| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Malware nach VLC UpdaterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.05.2017, 09:12
| #1 |
 |  Malware nach VLC Updater Hallo zusammen, ich habe blöderweise nach einem vlc Update installierte Spiele "Goodgames" und Startfenster als Startseite im Browser vorgefunden. Durch googlen kam ich auf das TB und hoffe, dass mir hier geholfen werden kann. Ich habe mich zunächst an dem Beitrag http://www.trojaner-board.de/182958-...ngefangen.html orientiert aber ich denke es ist doch besser, wenn sich das vielleicht jemand anschaut, der Ahnung hat (ich bin mir zu unsicher, ob ich alles entfernt habe). Bisher bin ich wie folgt vorgegangen: -VLC updater und VLC deinstalliert, sowie Goodgames -Scan mit Farbar's Recovery Scan Tool (FRST) -Scan mit Malwarebytes Anti-Rootkit (MBAR), Cleanup und Neustart, erneuter Scan (keine Bedrohungen mehr gefunden) - Scan mit Kaspersky TDSS-Killer (keine Bedrohungen gefunden) Ich poste hier auch die Logs von FRST, MBAR und TDSS Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
durchgeführt von Katharina (Administrator) auf DESKTOP-NKL2DK3 (19-05-2017 09:58:24)
Gestartet von C:\Users\Katharina\Downloads
Geladene Profile: Katharina & (Verfügbare Profile: defaultuser0 & Katharina)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
() C:\Program Files\Siber Systems\GoodSync\gs-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(AO Kaspersky Lab) C:\Users\Katharina\Downloads\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\Katharina\AppData\Local\Temp\{9D62DD5A-4E52-44D5-AF82-443774AF95D3}\{34EAC617-8C73-4621-8E63-A8E1282B12A0}.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [601944 2015-08-14] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-10-08] (Synaptics Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [67168 2017-04-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-04-28] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\Run: [OpenOffice Updater] => C:\Users\Katharina\AppData\Roaming\OpenOffice Updater\Updater.exe [387640 2016-10-13] ()
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\RunOnce: [Uninstall C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\MountPoints2: {1a89f738-3625-11e7-8931-34de1a2b781a} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\MountPoints2: {1a89f750-3625-11e7-8931-34de1a2b781a} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OpenOffice Updater] => C:\Users\Katharina\AppData\Roaming\OpenOffice Updater\Updater.exe [387640 2016-10-13] ()
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {1a89f738-3625-11e7-8931-34de1a2b781a} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {1a89f750-3625-11e7-8931-34de1a2b781a} - "F:\HiSuiteDownLoader.exe"
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4222b4b2-44b0-40e1-94f1-0613f8cf0f47}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
FireFox:
========
FF DefaultProfile: 1nue4pl9.default
FF ProfilePath: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\1nue4pl9.default [2017-05-19]
FF NewTab: Mozilla\Firefox\Profiles\1nue4pl9.default -> hxxps://mysearch.avg.com/?cid={FD985FD4-B243-419F-8111-7E543298744E}&mid=120be12fb1b647cd98c5151d02025d82-db432219080066fc4755d601531465133589a9c4&lang=de&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2015-06-12 20:05:33&v=4.1.4.948&pid=wtu&sg=&sap=hp
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\1nue4pl9.default -> Google Default
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\1nue4pl9.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\1nue4pl9.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\1nue4pl9.default -> www.google.com
FF Keyword.URL: Mozilla\Firefox\Profiles\1nue4pl9.default -> hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Extension: (Avira Browser Safety) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\1nue4pl9.default\Extensions\abs@avira.com.xpi [2017-04-07]
FF Extension: (Ghostery) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\1nue4pl9.default\Extensions\firefox@ghostery.com.xpi [2017-05-06]
FF Extension: (Adblock Plus) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\1nue4pl9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-26]
FF SearchPlugin: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\1nue4pl9.default\searchplugins\google-default.xml [2015-07-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.startfenster.de/suche/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Startfenster
CHR DefaultSuggestURL: Default -> hxxp://www.startfenster.de/api/?q={searchTerms}&language={lang}
CHR Profile: C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default [2017-05-15]
CHR Extension: (Google Präsentationen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-12]
CHR Extension: (Google Docs) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-12]
CHR Extension: (Google Drive) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-12]
CHR Extension: (YouTube) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-12]
CHR Extension: (Search Manager) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\djhangopedggnlnicpbjklghlckmndge [2017-05-14]
CHR Extension: (Google Tabellen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-12]
CHR Extension: (Avira Browserschutz) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-12-12]
CHR Extension: (Google Docs Offline) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-14]
CHR Extension: (Google Mail) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [djhangopedggnlnicpbjklghlckmndge] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-04-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-04-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-04-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-04-28] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [316976 2017-03-20] (Avira Operations GmbH & Co. KG)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [6851296 2016-11-29] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373752 2016-12-02] (Intel Corporation)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-04-07] (Avira Operations GmbH & Co. KG)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-08] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [161824 2017-04-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [163976 2017-04-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-04-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-04-18] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [48584 2017-04-18] (Avira Operations GmbH & Co. KG)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [299280 2015-12-18] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-09-24] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [52816 2016-08-03] (Toshiba Client Solutions Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-19 09:58 - 2017-05-19 09:58 - 00016679 _____ C:\Users\Katharina\Downloads\FRST.txt
2017-05-19 09:58 - 2017-05-19 09:58 - 00000000 ____D C:\FRST
2017-05-19 09:57 - 2017-05-19 09:58 - 02429952 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2017-05-18 21:08 - 2017-05-18 21:08 - 00263448 ____N (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\79412729.sys
2017-05-18 21:08 - 2017-05-18 21:08 - 00260344 _____ C:\TDSSKiller.3.1.0.15_18.05.2017_21.08.06_log.txt
2017-05-18 21:07 - 2017-05-18 21:07 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Katharina\Downloads\tdsskiller.exe
2017-05-18 20:18 - 2017-05-18 21:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-18 20:18 - 2017-05-18 20:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-18 20:18 - 2017-05-18 20:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-18 20:17 - 2017-05-18 21:06 - 00000000 ____D C:\Users\Katharina\Desktop\mbar
2017-05-18 20:17 - 2017-05-18 20:47 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-05-18 20:17 - 2017-05-18 20:17 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Katharina\Downloads\mbar-1.09.3.1001.exe
2017-05-18 20:09 - 2017-05-18 20:09 - 07178424 _____ (VS Revo Group ) C:\Users\Katharina\Downloads\revosetup_v2.0.3.exe
2017-05-18 20:09 - 2017-05-18 20:09 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-18 20:09 - 2017-05-18 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-18 20:09 - 2017-05-18 20:09 - 00000000 ____D C:\Program Files\VS Revo Group
2017-05-10 20:08 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-05-10 20:08 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-05-10 20:08 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-05-10 20:08 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-05-10 20:08 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-05-10 20:08 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-05-10 20:07 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2017-05-10 20:07 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 20:07 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 20:07 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 20:07 - 2017-04-28 02:56 - 02048488 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-05-10 20:07 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2017-05-10 20:07 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-10 20:07 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-10 20:07 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-10 20:07 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 20:07 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-05-10 20:07 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 20:07 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-10 20:07 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-05-10 20:07 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-05-10 20:07 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-05-10 20:07 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-05-10 20:07 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 20:07 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-10 20:07 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-05-10 20:07 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-10 20:07 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-05-10 20:07 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-05-10 20:07 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-05-10 20:07 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-05-10 20:07 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-10 20:07 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-05-10 20:07 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-05-10 20:07 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-05-10 20:07 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2017-05-10 20:07 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-05-10 20:07 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-05-10 20:07 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-05-10 20:07 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-05-10 20:07 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-05-10 20:07 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 20:07 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-05-10 20:07 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-05-10 20:07 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 20:07 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-05-10 20:07 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2017-05-10 20:07 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-05-10 20:07 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-05-10 20:07 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BthTelemetry.dll
2017-05-10 20:07 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 20:07 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2017-05-10 20:07 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-05-10 20:07 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2017-05-10 20:07 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-05-10 20:07 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 20:07 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-05-10 20:07 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-05-10 20:07 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 20:07 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2017-05-10 20:07 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-05-10 20:07 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-05-10 20:07 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2017-05-10 20:07 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 20:07 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 20:07 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 20:07 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 20:07 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2017-05-10 20:07 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-05-10 20:07 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-05-10 20:07 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-05-10 20:07 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 20:07 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-05-10 20:07 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 20:07 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-05-10 20:07 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:07 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2017-05-10 20:07 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-10 20:07 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-05-10 20:07 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 20:07 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-05-10 20:07 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 20:07 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2017-05-10 20:07 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2017-05-10 20:07 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-05-10 20:07 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-05-10 20:07 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2017-05-10 20:07 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-05-10 20:07 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-05-10 20:07 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-05-10 20:07 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-10 20:07 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 20:07 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-05-10 20:07 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-05-10 20:07 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-05-10 20:07 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-05-10 20:07 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 20:07 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2017-05-10 20:07 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsnt.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll
2017-05-10 20:07 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-05-10 20:07 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-05-10 20:07 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-05-10 20:07 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2017-05-10 20:07 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-05-10 20:07 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-05-10 20:07 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthLEEnum.sys
2017-05-10 20:07 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-05-10 20:07 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_sr.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraCaptureUI.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-05-10 20:07 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2017-05-10 20:07 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2017-05-10 20:07 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-05-10 20:07 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-05-10 20:07 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-10 20:07 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-10 20:07 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-05-10 20:07 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-10 20:07 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-05-10 20:07 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-05-10 20:07 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-05-10 20:07 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-05-10 20:07 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-05-10 20:07 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2017-05-10 20:07 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-05-10 20:07 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-05-10 20:07 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-05-10 20:07 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-05-10 20:07 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2017-05-10 20:07 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-05-10 20:07 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-05-10 20:07 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2017-05-10 20:07 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-05-10 20:07 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-05-10 20:07 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-05-10 20:07 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-05-10 20:07 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-05-10 20:07 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2017-05-10 20:07 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-05-10 20:07 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-05-10 20:07 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-05-10 20:07 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2017-05-10 20:07 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2017-05-10 20:07 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-05-10 20:07 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-05-10 20:07 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-05-10 20:07 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-05-10 20:07 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-05-10 20:07 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-05-10 20:07 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-05-10 20:07 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-05-10 20:07 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-05-10 20:07 - 2017-03-04 08:22 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 20:07 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2017-05-10 20:07 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 20:07 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 20:07 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-05-10 20:07 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-05-10 20:07 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-05-10 20:06 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 20:06 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2017-05-10 20:06 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-10 20:06 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-10 20:06 - 2017-04-28 02:49 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-05-10 20:06 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-05-10 20:06 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-10 20:06 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2017-05-10 20:06 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2017-05-10 20:06 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-05-10 20:06 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
2017-05-10 20:06 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2017-05-10 20:06 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-05-10 20:06 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-10 20:06 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-10 20:06 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-05-10 20:06 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-05-10 20:06 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-05-10 20:06 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-10 20:06 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-05-10 20:06 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-05-10 20:06 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-05-10 20:06 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-10 20:06 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-05-10 20:06 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-10 20:06 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-05-10 20:06 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-05-10 20:06 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-05-10 20:06 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-05-10 20:06 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-10 20:06 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-05-10 20:06 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-05-10 20:06 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-05-10 20:06 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-05-10 20:06 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-10 20:06 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-05-10 20:06 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 20:06 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-05-10 20:06 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-10 20:06 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-05-10 20:06 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 20:06 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-10 20:06 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-10 20:06 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 20:06 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-05-10 20:06 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-05-10 20:06 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-05-10 20:06 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-05-10 20:06 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 20:06 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-10 20:06 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 20:06 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-05-10 20:06 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-10 20:06 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2017-05-10 20:06 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\BthTelemetry.dll
2017-05-10 20:06 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-05-10 20:06 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-10 20:06 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2017-05-10 20:06 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2017-05-10 20:06 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2017-05-10 20:06 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 20:06 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2017-05-10 20:06 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ConsentUX.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-10 20:06 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\PrintWSDAHost.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2017-05-10 20:06 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-10 20:06 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-05-10 20:06 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 20:06 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2017-05-10 20:06 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-05-10 20:06 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-05-10 20:06 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2017-05-10 20:06 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-05-10 20:06 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2017-05-10 20:06 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll
2017-05-10 20:06 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-05-10 20:06 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2017-05-10 20:06 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\adsnt.dll
2017-05-10 20:06 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2017-05-10 20:06 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-05-10 20:06 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-05-10 20:06 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-05-10 20:06 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-05-10 20:06 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-05-10 20:06 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2017-05-10 20:06 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-05-10 20:06 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2017-05-10 20:06 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2017-05-10 20:06 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2017-05-10 20:06 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2017-05-10 20:06 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-05-10 20:06 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\system32\wsp_sr.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2017-05-10 20:06 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\CameraCaptureUI.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-05-10 20:06 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2017-05-10 20:06 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-05-10 20:06 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 20:06 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2017-05-10 20:06 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-05-10 20:06 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2017-05-10 20:06 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-10 20:06 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-05-10 20:06 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-05-10 20:06 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-05-10 20:06 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-10 20:06 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-05-10 20:06 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-05-10 20:06 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-05-10 20:06 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-05-10 20:06 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:06 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-05-10 20:06 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2017-05-10 20:06 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2017-05-10 20:06 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-05-10 20:06 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-05-10 20:06 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-05-10 20:06 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2017-05-09 14:58 - 2017-05-09 15:26 - 00000000 ____D C:\Users\Katharina\Desktop\Neuer Ordner (2)
2017-05-09 14:54 - 2017-05-09 14:54 - 00001292 _____ C:\Users\Public\Desktop\Leawo Blu-ray Player.lnk
2017-05-09 14:54 - 2017-05-09 14:54 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\Leawo
2017-05-09 14:54 - 2017-05-09 14:54 - 00000000 ____D C:\Users\Katharina\.dvdcss
2017-05-09 14:54 - 2017-05-09 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
2017-05-09 14:53 - 2017-05-09 14:54 - 00000000 ____D C:\ProgramData\Leawo
2017-05-09 14:53 - 2017-05-09 14:53 - 00000000 ____D C:\Program Files (x86)\Leawo
2017-05-06 20:30 - 2017-05-06 20:30 - 00001209 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-04-27 10:13 - 2017-05-18 20:44 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-04-27 10:13 - 2017-04-27 10:13 - 00003786 _____ C:\Windows\System32\Tasks\AviraSystemSpeedupUpdate
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-19 09:45 - 2016-12-06 17:20 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-05-19 09:01 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-19 09:01 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-05-18 20:47 - 2016-12-06 17:32 - 01784902 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-18 20:47 - 2016-07-17 00:51 - 00682586 _____ C:\Windows\system32\perfh007.dat
2017-05-18 20:47 - 2016-07-17 00:51 - 00142634 _____ C:\Windows\system32\perfc007.dat
2017-05-18 20:45 - 2016-12-06 17:39 - 00000000 ____D C:\Users\Katharina\AppData\LocalLow\Mozilla
2017-05-18 20:43 - 2016-12-08 09:05 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\OpenOffice Updater
2017-05-18 20:42 - 2016-12-06 18:36 - 00000000 __SHD C:\Users\Katharina\IntelGraphicsProfiles
2017-05-18 20:42 - 2016-12-06 17:39 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-18 20:41 - 2016-12-06 17:20 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-18 20:40 - 2016-07-16 08:04 - 00524288 _____ C:\Windows\system32\config\BBI
2017-05-18 20:39 - 2016-12-06 17:20 - 00000000 ____D C:\Windows\ServiceProfiles
2017-05-18 20:13 - 2017-01-09 12:41 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-05-18 20:07 - 2016-12-12 14:49 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-18 20:07 - 2016-12-06 17:38 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-18 20:07 - 2016-12-06 17:38 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-05-17 19:22 - 2017-01-09 12:41 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\vlc
2017-05-16 15:40 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-05-16 15:39 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-05-14 21:33 - 2016-12-12 14:48 - 00000000 ____D C:\Users\Katharina\AppData\Local\Google
2017-05-12 20:35 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-05-12 17:06 - 2016-12-12 14:49 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-11 10:41 - 2016-12-06 17:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 10:40 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-05-11 10:38 - 2016-12-06 17:20 - 00225288 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-11 10:37 - 2016-12-06 17:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-11 10:37 - 2016-12-06 17:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\oobe
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-10 22:19 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-05-10 20:14 - 2016-12-06 18:21 - 00000000 ____D C:\Windows\system32\MRT
2017-05-10 20:11 - 2016-12-06 18:21 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-10 19:41 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-05-09 14:54 - 2016-12-06 17:32 - 00000000 ____D C:\Users\Katharina
2017-05-09 11:32 - 2017-01-09 12:42 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\dvdcss
2017-05-09 11:32 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-09 11:32 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-07 13:04 - 2016-12-12 15:30 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-06 20:30 - 2016-12-06 17:41 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-06 20:30 - 2016-12-06 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-04 09:17 - 2016-12-06 17:32 - 00000000 ____D C:\Users\Katharina\AppData\Local\Packages
2017-04-29 14:01 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-29 01:29 - 2016-12-12 14:48 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 01:29 - 2016-12-12 14:48 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-28 03:01 - 2016-12-06 17:29 - 02717184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-04-27 10:13 - 2016-12-15 22:41 - 00001216 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2017-04-27 10:13 - 2016-12-06 17:41 - 00000000 ____D C:\Program Files (x86)\Avira
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-04-14 14:05 - 2017-04-14 14:05 - 0002050 _____ () C:\Users\Katharina\AppData\Local\recently-used.xbel
Einige Dateien in TEMP:
====================
2016-10-13 10:18 - 2016-10-13 10:18 - 171330228 _____ () C:\Users\Katharina\AppData\Local\Temp\OpenOffice_4.1.3_Win_x86_install_de.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-10 10:23
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-05-2017
durchgeführt von Katharina (19-05-2017 09:58:57)
Gestartet von C:\Users\Katharina\Downloads
Windows 10 Home Version 1607 (X64) (2016-12-06 15:31:30)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3920809330-1101454944-3760425377-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3920809330-1101454944-3760425377-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3920809330-1101454944-3760425377-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3920809330-1101454944-3760425377-501 - Limited - Disabled)
Katharina (S-1-5-21-3920809330-1101454944-3760425377-1001 - Administrator - Enabled) => C:\Users\Katharina
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.26.48 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{897e4d08-9554-48e9-ba07-ce6040867fa3}) (Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.7.1.26756 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.5.0.5091 - Avira Operations GmbH & Co. KG)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.43.50 - Conexant)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.1.1115 - Foxit Software Inc.)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 10.2.2.9 - Siber Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Leawo Blu-ray Player Version 1.9.4.0 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.9.4.0 - Leawo Software)
Microsoft OneDrive (HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3920809330-1101454944-3760425377-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
OpenOffice Updater (HKU\S-1-5-21-3920809330-1101454944-3760425377-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
RawTherapee Version 5.0 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 5.0 - rawtherapee.com)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3920809330-1101454944-3760425377-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {18AE8BC4-9468-D082-921B-DFE985889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-3920809330-1101454944-3760425377-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {547600F3-9468-D082-A590-07A585889A47} => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {658D2677-3DA5-4C64-A9A9-B33A7872FDAE} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-04-27] (Avira Operations GmbH & Co. KG )
Task: {89F67880-7B7C-4352-B74F-19E7AAB75860} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {903D50C1-95E3-4B01-B6C8-0B9A344D331F} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-04-07] (Avira Operations GmbH & Co. KG)
Task: {9ACEBCC1-231D-46AD-AACB-0C142D77D05D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {AE60801A-2D34-4825-B19C-540A78AD2997} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-04-07] (Avira Operations GmbH & Co. KG)
Task: {B49F6519-A083-48BD-9167-4CD361E5F840} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-12] (Google Inc.)
Task: {D08F440F-5A73-459E-83FE-E59DED9CA4EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-12] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-05-10 20:06 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-02-15 22:01 - 2016-02-15 22:01 - 00031256 _____ () C:\Windows\System32\us008lm.dll
2016-08-19 02:38 - 2016-12-02 08:32 - 00401912 _____ () C:\Windows\system32\igfxTray.exe
2017-05-10 20:06 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-12-06 18:10 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 21:51 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 21:52 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 21:52 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 21:52 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-29 21:08 - 2016-11-29 21:08 - 06851296 _____ () C:\Program Files\Siber Systems\GoodSync\gs-server.exe
2017-05-09 11:36 - 2017-05-09 11:36 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 11:36 - 2017-05-09 11:36 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 11:36 - 2017-05-09 11:36 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 11:36 - 2017-05-09 11:36 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-05-09 11:36 - 2017-05-09 11:37 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-12-06 18:26 - 2016-12-06 18:26 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3920809330-1101454944-3760425377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Katharina\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{492d76cf-f215-4630-9836-6ad42b954232}.JPG
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Katharina\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{492d76cf-f215-4630-9836-6ad42b954232}.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{04F013A0-7C4F-4DB4-9ABF-7865E210E7C9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C9F397E5-5957-402A-B718-5901BC25945D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01DF7C0C-2B1F-4095-B8C3-011FF7131E7A}] => (Allow) C:\Program Files\Siber Systems\GoodSync\gs-server.exe
FirewallRules: [{D09E74A5-970C-4EED-BEB5-22FEE0986C5B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
04-05-2017 09:15:15 Windows Update
10-05-2017 20:09:30 Windows Update
10-05-2017 20:10:17 Windows Update
16-05-2017 15:39:33 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/18/2017 08:43:59 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (05/18/2017 08:43:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (05/18/2017 08:40:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (05/18/2017 08:39:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/18/2017 08:10:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (05/18/2017 08:10:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/16/2017 03:39:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/11/2017 10:42:14 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (05/10/2017 08:11:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/10/2017 08:09:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (05/18/2017 10:21:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/18/2017 08:43:59 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/18/2017 08:42:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/18/2017 08:42:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/18/2017 08:42:11 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/18/2017 08:42:10 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (05/18/2017 08:40:29 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/18/2017 03:49:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/18/2017 08:49:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/18/2017 08:49:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 12213.23 MB
Verfügbarer physikalischer RAM: 9031.5 MB
Summe virtueller Speicher: 14069.23 MB
Verfügbarer virtueller Speicher: 10653 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:195.21 GB) (Free:143.94 GB) NTFS
Drive d: () (Fixed) (Total:736.2 GB) (Free:687.98 GB) NTFS
Drive e: (RUEBIDVD) (CDROM) (Total:6.86 GB) (Free:0 GB) UDF
Drive i: () (Removable) (Total:7.39 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8CE2466E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.05.18.09
rootkit: v2017.04.02.01
Windows 10 x64 NTFS
Internet Explorer 11.1198.14393.0
Katharina :: DESKTOP-NKL2DK3 [administrator]
18.05.2017 20:18:31
mbar-log-2017-05-18 (20-18-31).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 291918
Time elapsed: 18 minute(s), 31 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 8
C:\Users\Katharina\AppData\Local\Temp\DMR (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1 (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\0fe444dd1ba5d60b1470ffaa2b12c597 (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\152696bf4a00e895f03dabf9963c0157 (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\3533bda4c65ccfbbc76d3b22854fd16c (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\534ed8f204a621eaa2415f07f3d2ce75 (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\91805afc955bfb8f97148e8a5404f4dc (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
Files Detected: 8
C:\Users\Katharina\AppData\Local\Temp\DMR\iwwocnwbcilkkzzl.dat (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\dmr_72.exe (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\oajdljtbjyhjaoaa.dat (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\0fe444dd1ba5d60b1470ffaa2b12c597\Leawo_blurayplayer_setup_1940.exe (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\152696bf4a00e895f03dabf9963c0157\gimp-2.8.20-setup.exe (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\3533bda4c65ccfbbc76d3b22854fd16c\1-klick-chip-setup.exe (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\534ed8f204a621eaa2415f07f3d2ce75\MozBackup-1.5.1-EN.exe (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
C:\Users\Katharina\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\91805afc955bfb8f97148e8a5404f4dc\GoodSync-v10.2.2-Setup.exe (Adware.ChinAd) -> Delete on reboot. [2d74cd4c5c4dbe78267175ee43be4eb2]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.05.18.09
rootkit: v2017.04.02.01
Windows 10 x64 NTFS
Internet Explorer 11.1198.14393.0
Katharina :: DESKTOP-NKL2DK3 [administrator]
18.05.2017 20:48:46
mbar-log-2017-05-18 (20-48-46).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 292026
Time elapsed: 17 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Geändert von citrono (19.05.2017 um 09:19 Uhr) |
|
19.05.2017, 09:15
| #2 |
| | Malware nach VLC Updater TDSS
__________________code war zu lang, daher habe ich 2 Beiträge erstellt Code:
ATTFilter 21:08:06.0898 0x205c TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:08:10.0771 0x205c ============================================================
21:08:10.0771 0x205c Current date / time: 2017/05/18 21:08:10.0771
21:08:10.0771 0x205c SystemInfo:
21:08:10.0802 0x205c
21:08:10.0802 0x205c OS Version: 10.0.14393 ServicePack: 0.0
21:08:10.0802 0x205c Product type: Workstation
21:08:10.0802 0x205c ComputerName: DESKTOP-NKL2DK3
21:08:10.0802 0x205c UserName: Katharina
21:08:10.0802 0x205c Windows directory: C:\Windows
21:08:10.0802 0x205c System windows directory: C:\Windows
21:08:10.0802 0x205c Running under WOW64
21:08:10.0802 0x205c Processor architecture: Intel x64
21:08:10.0802 0x205c Number of processors: 4
21:08:10.0802 0x205c Page size: 0x1000
21:08:10.0802 0x205c Boot type: Normal boot
21:08:10.0802 0x205c CodeIntegrityOptions = 0x00000001
21:08:10.0802 0x205c ============================================================
21:08:11.0269 0x205c KLMD registered as C:\Windows\system32\drivers\79412729.sys
21:08:11.0269 0x205c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x19
21:08:11.0408 0x205c System UUID: {E8ECDCDD-C486-6965-EB14-35D21707B63F}
21:08:11.0767 0x205c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:08:11.0770 0x205c Drive \Device\Harddisk1\DR1 - Size: 0x1D9C00000 ( 7.40 Gb ), SectorSize: 0x200, Cylinders: 0x3C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:08:11.0782 0x205c ============================================================
21:08:11.0782 0x205c \Device\Harddisk0\DR0:
21:08:11.0783 0x205c MBR partitions:
21:08:11.0783 0x205c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:08:11.0783 0x205c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866E000
21:08:11.0783 0x205c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x5C065800
21:08:11.0783 0x205c \Device\Harddisk1\DR1:
21:08:11.0784 0x205c MBR partitions:
21:08:11.0784 0x205c \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xECC000
21:08:11.0784 0x205c ============================================================
21:08:11.0807 0x205c C: <-> \Device\Harddisk0\DR0\Partition2
21:08:11.0846 0x205c D: <-> \Device\Harddisk0\DR0\Partition3
21:08:11.0846 0x205c ============================================================
21:08:11.0846 0x205c Initialize success
21:08:11.0846 0x205c ============================================================
21:08:13.0985 0x1cac ============================================================
21:08:13.0985 0x1cac Scan started
21:08:13.0985 0x1cac Mode: Manual;
21:08:13.0985 0x1cac ============================================================
21:08:13.0985 0x1cac KSN ping started
21:08:14.0085 0x1cac KSN ping finished: true
21:08:16.0799 0x1cac ================ Scan system memory ========================
21:08:16.0799 0x1cac System memory - ok
21:08:16.0800 0x1cac ================ Scan services =============================
21:08:16.0936 0x1cac [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
21:08:16.0940 0x1cac 1394ohci - ok
21:08:16.0962 0x1cac [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\Windows\system32\drivers\3ware.sys
21:08:16.0964 0x1cac 3ware - ok
21:08:17.0001 0x1cac [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:08:17.0010 0x1cac ACPI - ok
21:08:17.0028 0x1cac [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\Windows\System32\drivers\AcpiDev.sys
21:08:17.0028 0x1cac AcpiDev - ok
21:08:17.0041 0x1cac [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\Windows\system32\Drivers\acpiex.sys
21:08:17.0043 0x1cac acpiex - ok
21:08:17.0053 0x1cac [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
21:08:17.0053 0x1cac acpipagr - ok
21:08:17.0068 0x1cac [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
21:08:17.0068 0x1cac AcpiPmi - ok
21:08:17.0080 0x1cac [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\Windows\System32\drivers\acpitime.sys
21:08:17.0080 0x1cac acpitime - ok
21:08:17.0154 0x1cac [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:08:17.0155 0x1cac AdobeARMservice - ok
21:08:17.0242 0x1cac [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:08:17.0246 0x1cac AdobeFlashPlayerUpdateSvc - ok
21:08:17.0291 0x1cac [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
21:08:17.0306 0x1cac ADP80XX - ok
21:08:17.0340 0x1cac [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\Windows\system32\drivers\afd.sys
21:08:17.0348 0x1cac AFD - ok
21:08:17.0364 0x1cac [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
21:08:17.0367 0x1cac ahcache - ok
21:08:17.0384 0x1cac [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\Windows\System32\AJRouter.dll
21:08:17.0385 0x1cac AJRouter - ok
21:08:17.0409 0x1cac [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\Windows\System32\alg.exe
21:08:17.0410 0x1cac ALG - ok
21:08:17.0425 0x1cac [ 6EB51BCF35E4C0636FDAE4387E9A3054, B13A9BC7C21C1EA181C2B95F600CF8CA7AECB70512D5D6BE21B23125D3CF2CCB ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:08:17.0428 0x1cac AMD External Events Utility - ok
21:08:17.0450 0x1cac [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
21:08:17.0452 0x1cac AmdK8 - ok
21:08:17.0455 0x1cac amdkmdag - ok
21:08:17.0488 0x1cac [ 5ADABFB6A9515AFCD35B8CBBDE5B3DF1, F78EB8BFF37A5D98E095E3FB56C3BC82F136699A71ADEC6E62EE62E0CC8D7AA7 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:08:17.0498 0x1cac amdkmdap - ok
21:08:17.0510 0x1cac [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
21:08:17.0512 0x1cac AmdPPM - ok
21:08:17.0527 0x1cac [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:08:17.0529 0x1cac amdsata - ok
21:08:17.0553 0x1cac [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:08:17.0556 0x1cac amdsbs - ok
21:08:17.0569 0x1cac [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:08:17.0570 0x1cac amdxata - ok
21:08:17.0649 0x1cac [ 0C891285258A793146DCF286BFEDFF20, 2BF060A4D1C26FBB99229DADFBDBE4C03DE3DE1FA6376948DEC257907CB83442 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
21:08:17.0664 0x1cac AntiVirMailService - ok
21:08:17.0702 0x1cac [ A92B5723DC25E9755C745F9946A2E2EA, 5C1994BB7BE36555AE43400E12A650B1AC4CC37E9765B3AB5A605AD13E0CE1CF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
21:08:17.0708 0x1cac AntiVirSchedulerService - ok
21:08:17.0731 0x1cac [ A92B5723DC25E9755C745F9946A2E2EA, 5C1994BB7BE36555AE43400E12A650B1AC4CC37E9765B3AB5A605AD13E0CE1CF ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
21:08:17.0738 0x1cac AntiVirService - ok
21:08:17.0784 0x1cac [ 56B7AEE325CE5EA2BD854899E4E7123B, E25491348675939CB81C0E19A50473C8B13C1CFA1F84305478DD3403E1393800 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
21:08:17.0804 0x1cac AntiVirWebService - ok
21:08:17.0826 0x1cac [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\Windows\system32\drivers\appid.sys
21:08:17.0829 0x1cac AppID - ok
21:08:17.0857 0x1cac [ 0A7C202CDBFD295363A09DE1A2C05F45, AB516BB714CAD60994A42710E7747FB50A5890F71BD8880BF86096CC485DE393 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:08:17.0859 0x1cac AppIDSvc - ok
21:08:17.0881 0x1cac [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo C:\Windows\System32\appinfo.dll
21:08:17.0883 0x1cac Appinfo - ok
21:08:17.0893 0x1cac [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\Windows\system32\drivers\applockerfltr.sys
21:08:17.0893 0x1cac applockerfltr - ok
21:08:17.0925 0x1cac [ E2B0B9A477C169C466609F866311CD45, 26846DC6BF6ECFD97A7C0714160B870A733E1255779029327C1415D48AF133E6 ] AppReadiness C:\Windows\system32\AppReadiness.dll
21:08:17.0932 0x1cac AppReadiness - ok
21:08:18.0009 0x1cac [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
21:08:18.0039 0x1cac AppXSvc - ok
21:08:18.0054 0x1cac [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:08:18.0056 0x1cac arcsas - ok
21:08:18.0075 0x1cac [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\Windows\System32\drivers\asyncmac.sys
21:08:18.0075 0x1cac AsyncMac - ok
21:08:18.0140 0x1cac [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\Windows\system32\drivers\atapi.sys
21:08:18.0141 0x1cac atapi - ok
21:08:18.0173 0x1cac [ 44D50F4B55BEE38C97A6CBECEBC59384, 43C35E5547E5180B25726F90E0B94149DE1099FD507A6357A6A284A2749433F3 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:08:18.0177 0x1cac AudioEndpointBuilder - ok
21:08:18.0211 0x1cac [ 36A9B38EA06A8C14CC82E0C8004A6635, 959E6B359D89E112976AF488F2756F770B491AE53ED07E9D31B4A3D8A7F33C80 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:08:18.0224 0x1cac Audiosrv - ok
21:08:18.0246 0x1cac [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:08:18.0249 0x1cac avgntflt - ok
21:08:18.0280 0x1cac [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:08:18.0282 0x1cac avipbb - ok
21:08:18.0323 0x1cac [ 64943D597895DE755A58EE46402932F3, 11D6668F325A5C8343C533BC037AD38019EA6F8E84FB15639B16BD3113F73C8D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:08:18.0328 0x1cac Avira.ServiceHost - ok
21:08:18.0364 0x1cac [ 2983A3CE41FB1C0A2EFC14B173465FF1, 78B4140D2912817C983CEC66194C407D6657E1CA500526A3447AA78C77214B1C ] AviraPhantomVPN C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
21:08:18.0368 0x1cac AviraPhantomVPN - ok
21:08:18.0398 0x1cac [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:08:18.0399 0x1cac avkmgr - ok
21:08:18.0423 0x1cac [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
21:08:18.0424 0x1cac avnetflt - ok
21:08:18.0452 0x1cac [ D50D54178CA7BF63BD60ABEC8E7772CC, 19EFE0808C2660A22DD69158FEC30F8CB83167D832C3EBE12C99261C6FB79ADF ] avusbflt C:\Windows\system32\Drivers\avusbflt.sys
21:08:18.0453 0x1cac avusbflt - ok
21:08:18.0477 0x1cac [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:08:18.0479 0x1cac AxInstSV - ok
21:08:18.0514 0x1cac [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:08:18.0521 0x1cac b06bdrv - ok
21:08:18.0556 0x1cac [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
21:08:18.0557 0x1cac BasicDisplay - ok
21:08:18.0573 0x1cac [ 2E78B31C90766FD086D2B766528E9AEA, D0D9ED8AD90E3D400DA4231AB313B4B2869930DADC3034D6FCDEA000E424F843 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
21:08:18.0574 0x1cac BasicRender - ok
21:08:18.0588 0x1cac [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\Windows\System32\drivers\bcmfn.sys
21:08:18.0588 0x1cac bcmfn - ok
21:08:18.0601 0x1cac [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
21:08:18.0601 0x1cac bcmfn2 - ok
21:08:18.0638 0x1cac [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\Windows\System32\bdesvc.dll
21:08:18.0643 0x1cac BDESVC - ok
21:08:18.0662 0x1cac [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\Windows\system32\drivers\Beep.sys
21:08:18.0662 0x1cac Beep - ok
21:08:18.0706 0x1cac [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\Windows\System32\bfe.dll
21:08:18.0717 0x1cac BFE - ok
21:08:18.0769 0x1cac [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\Windows\System32\qmgr.dll
21:08:18.0784 0x1cac BITS - ok
21:08:18.0811 0x1cac [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:08:18.0812 0x1cac bowser - ok
21:08:18.0855 0x1cac [ 82A93A0772A29EB6E41438D9AE5ECDBD, 2C0EBA86DA33B763B6EBCF3D0A936FB92E0F36FD3D18D0812A33FC5FF1906C3C ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:08:18.0865 0x1cac BrokerInfrastructure - ok
21:08:18.0889 0x1cac [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\Windows\System32\browser.dll
21:08:18.0891 0x1cac Browser - ok
21:08:18.0920 0x1cac [ A70E09FD082BFA67BE085D41C8B6A85F, 1711163E7BE0DE83701A0293BF5D4D37AAD124D88F6FFA3FCC6CF0F3A7D3B78D ] BthA2DP C:\Windows\system32\drivers\BthA2DP.sys
21:08:18.0922 0x1cac BthA2DP - ok
21:08:18.0945 0x1cac [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
21:08:18.0946 0x1cac BthAvrcpTg - ok
21:08:18.0995 0x1cac [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
21:08:18.0997 0x1cac BthEnum - ok
21:08:19.0014 0x1cac [ 20C63A9CC92CEA8D284C6EA36FED68DC, DA7669CCCA6838269297DD45EDB48149898B3E14648B5DB3B93AF82A3279B411 ] BthHFAud C:\Windows\system32\DRIVERS\BthHfAud.sys
21:08:19.0015 0x1cac BthHFAud - ok
21:08:19.0027 0x1cac [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
21:08:19.0029 0x1cac BthHFEnum - ok
21:08:19.0047 0x1cac [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
21:08:19.0047 0x1cac bthhfhid - ok
21:08:19.0071 0x1cac [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
21:08:19.0076 0x1cac BthHFSrv - ok
21:08:19.0114 0x1cac [ 164C495A72CF56BE2E47C9FA455B57D1, 034EF89B04F639E2538BA85BB5262A2E230A4CE29E0CC982B6E014F0D299A88E ] BthLEEnum C:\Windows\System32\drivers\BthLEEnum.sys
21:08:19.0117 0x1cac BthLEEnum - ok
21:08:19.0143 0x1cac [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
21:08:19.0145 0x1cac BTHMODEM - ok
21:08:19.0170 0x1cac [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan C:\Windows\System32\drivers\bthpan.sys
21:08:19.0172 0x1cac BthPan - ok
21:08:19.0207 0x1cac [ 34C35293F5A3DEFEC59DBCD7BD4C17D0, B1F39B8E348BDF936ED4C9544712A8A103D02B039658A98C0C465249769C7D20 ] BTHPORT C:\Windows\System32\drivers\BTHport.sys
21:08:19.0220 0x1cac BTHPORT - ok
21:08:19.0231 0x1cac [ 577FFA2B0B8572587FEB825F42453E81, D1BA449B7A535D0F6BC2EDE75D2CBA585E3A00FE552E244F342FB4ACA029A9A5 ] bthserv C:\Windows\system32\bthserv.dll
21:08:19.0233 0x1cac bthserv - ok
21:08:19.0244 0x1cac [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB C:\Windows\System32\drivers\BTHUSB.sys
21:08:19.0245 0x1cac BTHUSB - ok
21:08:19.0255 0x1cac [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
21:08:19.0256 0x1cac buttonconverter - ok
21:08:19.0276 0x1cac [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\Windows\System32\drivers\capimg.sys
21:08:19.0278 0x1cac CapImg - ok
21:08:19.0300 0x1cac [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:08:19.0301 0x1cac cdfs - ok
21:08:19.0333 0x1cac [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc C:\Windows\System32\CDPSvc.dll
21:08:19.0339 0x1cac CDPSvc - ok
21:08:19.0366 0x1cac [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc C:\Windows\System32\CDPUserSvc.dll
21:08:19.0371 0x1cac CDPUserSvc - ok
21:08:19.0408 0x1cac [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\Windows\System32\drivers\cdrom.sys
21:08:19.0411 0x1cac cdrom - ok
21:08:19.0438 0x1cac [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc C:\Windows\System32\certprop.dll
21:08:19.0441 0x1cac CertPropSvc - ok
21:08:19.0479 0x1cac [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
21:08:19.0480 0x1cac chip1click - ok
21:08:19.0511 0x1cac [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\Windows\system32\drivers\cht4sx64.sys
21:08:19.0516 0x1cac cht4iscsi - ok
21:08:19.0586 0x1cac [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\Windows\System32\drivers\cht4vx64.sys
21:08:19.0613 0x1cac cht4vbd - ok
21:08:19.0642 0x1cac [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\Windows\System32\drivers\circlass.sys
21:08:19.0643 0x1cac circlass - ok
21:08:19.0667 0x1cac [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS C:\Windows\system32\drivers\CLFS.sys
21:08:19.0672 0x1cac CLFS - ok
21:08:19.0719 0x1cac [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\Windows\System32\ClipSVC.dll
21:08:19.0729 0x1cac ClipSVC - ok
21:08:19.0739 0x1cac [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\Windows\System32\drivers\registry.sys
21:08:19.0741 0x1cac clreg - ok
21:08:19.0769 0x1cac [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
21:08:19.0770 0x1cac CmBatt - ok
21:08:19.0808 0x1cac [ D7D1A078B0CBC042ACE81E7B0B082994, 4DE92876176C2F82A59B74CA1FAAE7A5CE84C90A505A52A737C631D7120E31A4 ] CNG C:\Windows\system32\Drivers\cng.sys
21:08:19.0816 0x1cac CNG - ok
21:08:19.0827 0x1cac [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\Windows\system32\DRIVERS\cnghwassist.sys
21:08:19.0828 0x1cac cnghwassist - ok
21:08:19.0885 0x1cac [ 81F8BB2C71264D262D2BEA30C9909579, EB5E7990E9C2BF383496BFF581F7271654D402AF30B0179D3C82A32E3C933C21 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
21:08:19.0905 0x1cac CnxtHdAudService - ok
21:08:19.0970 0x1cac [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
21:08:19.0971 0x1cac CompositeBus - ok
21:08:19.0974 0x1cac COMSysApp - ok
21:08:19.0993 0x1cac [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\Windows\system32\drivers\condrv.sys
21:08:19.0994 0x1cac condrv - ok
21:08:20.0047 0x1cac [ BE8478598F5D6FF600CC13DBA188F81C, 5D78E1F6F5F4AB77518F9B7DA904E6B97EA7B01D45B043939B048DF019FE49A6 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
21:08:20.0057 0x1cac CoreMessagingRegistrar - ok
21:08:20.0122 0x1cac [ 997834EAFAB612AD0F739A817E9059DE, C4329C386AEB2AE4E3DEABC99F20F43968CE265061579BFCB77E53F28FF96823 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:08:20.0126 0x1cac cphs - ok
21:08:20.0157 0x1cac [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:08:20.0158 0x1cac CryptSvc - ok
21:08:20.0196 0x1cac [ 5FCABDE89AC62A8818C803646FCEE23E, 070B110A0D4C93086472A3E582AA0B4E0EFAB05651EE30BD06E75D113D446BAA ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
21:08:20.0199 0x1cac CxAudMsg - ok
21:08:20.0220 0x1cac [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam C:\Windows\system32\drivers\dam.sys
21:08:20.0221 0x1cac dam - ok
21:08:20.0246 0x1cac [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d C:\Windows\System32\drivers\dc3d.sys
21:08:20.0248 0x1cac dc3d - ok
21:08:20.0298 0x1cac [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:08:20.0311 0x1cac DcomLaunch - ok
21:08:20.0335 0x1cac [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\Windows\system32\dcpsvc.dll
21:08:20.0338 0x1cac DcpSvc - ok
21:08:20.0375 0x1cac [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\Windows\System32\defragsvc.dll
21:08:20.0382 0x1cac defragsvc - ok
21:08:20.0419 0x1cac [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\Windows\system32\das.dll
21:08:20.0425 0x1cac DeviceAssociationService - ok
21:08:20.0449 0x1cac [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
21:08:20.0451 0x1cac DeviceInstall - ok
21:08:20.0470 0x1cac [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\Windows\system32\DevQueryBroker.dll
21:08:20.0471 0x1cac DevQueryBroker - ok
21:08:20.0506 0x1cac [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
21:08:20.0508 0x1cac Dfsc - ok
21:08:20.0533 0x1cac [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:08:20.0538 0x1cac Dhcp - ok
21:08:20.0605 0x1cac [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
21:08:20.0607 0x1cac diagnosticshub.standardcollector.service - ok
21:08:20.0680 0x1cac [ 22391290BB9D3ED68950672E42B6F3F0, C4DC2DD3CF1564181377A67AB7E08DEFB377D4AE51956A4F27CE46C038D04AFE ] DiagTrack C:\Windows\system32\diagtrack.dll
21:08:20.0707 0x1cac DiagTrack - ok
21:08:20.0724 0x1cac [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\Windows\system32\drivers\disk.sys
21:08:20.0725 0x1cac disk - ok
21:08:20.0765 0x1cac [ 527CE76D1B0587A3F9156809B3E2275E, 6FAB680F73774F3FAA65258D53DC8ADCDAEE2ABDDF825ED79F9526DC3B9B7312 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
21:08:20.0771 0x1cac DmEnrollmentSvc - ok
21:08:20.0789 0x1cac [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
21:08:20.0789 0x1cac dmvsc - ok
21:08:20.0818 0x1cac [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
21:08:20.0820 0x1cac dmwappushservice - ok
21:08:20.0853 0x1cac [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:08:20.0857 0x1cac Dnscache - ok
21:08:20.0872 0x1cac [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\Windows\System32\dot3svc.dll
21:08:20.0876 0x1cac dot3svc - ok
21:08:20.0893 0x1cac [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\Windows\system32\dps.dll
21:08:20.0896 0x1cac DPS - ok
21:08:20.0916 0x1cac [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\Windows\system32\DRIVERS\drmkaud.sys
21:08:20.0917 0x1cac drmkaud - ok
21:08:20.0942 0x1cac [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
21:08:20.0945 0x1cac DsmSvc - ok
21:08:20.0962 0x1cac [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\Windows\System32\DsSvc.dll
21:08:20.0965 0x1cac DsSvc - ok
21:08:21.0029 0x1cac [ 4CECF7C7BFBF95647FEC49475555BFB2, B914ADC19CA4A4EEE83AE560A5CCE2E21A3D9568E5961BEFAD7B455930FB0AB9 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:08:21.0057 0x1cac DXGKrnl - ok
21:08:21.0076 0x1cac [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\Windows\System32\eapsvc.dll
21:08:21.0079 0x1cac EapHost - ok
21:08:21.0176 0x1cac [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:08:21.0220 0x1cac ebdrv - ok
21:08:21.0241 0x1cac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\Windows\System32\lsass.exe
21:08:21.0243 0x1cac EFS - ok
21:08:21.0256 0x1cac [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
21:08:21.0258 0x1cac EhStorClass - ok
21:08:21.0283 0x1cac [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:08:21.0285 0x1cac EhStorTcgDrv - ok
21:08:21.0315 0x1cac [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\Windows\System32\embeddedmodesvc.dll
21:08:21.0318 0x1cac embeddedmode - ok
21:08:21.0346 0x1cac [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc C:\Windows\system32\EnterpriseAppMgmtSvc.dll
21:08:21.0351 0x1cac EntAppSvc - ok
21:08:21.0363 0x1cac [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\Windows\System32\drivers\errdev.sys
21:08:21.0363 0x1cac ErrDev - ok
21:08:21.0411 0x1cac [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\Windows\system32\es.dll
21:08:21.0417 0x1cac EventSystem - ok
21:08:21.0434 0x1cac [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\Windows\system32\drivers\exfat.sys
21:08:21.0438 0x1cac exfat - ok
21:08:21.0461 0x1cac [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:08:21.0466 0x1cac fastfat - ok
21:08:21.0536 0x1cac [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\Windows\system32\fxssvc.exe
21:08:21.0545 0x1cac Fax - ok
21:08:21.0576 0x1cac [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\Windows\System32\drivers\fdc.sys
21:08:21.0577 0x1cac fdc - ok
21:08:21.0601 0x1cac [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\Windows\system32\fdPHost.dll
21:08:21.0602 0x1cac fdPHost - ok
21:08:21.0605 0x1cac [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\Windows\system32\fdrespub.dll
21:08:21.0606 0x1cac FDResPub - ok
21:08:21.0616 0x1cac [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\Windows\system32\fhsvc.dll
21:08:21.0618 0x1cac fhsvc - ok
21:08:21.0639 0x1cac [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\Windows\system32\drivers\filecrypt.sys
21:08:21.0640 0x1cac FileCrypt - ok
21:08:21.0657 0x1cac [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:08:21.0658 0x1cac FileInfo - ok
21:08:21.0676 0x1cac [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:08:21.0677 0x1cac Filetrace - ok
21:08:21.0694 0x1cac [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
21:08:21.0696 0x1cac flpydisk - ok
21:08:21.0714 0x1cac [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:08:21.0719 0x1cac FltMgr - ok
21:08:21.0781 0x1cac [ 81C8AA35C92D3A5E82477DF00DEDCBFD, F825641B3DD12C35657DC6F05C3A3CF2821D3525CF51E376E678B5FD45AD664E ] FontCache C:\Windows\system32\FntCache.dll
21:08:21.0806 0x1cac FontCache - ok
21:08:21.0902 0x1cac [ EB959B686074EA0D27A3AB42E8024D37, B85A59F2898AF536652FF65CE53822B11108E2241B34ABB693BDFC06C32DAE17 ] FoxitReaderService C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
21:08:21.0924 0x1cac FoxitReaderService - ok
21:08:21.0968 0x1cac [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer C:\Windows\system32\FrameServer.dll
21:08:21.0979 0x1cac FrameServer - ok
21:08:22.0000 0x1cac [ B07A40B5A7A58B8C75663A572A46084C, 01F34EAFD4A86FF6AFC015BE2D155A53ED8186BD6DA1A05CCEC8425417A8E320 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:08:22.0001 0x1cac FsDepends - ok
21:08:22.0010 0x1cac [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:08:22.0011 0x1cac Fs_Rec - ok
21:08:22.0043 0x1cac [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:08:22.0053 0x1cac fvevol - ok
21:08:22.0072 0x1cac [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
21:08:22.0073 0x1cac gencounter - ok
21:08:22.0098 0x1cac [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\Windows\System32\drivers\genericusbfn.sys
21:08:22.0098 0x1cac genericusbfn - ok
21:08:22.0120 0x1cac [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
21:08:22.0122 0x1cac GPIOClx0101 - ok
21:08:22.0172 0x1cac [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc C:\Windows\System32\gpsvc.dll
21:08:22.0188 0x1cac gpsvc - ok
21:08:22.0194 0x1cac [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\Windows\system32\drivers\gpuenergydrv.sys
21:08:22.0195 0x1cac GpuEnergyDrv - ok
21:08:22.0403 0x1cac [ E8AF71BE30C65D91530FB2991B6070F9, 3DF12784F0B6730233D5BA92FF888EA9AAFC80C880D76E831C9E2F52DAF3EAFA ] GsServer C:\Program Files\Siber Systems\GoodSync\gs-server.exe
21:08:22.0490 0x1cac GsServer - ok
21:08:22.0580 0x1cac [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:08:22.0583 0x1cac gupdate - ok
21:08:22.0587 0x1cac [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:08:22.0589 0x1cac gupdatem - ok
21:08:22.0613 0x1cac [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
21:08:22.0618 0x1cac HdAudAddService - ok
21:08:22.0636 0x1cac [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
21:08:22.0638 0x1cac HDAudBus - ok
21:08:22.0648 0x1cac [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
21:08:22.0648 0x1cac HidBatt - ok
21:08:22.0663 0x1cac [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\Windows\System32\drivers\hidbth.sys
21:08:22.0665 0x1cac HidBth - ok
21:08:22.0669 0x1cac [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
21:08:22.0670 0x1cac hidi2c - ok
21:08:22.0680 0x1cac [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\Windows\System32\drivers\hidinterrupt.sys
21:08:22.0681 0x1cac hidinterrupt - ok
21:08:22.0698 0x1cac [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\Windows\System32\drivers\hidir.sys
21:08:22.0699 0x1cac HidIr - ok
21:08:22.0722 0x1cac [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\Windows\system32\hidserv.dll
21:08:22.0723 0x1cac hidserv - ok
21:08:22.0751 0x1cac [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\Windows\System32\drivers\hidusb.sys
21:08:22.0752 0x1cac HidUsb - ok
21:08:22.0784 0x1cac [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:08:22.0788 0x1cac HomeGroupListener - ok
21:08:22.0827 0x1cac [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:08:22.0834 0x1cac HomeGroupProvider - ok
21:08:22.0862 0x1cac [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:08:22.0864 0x1cac HpSAMD - ok
21:08:22.0918 0x1cac [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:08:22.0933 0x1cac HTTP - ok
21:08:22.0955 0x1cac [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\Windows\System32\hvhostsvc.dll
21:08:22.0957 0x1cac HvHost - ok
21:08:22.0966 0x1cac [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\Windows\system32\drivers\hvservice.sys
21:08:22.0968 0x1cac hvservice - ok
21:08:22.0984 0x1cac [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:08:22.0985 0x1cac hwpolicy - ok
21:08:23.0003 0x1cac [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
21:08:23.0003 0x1cac hyperkbd - ok
21:08:23.0021 0x1cac [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
21:08:23.0023 0x1cac i8042prt - ok
21:08:23.0037 0x1cac [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\Windows\System32\drivers\iagpio.sys
21:08:23.0038 0x1cac iagpio - ok
21:08:23.0051 0x1cac [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\Windows\System32\drivers\iai2c.sys
21:08:23.0052 0x1cac iai2c - ok
21:08:23.0069 0x1cac [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
21:08:23.0071 0x1cac iaLPSS2i_GPIO2 - ok
21:08:23.0088 0x1cac [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
21:08:23.0090 0x1cac iaLPSS2i_I2C - ok
21:08:23.0094 0x1cac [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
21:08:23.0095 0x1cac iaLPSSi_GPIO - ok
21:08:23.0116 0x1cac [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
21:08:23.0118 0x1cac iaLPSSi_I2C - ok
21:08:23.0149 0x1cac [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
21:08:23.0158 0x1cac iaStorAV - ok
21:08:23.0173 0x1cac [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:08:23.0179 0x1cac iaStorV - ok
21:08:23.0197 0x1cac [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\Windows\System32\drivers\ibbus.sys
21:08:23.0204 0x1cac ibbus - ok
21:08:23.0207 0x1cac ibtsiva - ok
21:08:23.0234 0x1cac [ AA173D4202F9BFDD1C50B37550560780, B519D66406EC6CD03CAAF22F316D94541CDEBC06FF8D91D0B27BD9328C3920BA ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
21:08:23.0238 0x1cac ibtusb - ok
21:08:23.0258 0x1cac [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\Windows\System32\tetheringservice.dll
21:08:23.0262 0x1cac icssvc - ok
21:08:23.0531 0x1cac [ EC3C82734CED2B1CE6CE409D78BBD14B, 08EBADF7119226E97B3C692ADB3F237B77AAEDF6A1D5ACC0ED4D2711D4C459FE ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:08:23.0633 0x1cac igfx - ok
21:08:23.0675 0x1cac [ F5C4D7C872F60E00965295935D94593C, 742CAAD7960253A82ACCE9B798A09F0F8DD27C406405BD282FCEF6081168133B ] igfxCUIService2.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:08:23.0681 0x1cac igfxCUIService2.0.0.0 - ok
21:08:23.0717 0x1cac [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\Windows\System32\ikeext.dll
21:08:23.0730 0x1cac IKEEXT - ok
21:08:23.0748 0x1cac [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\Windows\System32\drivers\IndirectKmd.sys
21:08:23.0749 0x1cac IndirectKmd - ok
21:08:23.0782 0x1cac [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:08:23.0788 0x1cac IntcDAud - ok
21:08:23.0850 0x1cac [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\Windows\system32\drivers\intelide.sys
21:08:23.0850 0x1cac intelide - ok
21:08:23.0859 0x1cac [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\Windows\system32\drivers\intelpep.sys
21:08:23.0860 0x1cac intelpep - ok
21:08:23.0876 0x1cac [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\Windows\System32\drivers\intelppm.sys
21:08:23.0879 0x1cac intelppm - ok
21:08:23.0901 0x1cac [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\Windows\system32\drivers\iorate.sys
21:08:23.0902 0x1cac iorate - ok
21:08:23.0921 0x1cac [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:08:23.0922 0x1cac IpFilterDriver - ok
21:08:23.0959 0x1cac [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:08:23.0972 0x1cac iphlpsvc - ok
21:08:23.0999 0x1cac [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
21:08:24.0001 0x1cac IPMIDRV - ok
21:08:24.0012 0x1cac [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:08:24.0015 0x1cac IPNAT - ok
21:08:24.0020 0x1cac [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\Windows\system32\drivers\irda.sys
21:08:24.0022 0x1cac irda - ok
21:08:24.0032 0x1cac [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:08:24.0032 0x1cac IRENUM - ok
21:08:24.0057 0x1cac [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\Windows\System32\irmon.dll
21:08:24.0058 0x1cac irmon - ok
21:08:24.0077 0x1cac [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:08:24.0078 0x1cac isapnp - ok
21:08:24.0115 0x1cac [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
21:08:24.0119 0x1cac iScsiPrt - ok
21:08:24.0133 0x1cac [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
21:08:24.0135 0x1cac kbdclass - ok
21:08:24.0156 0x1cac [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
21:08:24.0157 0x1cac kbdhid - ok
21:08:24.0169 0x1cac [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\Windows\System32\drivers\kdnic.sys
21:08:24.0169 0x1cac kdnic - ok
21:08:24.0185 0x1cac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\Windows\system32\lsass.exe
21:08:24.0187 0x1cac KeyIso - ok
21:08:24.0218 0x1cac [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:08:24.0221 0x1cac KSecDD - ok
21:08:24.0246 0x1cac [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:08:24.0248 0x1cac KSecPkg - ok
21:08:24.0265 0x1cac [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:08:24.0266 0x1cac ksthunk - ok
21:08:24.0297 0x1cac [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:08:24.0303 0x1cac KtmRm - ok
21:08:24.0338 0x1cac [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:08:24.0343 0x1cac LanmanServer - ok
21:08:24.0383 0x1cac [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:08:24.0388 0x1cac LanmanWorkstation - ok
21:08:24.0413 0x1cac [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\Windows\System32\lfsvc.dll
21:08:24.0415 0x1cac lfsvc - ok
21:08:24.0448 0x1cac [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\Windows\system32\LicenseManagerSvc.dll
21:08:24.0449 0x1cac LicenseManager - ok
21:08:24.0469 0x1cac [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\Windows\system32\drivers\lltdio.sys
21:08:24.0470 0x1cac lltdio - ok
21:08:24.0486 0x1cac [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:08:24.0491 0x1cac lltdsvc - ok
21:08:24.0515 0x1cac [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:08:24.0517 0x1cac lmhosts - ok
21:08:24.0545 0x1cac [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:08:24.0547 0x1cac LSI_SAS - ok
21:08:24.0562 0x1cac [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\Windows\system32\drivers\lsi_sas2i.sys
21:08:24.0563 0x1cac LSI_SAS2i - ok
21:08:24.0577 0x1cac [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\Windows\system32\drivers\lsi_sas3i.sys
21:08:24.0579 0x1cac LSI_SAS3i - ok
21:08:24.0590 0x1cac [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
21:08:24.0591 0x1cac LSI_SSS - ok
21:08:24.0641 0x1cac [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM C:\Windows\System32\lsm.dll
21:08:24.0651 0x1cac LSM - ok
21:08:24.0677 0x1cac [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\Windows\system32\drivers\luafv.sys
21:08:24.0679 0x1cac luafv - ok
21:08:24.0706 0x1cac [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker C:\Windows\System32\moshost.dll
21:08:24.0708 0x1cac MapsBroker - ok
21:08:24.0722 0x1cac [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\Windows\system32\drivers\megasas.sys
21:08:24.0723 0x1cac megasas - ok
21:08:24.0753 0x1cac [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\Windows\system32\drivers\MegaSas2i.sys
21:08:24.0755 0x1cac megasas2i - ok
21:08:24.0784 0x1cac [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\Windows\system32\drivers\megasr.sys
21:08:24.0791 0x1cac megasr - ok
21:08:24.0817 0x1cac [ C7DFCC5470DBBE00114723A233701CF8, 8E00E8975BD3ABDD7F774E76FE33024EE09755DFC3C46F880E4EAA7F7D8393B6 ] MEIx64 C:\Windows\System32\drivers\TeeDriverW8x64.sys
21:08:24.0820 0x1cac MEIx64 - ok
21:08:24.0837 0x1cac [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\Windows\System32\MessagingService.dll
21:08:24.0839 0x1cac MessagingService - ok
21:08:24.0881 0x1cac [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\Windows\System32\drivers\mlx4_bus.sys
21:08:24.0892 0x1cac mlx4_bus - ok
21:08:24.0914 0x1cac [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\Windows\system32\drivers\mmcss.sys
21:08:24.0915 0x1cac MMCSS - ok
21:08:24.0940 0x1cac [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem C:\Windows\system32\drivers\modem.sys
21:08:24.0941 0x1cac Modem - ok
21:08:24.0957 0x1cac [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\Windows\System32\drivers\monitor.sys
21:08:24.0958 0x1cac monitor - ok
21:08:24.0976 0x1cac [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\Windows\System32\drivers\mouclass.sys
21:08:24.0978 0x1cac mouclass - ok
21:08:25.0007 0x1cac [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\Windows\System32\drivers\mouhid.sys
21:08:25.0008 0x1cac mouhid - ok
21:08:25.0027 0x1cac [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:08:25.0029 0x1cac mountmgr - ok
21:08:25.0062 0x1cac [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:08:25.0064 0x1cac MozillaMaintenance - ok
21:08:25.0075 0x1cac [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:08:25.0077 0x1cac mpsdrv - ok
21:08:25.0119 0x1cac [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc C:\Windows\system32\mpssvc.dll
21:08:25.0132 0x1cac MpsSvc - ok
21:08:25.0153 0x1cac [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:08:25.0156 0x1cac MRxDAV - ok
21:08:25.0190 0x1cac [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:08:25.0196 0x1cac mrxsmb - ok
21:08:25.0222 0x1cac [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:08:25.0226 0x1cac mrxsmb10 - ok
21:08:25.0245 0x1cac [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:08:25.0248 0x1cac mrxsmb20 - ok
21:08:25.0270 0x1cac [ BEF575A5A8EC38F3BA6DB68D3CFFBD9A, 86D0BDD22430092CE1E11A7A2948725746DD848F5DF6F94808D8F0919BDF787C ] MsBridge C:\Windows\system32\drivers\bridge.sys
21:08:25.0272 0x1cac MsBridge - ok
21:08:25.0295 0x1cac [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\Windows\System32\msdtc.exe
21:08:25.0297 0x1cac MSDTC - ok
21:08:25.0328 0x1cac [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:08:25.0329 0x1cac Msfs - ok
21:08:25.0347 0x1cac [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
21:08:25.0348 0x1cac msgpiowin32 - ok
21:08:25.0358 0x1cac [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:08:25.0358 0x1cac mshidkmdf - ok
21:08:25.0374 0x1cac [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
21:08:25.0374 0x1cac mshidumdf - ok
21:08:25.0386 0x1cac [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:08:25.0387 0x1cac msisadrv - ok
21:08:25.0416 0x1cac [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:08:25.0419 0x1cac MSiSCSI - ok
21:08:25.0421 0x1cac msiserver - ok
21:08:25.0443 0x1cac [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV C:\Windows\system32\DRIVERS\MSKSSRV.sys
21:08:25.0443 0x1cac MSKSSRV - ok
21:08:25.0466 0x1cac [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\Windows\system32\drivers\mslldp.sys
21:08:25.0467 0x1cac MsLldp - ok
21:08:25.0492 0x1cac [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\Windows\system32\DRIVERS\MSPCLOCK.sys
21:08:25.0492 0x1cac MSPCLOCK - ok
21:08:25.0509 0x1cac [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\Windows\system32\DRIVERS\MSPQM.sys
21:08:25.0510 0x1cac MSPQM - ok
21:08:25.0536 0x1cac [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:08:25.0541 0x1cac MsRPC - ok
21:08:25.0558 0x1cac [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
21:08:25.0559 0x1cac mssmbios - ok
21:08:25.0577 0x1cac [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\Windows\system32\DRIVERS\MSTEE.sys
21:08:25.0578 0x1cac MSTEE - ok
21:08:25.0588 0x1cac [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
21:08:25.0588 0x1cac MTConfig - ok
21:08:25.0618 0x1cac [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:08:25.0620 0x1cac Mup - ok
21:08:25.0640 0x1cac [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\Windows\system32\drivers\mvumis.sys
21:08:25.0642 0x1cac mvumis - ok
21:08:25.0688 0x1cac [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:08:25.0696 0x1cac NativeWifiP - ok
21:08:25.0722 0x1cac [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\Windows\System32\ncasvc.dll
21:08:25.0725 0x1cac NcaSvc - ok
21:08:25.0740 0x1cac [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\Windows\System32\ncbservice.dll
21:08:25.0746 0x1cac NcbService - ok
21:08:25.0750 0x1cac [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
21:08:25.0753 0x1cac NcdAutoSetup - ok
21:08:25.0764 0x1cac [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\Windows\System32\drivers\ndfltr.sys
21:08:25.0766 0x1cac ndfltr - ok
21:08:25.0813 0x1cac [ 63560E6BC9BCA978A6B72DF65F7A8930, 278AAB22ED6001E7E336EFC027073EDA727A3D333FF2576D087C92F8E6D768B2 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:08:25.0830 0x1cac NDIS - ok
21:08:25.0839 0x1cac [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\Windows\system32\drivers\ndiscap.sys
21:08:25.0840 0x1cac NdisCap - ok
21:08:25.0864 0x1cac [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\Windows\system32\drivers\NdisImPlatform.sys
21:08:25.0866 0x1cac NdisImPlatform - ok
21:08:25.0880 0x1cac [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:08:25.0881 0x1cac NdisTapi - ok
21:08:25.0895 0x1cac [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\Windows\system32\drivers\ndisuio.sys
21:08:25.0896 0x1cac Ndisuio - ok
21:08:25.0904 0x1cac [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
21:08:25.0905 0x1cac NdisVirtualBus - ok
21:08:25.0922 0x1cac [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\Windows\System32\drivers\ndiswan.sys
21:08:25.0926 0x1cac NdisWan - ok
21:08:25.0934 0x1cac [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\Windows\system32\DRIVERS\ndiswan.sys
21:08:25.0937 0x1cac ndiswanlegacy - ok
21:08:25.0954 0x1cac [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\Windows\system32\DRIVERS\NDProxy.sys
21:08:25.0956 0x1cac ndproxy - ok
21:08:25.0973 0x1cac [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\Windows\system32\drivers\Ndu.sys
21:08:25.0975 0x1cac Ndu - ok
21:08:25.0988 0x1cac [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\Windows\system32\drivers\NetAdapterCx.sys
21:08:25.0990 0x1cac NetAdapterCx - ok
21:08:25.0997 0x1cac [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\Windows\system32\drivers\netbios.sys
21:08:25.0999 0x1cac NetBIOS - ok
21:08:26.0017 0x1cac [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:08:26.0021 0x1cac NetBT - ok
21:08:26.0029 0x1cac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\Windows\system32\lsass.exe
21:08:26.0031 0x1cac Netlogon - ok
21:08:26.0064 0x1cac [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\Windows\System32\netman.dll
21:08:26.0068 0x1cac Netman - ok
21:08:26.0100 0x1cac [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\Windows\System32\netprofmsvc.dll
21:08:26.0108 0x1cac netprofm - ok
21:08:26.0167 0x1cac [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc C:\Windows\System32\NetSetupSvc.dll
21:08:26.0172 0x1cac NetSetupSvc - ok
21:08:26.0249 0x1cac [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:08:26.0251 0x1cac NetTcpPortSharing - ok
21:08:26.0342 0x1cac [ 1F91B1E5FD41BDC3DF8AFFB81C8AA277, B8CB13863C1F0C589C008E191A393DF241F3067DD7CADE02B3B7D36B28BBA2ED ] NETwNb64 C:\Windows\System32\drivers\Netwbw02.sys
21:08:26.0387 0x1cac NETwNb64 - ok
21:08:26.0421 0x1cac [ 589882D9779C262F10C509BA458746E4, 85A964D69C50602CEE86DA4523D635962DE6526BE425A940340039979D511BA0 ] NgcCtnrSvc C:\Windows\System32\NgcCtnrSvc.dll
21:08:26.0427 0x1cac NgcCtnrSvc - ok
21:08:26.0463 0x1cac [ 56D1846C49F2D2B0110535AD8C90C0E4, 33C59489919A334E18A971F983E93E4A69FCD243BD06B45BC9A4F5CA224A976B ] NgcSvc C:\Windows\system32\ngcsvc.dll
21:08:26.0477 0x1cac NgcSvc - ok
21:08:26.0501 0x1cac [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:08:26.0507 0x1cac NlaSvc - ok
21:08:26.0521 0x1cac [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:08:26.0523 0x1cac Npfs - ok
21:08:26.0541 0x1cac [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
21:08:26.0542 0x1cac npsvctrig - ok
21:08:26.0599 0x1cac [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\Windows\system32\nsisvc.dll
21:08:26.0600 0x1cac nsi - ok
21:08:26.0619 0x1cac [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:08:26.0620 0x1cac nsiproxy - ok
21:08:26.0699 0x1cac [ 8DB6A6B731CEC9046CD8CA0267EC5679, 1C9D826D41B6C069E557B9CBF8762AB02F3C3D817AFD4F9284CD73505477E87C ] NTFS C:\Windows\system32\drivers\NTFS.sys
21:08:26.0729 0x1cac NTFS - ok
21:08:26.0742 0x1cac [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\Windows\system32\drivers\Null.sys
21:08:26.0742 0x1cac Null - ok
21:08:26.0778 0x1cac [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:08:26.0780 0x1cac nvraid - ok
21:08:26.0796 0x1cac [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:08:26.0798 0x1cac nvstor - ok
21:08:26.0823 0x1cac [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\Windows\System32\APHostService.dll
21:08:26.0829 0x1cac OneSyncSvc - ok
21:08:26.0859 0x1cac [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:08:26.0865 0x1cac p2pimsvc - ok
21:08:26.0896 0x1cac [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\Windows\system32\p2psvc.dll
21:08:26.0902 0x1cac p2psvc - ok
21:08:26.0920 0x1cac [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\Windows\System32\drivers\parport.sys
21:08:26.0922 0x1cac Parport - ok
21:08:26.0954 0x1cac [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:08:26.0956 0x1cac partmgr - ok
21:08:26.0993 0x1cac [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\Windows\System32\pcasvc.dll
|
|
19.05.2017, 09:16
| #3 |
| | Malware nach VLC Updater TDSS Teil 2
__________________Code:
ATTFilter 21:08:27.0000 0x1cac PcaSvc - ok
21:08:27.0030 0x1cac [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci C:\Windows\system32\drivers\pci.sys
21:08:27.0035 0x1cac pci - ok
21:08:27.0095 0x1cac [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\Windows\system32\drivers\pciide.sys
21:08:27.0095 0x1cac pciide - ok
21:08:27.0104 0x1cac [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:08:27.0106 0x1cac pcmcia - ok
21:08:27.0121 0x1cac [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\Windows\system32\drivers\pcw.sys
21:08:27.0122 0x1cac pcw - ok
21:08:27.0152 0x1cac [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc C:\Windows\system32\drivers\pdc.sys
21:08:27.0154 0x1cac pdc - ok
21:08:27.0188 0x1cac [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:08:27.0198 0x1cac PEAUTH - ok
21:08:27.0211 0x1cac [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\Windows\system32\drivers\percsas2i.sys
21:08:27.0212 0x1cac percsas2i - ok
21:08:27.0220 0x1cac [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\Windows\system32\drivers\percsas3i.sys
21:08:27.0221 0x1cac percsas3i - ok
21:08:27.0278 0x1cac [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:08:27.0279 0x1cac PerfHost - ok
21:08:27.0338 0x1cac [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\Windows\System32\PhoneService.dll
21:08:27.0351 0x1cac PhoneSvc - ok
21:08:27.0387 0x1cac [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
21:08:27.0390 0x1cac PimIndexMaintenanceSvc - ok
21:08:27.0458 0x1cac [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\Windows\system32\pla.dll
21:08:27.0478 0x1cac pla - ok
21:08:27.0504 0x1cac [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:08:27.0507 0x1cac PlugPlay - ok
21:08:27.0524 0x1cac [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:08:27.0525 0x1cac PNRPAutoReg - ok
21:08:27.0548 0x1cac [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:08:27.0554 0x1cac PNRPsvc - ok
21:08:27.0581 0x1cac [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:08:27.0586 0x1cac PolicyAgent - ok
21:08:27.0603 0x1cac [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\Windows\system32\umpo.dll
21:08:27.0606 0x1cac Power - ok
21:08:27.0629 0x1cac [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\Windows\System32\drivers\raspptp.sys
21:08:27.0631 0x1cac PptpMiniport - ok
21:08:27.0763 0x1cac [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
21:08:27.0807 0x1cac PrintNotify - ok
21:08:27.0828 0x1cac [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\Windows\System32\drivers\processr.sys
21:08:27.0830 0x1cac Processor - ok
21:08:27.0846 0x1cac [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\Windows\system32\profsvc.dll
21:08:27.0852 0x1cac ProfSvc - ok
21:08:27.0861 0x1cac [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\Windows\system32\drivers\pacer.sys
21:08:27.0864 0x1cac Psched - ok
21:08:27.0893 0x1cac [ 43252AB49C9A43D22AA583C15E96F7B7, 6ABD8D0D541BCF9E257C65122216B1D2AE92CBF8A3A3CB7CE340846E66C449CA ] QIOMem C:\Windows\System32\drivers\QIOMem.sys
21:08:27.0894 0x1cac QIOMem - ok
21:08:27.0915 0x1cac [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\Windows\system32\qwave.dll
21:08:27.0920 0x1cac QWAVE - ok
21:08:27.0941 0x1cac [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:08:27.0942 0x1cac QWAVEdrv - ok
21:08:27.0966 0x1cac [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:08:27.0966 0x1cac RasAcd - ok
21:08:27.0990 0x1cac [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\Windows\System32\drivers\AgileVpn.sys
21:08:27.0992 0x1cac RasAgileVpn - ok
21:08:28.0013 0x1cac [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\Windows\System32\rasauto.dll
21:08:28.0015 0x1cac RasAuto - ok
21:08:28.0028 0x1cac [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\Windows\System32\drivers\rasl2tp.sys
21:08:28.0029 0x1cac Rasl2tp - ok
21:08:28.0071 0x1cac [ 28C80449AC9CA09A6DBADF4940C125A7, A827E3A2D7DF67073CCE63C63168B2F4067C7D36E89BB99D4C6F17E46BECEB56 ] RasMan C:\Windows\System32\rasmans.dll
21:08:28.0081 0x1cac RasMan - ok
21:08:28.0096 0x1cac [ 726857E441D1D67F57694A1B613ABD34, 564027EF2E80F99595282FF76B6D339045B7E9AFE72D8DDF2D6EB0D98C329834 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:08:28.0097 0x1cac RasPppoe - ok
21:08:28.0110 0x1cac [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\Windows\System32\drivers\rassstp.sys
21:08:28.0111 0x1cac RasSstp - ok
21:08:28.0135 0x1cac [ 1A49C9F966A04D031DAD4C73C49D5288, 05C8690948EAA2A55A208D8D34118C27FD5C7D7AEEF4FAD1346E40BBE586946D ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:08:28.0141 0x1cac rdbss - ok
21:08:28.0166 0x1cac [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
21:08:28.0167 0x1cac rdpbus - ok
21:08:28.0189 0x1cac [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:08:28.0192 0x1cac RDPDR - ok
21:08:28.0237 0x1cac [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:08:28.0238 0x1cac RdpVideoMiniport - ok
21:08:28.0253 0x1cac [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:08:28.0257 0x1cac rdyboost - ok
21:08:28.0302 0x1cac [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\Windows\system32\drivers\ReFSv1.sys
21:08:28.0315 0x1cac ReFSv1 - ok
21:08:28.0356 0x1cac [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:08:28.0363 0x1cac RemoteAccess - ok
21:08:28.0380 0x1cac [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:08:28.0383 0x1cac RemoteRegistry - ok
21:08:28.0424 0x1cac [ 6FF3A30B1220D939D6120646BD5801F3, A526A24912FC5401E96796E41A4945D549486464067179201BCB25BF53049862 ] RetailDemo C:\Windows\system32\RDXService.dll
21:08:28.0434 0x1cac RetailDemo - ok
21:08:28.0450 0x1cac [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
21:08:28.0453 0x1cac RFCOMM - ok
21:08:28.0478 0x1cac [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\Windows\System32\RMapi.dll
21:08:28.0481 0x1cac RmSvc - ok
21:08:28.0505 0x1cac [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:08:28.0507 0x1cac RpcEptMapper - ok
21:08:28.0539 0x1cac [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\Windows\system32\locator.exe
21:08:28.0540 0x1cac RpcLocator - ok
21:08:28.0587 0x1cac [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] RpcSs C:\Windows\system32\rpcss.dll
21:08:28.0600 0x1cac RpcSs - ok
21:08:28.0620 0x1cac [ BF113A644E492BF647DC43397B3BCBAF, 1DA89159621A276470A9E1874D247051765BB4DD2222BFC81580D2709D28CEE4 ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys
21:08:28.0624 0x1cac RSP2STOR - ok
21:08:28.0646 0x1cac [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\Windows\system32\drivers\rspndr.sys
21:08:28.0647 0x1cac rspndr - ok
21:08:28.0679 0x1cac [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64 C:\Windows\System32\drivers\rt640x64.sys
21:08:28.0687 0x1cac rt640x64 - ok
21:08:28.0695 0x1cac [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
21:08:28.0695 0x1cac s3cap - ok
21:08:28.0707 0x1cac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\Windows\system32\lsass.exe
21:08:28.0709 0x1cac SamSs - ok
21:08:28.0729 0x1cac [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:08:28.0730 0x1cac sbp2port - ok
21:08:28.0752 0x1cac [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:08:28.0757 0x1cac SCardSvr - ok
21:08:28.0803 0x1cac [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
21:08:28.0807 0x1cac ScDeviceEnum - ok
21:08:28.0826 0x1cac [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:08:28.0827 0x1cac scfilter - ok
21:08:28.0862 0x1cac [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\Windows\system32\schedsvc.dll
21:08:28.0876 0x1cac Schedule - ok
21:08:28.0904 0x1cac [ B8B1D49283F33E3FFFDB611E51BCA7E5, C467A60150ED3E59D42CA45E8D0410613CC78D1B99DE011CF1C5D82FC799C27B ] scmbus C:\Windows\system32\drivers\scmbus.sys
21:08:28.0905 0x1cac scmbus - ok
21:08:28.0922 0x1cac [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\Windows\System32\drivers\scmdisk0101.sys
21:08:28.0924 0x1cac scmdisk0101 - ok
21:08:28.0950 0x1cac [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:08:28.0953 0x1cac SCPolicySvc - ok
21:08:28.0983 0x1cac [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus C:\Windows\System32\drivers\sdbus.sys
21:08:28.0987 0x1cac sdbus - ok
21:08:29.0004 0x1cac [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:08:29.0008 0x1cac SDRSVC - ok
21:08:29.0031 0x1cac [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\Windows\System32\drivers\sdstor.sys
21:08:29.0032 0x1cac sdstor - ok
21:08:29.0049 0x1cac [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\Windows\system32\seclogon.dll
21:08:29.0051 0x1cac seclogon - ok
21:08:29.0088 0x1cac [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\Windows\System32\sens.dll
21:08:29.0090 0x1cac SENS - ok
21:08:29.0156 0x1cac [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\Windows\System32\SensorDataService.exe
21:08:29.0174 0x1cac SensorDataService - ok
21:08:29.0204 0x1cac [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\Windows\system32\SensorService.dll
21:08:29.0211 0x1cac SensorService - ok
21:08:29.0240 0x1cac [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:08:29.0244 0x1cac SensrSvc - ok
21:08:29.0257 0x1cac [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\Windows\system32\drivers\SerCx.sys
21:08:29.0259 0x1cac SerCx - ok
21:08:29.0279 0x1cac [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
21:08:29.0282 0x1cac SerCx2 - ok
21:08:29.0295 0x1cac [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\Windows\System32\drivers\serenum.sys
21:08:29.0296 0x1cac Serenum - ok
21:08:29.0310 0x1cac [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\Windows\System32\drivers\serial.sys
21:08:29.0311 0x1cac Serial - ok
21:08:29.0327 0x1cac [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\Windows\System32\drivers\sermouse.sys
21:08:29.0328 0x1cac sermouse - ok
21:08:29.0355 0x1cac [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\Windows\system32\sessenv.dll
21:08:29.0362 0x1cac SessionEnv - ok
21:08:29.0378 0x1cac [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
21:08:29.0379 0x1cac sfloppy - ok
21:08:29.0435 0x1cac [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:08:29.0443 0x1cac SharedAccess - ok
21:08:29.0498 0x1cac [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:08:29.0507 0x1cac ShellHWDetection - ok
21:08:29.0532 0x1cac [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\Windows\system32\Windows.SharedPC.AccountManager.dll
21:08:29.0536 0x1cac shpamsvc - ok
21:08:29.0553 0x1cac [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:08:29.0554 0x1cac SiSRaid2 - ok
21:08:29.0568 0x1cac [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:08:29.0569 0x1cac SiSRaid4 - ok
21:08:29.0585 0x1cac [ 51DE8F82A399ABD8305EA56CCFB923C0, 55AEE8345BB83A53331DD4765738E20AA25735B5F861039FBA1AD2ECE4151331 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
21:08:29.0586 0x1cac SmbDrvI - ok
21:08:29.0613 0x1cac [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\Windows\System32\smphost.dll
21:08:29.0615 0x1cac smphost - ok
21:08:29.0647 0x1cac [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\Windows\system32\SmsRouterSvc.dll
21:08:29.0656 0x1cac SmsRouter - ok
21:08:29.0679 0x1cac [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:08:29.0680 0x1cac SNMPTRAP - ok
21:08:29.0713 0x1cac [ A265FF86BF4C03F47EC277881138675D, 52671A64D22EAA790CAE47D6710289ADB5DBF9BC98CD7CCCF64CA43B2F2A641A ] spaceport C:\Windows\system32\drivers\spaceport.sys
21:08:29.0720 0x1cac spaceport - ok
21:08:29.0742 0x1cac [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
21:08:29.0743 0x1cac SpbCx - ok
21:08:29.0812 0x1cac [ 28A36DBAFEDF00577EA960C68424500E, 958DDB7FEDDCA544C6881BC1DC42D563BBB112C4AD48259D5C5946109C3CCAB0 ] SpeedupService C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
21:08:29.0814 0x1cac SpeedupService - ok
21:08:29.0850 0x1cac [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler C:\Windows\System32\spoolsv.exe
21:08:29.0862 0x1cac Spooler - ok
21:08:30.0003 0x1cac [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\Windows\system32\sppsvc.exe
21:08:30.0076 0x1cac sppsvc - ok
21:08:30.0108 0x1cac [ 2E0F160AFE1EB7E8C21D6FE782FFFE0B, 0CA845468E42F0448FD7BECFA4E75E8548E20CAAA0DE0C37FFFACF7EB16CE0DE ] srv C:\Windows\system32\DRIVERS\srv.sys
21:08:30.0114 0x1cac srv - ok
21:08:30.0149 0x1cac [ A0BDA7332A9EE59062A7037D161C8715, C08818E52B64BDB194A2434C3F479360C960A99AD08F81CF51D64B7D92EBE0CB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:08:30.0159 0x1cac srv2 - ok
21:08:30.0180 0x1cac [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:08:30.0183 0x1cac srvnet - ok
21:08:30.0206 0x1cac [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:08:30.0211 0x1cac SSDPSRV - ok
21:08:30.0245 0x1cac [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:08:30.0249 0x1cac SstpSvc - ok
21:08:30.0385 0x1cac [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\Windows\system32\windows.staterepository.dll
21:08:30.0440 0x1cac StateRepository - ok
21:08:30.0458 0x1cac [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:08:30.0459 0x1cac stexstor - ok
21:08:30.0496 0x1cac [ 505F32DE573ECEDF398DB9E2FC0D5E45, 0F257200BD79C7A62C39279B1C0AF9032028B23561DB71DA9903366A0DF88E5C ] stisvc C:\Windows\System32\wiaservc.dll
21:08:30.0506 0x1cac stisvc - ok
21:08:30.0543 0x1cac [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci C:\Windows\system32\drivers\storahci.sys
21:08:30.0545 0x1cac storahci - ok
21:08:30.0560 0x1cac [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:08:30.0561 0x1cac storflt - ok
21:08:30.0587 0x1cac [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\Windows\system32\drivers\stornvme.sys
21:08:30.0588 0x1cac stornvme - ok
21:08:30.0597 0x1cac [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\Windows\system32\drivers\storqosflt.sys
21:08:30.0598 0x1cac storqosflt - ok
21:08:30.0639 0x1cac [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc C:\Windows\system32\storsvc.dll
21:08:30.0645 0x1cac StorSvc - ok
21:08:30.0661 0x1cac [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\Windows\system32\drivers\storufs.sys
21:08:30.0662 0x1cac storufs - ok
21:08:30.0687 0x1cac [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:08:30.0688 0x1cac storvsc - ok
21:08:30.0722 0x1cac [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\Windows\system32\svsvc.dll
21:08:30.0723 0x1cac svsvc - ok
21:08:30.0735 0x1cac [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\Windows\System32\drivers\swenum.sys
21:08:30.0735 0x1cac swenum - ok
21:08:30.0757 0x1cac [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\Windows\System32\swprv.dll
21:08:30.0765 0x1cac swprv - ok
21:08:30.0788 0x1cac [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\Windows\System32\drivers\Synth3dVsc.sys
21:08:30.0789 0x1cac Synth3dVsc - ok
21:08:30.0821 0x1cac [ 9DEA2FEBC85556ACE33F8ED89AC343BB, D523F727C2857D28593491A52A24291AC7E617654FC25CC536D8A9876777FE54 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:08:30.0830 0x1cac SynTP - ok
21:08:30.0909 0x1cac [ F9A7E789DF11F534F80387FD1CA61C1A, 5B376E7142A528355E99751BE6A8100FD089BD1C48DDF4BF337846F81EE088B7 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
21:08:30.0913 0x1cac SynTPEnhService - ok
21:08:30.0953 0x1cac [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\Windows\system32\sysmain.dll
21:08:30.0967 0x1cac SysMain - ok
21:08:30.0997 0x1cac [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:08:31.0004 0x1cac SystemEventsBroker - ok
21:08:31.0033 0x1cac [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:08:31.0036 0x1cac TabletInputService - ok
21:08:31.0044 0x1cac [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:08:31.0050 0x1cac TapiSrv - ok
21:08:31.0128 0x1cac [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:08:31.0162 0x1cac Tcpip - ok
21:08:31.0227 0x1cac [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6 C:\Windows\system32\drivers\tcpip.sys
21:08:31.0260 0x1cac Tcpip6 - ok
21:08:31.0294 0x1cac [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:08:31.0295 0x1cac tcpipreg - ok
21:08:31.0316 0x1cac [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:08:31.0318 0x1cac tdx - ok
21:08:31.0337 0x1cac [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\Windows\System32\drivers\terminpt.sys
21:08:31.0338 0x1cac terminpt - ok
21:08:31.0380 0x1cac [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\Windows\System32\termsrv.dll
21:08:31.0394 0x1cac TermService - ok
21:08:31.0407 0x1cac [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\Windows\system32\themeservice.dll
21:08:31.0409 0x1cac Themes - ok
21:08:31.0427 0x1cac [ ED9D92DA814FC44EE5D867A0AFABCB85, 1430CB1860F92A8843BF545F35B62F6C4E6B6DED2D240D09DE8E950DF80346A0 ] Thotkey C:\Windows\System32\drivers\Thotkey.sys
21:08:31.0428 0x1cac Thotkey - ok
21:08:31.0451 0x1cac [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
21:08:31.0456 0x1cac TieringEngineService - ok
21:08:31.0481 0x1cac [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
21:08:31.0490 0x1cac tiledatamodelsvc - ok
21:08:31.0513 0x1cac [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\Windows\System32\TimeBrokerServer.dll
21:08:31.0517 0x1cac TimeBrokerSvc - ok
21:08:31.0537 0x1cac [ AE42E2FAA3A07ADE0A3872C21BF094EA, 0C76825025442FEB259D2909866B674B0751F5FBE5EF287C8B6ED9E90D0F6DCD ] tosrfec C:\Windows\System32\drivers\tosrfec.sys
21:08:31.0538 0x1cac tosrfec - ok
21:08:31.0563 0x1cac [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM C:\Windows\System32\drivers\tpm.sys
21:08:31.0566 0x1cac TPM - ok
21:08:31.0599 0x1cac [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\Windows\System32\trkwks.dll
21:08:31.0602 0x1cac TrkWks - ok
21:08:31.0677 0x1cac [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:08:31.0679 0x1cac TrustedInstaller - ok
21:08:31.0699 0x1cac [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\Windows\system32\drivers\TsUsbFlt.sys
21:08:31.0700 0x1cac tsusbflt - ok
21:08:31.0717 0x1cac [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
21:08:31.0718 0x1cac TsUsbGD - ok
21:08:31.0742 0x1cac [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\Windows\System32\drivers\tunnel.sys
21:08:31.0744 0x1cac tunnel - ok
21:08:31.0766 0x1cac [ 6A2A692F6A987D8C3BF758CA5A225BD1, 015A09D702277B6B79642227062D53ACA572E258E0C7FF6573A0E043C27531AD ] TVALZ C:\Windows\system32\drivers\TVALZ_O.SYS
21:08:31.0767 0x1cac TVALZ - ok
21:08:31.0806 0x1cac [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate C:\Windows\system32\tzautoupdate.dll
21:08:31.0809 0x1cac tzautoupdate - ok
21:08:31.0828 0x1cac [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
21:08:31.0829 0x1cac UASPStor - ok
21:08:31.0844 0x1cac [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\Windows\system32\Drivers\UcmCx.sys
21:08:31.0845 0x1cac UcmCx0101 - ok
21:08:31.0859 0x1cac [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\Windows\system32\Drivers\UcmTcpciCx.sys
21:08:31.0861 0x1cac UcmTcpciCx0101 - ok
21:08:31.0873 0x1cac [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\Windows\System32\drivers\UcmUcsi.sys
21:08:31.0874 0x1cac UcmUcsi - ok
21:08:31.0896 0x1cac [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\Windows\system32\drivers\ucx01000.sys
21:08:31.0899 0x1cac Ucx01000 - ok
21:08:31.0918 0x1cac [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\Windows\system32\drivers\udecx.sys
21:08:31.0919 0x1cac UdeCx - ok
21:08:31.0937 0x1cac [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:08:31.0942 0x1cac udfs - ok
21:08:31.0962 0x1cac [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\Windows\System32\drivers\UEFI.sys
21:08:31.0963 0x1cac UEFI - ok
21:08:31.0994 0x1cac [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\Windows\system32\drivers\ufx01000.sys
21:08:31.0998 0x1cac Ufx01000 - ok
21:08:32.0020 0x1cac [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\Windows\System32\drivers\UfxChipidea.sys
21:08:32.0022 0x1cac UfxChipidea - ok
21:08:32.0027 0x1cac [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\Windows\System32\drivers\ufxsynopsys.sys
21:08:32.0029 0x1cac ufxsynopsys - ok
21:08:32.0052 0x1cac [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:08:32.0054 0x1cac UI0Detect - ok
21:08:32.0071 0x1cac [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\Windows\System32\drivers\umbus.sys
21:08:32.0072 0x1cac umbus - ok
21:08:32.0081 0x1cac [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\Windows\System32\drivers\umpass.sys
21:08:32.0082 0x1cac UmPass - ok
21:08:32.0118 0x1cac [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\Windows\System32\umrdp.dll
21:08:32.0123 0x1cac UmRdpService - ok
21:08:32.0168 0x1cac [ 6C8E89E9CA8A4E703631E54A5E015AF8, 3C74B9329558ACC4F701099516923DE82CBEDABD8814987221BDF71B53550586 ] UnistoreSvc C:\Windows\System32\unistore.dll
21:08:32.0185 0x1cac UnistoreSvc - ok
21:08:32.0215 0x1cac [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\Windows\System32\upnphost.dll
21:08:32.0222 0x1cac upnphost - ok
21:08:32.0238 0x1cac [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\Windows\System32\drivers\urschipidea.sys
21:08:32.0239 0x1cac UrsChipidea - ok
21:08:32.0254 0x1cac [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\Windows\system32\drivers\urscx01000.sys
21:08:32.0255 0x1cac UrsCx01000 - ok
21:08:32.0266 0x1cac [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\Windows\System32\drivers\urssynopsys.sys
21:08:32.0267 0x1cac UrsSynopsys - ok
21:08:32.0301 0x1cac [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
21:08:32.0304 0x1cac usbccgp - ok
21:08:32.0330 0x1cac [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\Windows\System32\drivers\usbcir.sys
21:08:32.0332 0x1cac usbcir - ok
21:08:32.0346 0x1cac [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\Windows\System32\drivers\usbehci.sys
21:08:32.0347 0x1cac usbehci - ok
21:08:32.0368 0x1cac [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\Windows\System32\drivers\usbhub.sys
21:08:32.0374 0x1cac usbhub - ok
21:08:32.0399 0x1cac [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
21:08:32.0406 0x1cac USBHUB3 - ok
21:08:32.0418 0x1cac [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\Windows\System32\drivers\usbohci.sys
21:08:32.0420 0x1cac usbohci - ok
21:08:32.0435 0x1cac [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\Windows\System32\drivers\usbprint.sys
21:08:32.0436 0x1cac usbprint - ok
21:08:32.0456 0x1cac [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:08:32.0457 0x1cac usbscan - ok
21:08:32.0480 0x1cac [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\Windows\System32\drivers\usbser.sys
21:08:32.0482 0x1cac usbser - ok
21:08:32.0500 0x1cac [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
21:08:32.0502 0x1cac USBSTOR - ok
21:08:32.0513 0x1cac [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
21:08:32.0514 0x1cac usbuhci - ok
21:08:32.0536 0x1cac [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:08:32.0540 0x1cac usbvideo - ok
21:08:32.0559 0x1cac [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
21:08:32.0564 0x1cac USBXHCI - ok
21:08:32.0626 0x1cac [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc C:\Windows\System32\userdataservice.dll
21:08:32.0647 0x1cac UserDataSvc - ok
21:08:32.0705 0x1cac [ A1BDC8AF9F66A71744B5DC99CCEF4058, 098EDA0D186098A8D61DEF20B76F05B978FC3A08A068243FC4823423B430E95B ] UserManager C:\Windows\System32\usermgr.dll
21:08:32.0720 0x1cac UserManager - ok
21:08:32.0754 0x1cac [ F1374B17FE4A4617DFB6D20A0E699763, C3A515594B1593C9F141C342CA1CDB4FE7A3243D8F1785655A3378DB1FE8ED65 ] UsoSvc C:\Windows\system32\usocore.dll
21:08:32.0763 0x1cac UsoSvc - ok
21:08:32.0796 0x1cac [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\Windows\system32\lsass.exe
21:08:32.0798 0x1cac VaultSvc - ok
21:08:32.0812 0x1cac [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:08:32.0813 0x1cac vdrvroot - ok
21:08:32.0851 0x1cac [ 70D165B3EA8BC576828DC2B964C8D116, 92C9381BDECB5C991F848A02AF2F4189CE0119961FB37E57A37594A80704DDC5 ] vds C:\Windows\System32\vds.exe
21:08:32.0860 0x1cac vds - ok
21:08:32.0894 0x1cac [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
21:08:32.0897 0x1cac VerifierExt - ok
21:08:32.0945 0x1cac [ F7F3E80E84E51A6F89831A6F26056A98, CB7587900C466D834693115E1E23D0A44490C128CA1684FB93CB8C34AFCEBC71 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
21:08:32.0955 0x1cac vhdmp - ok
21:08:32.0974 0x1cac [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\Windows\System32\drivers\vhf.sys
21:08:32.0975 0x1cac vhf - ok
21:08:33.0000 0x1cac [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:08:33.0002 0x1cac vmbus - ok
21:08:33.0016 0x1cac [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
21:08:33.0017 0x1cac VMBusHID - ok
21:08:33.0039 0x1cac [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\Windows\System32\drivers\vmgid.sys
21:08:33.0039 0x1cac vmgid - ok
21:08:33.0083 0x1cac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\Windows\System32\icsvc.dll
21:08:33.0088 0x1cac vmicguestinterface - ok
21:08:33.0095 0x1cac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\Windows\System32\icsvc.dll
21:08:33.0100 0x1cac vmicheartbeat - ok
21:08:33.0107 0x1cac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\Windows\System32\icsvc.dll
21:08:33.0112 0x1cac vmickvpexchange - ok
21:08:33.0145 0x1cac [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv C:\Windows\System32\icsvcext.dll
21:08:33.0150 0x1cac vmicrdv - ok
21:08:33.0159 0x1cac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\Windows\System32\icsvc.dll
21:08:33.0163 0x1cac vmicshutdown - ok
21:08:33.0171 0x1cac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\Windows\System32\icsvc.dll
21:08:33.0176 0x1cac vmictimesync - ok
21:08:33.0183 0x1cac [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\Windows\System32\icsvc.dll
21:08:33.0188 0x1cac vmicvmsession - ok
21:08:33.0196 0x1cac [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss C:\Windows\System32\icsvcext.dll
21:08:33.0202 0x1cac vmicvss - ok
21:08:33.0212 0x1cac [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:08:33.0213 0x1cac volmgr - ok
21:08:33.0231 0x1cac [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:08:33.0236 0x1cac volmgrx - ok
21:08:33.0266 0x1cac [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:08:33.0272 0x1cac volsnap - ok
21:08:33.0284 0x1cac [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\Windows\system32\drivers\volume.sys
21:08:33.0285 0x1cac volume - ok
21:08:33.0302 0x1cac [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\Windows\System32\drivers\vpci.sys
21:08:33.0304 0x1cac vpci - ok
21:08:33.0314 0x1cac [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:08:33.0316 0x1cac vsmraid - ok
21:08:33.0379 0x1cac [ DDA66AEF89DAC320A85AECCB4369D2E7, 0F267FC985E0CA3624FC5F4DDA25623649BAD544772179261576F793A0485523 ] VSS C:\Windows\system32\vssvc.exe
21:08:33.0399 0x1cac VSS - ok
21:08:33.0416 0x1cac [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
21:08:33.0420 0x1cac VSTXRAID - ok
21:08:33.0444 0x1cac [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:08:33.0445 0x1cac vwifibus - ok
21:08:33.0458 0x1cac [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\Windows\system32\drivers\vwififlt.sys
21:08:33.0460 0x1cac vwififlt - ok
21:08:33.0495 0x1cac [ B1133B813E4CBF258A392CA08255BA24, 6061F27BD24F39A630ABE77921051785CB4B325156379A5E3636817DD6399C6F ] vwifimp C:\Windows\System32\drivers\vwifimp.sys
21:08:33.0496 0x1cac vwifimp - ok
21:08:33.0528 0x1cac [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\Windows\system32\w32time.dll
21:08:33.0536 0x1cac W32Time - ok
21:08:33.0556 0x1cac [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
21:08:33.0557 0x1cac WacomPen - ok
21:08:33.0580 0x1cac [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\Windows\system32\WalletService.dll
21:08:33.0586 0x1cac WalletService - ok
21:08:33.0598 0x1cac [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:08:33.0599 0x1cac wanarp - ok
21:08:33.0603 0x1cac [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:08:33.0604 0x1cac wanarpv6 - ok
21:08:33.0648 0x1cac [ 8413D292CD1B27D6B6127B90697F2B1C, E03F9AAC410F5AEDCC30FDB4D8F4739AE7B290EFA735C480A29E9FE53C1D8420 ] wbengine C:\Windows\system32\wbengine.exe
21:08:33.0669 0x1cac wbengine - ok
21:08:33.0710 0x1cac [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:08:33.0723 0x1cac WbioSrvc - ok
21:08:33.0755 0x1cac [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\Windows\system32\drivers\wcifs.sys
21:08:33.0757 0x1cac wcifs - ok
21:08:33.0796 0x1cac [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
21:08:33.0807 0x1cac Wcmsvc - ok
21:08:33.0843 0x1cac [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:08:33.0851 0x1cac wcncsvc - ok
21:08:33.0872 0x1cac [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\Windows\system32\drivers\wcnfs.sys
21:08:33.0874 0x1cac wcnfs - ok
21:08:33.0886 0x1cac [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
21:08:33.0887 0x1cac WdBoot - ok
21:08:33.0926 0x1cac [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:08:33.0937 0x1cac Wdf01000 - ok
21:08:33.0954 0x1cac [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
21:08:33.0958 0x1cac WdFilter - ok
21:08:33.0973 0x1cac [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:08:33.0976 0x1cac WdiServiceHost - ok
21:08:33.0979 0x1cac [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:08:33.0982 0x1cac WdiSystemHost - ok
21:08:34.0014 0x1cac [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi C:\Windows\system32\DRIVERS\wdiwifi.sys
21:08:34.0024 0x1cac wdiwifi - ok
21:08:34.0034 0x1cac [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
21:08:34.0036 0x1cac WdNisDrv - ok
21:08:34.0060 0x1cac WdNisSvc - ok
21:08:34.0077 0x1cac [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\Windows\System32\webclnt.dll
21:08:34.0081 0x1cac WebClient - ok
21:08:34.0094 0x1cac [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:08:34.0099 0x1cac Wecsvc - ok
21:08:34.0102 0x1cac [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
21:08:34.0104 0x1cac WEPHOSTSVC - ok
21:08:34.0120 0x1cac [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:08:34.0122 0x1cac wercplsupport - ok
21:08:34.0137 0x1cac [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\Windows\System32\WerSvc.dll
21:08:34.0142 0x1cac WerSvc - ok
21:08:34.0159 0x1cac [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\Windows\system32\drivers\wfplwfs.sys
21:08:34.0161 0x1cac WFPLWFS - ok
21:08:34.0186 0x1cac [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\Windows\System32\wiarpc.dll
21:08:34.0188 0x1cac WiaRpc - ok
21:08:34.0203 0x1cac [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:08:34.0204 0x1cac WIMMount - ok
21:08:34.0208 0x1cac WinDefend - ok
21:08:34.0255 0x1cac [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
21:08:34.0257 0x1cac WindowsTrustedRT - ok
21:08:34.0274 0x1cac [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
21:08:34.0275 0x1cac WindowsTrustedRTProxy - ok
21:08:34.0306 0x1cac [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:08:34.0318 0x1cac WinHttpAutoProxySvc - ok
21:08:34.0334 0x1cac [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\Windows\System32\drivers\winmad.sys
21:08:34.0335 0x1cac WinMad - ok
21:08:34.0385 0x1cac [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:08:34.0389 0x1cac Winmgmt - ok
21:08:34.0474 0x1cac [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM C:\Windows\system32\WsmSvc.dll
21:08:34.0513 0x1cac WinRM - ok
21:08:34.0538 0x1cac [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\Windows\System32\drivers\WinUSB.SYS
21:08:34.0539 0x1cac WINUSB - ok
21:08:34.0554 0x1cac [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\Windows\System32\drivers\winverbs.sys
21:08:34.0556 0x1cac WinVerbs - ok
21:08:34.0584 0x1cac [ 3A627A24EAC6CEC3BA59548AA70BAD6E, C4B908CEB2D6F7F14C635AE02E20B16DAF795073975AE3967627D27E8ABAB015 ] WirelessKeyboardFilter C:\Windows\System32\drivers\WirelessKeyboardFilter.sys
21:08:34.0585 0x1cac WirelessKeyboardFilter - ok
21:08:34.0622 0x1cac [ 15F0990B7C101163FE27D9B19FEB3D43, 5020EF7755E0ACDA77E816C44A5B75286CC1BEA182BECF9D7252EB826A4F1FFE ] wisvc C:\Windows\system32\flightsettings.dll
21:08:34.0631 0x1cac wisvc - ok
21:08:34.0710 0x1cac [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc C:\Windows\System32\wlansvc.dll
21:08:34.0742 0x1cac WlanSvc - ok
21:08:34.0824 0x1cac [ EF39F106D7E0A8918E98E4CDAE25F2E2, B6EDF2646C1E3A1684C40DFC475694DF540C2B1B8E4247AE343E1DF34B1CE4F7 ] wlidsvc C:\Windows\system32\wlidsvc.dll
21:08:34.0852 0x1cac wlidsvc - ok
21:08:34.0861 0x1cac [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
21:08:34.0862 0x1cac WmiAcpi - ok
21:08:34.0889 0x1cac [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:08:34.0892 0x1cac wmiApSrv - ok
21:08:34.0915 0x1cac WMPNetworkSvc - ok
21:08:34.0944 0x1cac [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\Windows\system32\drivers\Wof.sys
21:08:34.0947 0x1cac Wof - ok
21:08:35.0006 0x1cac [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
21:08:35.0031 0x1cac workfolderssvc - ok
21:08:35.0061 0x1cac [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:08:35.0063 0x1cac WPDBusEnum - ok
21:08:35.0089 0x1cac [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
21:08:35.0090 0x1cac WpdUpFltr - ok
21:08:35.0101 0x1cac [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\Windows\system32\WpnService.dll
21:08:35.0106 0x1cac WpnService - ok
21:08:35.0121 0x1cac [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\Windows\System32\WpnUserService.dll
21:08:35.0125 0x1cac WpnUserService - ok
21:08:35.0147 0x1cac [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:08:35.0148 0x1cac ws2ifsl - ok
21:08:35.0193 0x1cac [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc C:\Windows\System32\wscsvc.dll
21:08:35.0197 0x1cac wscsvc - ok
21:08:35.0200 0x1cac WSearch - ok
21:08:35.0275 0x1cac [ A44EAEFD97814D970870F393A06E6F43, 58EF20121E656F1FBB7ADD9AAE789DFE6E8BA9FB3363678645708C9DDEB9814E ] wuauserv C:\Windows\system32\wuaueng.dll
21:08:35.0306 0x1cac wuauserv - ok
21:08:35.0327 0x1cac [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:08:35.0329 0x1cac WudfPf - ok
21:08:35.0345 0x1cac [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
21:08:35.0348 0x1cac WUDFRd - ok
21:08:35.0370 0x1cac [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:08:35.0373 0x1cac wudfsvc - ok
21:08:35.0379 0x1cac [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
21:08:35.0383 0x1cac WUDFWpdFs - ok
21:08:35.0388 0x1cac [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
21:08:35.0392 0x1cac WUDFWpdMtp - ok
21:08:35.0446 0x1cac [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:08:35.0464 0x1cac WwanSvc - ok
21:08:35.0506 0x1cac [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager C:\Windows\System32\XblAuthManager.dll
21:08:35.0521 0x1cac XblAuthManager - ok
21:08:35.0563 0x1cac [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\Windows\System32\XblGameSave.dll
21:08:35.0580 0x1cac XblGameSave - ok
21:08:35.0603 0x1cac [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip C:\Windows\System32\drivers\xboxgip.sys
21:08:35.0607 0x1cac xboxgip - ok
21:08:35.0638 0x1cac [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc C:\Windows\system32\XboxNetApiSvc.dll
21:08:35.0654 0x1cac XboxNetApiSvc - ok
21:08:35.0674 0x1cac [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\Windows\System32\drivers\xinputhid.sys
21:08:35.0675 0x1cac xinputhid - ok
21:08:35.0677 0x1cac ================ Scan global ===============================
21:08:35.0720 0x1cac [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\Windows\system32\basesrv.dll
21:08:35.0755 0x1cac [ F109EE1ACA4F7E5714C892D2B01D0890, 1915BD17558BE17C3242AF014351676D47E22A7E8A455A14C23B564E726DB061 ] C:\Windows\system32\winsrv.dll
21:08:35.0782 0x1cac [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\Windows\system32\sxssrv.dll
21:08:35.0813 0x1cac [ 9A3B47CD17283B299311013AD3D21D26, 48D5695E7610E7A742E403B2C37664D961E466C10E4FFAE07C8AB6B5BE5F7BF8 ] C:\Windows\system32\services.exe
21:08:35.0820 0x1cac [ Global ] - ok
21:08:35.0820 0x1cac ================ Scan MBR ==================================
21:08:35.0835 0x1cac [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:08:36.0019 0x1cac \Device\Harddisk0\DR0 - ok
21:08:36.0032 0x1cac [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:08:36.0035 0x1cac \Device\Harddisk1\DR1 - ok
21:08:36.0036 0x1cac ================ Scan VBR ==================================
21:08:36.0037 0x1cac [ 05FAB6EC041A63F89C4164604A813EEC ] \Device\Harddisk0\DR0\Partition1
21:08:36.0038 0x1cac \Device\Harddisk0\DR0\Partition1 - ok
21:08:36.0040 0x1cac [ 5231008B1ECB63135303824DD1C59CC6 ] \Device\Harddisk0\DR0\Partition2
21:08:36.0042 0x1cac \Device\Harddisk0\DR0\Partition2 - ok
21:08:36.0043 0x1cac [ 23CF87EB853E1B9F8B4B8310AF69E1F5 ] \Device\Harddisk0\DR0\Partition3
21:08:36.0045 0x1cac \Device\Harddisk0\DR0\Partition3 - ok
21:08:36.0047 0x1cac [ 414B8568800499DBC77FDC7C2A9104DC ] \Device\Harddisk1\DR1\Partition1
21:08:36.0048 0x1cac \Device\Harddisk1\DR1\Partition1 - ok
21:08:36.0049 0x1cac ================ Scan generic autorun ======================
21:08:36.0102 0x1cac [ 831525493F0CB1DB6D76FA465542E6B3, E5F00004578A3CDF50539B813A8599E5F4BF6E4CE56C2F3F85DE2879558F6CE9 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
21:08:36.0110 0x1cac cAudioFilterAgent - ok
21:08:36.0176 0x1cac [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
21:08:36.0199 0x1cac SmartAudio - ok
21:08:36.0201 0x1cac SynTPEnh - ok
21:08:36.0227 0x1cac [ AF9688A90020A67F271D54E503F84C26, 538E068126D072F64BE7BC1B5902D20B6755EF7F7B1C3A04F82C9C97BE0AD50E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
21:08:36.0228 0x1cac Avira SystrayStartTrigger - ok
21:08:36.0248 0x1cac [ 03BEB35368103B96AE04E863214FB2B8, 03171D8F8601D046420E9394B59C6651CDAEA21AA427390682DEBA4464AE2079 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
21:08:36.0250 0x1cac Avira System Speedup User Starter - ok
21:08:36.0305 0x1cac [ 30ECFDFE0FAE38B0608A23B444A1A04D, C61EFB59D3ACA2C7345E17099265D62C37F9F34DA026519A58C297350A561945 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
21:08:36.0316 0x1cac avgnt - ok
21:08:36.0581 0x1cac [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:08:36.0693 0x1cac OneDriveSetup - ok
21:08:36.0907 0x1cac [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:08:37.0022 0x1cac OneDriveSetup - ok
21:08:37.0235 0x1cac [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:08:37.0347 0x1cac OneDriveSetup - ok
21:08:37.0498 0x1cac [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:08:37.0517 0x1cac OneDrive - ok
21:08:37.0551 0x1cac [ 46996518AD75D97AD6427B42318936D5, F1609AF205464B7AC8251C4286F0D69A9C1BC745A4FB5D0B9149B12C4C5DCA99 ] C:\Users\Katharina\AppData\Roaming\OpenOffice Updater\Updater.exe
21:08:37.0556 0x1cac OpenOffice Updater - ok
21:08:37.0588 0x1cac [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\Windows\system32\cmd.exe
21:08:37.0592 0x1cac Uninstall C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64 - ok
21:08:37.0593 0x1cac Waiting for KSN requests completion. In queue: 231
21:08:38.0624 0x1cac AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.26.45 ), 0x41000 ( enabled : updated )
21:08:38.0624 0x1cac AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated )
21:08:38.0638 0x1cac Win FW state via NFP2: enabled ( trusted )
21:08:38.0741 0x1cac ============================================================
21:08:38.0741 0x1cac Scan finished
21:08:38.0741 0x1cac ============================================================
21:08:38.0749 0x1804 Detected object count: 0
21:08:38.0749 0x1804 Actual detected object count: 0
|
|
19.05.2017, 11:01
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Malware nach VLC Updater hi, Zitat:
Du hast auch Mist von Chip geladen. Da fallen so viele Leute drauf rein...ist mir ein Rätsel, warum sich sonst alles herumspricht, dieser Mist mit chip.de oder vlc.de aber nicht  Bitte Avira deinstallieren. Am besten mit Revo, siehe weiter unten. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.05.2017, 13:21
| #5 |
| | Malware nach VLC Updater Das mit chip ist mir tatsächlich neu. Aber gut zu wissen! Ich habe nun alles von Avira und chip nach Anleitung deinstalliert. |
|
19.05.2017, 13:36
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malware nach VLC Updater Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ --> Malware nach VLC Updater |
|
19.05.2017, 14:15
| #7 |
| | Malware nach VLC Updater ADW Cleaner: Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 19/05/2017 um 14:59:11
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-19.1 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Katharina - DESKTOP-NKL2DK3
# Gestartet von : C:\Users\Katharina\Downloads\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\KATHAR~1\AppData\Local\Temp\BROWSERADDON
[-] Ordner gelöscht: C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\djhangopedggnlnicpbjklghlckmndge
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Katharina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster Symbol.lnk
[-] Datei gelöscht: C:\Users\Katharina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GOODGAME.LNK
[-] Datei gelöscht: C:\Users\KATHAR~1\AppData\Local\Temp\VLC Player\startfenster-symbol.exe
[-] Datei gelöscht: C:\Users\Katharina\AppData\Roaming\Mozilla\Extensions\startfensterde-0.0.1-an+fx-linux.xpi
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Wert gelöscht: HKCU\Software\AM [Startfenster Symbol]
[-] Wert gelöscht: HKCU\Software\AM [VLC Updater]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Google\Chrome\Extensions\djhangopedggnlnicpbjklghlckmndge
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.newtab.url" - "hxxps://mysearch.avg.com/?cid={FD985FD4-B243-419F-8111-7E543298744E}&mid=120be12fb1b647cd98c5151d02025d82-db432219080066fc4755d601531465133589a9c4&lang=de&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2015-06-12 20:05:33&v=4.1.4.948&pid=wtu&sg=&sap=hp"
[-] [C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default] [extension] Gelöscht: djhangopedggnlnicpbjklghlckmndge
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2312 Bytes] - [19/05/2017 14:59:11]
C:\AdwCleaner\AdwCleaner[S0].txt - [2296 Bytes] - [19/05/2017 14:57:43]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2458 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64
Ran by Katharina (Administrator) on 19.05.2017 at 15:06:43,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.05.2017 at 15:08:21,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
19.05.2017, 15:22
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malware nach VLC Updater adwCleaner zwecks Kontrolle bitte wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.05.2017, 16:47
| #9 |
| | Malware nach VLC UpdaterCode:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 19/05/2017 um 17:46:34
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-19.1 [Lokal]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Katharina - DESKTOP-NKL2DK3
# Gestartet von : C:\Users\Katharina\Downloads\AdwCleaner_6.046.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2537 Bytes] - [19/05/2017 14:59:11]
C:\AdwCleaner\AdwCleaner[S0].txt - [2296 Bytes] - [19/05/2017 14:57:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [1349 Bytes] - [19/05/2017 17:46:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1422 Bytes] ##########
|
|
19.05.2017, 20:11
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malware nach VLC Updater Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.05.2017, 21:01
| #11 |
| | Malware nach VLC UpdaterCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
durchgeführt von Katharina (Administrator) auf DESKTOP-NKL2DK3 (19-05-2017 21:55:00)
Gestartet von C:\Users\Katharina\Downloads
Geladene Profile: Katharina (Verfügbare Profile: defaultuser0 & Katharina)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
() C:\Program Files\Siber Systems\GoodSync\gs-server.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Katharina\Downloads\FRST64(1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [601944 2015-08-14] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-10-08] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\Run: [OpenOffice Updater] => C:\Users\Katharina\AppData\Roaming\OpenOffice Updater\Updater.exe [387640 2016-10-13] ()
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\RunOnce: [Uninstall C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Katharina\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\MountPoints2: {1a89f738-3625-11e7-8931-34de1a2b781a} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\MountPoints2: {1a89f750-3625-11e7-8931-34de1a2b781a} - "F:\HiSuiteDownLoader.exe"
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4222b4b2-44b0-40e1-94f1-0613f8cf0f47}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
FireFox:
========
FF DefaultProfile: 1nue4pl9.default
FF ProfilePath: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\1nue4pl9.default [2017-05-19]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\1nue4pl9.default -> Google Default
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\1nue4pl9.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\1nue4pl9.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\1nue4pl9.default -> www.google.com
FF Keyword.URL: Mozilla\Firefox\Profiles\1nue4pl9.default -> hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Extension: (Avira Browser Safety) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\1nue4pl9.default\Extensions\abs@avira.com.xpi [2017-04-07]
FF Extension: (Ghostery) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\1nue4pl9.default\Extensions\firefox@ghostery.com.xpi [2017-05-06]
FF Extension: (Adblock Plus) - C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\1nue4pl9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-26]
FF SearchPlugin: C:\Users\Katharina\AppData\Roaming\Mozilla\Firefox\Profiles\1nue4pl9.default\searchplugins\google-default.xml [2015-07-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default [2017-05-15]
CHR Extension: (Google Präsentationen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-12]
CHR Extension: (Google Docs) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-12]
CHR Extension: (Google Drive) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-12]
CHR Extension: (YouTube) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-12]
CHR Extension: (Google Tabellen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-12]
CHR Extension: (Avira Browserschutz) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-12-12]
CHR Extension: (Google Docs Offline) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-14]
CHR Extension: (Google Mail) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [6851296 2016-11-29] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373752 2016-12-02] (Intel Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-08] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [299280 2015-12-18] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-09-24] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [52816 2016-08-03] (Toshiba Client Solutions Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-19 21:54 - 2017-05-19 21:54 - 02429952 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64(1).exe
2017-05-19 17:44 - 2017-05-19 17:44 - 00000832 _____ C:\Users\Katharina\AppData\Local\recently-used.xbel
2017-05-19 15:08 - 2017-05-19 15:08 - 00000551 _____ C:\Users\Katharina\Desktop\JRT.txt
2017-05-19 15:05 - 2017-05-19 15:05 - 01663672 _____ (Malwarebytes) C:\Users\Katharina\Downloads\JRT.exe
2017-05-19 14:55 - 2017-05-19 17:46 - 00000000 ____D C:\AdwCleaner
2017-05-19 14:55 - 2017-05-19 14:55 - 04102600 _____ C:\Users\Katharina\Downloads\AdwCleaner_6.046.exe
2017-05-19 09:58 - 2017-05-19 21:55 - 00011777 _____ C:\Users\Katharina\Downloads\FRST.txt
2017-05-19 09:58 - 2017-05-19 21:55 - 00000000 ____D C:\FRST
2017-05-19 09:58 - 2017-05-19 09:59 - 00025512 _____ C:\Users\Katharina\Downloads\Addition.txt
2017-05-19 09:57 - 2017-05-19 09:58 - 02429952 _____ (Farbar) C:\Users\Katharina\Downloads\FRST64.exe
2017-05-18 21:08 - 2017-05-19 14:12 - 00260432 _____ C:\TDSSKiller.3.1.0.15_18.05.2017_21.08.06_log.txt
2017-05-18 21:07 - 2017-05-18 21:07 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Katharina\Downloads\tdsskiller.exe
2017-05-18 20:18 - 2017-05-19 14:14 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-18 20:18 - 2017-05-18 20:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-18 20:18 - 2017-05-18 20:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-18 20:17 - 2017-05-18 21:06 - 00000000 ____D C:\Users\Katharina\Desktop\mbar
2017-05-18 20:17 - 2017-05-18 20:47 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-05-18 20:17 - 2017-05-18 20:17 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Katharina\Downloads\mbar-1.09.3.1001.exe
2017-05-18 20:09 - 2017-05-18 20:09 - 07178424 _____ (VS Revo Group ) C:\Users\Katharina\Downloads\revosetup_v2.0.3.exe
2017-05-18 20:09 - 2017-05-18 20:09 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-18 20:09 - 2017-05-18 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-18 20:09 - 2017-05-18 20:09 - 00000000 ____D C:\Program Files\VS Revo Group
2017-05-10 20:08 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-05-10 20:08 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2017-05-10 20:08 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-05-10 20:08 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-05-10 20:08 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-05-10 20:08 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-05-10 20:07 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2017-05-10 20:07 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 20:07 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 20:07 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 20:07 - 2017-04-28 02:56 - 02048488 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-05-10 20:07 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2017-05-10 20:07 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-05-10 20:07 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-05-10 20:07 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-05-10 20:07 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 20:07 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-05-10 20:07 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 20:07 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-05-10 20:07 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-05-10 20:07 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2017-05-10 20:07 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-05-10 20:07 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-05-10 20:07 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 20:07 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-05-10 20:07 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-05-10 20:07 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-05-10 20:07 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-05-10 20:07 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-05-10 20:07 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-05-10 20:07 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2017-05-10 20:07 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-05-10 20:07 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-05-10 20:07 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-05-10 20:07 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-05-10 20:07 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-05-10 20:07 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2017-05-10 20:07 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-05-10 20:07 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2017-05-10 20:07 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-05-10 20:07 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-05-10 20:07 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2017-05-10 20:07 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-05-10 20:07 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 20:07 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-05-10 20:07 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-05-10 20:07 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 20:07 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-05-10 20:07 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2017-05-10 20:07 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-05-10 20:07 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-05-10 20:07 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BthTelemetry.dll
2017-05-10 20:07 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 20:07 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2017-05-10 20:07 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-05-10 20:07 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2017-05-10 20:07 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-05-10 20:07 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 20:07 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-05-10 20:07 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-05-10 20:07 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 20:07 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll
2017-05-10 20:07 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-05-10 20:07 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-05-10 20:07 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-05-10 20:07 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2017-05-10 20:07 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2017-05-10 20:07 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 20:07 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 20:07 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 20:07 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 20:07 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-05-10 20:07 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2017-05-10 20:07 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2017-05-10 20:07 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-05-10 20:07 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-05-10 20:07 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 20:07 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2017-05-10 20:07 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 20:07 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 20:07 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-05-10 20:07 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:07 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2017-05-10 20:07 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-05-10 20:07 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-05-10 20:07 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 20:07 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-05-10 20:07 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 20:07 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2017-05-10 20:07 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2017-05-10 20:07 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2017-05-10 20:07 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2017-05-10 20:07 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2017-05-10 20:07 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-05-10 20:07 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2017-05-10 20:07 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-05-10 20:07 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-05-10 20:07 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 20:07 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-05-10 20:07 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-05-10 20:07 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-05-10 20:07 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-05-10 20:07 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 20:07 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2017-05-10 20:07 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsnt.dll
2017-05-10 20:07 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll
2017-05-10 20:07 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-05-10 20:07 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-05-10 20:07 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-05-10 20:07 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2017-05-10 20:07 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-05-10 20:07 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-05-10 20:07 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthLEEnum.sys
2017-05-10 20:07 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-05-10 20:07 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_sr.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CameraCaptureUI.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-05-10 20:07 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2017-05-10 20:07 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 20:07 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-05-10 20:07 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2017-05-10 20:07 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-05-10 20:07 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-05-10 20:07 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-05-10 20:07 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-05-10 20:07 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll
2017-05-10 20:07 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-05-10 20:07 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-05-10 20:07 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-05-10 20:07 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2017-05-10 20:07 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-05-10 20:07 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-05-10 20:07 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2017-05-10 20:07 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-05-10 20:07 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2017-05-10 20:07 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2017-05-10 20:07 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-05-10 20:07 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2017-05-10 20:07 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-05-10 20:07 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2017-05-10 20:07 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2017-05-10 20:07 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-05-10 20:07 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-05-10 20:07 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-05-10 20:07 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-05-10 20:07 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2017-05-10 20:07 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2017-05-10 20:07 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-05-10 20:07 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-05-10 20:07 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2017-05-10 20:07 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll
2017-05-10 20:07 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2017-05-10 20:07 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2017-05-10 20:07 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-05-10 20:07 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-05-10 20:07 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-05-10 20:07 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-05-10 20:07 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-05-10 20:07 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2017-05-10 20:07 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-05-10 20:07 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-05-10 20:07 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-05-10 20:07 - 2017-03-04 08:22 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 20:07 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2017-05-10 20:07 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 20:07 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 20:07 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-05-10 20:07 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-05-10 20:07 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-05-10 20:06 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 20:06 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2017-05-10 20:06 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-05-10 20:06 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-05-10 20:06 - 2017-04-28 02:49 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-05-10 20:06 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-05-10 20:06 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-05-10 20:06 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2017-05-10 20:06 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2017-05-10 20:06 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-05-10 20:06 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
2017-05-10 20:06 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2017-05-10 20:06 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-05-10 20:06 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-05-10 20:06 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-05-10 20:06 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-05-10 20:06 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-05-10 20:06 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-05-10 20:06 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-05-10 20:06 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2017-05-10 20:06 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2017-05-10 20:06 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-05-10 20:06 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-05-10 20:06 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-05-10 20:06 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-05-10 20:06 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-05-10 20:06 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-05-10 20:06 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-05-10 20:06 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-05-10 20:06 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-05-10 20:06 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-05-10 20:06 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-05-10 20:06 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-05-10 20:06 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-05-10 20:06 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-05-10 20:06 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-05-10 20:06 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 20:06 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-05-10 20:06 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-05-10 20:06 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-05-10 20:06 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 20:06 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-05-10 20:06 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-05-10 20:06 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 20:06 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-05-10 20:06 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-05-10 20:06 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-05-10 20:06 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-05-10 20:06 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 20:06 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-05-10 20:06 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 20:06 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-05-10 20:06 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-05-10 20:06 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2017-05-10 20:06 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\BthTelemetry.dll
2017-05-10 20:06 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-05-10 20:06 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-05-10 20:06 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll
2017-05-10 20:06 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2017-05-10 20:06 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll
2017-05-10 20:06 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 20:06 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Printers.dll
2017-05-10 20:06 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-05-10 20:06 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-05-10 20:06 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll
2017-05-10 20:06 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ConsentUX.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-05-10 20:06 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-05-10 20:06 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\PrintWSDAHost.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2017-05-10 20:06 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2017-05-10 20:06 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2017-05-10 20:06 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-05-10 20:06 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2017-05-10 20:06 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-05-10 20:06 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 20:06 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2017-05-10 20:06 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2017-05-10 20:06 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-05-10 20:06 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2017-05-10 20:06 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-05-10 20:06 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2017-05-10 20:06 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll
2017-05-10 20:06 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-05-10 20:06 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2017-05-10 20:06 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\adsnt.dll
2017-05-10 20:06 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2017-05-10 20:06 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-05-10 20:06 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll
2017-05-10 20:06 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-05-10 20:06 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-05-10 20:06 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2017-05-10 20:06 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2017-05-10 20:06 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2017-05-10 20:06 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-05-10 20:06 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2017-05-10 20:06 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2017-05-10 20:06 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2017-05-10 20:06 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2017-05-10 20:06 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll
2017-05-10 20:06 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\catsrvps.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\Windows\system32\wsp_sr.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2017-05-10 20:06 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2017-05-10 20:06 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\CameraCaptureUI.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-05-10 20:06 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2017-05-10 20:06 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
2017-05-10 20:06 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2017-05-10 20:06 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-05-10 20:06 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 20:06 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2017-05-10 20:06 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-05-10 20:06 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2017-05-10 20:06 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-05-10 20:06 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-05-10 20:06 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-05-10 20:06 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-05-10 20:06 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-05-10 20:06 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-05-10 20:06 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-05-10 20:06 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-05-10 20:06 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-05-10 20:06 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2017-05-10 20:06 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-05-10 20:06 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:06 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-05-10 20:06 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2017-05-10 20:06 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2017-05-10 20:06 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2017-05-10 20:06 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-05-10 20:06 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-05-10 20:06 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\OneBackupHandler.dll
2017-05-09 14:58 - 2017-05-09 15:26 - 00000000 ____D C:\Users\Katharina\Desktop\Neuer Ordner (2)
2017-05-09 14:54 - 2017-05-09 14:54 - 00001292 _____ C:\Users\Public\Desktop\Leawo Blu-ray Player.lnk
2017-05-09 14:54 - 2017-05-09 14:54 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\Leawo
2017-05-09 14:54 - 2017-05-09 14:54 - 00000000 ____D C:\Users\Katharina\.dvdcss
2017-05-09 14:54 - 2017-05-09 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
2017-05-09 14:53 - 2017-05-09 14:54 - 00000000 ____D C:\ProgramData\Leawo
2017-05-09 14:53 - 2017-05-09 14:53 - 00000000 ____D C:\Program Files (x86)\Leawo
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-19 19:46 - 2016-12-06 17:20 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-05-19 17:47 - 2016-12-06 17:39 - 00000000 ____D C:\Users\Katharina\AppData\LocalLow\Mozilla
2017-05-19 17:44 - 2017-03-13 18:36 - 00000000 ____D C:\Users\Katharina\.gimp-2.8
2017-05-19 15:05 - 2016-12-06 17:32 - 01816032 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-19 15:05 - 2016-07-17 00:51 - 00699528 _____ C:\Windows\system32\perfh007.dat
2017-05-19 15:05 - 2016-07-17 00:51 - 00147370 _____ C:\Windows\system32\perfc007.dat
2017-05-19 15:02 - 2016-12-08 09:05 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\OpenOffice Updater
2017-05-19 15:01 - 2016-12-06 18:36 - 00000000 __SHD C:\Users\Katharina\IntelGraphicsProfiles
2017-05-19 15:01 - 2016-12-06 17:39 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-19 15:00 - 2016-12-06 17:20 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-19 15:00 - 2016-07-16 08:04 - 00524288 _____ C:\Windows\system32\config\BBI
2017-05-19 14:18 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-05-19 14:14 - 2016-12-06 17:41 - 00000000 ____D C:\Program Files (x86)\Avira
2017-05-19 14:11 - 2016-12-06 17:41 - 00000000 ____D C:\ProgramData\Avira
2017-05-19 09:01 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-18 20:39 - 2016-12-06 17:20 - 00000000 ____D C:\Windows\ServiceProfiles
2017-05-18 20:13 - 2017-01-09 12:41 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-05-18 20:07 - 2016-12-12 14:49 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-18 20:07 - 2016-12-06 17:38 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-18 20:07 - 2016-12-06 17:38 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-05-17 19:22 - 2017-01-09 12:41 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\vlc
2017-05-16 15:40 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-05-16 15:39 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-05-14 21:33 - 2016-12-12 14:48 - 00000000 ____D C:\Users\Katharina\AppData\Local\Google
2017-05-12 20:35 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-05-12 17:06 - 2016-12-12 14:49 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-11 10:41 - 2016-12-06 17:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 10:40 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-05-11 10:38 - 2016-12-06 17:20 - 00225288 _____ C:\Windows\system32\FNTCACHE.DAT
2017-05-11 10:37 - 2016-12-06 17:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-11 10:37 - 2016-12-06 17:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\SysWOW64\F12
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ___SD C:\Windows\system32\F12
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\oobe
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\Provisioning
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 22:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-10 22:19 - 2016-07-16 08:04 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-05-10 20:14 - 2016-12-06 18:21 - 00000000 ____D C:\Windows\system32\MRT
2017-05-10 20:11 - 2016-12-06 18:21 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-05-10 19:41 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-05-09 14:54 - 2016-12-06 17:32 - 00000000 ____D C:\Users\Katharina
2017-05-09 11:32 - 2017-01-09 12:42 - 00000000 ____D C:\Users\Katharina\AppData\Roaming\dvdcss
2017-05-09 11:32 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-09 11:32 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-07 13:04 - 2016-12-12 15:30 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-04 09:17 - 2016-12-06 17:32 - 00000000 ____D C:\Users\Katharina\AppData\Local\Packages
2017-04-29 14:01 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\LiveKernelReports
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-29 01:29 - 2016-12-12 14:48 - 00003628 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 01:29 - 2016-12-12 14:48 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-28 09:32 - 2016-12-12 15:05 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-04-28 03:01 - 2016-12-06 17:29 - 02717184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-05-19 17:44 - 2017-05-19 17:44 - 0000832 _____ () C:\Users\Katharina\AppData\Local\recently-used.xbel
Einige Dateien in TEMP:
====================
2016-10-13 10:18 - 2016-10-13 10:18 - 171330228 _____ () C:\Users\Katharina\AppData\Local\Temp\OpenOffice_4.1.3_Win_x86_install_de.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-19 17:53
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-05-2017
durchgeführt von Katharina (19-05-2017 21:55:52)
Gestartet von C:\Users\Katharina\Downloads
Windows 10 Home Version 1607 (X64) (2016-12-06 15:31:30)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3920809330-1101454944-3760425377-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3920809330-1101454944-3760425377-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3920809330-1101454944-3760425377-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3920809330-1101454944-3760425377-501 - Limited - Disabled)
Katharina (S-1-5-21-3920809330-1101454944-3760425377-1001 - Administrator - Enabled) => C:\Users\Katharina
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.43.50 - Conexant)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.1.1115 - Foxit Software Inc.)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 10.2.2.9 - Siber Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Leawo Blu-ray Player Version 1.9.4.0 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.9.4.0 - Leawo Software)
Microsoft OneDrive (HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
RawTherapee Version 5.0 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 5.0 - rawtherapee.com)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3920809330-1101454944-3760425377-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {18AE8BC4-9468-D082-921B-DFE985889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-3920809330-1101454944-3760425377-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {547600F3-9468-D082-A590-07A585889A47} => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {7FA953AA-F111-4192-9234-BCF43702032D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {89F67880-7B7C-4352-B74F-19E7AAB75860} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {9ACEBCC1-231D-46AD-AACB-0C142D77D05D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {B0E3412F-6F8B-4DD9-8E1E-87F4D30454D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {B49F6519-A083-48BD-9167-4CD361E5F840} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-12] (Google Inc.)
Task: {CF1E4588-F8D0-4FD1-A408-E49B792CFBE2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
Task: {D08F440F-5A73-459E-83FE-E59DED9CA4EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-12] (Google Inc.)
Task: {E41ACCFA-416F-44E8-BC43-6C32F06FF1A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-05-10 20:06 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-02-15 22:01 - 2016-02-15 22:01 - 00031256 _____ () C:\Windows\System32\us008lm.dll
2017-05-10 20:06 - 2017-04-28 02:49 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-11-29 21:08 - 2016-11-29 21:08 - 06851296 _____ () C:\Program Files\Siber Systems\GoodSync\gs-server.exe
2017-05-09 11:36 - 2017-05-09 11:36 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 11:36 - 2017-05-09 11:36 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 11:36 - 2017-05-09 11:36 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 11:36 - 2017-05-09 11:36 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2016-12-06 18:10 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 21:51 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-05-09 11:36 - 2017-05-09 11:37 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-12-06 18:26 - 2016-12-06 18:26 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 11:36 - 2017-05-09 11:37 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-03-14 21:52 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 21:52 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 21:52 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 20:06 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 20:06 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-14 21:52 - 2017-03-04 08:04 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Katharina\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{492d76cf-f215-4630-9836-6ad42b954232}.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{04F013A0-7C4F-4DB4-9ABF-7865E210E7C9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C9F397E5-5957-402A-B718-5901BC25945D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01DF7C0C-2B1F-4095-B8C3-011FF7131E7A}] => (Allow) C:\Program Files\Siber Systems\GoodSync\gs-server.exe
FirewallRules: [{D09E74A5-970C-4EED-BEB5-22FEE0986C5B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
04-05-2017 09:15:15 Windows Update
10-05-2017 20:09:30 Windows Update
10-05-2017 20:10:17 Windows Update
16-05-2017 15:39:33 Windows Update
19-05-2017 12:52:24 Revo Uninstaller's restore point - Avira Connect
19-05-2017 12:53:43 Revo Uninstaller's restore point - Avira Antivirus
19-05-2017 14:03:40 Revo Uninstaller's restore point - Avira Antivirus
19-05-2017 14:04:25 Revo Uninstaller's restore point - Avira Connect
19-05-2017 14:06:04 Revo Uninstaller's restore point - Avira System Speedup
19-05-2017 14:06:43 Revo Uninstaller's restore point - Avira Connect
19-05-2017 14:07:20 Revo Uninstaller's restore point - chip 1-click download service
19-05-2017 14:07:37 chip 1-click download service wurde entfernt.
19-05-2017 14:08:10 Revo Uninstaller's restore point - Avira System Speedup
19-05-2017 14:09:50 Revo Uninstaller's restore point - Avira Connect
19-05-2017 15:05:49 JRT Pre-Junkware Removal
19-05-2017 15:06:43 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/19/2017 03:06:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/19/2017 03:06:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/19/2017 02:09:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/19/2017 02:08:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/19/2017 02:07:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/19/2017 02:07:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/19/2017 02:06:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/19/2017 02:06:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (05/19/2017 02:05:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (05/19/2017 02:05:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (05/19/2017 07:46:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/19/2017 06:43:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/19/2017 03:45:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/19/2017 03:01:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/19/2017 03:01:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/19/2017 03:01:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/19/2017 03:00:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/19/2017 02:59:23 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (05/19/2017 02:58:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GoodSync Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/19/2017 02:58:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-05-19 14:46:25.749
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 12213.23 MB
Verfügbarer physikalischer RAM: 9546.39 MB
Summe virtueller Speicher: 14069.23 MB
Verfügbarer virtueller Speicher: 11379.12 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:195.21 GB) (Free:144.25 GB) NTFS
Drive d: () (Fixed) (Total:736.2 GB) (Free:687.98 GB) NTFS
Drive e: (RUEBIDVD) (CDROM) (Total:6.86 GB) (Free:0 GB) UDF
Drive i: () (Removable) (Total:7.39 GB) (Free:0.06 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8CE2466E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
19.05.2017, 21:11
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malware nach VLC Updater FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR Extension: (Avira Browserschutz) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-12-12]
CustomCLSID: HKU\S-1-5-21-3920809330-1101454944-3760425377-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {18AE8BC4-9468-D082-921B-DFE985889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-3920809330-1101454944-3760425377-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {547600F3-9468-D082-A590-07A585889A47} => Keine Datei
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.05.2017, 09:39
| #13 |
| | Malware nach VLC Updater Hier der Inhalt vom Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-05-2017
durchgeführt von Katharina (20-05-2017 10:34:07) Run:1
Gestartet von C:\Users\Katharina\Downloads
Geladene Profile: Katharina (Verfügbare Profile: defaultuser0 & Katharina)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CHR Extension: (Avira Browserschutz) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-12-12]
CustomCLSID: HKU\S-1-5-21-3920809330-1101454944-3760425377-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {18AE8BC4-9468-D082-921B-DFE985889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-3920809330-1101454944-3760425377-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {547600F3-9468-D082-A590-07A585889A47} => Keine Datei
emptytemp:
*****************
C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => erfolgreich verschoben
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B} => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-3920809330-1101454944-3760425377-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850} => Schlüssel erfolgreich entfernt
=========== EmptyTemp: ==========
BITS transfer queue => 1395913 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1054972888 B
Java, Flash, Steam htmlcache => 2723 B
Windows/system/drivers => 100232760 B
Edge => 825244 B
Chrome => 92490006 B
Firefox => 381031197 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 18768 B
NetworkService => 0 B
defaultuser0 => 595457 B
Katharina => 1065568011 B
RecycleBin => 257934855 B
EmptyTemp: => 2.8 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 10:34:51 ====
|
|
20.05.2017, 12:09
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malware nach VLC Updater Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.05.2017, 17:30
| #15 |
| | Malware nach VLC UpdaterCode:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 20.05.17
Scan-Zeit: 14:01
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.122
Version des Aktualisierungspakets: 1.0.1981
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-NKL2DK3\Katharina
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 363454
Erkannte Bedrohungen: 3
In die Quarantäne verschobene Bedrohungen: 3
Abgelaufene Zeit: 1 Min., 48 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 3
PUP.Optional.DownloadSponsor, C:\USERS\KATHARINA\DOWNLOADS\MOZBACKUP - CHIP-INSTALLER.EXE, In Quarantäne, [506], [349501],1.0.1981
PUP.Optional.DownloadSponsor, C:\USERS\KATHARINA\DOWNLOADS\GOODSYNC - CHIP-INSTALLER.EXE, In Quarantäne, [506], [349501],1.0.1981
PUP.Optional.VLCUpdaterDE, C:\USERS\KATHARINA\DOWNLOADS\VLC-2.2.4-WIN32.EXE, In Quarantäne, [1447], [353736],1.0.1981
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=8276d34a1d2c9a4aae4bd1376190d196
# end=init
# utc_time=2017-05-20 03:20:36
# local_time=2017-05-20 05:20:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 33449
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=8276d34a1d2c9a4aae4bd1376190d196
# end=updated
# utc_time=2017-05-20 03:22:18
# local_time=2017-05-20 05:22:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=8276d34a1d2c9a4aae4bd1376190d196
# engine=33449
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-05-20 04:24:33
# local_time=2017-05-20 06:24:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 27792 26628087 0 0
# scanned=207873
# found=1
# cleaned=0
# scan_time=3734
sh=1D1BDCDA64E626A0D62F52D442E2EDEF6913D366 ft=1 fh=22cfdfc8e055206a vn="Win32/Startfenster.B eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\llkeecfjwhgwkbbuatqkguedwqhsslgz.back"
Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 25.0.0.171 Mozilla Firefox (53.0.2) Mozilla Thunderbird (45.8.0) Google Chrome (58.0.3029.110) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamtray.exe Windows Defender MpCmdRun.exe Windows Defender MSASCuiL.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
| Themen zu Malware nach VLC Updater |
| .dll, antivirus, avira, browser, cid, cpu, defender, device driver, explorer, firefox, flash player, google, home, homepage, kaspersky, malware, mozilla, neustart, prozesse, realtek, registry, software, svchost.exe, system, temp, vlc update, vlc updater, windows, windowsapps |
dann auf 
und dann auf 
. 
Linear-Darstellung
