF-D2AE9AAD20FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {6433F0DC-FEDC-4405-AEB1-55CF98BEC4DB} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo)
Task: {71847799-6E31-4EB4-89A2-8216FC9BFD09} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Wolf-Rüdiger Kaiser\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {7382A6BF-6231-4F2F-8790-D3894F8B908F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {8841BA53-ED44-4561-97E3-84E9D2899FEF} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2015-12-12] (Lenovo)
Task: {88A93ABA-4D26-4F26-92A8-3DE528891C6D} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2013-03-06] (CyberLink)
Task: {895C28AC-5202-43A2-BB2D-F26D47425B8B} - System32\Tasks\HP AR Program Upload - 1519524a51754b0ca6862317aac6f33dc9fcbb5ccdd0431cbc623d8730f62132 => C:\Program Files\HP\HP Officejet 5740 series\bin\HPRewards.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {89C39F4D-78CF-4A9B-987E-4C1F245D35DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-10] (Google Inc.)
Task: {8BF4B716-1339-4C72-BCEA-C59C0C06AAA4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {91F81EB8-3173-4580-B73E-C4A735D73AEA} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe [2011-09-23] ()
Task: {92319297-CDE1-4F46-9682-241C7B00D468} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-09-05] (Lenovo)
Task: {9F826DC1-C50A-47C6-BA5D-484616E19049} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9049ac9b-936e-4d7e-aa7a-302ef9c47fa7 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-04-25] (Lenovo Group Limited)
Task: {A09126BB-9091-4FF2-9A24-EF0C1E4BFD16} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-09-05] ()
Task: {A484AE41-608B-4F43-B925-BD11DE33A10E} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {AC6989B4-6240-4DC8-B355-5789A02F7E26} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-04] (Realtek Semiconductor)
Task: {B3953A3B-2857-4F97-A552-294AB4DECB88} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-09-05] (Lenovo)
Task: {BB00BBD9-CD60-4BEC-A089-5B9DF779B5EE} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {D77795CE-9876-442F-B012-D36993589AA5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation)
Task: {DAE4DE1D-7C2B-4AB2-B85A-BA5AF454C81C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-10] (Google Inc.)
Task: {E606A7CA-5197-4D7A-825B-9C76B332297E} - System32\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {F4829AAB-883E-4D06-B708-44E1A9F6AA89} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {F8834439-7C63-4F46-BA3E-2D0BFDA6C611} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {F91F895D-842B-4F83-90FC-1BF6C940C060} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe 
Task: {FBE37EDA-0728-48DB-A0BC-B22066AC65D8} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FC6C60A7-5351-4859-AB9A-0AB23B0BCAD6} - System32\Tasks\HPCustParticipation HP Officejet Pro 8100 => C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPCustPartic.exe [2012-11-01] (Hewlett-Packard Co.)
Task: {FEBE0154-8ABF-4588-97BB-79C02DCA56C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-13] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForWolf-Rüdiger Kaiser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 11:22 - 2015-07-23 06:02 - 03164816 _____ () C:\Windows\system32\nvwmi64.exe
2016-10-14 15:19 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-12 07:09 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-05-01 15:02 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-05-01 15:02 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-12-12 09:51 - 2015-07-09 12:17 - 00184088 _____ () C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
2017-04-14 19:55 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-14 16:13 - 2016-10-14 16:13 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 17:04 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 17:05 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 17:05 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 17:05 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-14 19:55 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-14 19:55 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-14 19:55 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-01 10:15 - 2017-05-01 10:15 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-01 10:15 - 2017-05-01 10:15 - 00190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-01 10:15 - 2017-05-01 10:15 - 43012096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-01 10:15 - 2017-05-01 10:15 - 02451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\skypert.dll
2016-09-24 19:34 - 2017-02-20 08:03 - 00213880 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-12-12 09:51 - 2015-07-09 12:42 - 00026248 _____ () C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
2015-12-12 09:51 - 2015-07-09 12:17 - 00233240 _____ () C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelElvDm.exe
2015-12-03 11:22 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-06 22:49 - 2013-03-06 22:49 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2013-03-06 22:52 - 2013-03-06 22:52 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-07-07 03:36 - 2015-07-07 03:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2017-05-01 10:13 - 00000875 _____ C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1	mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4246772196-3469511708-1303041041-1001\Control Panel\Desktop\\Wallpaper -> c:\users\wolf-rüdiger kaiser\pictures\saved pictures\amg-gt-r-2016.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

13-04-2017 15:06:03 Windows Update
20-04-2017 17:30:25 Geplanter Prüfpunkt
30-04-2017 02:28:45 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/01/2017 03:02:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (04/30/2017 08:12:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x22c8
Startzeit der fehlerhaften Anwendung: 0x01d2c1dd5df0eef2
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: c0c7829b-ae97-4d2b-9c62-54a81e0abfc6
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 05:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x2f04
Startzeit der fehlerhaften Anwendung: 0x01d2c1c84065b7b6
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 81ef94cc-806c-4d62-82fd-d92ee390f32f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 04:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x3e10
Startzeit der fehlerhaften Anwendung: 0x01d2c1bfdea238f4
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: b11be380-94e1-4842-8184-00fff898a094
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 03:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x740
Startzeit der fehlerhaften Anwendung: 0x01d2c1b77cdd92b9
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 57e80623-9476-465e-8b40-6248ce6f7f54
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 02:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x3790
Startzeit der fehlerhaften Anwendung: 0x01d2c1af1b17ec0d
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 92753d9d-0605-41fc-87b1-4073d9fb599c
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 01:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x1adc
Startzeit der fehlerhaften Anwendung: 0x01d2c1a6b9543aba
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: e29429f5-4126-4213-83de-7e9d0f9f369c
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 12:41:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x14d0
Startzeit der fehlerhaften Anwendung: 0x01d2c19e57915918
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: fd0bb725-bb5c-4b2b-8079-d9cca40a7bee
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 11:41:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x3120
Startzeit der fehlerhaften Anwendung: 0x01d2c195f5cb0d36
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: 708380ea-19f8-4e09-ac55-e5fc2738ccd5
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (04/30/2017 10:41:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Name des fehlerhaften Moduls: Communicator.exe, Version: 0.0.0.0, Zeitstempel: 0x57e5b552
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee4d
ID des fehlerhaften Prozesses: 0x2c30
Startzeit der fehlerhaften Anwendung: 0x01d2c18d94067de2
Pfad der fehlerhaften Anwendung: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Pfad des fehlerhaften Moduls: C:\Users\Wolf-Rüdiger Kaiser\AppData\Roaming\HP Photo Creations\Communicator.exe
Berichtskennung: d5dbd975-1b13-47ed-aa0b-fed24dd8ae37
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (05/01/2017 03:13:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_473ec" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (05/01/2017 03:13:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/01/2017 03:13:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/01/2017 03:13:07 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/01/2017 03:13:07 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/01/2017 03:13:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "InstallerService" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (05/01/2017 03:12:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.

Error: (05/01/2017 03:12:38 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
Die Anforderung wird nicht unterstützt.


Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/01/2017 03:12:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (05/01/2017 03:12:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8071 MB
Verfügbarer physikalischer RAM: 5331.48 MB
Summe virtueller Speicher: 9351 MB
Verfügbarer virtueller Speicher: 6588.51 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:475.69 GB) (Free:334.79 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: () (Removable) (Total:0.97 GB) (Free:0.21 GB) FAT
Drive e: (INTENSO) (Fixed) (Total:931.28 GB) (Free:797.7 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D0A5E542)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 96109550)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 991.5 MB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=991 MB) - (Type=04)

==================== Ende von Addition.txt ============================

M-K-D-B · 02.05.2017, 15:18

Servus,

Lesestoff:
Warnung vor vlc.de

Den Logdateien ist zu entnehmen, dass du den bekannten VLC Player fälschlicherweise von vlc.de heruntergeladen hast.
Auf dieser Seite gibt es den VLC Player nur in Kombination mit unerwünschter Software wie "Startfenster" oder "VLC Updater".
Diese Software kann die Startseiten deiner Internetbrowser manipulieren und hat keinerlei Nutzen oder Mehrwert.

Ich möchte dich in deinem eigenen Interesse dringend darum bitten, den VLC Player nur noch von der offiziellen Homepage videolan.org herunterzuladen.

Schritt 1

Deinstalliere über die Systemsteuerung (Bebilderte Anleitung):
- chip 1-click download service
Starte den Rechner im Anschluss neu auf.

Schritt 2
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Hosts: 0.0.0.1	mssplus.mcafee.com
SearchScopes: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001 -> DefaultScope {A2043012-86C9-4532-ABDE-49779FFC6F18} URL = 
SearchScopes: HKU\S-1-5-21-4246772196-3469511708-1303041041-1001 -> {A2043012-86C9-4532-ABDE-49779FFC6F18} URL = 
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
2017-04-21 22:48 - 2017-04-21 22:48 - 01496584 _____ C:\Users\Wolf-Rüdiger Kaiser\Downloads\HijackThis - CHIP-Installer.exe
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 3
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.

Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

ATTFilter

:filefind
*PC Cleaner*
*PCCleaner*
*SuperEasy Software*
*VLC UPDATER*
*VLCUPDATER*
*FromDocToPDF*
*FlightSearch*

:folderfind
*PC Cleaner*
*PCCleaner*
*SuperEasy Software*
*VLC UPDATER*
*VLCUPDATER*
*FromDocToPDF*
*FlightSearch*

:regfind
PC Cleaner
PCCleaner
SuperEasy Software
VLC UPDATER
VLCUPDATER
FromDocToPDF
FlightSearch

Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von SystemLook,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

AZEdeluxe · 02.05.2017, 15:29

Vielen Dank für die schnelle Antwort.
Werde erst am kommenden Wochenende wieder Zugriff auf den PC haben.

Sobald ich die Schritte ausgeführt habe poste ich sie wie gewohnt wieder hier im Topic.

Beste Grüße

01.05.2017, 10:23	#7
M-K-D-B /// TB-Ausbilder	Trojaner verändert Farbeinstellungen von Windows 10 & Mozilla Servus, ich bitte um Beachtung meiner Hinweise, insbesondere Punkt 6.

Trojaner verändert Farbeinstellungen von Windows 10 & Mozilla

Plagegeister aller Art und deren Bekämpfung: Trojaner verändert Farbeinstellungen von Windows 10 & Mozilla